AWS::Cognito::LogDeliveryConfiguration CloudWatchLogsConfiguration

Configuration for the CloudWatch log group destination of user pool detailed activity logging, or of user activity log export with advanced security features.

This data type is a request parameter of SetLogDeliveryConfiguration and a response parameter of GetLogDeliveryConfiguration.

Syntax

To declare this entity in your AWS CloudFormation template, use the following syntax:

JSON


{
  "LogGroupArn" : String
}

YAML


  LogGroupArn: String

Properties

LogGroupArn

The Amazon Resource Name (arn) of a CloudWatch Logs log group where your user pool sends logs. The log group must not be encrypted with AWS Key Management Service and must be in the same AWS account as your user pool.

To send logs to log groups with a resource policy of a size greater than 5120 characters, configure a log group with a path that starts with /aws/vendedlogs. For more information, see Enabling logging from certain AWS services.

Required: No

Type: String

Pattern: arn:[\w+=/,.@-]+:[\w+=/,.@-]+:([\w+=/,.@-]*)?:[0-9]+:[\w+=/,.@-]+(:[\w+=/,.@-]+)?(:[\w+=/,.@-]+)?

Minimum: 20

Maximum: 2048

Update requires: No interruption

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

AWS::Cognito::LogDeliveryConfiguration

FirehoseConfiguration