Page updated Nov 11, 2023

Set up Logging

The Amplify Logger enables you to troubleshoot and debug issues with your apps, to help you provide the best experience for your customers. You can log messages for errors by the Amplify library and add custom logs as well and send them to Amazon CloudWatch. With the Amplify Logger, you also can remotely change your logging configuration to adjust your logging levels, or add an allow list of customer IDs to help you detect issues more granularly for your apps in production.


  • An Android application targeting at least Android SDK API level 24 with Amplify libraries integrated
  • The Amplify Logger is available for versions 2.11.0 and beyond of the Amplify Android SDK

Provision backend resources

You can use the Amplify CLI to add custom CDK resources.

You will need to create a log group in Amazon CloudWatch to send logs to. You can create and provision a log group by going through the AWS Console and creating your log group manually or using Amplify CLI and AWS CDK to provision and deploy the AWS resources.

Below is a sample CDK construct to create the Amazon CloudWatch log group as well as creating and assigning the permission policies to Amplify roles.

The <log-group-name> and <region> configured in the CDK construct will be used later to initialize the Amplify Logger plugin.

Replace the placeholder values with your own values:

  • <log-group-name> is the log group that logs will be sent to. Note that this CDK construct sample includes logic to create the CloudWatch log group that you may have already created in previous steps.
  • <amplify-authenticated-role-name> and <amplify-unauthenticated-role-name> are Amplify roles created as part of Amplify Auth configuration via Amplify CLI.
import * as cdk from "aws-cdk-lib" import { Construct } from "constructs" import * as logs from "aws-cdk-lib/aws-logs" import * as path from "path" import * as iam from "aws-cdk-lib/aws-iam" export class RemoteLoggingConstraintsConstruct extends Construct { constructor(scope: Construct, id: string, props: RemoteLoggingConstraintProps) { super(scope, id) const region = cdk.Stack.of(this).region const account = cdk.Stack.of(this).account const logGroupName = <log-group-name> const authRoleName = <amplify-authenticated-role-name> const unAuthRoleName = <amplify-unauthenticated-role-name> new logs.LogGroup(this, 'Log Group', { logGroupName: logGroupName, retention: logs.RetentionDays.INFINITE }) const authRole = iam.Role.fromRoleName(this, "Auth-Role", authRoleName) const unAuthRole = iam.Role.fromRoleName(this, "UnAuth-Role", unAuthRoleName) const logResource = `arn:aws:logs:${region}:${account}:log-group:${logGroupName}:log-stream:*` const logIAMPolicy = new iam.PolicyStatement({ effect: iam.Effect.ALLOW, resources: [logResource], actions: ["logs:PutLogEvents", "logs:DescribeLogStreams", "logs:CreateLogStream"] }) authRole.addToPrincipalPolicy(logIAMPolicy) unAuthRole.addToPrincipalPolicy(logIAMPolicy) new cdk.CfnOutput(this, 'CloudWatchLogGroupName', { value: logGroupName }); new cdk.CfnOutput(this, 'CloudWatchRegion', { value: region }); } }
1import * as cdk from "aws-cdk-lib"
2import { Construct } from "constructs"
3import * as logs from "aws-cdk-lib/aws-logs"
4import * as path from "path"
5import * as iam from "aws-cdk-lib/aws-iam"
7export class RemoteLoggingConstraintsConstruct extends Construct {
8 constructor(scope: Construct, id: string, props: RemoteLoggingConstraintProps) {
9 super(scope, id)
11 const region = cdk.Stack.of(this).region
12 const account = cdk.Stack.of(this).account
13 const logGroupName = <log-group-name>
14 const authRoleName = <amplify-authenticated-role-name>
15 const unAuthRoleName = <amplify-unauthenticated-role-name>
17 new logs.LogGroup(this, 'Log Group', {
18 logGroupName: logGroupName,
19 retention: logs.RetentionDays.INFINITE
20 })
22 const authRole = iam.Role.fromRoleName(this, "Auth-Role", authRoleName)
23 const unAuthRole = iam.Role.fromRoleName(this, "UnAuth-Role", unAuthRoleName)
24 const logResource = `arn:aws:logs:${region}:${account}:log-group:${logGroupName}:log-stream:*`
25 const logIAMPolicy = new iam.PolicyStatement({
26 effect: iam.Effect.ALLOW,
27 resources: [logResource],
28 actions: ["logs:PutLogEvents", "logs:DescribeLogStreams", "logs:CreateLogStream"]
29 })
31 authRole.addToPrincipalPolicy(logIAMPolicy)
32 unAuthRole.addToPrincipalPolicy(logIAMPolicy)
34 new cdk.CfnOutput(this, 'CloudWatchLogGroupName', { value: logGroupName });
35 new cdk.CfnOutput(this, 'CloudWatchRegion', { value: region });
36 }

