Posted On: Feb 5, 2020
Amazon Cognito User Pools now supports logging for all of the actions listed on the User Pool Actions page as events in CloudTrail log files, making it easier for developers to record all actions taken by a user, role, or an AWS service. The enhanced CloudTrail logging improves governance, compliance, and operational and risk auditing capabilities. Hosted UI and Federation calls are currently not included in CloudTrail logging events. Developers can create a trail and enable continuous delivery of Cognito API calls captured as CloudTrail events to an Amazon S3 bucket. Without configuring a trail, developers can still view the most recent events in the CloudTrail console in the Event history. This feature is available now in Amazon Cognito User Pools at no additional cost.
Amazon Cognito User Pools provide a secure user directory that scales to millions of users. As a fully managed service, User Pools provide an identity and authentication layer to applications.