Available CloudWatch Metrics for Amazon Cognito User Pools - Amazon Cognito

Available CloudWatch Metrics for Amazon Cognito User Pools

You can monitor Amazon Cognito User Pools using Amazon CloudWatch, which collects raw data and processes it into readable, near real-time metrics. In CloudWatch, you can set alarms that watch for certain thresholds, and send notifications or take actions when those thresholds are met. For more information, see the Amazon CloudWatch User Guide.

Amazon Cognito metrics are made available at 5 minute intervals. For more information about retention periods in CloudWatch, please visit the Amazon CloudWatch FAQ page.

The following table lists the metrics and dimensions available for Amazon Cognito User Pools.

Metric Description
SignUpSuccesses

Provides the total number of successful user registration requests made to the Cognito user pool. A successful user registration request produces a value of 1, whereas an unsuccessful request produces a value of 0. A throttled request is also considered as an unsuccessful request and hence a throttled request will also produce a count of 0.

To find the percentage of successful user registration requests, use the Average statistic on this metric. To count the total number of user registration requests, use the Sample Count statistic on this metric. To count the total number of successful user registration requests, use the Sum statistic on this metric. To count the total number of failed user registration requests, use the CloudWatch Math expression and subtract the Sum statistic from the Sample Count statistic.

This metric is published per User Pool per User Pool Client. In case when the user registration is performed by an admin, the metric is published with User Pool Client as ‘Admin’.

Note that this metric is not emitted for User Import and User Migration cases.

Metric dimension: UserPool, UserPoolClient

Units: Count

SignUpThrottles

Provides the total number of throttled user registration requests made to the Cognito user pool. A count of 1 is published whenever a user registration request is throttled.

To count the total number of throttled user registration requests, use the Sum statistic for this metric.

This metric is published per User Pool per User Pool Client. In case when the request that was throttled was made by an admin, the metric is published with User Pool Client as ‘Admin’.

Metric dimension: UserPool, UserPoolClient

Units: Count

SignInSuccesses

Provides the total number of successful user authentication requests made to the Cognito user pool. A user authentication is considered successful when authentication token is issued to the user. A successful authentication produces a value of 1, whereas an unsuccessful request produces a value of 0. A throttled request is also considered as an unsuccessful request and hence a throttled request will also produce a count of 0.

To find the percentage of successful user authentication requests, use the Average statistic on this metric. To count the total number of user authentication requests, use the Sample Count statistic on this metric. To count the total number of successful user authentication requests, use the Sum statistic on this metric. To count the total number of failed user authentication requests, use the CloudWatch Math expression and subtract the Sum statistic from the Sample Count statistic.

This metric is published per User Pool per User Pool Client. In case an invalid User Pool Client is provided with a request, the corresponding User Pool Client value in the metric contains a fixed value ‘Invalid’ instead of the actual invalid value sent in the request.

Note that requests to refresh the Cognito token is not included in this metric. There is a separate metric for providing Refresh token statistics.

Metric dimension: UserPool, UserPoolClient

Units: Count

SignInThrottles

Provides the total number of throttled user authentication requests made to the Cognito user pool. A count of 1 is published whenever an authentication request is throttled.

To count the total number of throttled user authentication requests, use the Sum statistic for this metric.

This metric is published per User Pool per User Pool Client. In case an invalid User Pool Client is provided with a request, the corresponding User Pool Client value in the metric contains a fixed value ‘Invalid’ instead of the actual invalid value sent in the request.

Requests to refresh Cognito token is not included in this metric. There is a separate metric for providing Refresh token statistics.

Metric dimension: UserPool, UserPoolClient

Units: Count

TokenRefreshSuccesses

Provides the total number of successful requests to refresh a Cognito token that were made to the Cognito user pool. A successful refresh Cognito token request produces a value of 1, whereas an unsuccessful request produces a value of 0. A throttled request is also considered as an unsuccessful request and hence a throttled request will also produce a count of 0.

To find the percentage of successful requests to refresh a Cognito token, use the Average statistic on this metric. To count the total number of requests to refresh a Cognito token, use the Sample Count statistic on this metric. To count the total number of successful requests to refresh a Cognito token, use the Sum statistic on this metric. To count the total number of failed requests to refresh a Cognito token, use the CloudWatch Math expression and subtract the Sum statistic from the Sample Count statistic.

This metric is published per User Pool per User Pool Client. In case an invalid User Pool Client is provided with a request, the corresponding User Pool Client value in the metric contains a fixed value ‘Invalid’ instead of the actual invalid value sent in the request.

Metric dimension: UserPool, UserPoolClient

Units: Count

TokenRefreshThrottles

Provides the total number of throttled requests to refresh Cognito token that were made to the Cognito user pool. A count of 1 is published whenever a refresh Cognito token request is throttled.

To count the total number of throttled requests to refresh a Cognito token, use the Sum statistic for this metric.

This metric is published per User Pool per User Pool Client. In case an invalid User Pool Client is provided with a request, corresponding User Pool Client value in the metric contains a fixed value ‘Invalid’ instead of the actual invalid value sent in the request.

Metric dimension: UserPool, UserPoolClient

Units: Count

FederationSuccesses

Provides the total number of successful identity federation requests to the Cognito user pool. A successful identity federation request produces a value of 1, whereas an unsuccessful request produces a value of 0. A throttled request is also considered as an unsuccessful request and hence a throttled request will also produce a count of 0.

To find the percentage of successful identity federation requests, use the Average statistic on this metric. To count the total number of identity federation requests, use the Sample Count statistic on this metric. To count the total number of successful identity federation requests, use the Sum statistic on this metric. To count the total number of failed identity federation requests, use the CloudWatch Math expression and subtract the Sum statistic from the Sample Count statistic.

Metric dimension: UserPool, UserPoolClient, IdentityProvider

Units: Count

FederationThrottles

Provides the total number of throttled identity federation requests to the Cognito user pool. A count of 1 is published whenever a identity federation request is throttled.

To count the total number of throttled identity federation requests, use the Sum statistic for this metric.

Metric dimension: UserPool, UserPoolClient, IdentityProvider

Units: Count