Configure user allow list

Each Amplify authenticated user can be configured to have their own unique logging configuration. This is helpful in enabling you debug issues more granularly for your users.

Retrieve userIDs with Amplify Auth.

You can use the Amplify Auth category to retrieve the userId for a specific user if needed. You can also retrieve the userId by visiting the Amazon Cognito console and inspecting the User ID in User pools.

1Amplify.Auth.getCurrentUser(
2   user.userId,
3   error -> // failed to fetch user
4);

Configure user allow list

Below is an example of setting different default and category log level for an authenticated user.

Add a userLogLevel section and for each user identifier add a defaultLogLevel and categoryLogLevel.

1{
2    "awsCloudWatchLoggingPlugin": {
3        "enable": true,
4        "logGroupName": "<log-group-name>",
5        "region": "<region>",
6        "localStoreMaxSizeInMB": 1,
7        "flushIntervalInSeconds": 60,
8        "loggingConstraints": {
9            "defaultLogLevel": "ERROR",
10            "userLogLevel": {
11                "xyz-123": {
12                    "defaultLogLevel": "DEBUG",
13                    "categoryLogLevel": {
14                        "Storage": "VERBOSE",
15                        "Api": "VERBOSE"
16                    }
17                }
18            }
19        }
20    }
21}

Enable and disable logging

View logs