The <log-group-name> and <region> will be printed out in the in the terminal. You can use this information to setup the Amplify library in the next section.

Initialize Amplify Logging

In this section, we will initialize and setup the Amplify library. The Logger can be configured via a configuration file or in code when your app is initializing.

In your mobile app, create and add a amplifyconfiguration_logging.json to the same location as the amplifyconfiguration.json file.

The <log-group-name> and <region> is the value you specified in the CDK construct as part of provisioning your backend resources. These values can also be found at the end of the output logs when deploying the sample CDK construct. The configuration file is the data source for the logging plugin to know where, when and what logs to sends. The example below configures the logging plugin to automatically send all logs at log level ERROR at 60 seconds interval and store logs locally up to 1MB.

{ "awsCloudWatchLoggingPlugin": { "enable": true, "logGroupName": "<log-group-name>", "region": "<region>", "localStoreMaxSizeInMB": 1, "flushIntervalInSeconds": 60, "loggingConstraints": { "defaultLogLevel": "ERROR" } } }
2 "awsCloudWatchLoggingPlugin": {
3 "enable": true,
4 "logGroupName": "<log-group-name>",
5 "region": "<region>",
6 "localStoreMaxSizeInMB": 1,
7 "flushIntervalInSeconds": 60,
8 "loggingConstraints": {
9 "defaultLogLevel": "ERROR"
10 }
11 }

To use the Amplify Logger and Amplify Auth categories in your app, you need to create and configure their corresponding plugins by calling the Amplify.addPlugin() and Amplify.configure() methods.

Add the following imports to the top of your main Application file:

import com.amplifyframework.auth.cognito.AWSCognitoAuthPlugin; import com.amplifyframework.core.Amplify; import com.amplifyframework.logging.cloudwatch.AWSCloudWatchLoggingPlugin;
1import com.amplifyframework.auth.cognito.AWSCognitoAuthPlugin;
2import com.amplifyframework.core.Amplify;
3import com.amplifyframework.logging.cloudwatch.AWSCloudWatchLoggingPlugin;
Amplify.addPlugin(new AWSCognitoAuthPlugin()); Amplify.addPlugin(new AWSCloudWatchLoggingPlugin());
1Amplify.addPlugin(new AWSCognitoAuthPlugin());
2Amplify.addPlugin(new AWSCloudWatchLoggingPlugin());

Your class will look like this:

public class MyAmplifyApp extends Application { @Override public void onCreate() { super.onCreate(); try { // Add these lines to add the AWSCognitoAuthPlugin and AWSCloudWatchLoggingPlugin plugins Amplify.addPlugin(new AWSCognitoAuthPlugin()); Amplify.addPlugin(new AWSCloudWatchLoggingPlugin()); Amplify.configure(getApplicationContext()); Log.i("MyAmplifyApp", "Initialized Amplify"); } catch (AmplifyException error) { Log.e("MyAmplifyApp", "Could not initialize Amplify", error); } } }
1public class MyAmplifyApp extends Application {
2 @Override
3 public void onCreate() {
4 super.onCreate();
6 try {
7 // Add these lines to add the AWSCognitoAuthPlugin and AWSCloudWatchLoggingPlugin plugins
8 Amplify.addPlugin(new AWSCognitoAuthPlugin());
9 Amplify.addPlugin(new AWSCloudWatchLoggingPlugin());
10 Amplify.configure(getApplicationContext());
12 Log.i("MyAmplifyApp", "Initialized Amplify");
13 } catch (AmplifyException error) {
14 Log.e("MyAmplifyApp", "Could not initialize Amplify", error);
15 }
16 }