@datafire/amazonaws_cloudtrail
Client library for AWS CloudTrail
Installation and Usage
npm install --save @datafire/amazonaws_cloudtrail
let amazonaws_cloudtrail = require('@datafire/amazonaws_cloudtrail').create({
accessKeyId: "",
secretAccessKey: "",
region: ""
});
amazonaws_cloudtrail.AddTags({
"ResourceId": ""
}).then(data => {
console.log(data);
});
Description
AWS CloudTrail
This is the CloudTrail API Reference. It provides descriptions of actions, data types, common parameters, and common errors for CloudTrail.
CloudTrail is a web service that records AWS API calls for your AWS account and delivers log files to an Amazon S3 bucket. The recorded information includes the identity of the user, the start time of the AWS API call, the source IP address, the request parameters, and the response elements returned by the service.
As an alternative to the API, you can use one of the AWS SDKs, which consist of libraries and sample code for various programming languages and platforms (Java, Ruby, .NET, iOS, Android, etc.). The SDKs provide a convenient way to create programmatic access to AWSCloudTrail. For example, the SDKs take care of cryptographically signing requests, managing errors, and retrying requests automatically. For information about the AWS SDKs, including how to download and install them, see the Tools for Amazon Web Services page.
See the AWS CloudTrail User Guide for information about the data that is included with each AWS API call listed in the log files.
Actions
AddTags
amazonaws_cloudtrail.AddTags({
"ResourceId": ""
}, context)
Input
Output
- output AddTagsResponse
CreateTrail
amazonaws_cloudtrail.CreateTrail({
"Name": "",
"S3BucketName": ""
}, context)
Input
- input
object
Output
- output CreateTrailResponse
DeleteTrail
amazonaws_cloudtrail.DeleteTrail({
"Name": ""
}, context)
Input
- input
object
- Name required String
Output
- output DeleteTrailResponse
DescribeTrails
amazonaws_cloudtrail.DescribeTrails({}, context)
Input
- input
object
- includeShadowTrails Boolean
- trailNameList TrailNameList
Output
- output DescribeTrailsResponse
GetEventSelectors
amazonaws_cloudtrail.GetEventSelectors({
"TrailName": ""
}, context)
Input
- input
object
- TrailName required String
Output
- output GetEventSelectorsResponse
GetTrailStatus
amazonaws_cloudtrail.GetTrailStatus({
"Name": ""
}, context)
Input
- input
object
- Name required String
Output
- output GetTrailStatusResponse
ListPublicKeys
amazonaws_cloudtrail.ListPublicKeys({}, context)
Input
Output
- output ListPublicKeysResponse
ListTags
amazonaws_cloudtrail.ListTags({
"ResourceIdList": []
}, context)
Input
- input
object
- NextToken String
- ResourceIdList required ResourceIdList
Output
- output ListTagsResponse
LookupEvents
amazonaws_cloudtrail.LookupEvents({}, context)
Input
- input
object
- MaxResults
string
- NextToken
string
- EndTime Date
- LookupAttributes LookupAttributesList
- MaxResults MaxResults
- NextToken NextToken
- StartTime Date
- MaxResults
Output
- output LookupEventsResponse
PutEventSelectors
amazonaws_cloudtrail.PutEventSelectors({
"TrailName": "",
"EventSelectors": []
}, context)
Input
- input
object
- EventSelectors required EventSelectors
- TrailName required String
Output
- output PutEventSelectorsResponse
RemoveTags
amazonaws_cloudtrail.RemoveTags({
"ResourceId": ""
}, context)
Input
Output
- output RemoveTagsResponse
StartLogging
amazonaws_cloudtrail.StartLogging({
"Name": ""
}, context)
Input
- input
object
- Name required String
Output
- output StartLoggingResponse
StopLogging
amazonaws_cloudtrail.StopLogging({
"Name": ""
}, context)
Input
- input
object
- Name required String
Output
- output StopLoggingResponse
UpdateTrail
amazonaws_cloudtrail.UpdateTrail({
"Name": ""
}, context)
Input
- input
object
Output
- output UpdateTrailResponse
Definitions
AddTagsRequest
- AddTagsRequest
object
: Specifies the tags to add to a trail.
AddTagsResponse
- AddTagsResponse
object
: Returns the objects or data listed below if successful. Otherwise, returns an error.
Boolean
- Boolean
boolean
ByteBuffer
- ByteBuffer
string
CloudTrailARNInvalidException
- CloudTrailARNInvalidException
object
:This exception is thrown when an operation is called with an invalid trail ARN. The format of a trail ARN is:
arn:aws:cloudtrail:us-east-1:123456789012:trail/MyTrail
CloudWatchLogsDeliveryUnavailableException
- CloudWatchLogsDeliveryUnavailableException
object
: Cannot set a CloudWatch Logs delivery for this region.
