SetLogDeliveryConfiguration
Sets up or modifies the logging configuration of a user pool. User pools can export user notification logs and advanced security features user activity logs.
Request Syntax
{
"LogConfigurations": [
{
"CloudWatchLogsConfiguration": {
"LogGroupArn": "string"
},
"EventSource": "string",
"FirehoseConfiguration": {
"StreamArn": "string"
},
"LogLevel": "string",
"S3Configuration": {
"BucketArn": "string"
}
}
],
"UserPoolId": "string"
}Request Parameters
For information about the parameters that are common to all actions, see Common Parameters.
The request accepts the following data in JSON format.
- LogConfigurations
-
A collection of the logging configurations for a user pool.
Type: Array of LogConfigurationType objects
Array Members: Minimum number of 0 items. Maximum number of 2 items.
Required: Yes
- UserPoolId
-
The ID of the user pool where you want to configure logging.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 55.
Pattern:
[\w-]+_[0-9a-zA-Z]+Required: Yes
Response Syntax
{
"LogDeliveryConfiguration": {
"LogConfigurations": [
{
"CloudWatchLogsConfiguration": {
"LogGroupArn": "string"
},
"EventSource": "string",
"FirehoseConfiguration": {
"StreamArn": "string"
},
"LogLevel": "string",
"S3Configuration": {
"BucketArn": "string"
}
}
],
"UserPoolId": "string"
}
}Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
- LogDeliveryConfiguration
-
The detailed activity logging configuration that you applied to the requested user pool.
Type: LogDeliveryConfigurationType object
Errors
For information about the errors that are common to all actions, see Common Errors.
- InternalErrorException
-
This exception is thrown when Amazon Cognito encounters an internal error.
HTTP Status Code: 500
- InvalidParameterException
-
This exception is thrown when the Amazon Cognito service encounters an invalid parameter.
HTTP Status Code: 400
- NotAuthorizedException
-
This exception is thrown when a user isn't authorized.
HTTP Status Code: 400
- ResourceNotFoundException
-
This exception is thrown when the Amazon Cognito service can't find the requested resource.
HTTP Status Code: 400
- TooManyRequestsException
-
This exception is thrown when the user has made too many requests for a given operation.
HTTP Status Code: 400
Examples
Example
A SetLogDeliveryConfiguration request that exports
userNotification logs to a log group.
Sample Request
POST HTTP/1.1
Host: cognito-idp.us-east-1.amazonaws.com
X-Amz-Date: 20230613T200059Z
Accept-Encoding: gzip, deflate, br
X-Amz-Target: AWSCognitoIdentityProviderService.SetLogDeliveryConfiguration
User-Agent: <UserAgentString>
Authorization: AWS4-HMAC-SHA256 Credential=<Credential>, SignedHeaders=<Headers>, Signature=<Signature>
Content-Length: <PayloadSizeBytes>
{
"LogConfigurations": [
{
"CloudWatchLogsConfiguration": {
"LogGroupArn": "arn:aws:logs:us-west-2:123456789012:log-group:example-user-pool-exported"
},
"EventSource": "userNotification",
"LogLevel": "ERROR"
}
],
"UserPoolId": "us-west-2_EXAMPLE"
}Sample Response
HTTP/1.1 200 OK
Date: Tue, 13 Jun 2023 20:00:59 GMT
Content-Type: application/x-amz-json-1.0
Content-Length: <PayloadSizeBytes>
x-amzn-requestid: a1b2c3d4-e5f6-a1b2-c3d4-EXAMPLE11111
Connection: keep-alive
{
"LogDeliveryConfiguration": {
"LogConfigurations": [
{
"CloudWatchLogsConfiguration": {
"LogGroupArn": "arn:aws:logs:us-west-2:123456789012:log-group:example-user-pool-exported"
},
"EventSource": "userNotification",
"LogLevel": "ERROR"
}
],
"UserPoolId": "us-west-2_EXAMPLE"
}
}Example
A SetLogDeliveryConfiguration request that exports
userAuthEvents events to a Firehose stream and
userNotification events to a CloudWatch log group.
Sample Request
POST HTTP/1.1
Host: cognito-idp.us-west-2.amazonaws.com
X-Amz-Date: 20230613T200059Z
Accept-Encoding: gzip, deflate, br
X-Amz-Target: AWSCognitoIdentityProviderService.SetLogDeliveryConfiguration
User-Agent: <UserAgentString>
Authorization: AWS4-HMAC-SHA256 Credential=<Credential>, SignedHeaders=<Headers>, Signature=<Signature>
Content-Length: <PayloadSizeBytes>
{
"LogConfigurations": [
{
"EventSource": "userAuthEvents",
"FirehoseConfiguration": {
"StreamArn": "arn:aws:firehose:us-west-2:123456789012:deliverystream/example-user-pool-activity-exported"
},
"LogLevel": "INFO"
}
],
[
{
"CloudWatchLogsConfiguration": {
"LogGroupArn": "arn:aws:logs:us-west-2:123456789012:log-group:example-user-pool-error-exported"
},
"EventSource": "userNotification",
"LogLevel": "ERROR"
}
],
"UserPoolId": "us-west-2_EXAMPLE"
}Sample Response
HTTP/1.1 200 OK
Date: Tue, 13 Jun 2023 20:00:59 GMT
Content-Type: application/x-amz-json-1.0
Content-Length: <PayloadSizeBytes>
x-amzn-requestid: a1b2c3d4-e5f6-a1b2-c3d4-EXAMPLE11111
Connection: keep-alive
{
"LogDeliveryConfiguration": {
"LogConfigurations": [
{
"CloudWatchLogsConfiguration": {
"LogGroupArn": "arn:aws:firehose:us-west-2:123456789012:deliverystream/example-user-pool-activity-exported"
},
"EventSource": "userNotification",
"LogLevel": "ERROR"
},
{
"EventSource": "userAuthEvents",
"FirehoseConfiguration": {
"StreamArn": "arn:aws:logs:us-west-2:123456789012:log-group:example-user-pool-error-exported"
},
"LogLevel": "INFO"
}
],
"UserPoolId": "us-west-2_EXAMPLE"
}
}See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
