CloudTrail
This is the CloudTrail API Reference. It provides descriptions of actions, data types, common parameters, and common errors for CloudTrail.
CloudTrail is a web service that records Amazon Web Services API calls for your Amazon Web Services account and delivers log files to an Amazon S3 bucket. The recorded information includes the identity of the user, the start time of the Amazon Web Services API call, the source IP address, the request parameters, and the response elements returned by the service.
As an alternative to the API, you can use one of the Amazon Web Services SDKs, which consist of libraries and sample code for various programming languages and platforms (Java, Ruby, .NET, iOS, Android, etc.). The SDKs provide programmatic access to CloudTrail. For example, the SDKs handle cryptographically signing requests, managing errors, and retrying requests automatically. For more information about the Amazon Web Services SDKs, including how to download and install them, see Tools to Build on Amazon Web Services.
See the CloudTrail User Guide for information about the data that is included with each Amazon Web Services API call listed in the log files.
cloudtrail(
config = list(),
credentials = list(),
endpoint = NULL,
region = NULL
)A client for the service. You can call the service's operations using
syntax like svc$operation(...), where svc is the name you've assigned
to the client. The available operations are listed in the
Operations section.
Optional configuration of credentials, endpoint, and/or region.
credentials:
creds:
access_key_id: AWS access key ID
secret_access_key: AWS secret access key
session_token: AWS temporary session token
profile: The name of a profile to use. If not given, then the default profile is used.
anonymous: Set anonymous credentials.
endpoint: The complete URL to use for the constructed client.
region: The AWS Region used in instantiating the client.
close_connection: Immediately close all HTTP connections.
timeout: The time in seconds till a timeout exception is thrown when attempting to make a connection. The default is 60 seconds.
s3_force_path_style: Set this to true to force the request to use path-style addressing, i.e. http://s3.amazonaws.com/BUCKET/KEY.
sts_regional_endpoint: Set sts regional endpoint resolver to regional or legacy https://docs.aws.amazon.com/sdkref/latest/guide/feature-sts-regionalized-endpoints.html
Optional credentials shorthand for the config parameter
creds:
access_key_id: AWS access key ID
secret_access_key: AWS secret access key
session_token: AWS temporary session token
profile: The name of a profile to use. If not given, then the default profile is used.
anonymous: Set anonymous credentials.
Optional shorthand for complete URL to use for the constructed client.
Optional shorthand for AWS Region used in instantiating the client.
svc <- cloudtrail(
config = list(
credentials = list(
creds = list(
access_key_id = "string",
secret_access_key = "string",
session_token = "string"
),
profile = "string",
anonymous = "logical"
),
endpoint = "string",
region = "string",
close_connection = "logical",
timeout = "numeric",
s3_force_path_style = "logical",
sts_regional_endpoint = "string"
),
credentials = list(
creds = list(
access_key_id = "string",
secret_access_key = "string",
session_token = "string"
),
profile = "string",
anonymous = "logical"
),
endpoint = "string",
region = "string"
)
| add_tags | Adds one or more tags to a trail, event data store, or channel, up to a limit of 50 |
| cancel_query | Cancels a query if the query is not in a terminated state, such as CANCELLED, FAILED, TIMED_OUT, or FINISHED |
| create_channel | Creates a channel for CloudTrail to ingest events from a partner or external source |
| create_event_data_store | Creates a new event data store |
| create_trail | Creates a trail that specifies the settings for delivery of log data to an Amazon S3 bucket |
| delete_channel | Deletes a channel |
| delete_event_data_store | Disables the event data store specified by EventDataStore, which accepts an event data store ARN |
| delete_resource_policy | Deletes the resource-based policy attached to the CloudTrail channel |
| delete_trail | Deletes a trail |
| deregister_organization_delegated_admin | Removes CloudTrail delegated administrator permissions from a member account in an organization |
| describe_query | Returns metadata about a query, including query run time in milliseconds, number of events scanned and matched, and query status |
| describe_trails | Retrieves settings for one or more trails associated with the current Region for your account |
| disable_federation | Disables Lake query federation on the specified event data store |
| enable_federation | Enables Lake query federation on the specified event data store |
| get_channel | Returns information about a specific channel |
| get_event_data_store | Returns information about an event data store specified as either an ARN or the ID portion of the ARN |
| get_event_selectors | Describes the settings for the event selectors that you configured for your trail |
| get_import | Returns information about a specific import |
| get_insight_selectors | Describes the settings for the Insights event selectors that you configured for your trail or event data store |
| get_query_results | Gets event data results of a query |
| get_resource_policy | Retrieves the JSON text of the resource-based policy document attached to the CloudTrail channel |
| get_trail | Returns settings information for a specified trail |
| get_trail_status | Returns a JSON-formatted list of information about the specified trail |
| list_channels | Lists the channels in the current account, and their source names |
| list_event_data_stores | Returns information about all event data stores in the account, in the current Region |
| list_import_failures | Returns a list of failures for the specified import |
| list_imports | Returns information on all imports, or a select set of imports by ImportStatus or Destination |
| list_public_keys | Returns all public keys whose private keys were used to sign the digest files within the specified time range |
| list_queries | Returns a list of queries and query statuses for the past seven days |
| list_tags | Lists the tags for the specified trails, event data stores, or channels in the current Region |
| list_trails | Lists trails that are in the current account |
| lookup_events | Looks up management events or CloudTrail Insights events that are captured by CloudTrail |
| put_event_selectors | Configures an event selector or advanced event selectors for your trail |
| put_insight_selectors | Lets you enable Insights event logging by specifying the Insights selectors that you want to enable on an existing trail or event data store |
| put_resource_policy | Attaches a resource-based permission policy to a CloudTrail channel that is used for an integration with an event source outside of Amazon Web Services |
| register_organization_delegated_admin | Registers an organization’s member account as the CloudTrail delegated administrator |
| remove_tags | Removes the specified tags from a trail, event data store, or channel |
| restore_event_data_store | Restores a deleted event data store specified by EventDataStore, which accepts an event data store ARN |
| start_event_data_store_ingestion | Starts the ingestion of live events on an event data store specified as either an ARN or the ID portion of the ARN |
| start_import | Starts an import of logged trail events from a source S3 bucket to a destination event data store |
| start_logging | Starts the recording of Amazon Web Services API calls and log file delivery for a trail |
| start_query | Starts a CloudTrail Lake query |
| stop_event_data_store_ingestion | Stops the ingestion of live events on an event data store specified as either an ARN or the ID portion of the ARN |
| stop_import | Stops a specified import |
| stop_logging | Suspends the recording of Amazon Web Services API calls and log file delivery for the specified trail |
| update_channel | Updates a channel specified by a required channel ARN or UUID |
| update_event_data_store | Updates an event data store |
| update_trail | Updates trail settings that control what events you are logging, and how to handle log files |
if (FALSE) {
svc <- cloudtrail()
svc$add_tags(
Foo = 123
)
}
Run the code above in your browser using DataLab