AWS Cognito 用户池 - SignInSuccesses CloudFormation 中的 CloudWatch 警报和指标
AWS Cognito User Pool - SignInSuccesses CloudWatch Alarm and Metrics in CloudFormation
我一直在尝试在 CloudFormation 中实施 AWS 文档中描述的内容,但没有成功:Amazon Cognito 用户池的指标 [https://docs.aws.amazon。com/cognito/latest/developerguide/metrics-for-cognito-user-pools.html] 对于指标“SignInSuccesses”,特别是“要计算失败的用户身份验证请求的总数,请使用 CloudWatch 数学表达式并减去总和来自 Sample Count 统计数据的统计数据。
我在解决 CloudFormation 提供的错误中的各种错误方面取得了一些进展;然而,我似乎碰壁了,现在已经得到了通用的“无效指标列表”,这很难诊断如何继续前进。我还搜索了很多,试图找到 Cognito Metrics/Alarms 示例的其他示例,并尝试通过控制台手动实现此目的,但都没有成功。
到目前为止我的模板:
CognitoFailedSignInAlarm:
Type: AWS::CloudWatch::Alarm
Properties:
AlarmName: !Sub Cognito-${ApplicationName}-FailedSignIn-Alarm
AlarmDescription: Cognito UserPool Failed Sign In Attempts Alarm
AlarmActions:
- !Ref AlarmsTopic
ComparisonOperator: GreaterThanOrEqualToThreshold
EvaluationPeriods: 1
TreatMissingData: ignore
Threshold: !Ref AlarmThreshold
Metrics:
- Id: m1
MetricStat:
Metric:
Dimensions:
- Name: UserPool
Value: !Ref UserPoolId
- Name: UserPoolClient
Value: !Ref UserPoolAppClientId
MetricName: SignInSuccesses
Namespace: AWS/Cognito
Period: !Ref AlarmPeriod
Stat: SampleCount
ReturnData: False
- Id: m2
MetricStat:
Metric:
Dimensions:
- Name: UserPool
Value: !Ref UserPoolId
- Name: UserPoolClient
Value: !Ref UserPoolAppClientId
MetricName: SignInSuccesses
Namespace: AWS/Cognito
Period: !Ref AlarmPeriod
Stat: Sum
ReturnData: False
- Id: TotalMinusFailed
Expression: m1-m2
Label: FailedCount
我的模板确实启用了所有指标,我去年构建了它,但我能找到相关的是 属性 AWS::Cognito::UserPool
UserPoolAddOns:
AdvancedSecurityMode: ENFORCED
你也可以试试“AUDIT”
通用 CloudFormation 错误无效指标列表 掩盖了两个问题,一个小的格式问题,但更重要的是 'ReturnData: true' 缺少所需的表达式指标。
以下已成功部署并且似乎可以正常工作。希望对其他人有帮助!
Metrics:
- Id: totalLogins
MetricStat:
Metric:
Namespace: AWS/Cognito
MetricName: SignInSuccesses
Dimensions:
- Name: UserPool
Value: !Ref UserPoolId
- Name: UserPoolClient
Value: !Ref UserPoolAppClientId
Period: !Ref AlarmPeriod
Stat: SampleCount
ReturnData: false
- Id: successfulLogins
MetricStat:
Metric:
Namespace: AWS/Cognito
MetricName: SignInSuccesses
Dimensions:
- Name: UserPool
Value: !Ref UserPoolId
- Name: UserPoolClient
Value: !Ref UserPoolAppClientId
Period: !Ref AlarmPeriod
Stat: Sum
ReturnData: false
- Id: e1
Expression: totalLogins-successfulLogins
Label: Failed Logins
ReturnData: true
我一直在尝试在 CloudFormation 中实施 AWS 文档中描述的内容,但没有成功:Amazon Cognito 用户池的指标 [https://docs.aws.amazon。com/cognito/latest/developerguide/metrics-for-cognito-user-pools.html] 对于指标“SignInSuccesses”,特别是“要计算失败的用户身份验证请求的总数,请使用 CloudWatch 数学表达式并减去总和来自 Sample Count 统计数据的统计数据。
我在解决 CloudFormation 提供的错误中的各种错误方面取得了一些进展;然而,我似乎碰壁了,现在已经得到了通用的“无效指标列表”,这很难诊断如何继续前进。我还搜索了很多,试图找到 Cognito Metrics/Alarms 示例的其他示例,并尝试通过控制台手动实现此目的,但都没有成功。
到目前为止我的模板:
CognitoFailedSignInAlarm:
Type: AWS::CloudWatch::Alarm
Properties:
AlarmName: !Sub Cognito-${ApplicationName}-FailedSignIn-Alarm
AlarmDescription: Cognito UserPool Failed Sign In Attempts Alarm
AlarmActions:
- !Ref AlarmsTopic
ComparisonOperator: GreaterThanOrEqualToThreshold
EvaluationPeriods: 1
TreatMissingData: ignore
Threshold: !Ref AlarmThreshold
Metrics:
- Id: m1
MetricStat:
Metric:
Dimensions:
- Name: UserPool
Value: !Ref UserPoolId
- Name: UserPoolClient
Value: !Ref UserPoolAppClientId
MetricName: SignInSuccesses
Namespace: AWS/Cognito
Period: !Ref AlarmPeriod
Stat: SampleCount
ReturnData: False
- Id: m2
MetricStat:
Metric:
Dimensions:
- Name: UserPool
Value: !Ref UserPoolId
- Name: UserPoolClient
Value: !Ref UserPoolAppClientId
MetricName: SignInSuccesses
Namespace: AWS/Cognito
Period: !Ref AlarmPeriod
Stat: Sum
ReturnData: False
- Id: TotalMinusFailed
Expression: m1-m2
Label: FailedCount
我的模板确实启用了所有指标,我去年构建了它,但我能找到相关的是 属性 AWS::Cognito::UserPool
UserPoolAddOns:
AdvancedSecurityMode: ENFORCED
你也可以试试“AUDIT”
通用 CloudFormation 错误无效指标列表 掩盖了两个问题,一个小的格式问题,但更重要的是 'ReturnData: true' 缺少所需的表达式指标。
以下已成功部署并且似乎可以正常工作。希望对其他人有帮助!
Metrics:
- Id: totalLogins
MetricStat:
Metric:
Namespace: AWS/Cognito
MetricName: SignInSuccesses
Dimensions:
- Name: UserPool
Value: !Ref UserPoolId
- Name: UserPoolClient
Value: !Ref UserPoolAppClientId
Period: !Ref AlarmPeriod
Stat: SampleCount
ReturnData: false
- Id: successfulLogins
MetricStat:
Metric:
Namespace: AWS/Cognito
MetricName: SignInSuccesses
Dimensions:
- Name: UserPool
Value: !Ref UserPoolId
- Name: UserPoolClient
Value: !Ref UserPoolAppClientId
Period: !Ref AlarmPeriod
Stat: Sum
ReturnData: false
- Id: e1
Expression: totalLogins-successfulLogins
Label: Failed Logins
ReturnData: true