Class: Aws::CognitoIdentityProvider::Types::CustomDomainConfigType

Inherits:
Struct
  • Object
show all
Includes:
Structure
Defined in:
lib/aws-sdk-cognitoidentityprovider/types.rb

Overview

The configuration for a custom domain, including the SSL certificate and TLS security policy.

Constant Summary collapse

SENSITIVE =
[]

Instance Attribute Summary collapse

Instance Attribute Details

#certificate_arnString

The Amazon Resource Name (ARN) of an Certificate Manager SSL certificate. You use this certificate for the subdomain of your custom domain.

Returns:

  • (String)


5004
5005
5006
5007
5008
5009
# File 'lib/aws-sdk-cognitoidentityprovider/types.rb', line 5004

class CustomDomainConfigType < Struct.new(
  :certificate_arn,
  :security_policy)
  SENSITIVE = []
  include Aws::Structure
end

#security_policyString

The security policy for the custom domain. Defines the minimum TLS version and cipher suites that Amazon CloudFront supports when communicating with clients. For specific guidance, see Supported protocols and ciphers between viewers and CloudFront. Valid values are as follows:

  • TLS_V1_3_2025 (strictest): A post-quantum-ready policy requiring TLS 1.3. It provides the strongest security posture and is ideal for workloads where all clients and browsers are updated to the latest versions. Supported protocols and ciphers for TLSv1.3_2025.

  • TLS_V1_2_2021 (recommended): A post-quantum-ready policy which prefers TLS 1.3 but allows fallback to TLS 1.2 to accommodate older clients. It is the recommended minimum for typical commercial-grade consumer applications. Supported protocols and ciphers for TLSv1.2_2021.

  • TLS_V1 (strongly discouraged): Permits fallback to TLS 1.0. It offers the broadest compatibility, including support for legacy clients that are more than a decade old. This compatibility comes at the expense of allowing TLS versions and cryptographic algorithms that are no longer considered safe for commercial use. Supported protocols and ciphers for TLSv1.

Returns:

  • (String)


5004
5005
5006
5007
5008
5009
# File 'lib/aws-sdk-cognitoidentityprovider/types.rb', line 5004

class CustomDomainConfigType < Struct.new(
  :certificate_arn,
  :security_policy)
  SENSITIVE = []
  include Aws::Structure
end