CreateTrailRequest
- CreateTrailRequest
object
: Specifies the settings for each trail.
CreateTrailResponse
- CreateTrailResponse
object
: Returns the objects or data listed below if successful. Otherwise, returns an error.
DataResource
- DataResource
object
:The Amazon S3 objects that you specify in your event selectors for your trail to log data events. Data events are object-level API operations that access S3 objects, such as
GetObject
,DeleteObject
, andPutObject
. You can specify up to 250 S3 buckets and object prefixes for a trail.Example
-
You create an event selector for a trail and specify an S3 bucket and an empty prefix, such as
arn:aws:s3:::bucket-1/
. -
You upload an image file to
bucket-1
. -
The
PutObject
API operation occurs on an object in the S3 bucket that you specified in the event selector. The trail processes and logs the event. -
You upload another image file to a different S3 bucket named
arn:aws:s3:::bucket-2
. -
The event occurs on an object in an S3 bucket that you didn't specify in the event selector. The trail doesn’t log the event.
- Type String
- Values DataResourceValues
-
DataResourceValues
- DataResourceValues
array
- items String
DataResources
- DataResources
array
- items DataResource
Date
- Date
string
DeleteTrailRequest
- DeleteTrailRequest
object
: The request that specifies the name of a trail to delete.- Name required String
DeleteTrailResponse
- DeleteTrailResponse
object
: Returns the objects or data listed below if successful. Otherwise, returns an error.
DescribeTrailsRequest
- DescribeTrailsRequest
object
: Returns information about the trail.- includeShadowTrails Boolean
- trailNameList TrailNameList
DescribeTrailsResponse
- DescribeTrailsResponse
object
: Returns the objects or data listed below if successful. Otherwise, returns an error.- trailList TrailList
Event
- Event
object
: Contains information about an event that was returned by a lookup request. The result includes a representation of a CloudTrail event.
EventSelector
- EventSelector
object
:Use event selectors to specify whether you want your trail to log management and/or data events. When an event occurs in your account, CloudTrail evaluates the event selector for all trails. For each trail, if the event matches any event selector, the trail processes and logs the event. If the event doesn't match any event selector, the trail doesn't log the event.
You can configure up to five event selectors for a trail.
- DataResources DataResources
- IncludeManagementEvents Boolean
- ReadWriteType ReadWriteType
EventSelectors
- EventSelectors
array
- items EventSelector
EventsList
- EventsList
array
- items Event
GetEventSelectorsRequest
- GetEventSelectorsRequest
object
- TrailName required String
GetEventSelectorsResponse
- GetEventSelectorsResponse
object
- EventSelectors EventSelectors
- TrailARN String
GetTrailStatusRequest
- GetTrailStatusRequest
object
: The name of a trail about which you want the current status.- Name required String
GetTrailStatusResponse
- GetTrailStatusResponse
object
: Returns the objects or data listed below if successful. Otherwise, returns an error.- IsLogging Boolean
- LatestCloudWatchLogsDeliveryError String
- LatestCloudWatchLogsDeliveryTime Date
- LatestDeliveryAttemptSucceeded String
- LatestDeliveryAttemptTime String
- LatestDeliveryError String
- LatestDeliveryTime Date
- LatestDigestDeliveryError String
- LatestDigestDeliveryTime Date
- LatestNotificationAttemptSucceeded String
- LatestNotificationAttemptTime String
- LatestNotificationError String
- LatestNotificationTime Date
- StartLoggingTime Date
- StopLoggingTime Date
- TimeLoggingStarted String
- TimeLoggingStopped String
InsufficientEncryptionPolicyException
- InsufficientEncryptionPolicyException
object
: This exception is thrown when the policy on the S3 bucket or KMS key is not sufficient.
InsufficientS3BucketPolicyException
- InsufficientS3BucketPolicyException
object
: This exception is thrown when the policy on the S3 bucket is not sufficient.
InsufficientSnsTopicPolicyException
- InsufficientSnsTopicPolicyException
object
: This exception is thrown when the policy on the SNS topic is not sufficient.
InvalidCloudWatchLogsLogGroupArnException
- InvalidCloudWatchLogsLogGroupArnException
object
: This exception is thrown when the provided CloudWatch log group is not valid.
InvalidCloudWatchLogsRoleArnException
- InvalidCloudWatchLogsRoleArnException
object
: This exception is thrown when the provided role is not valid.
InvalidEventSelectorsException
- InvalidEventSelectorsException
object
:This exception is thrown when the
PutEventSelectors
operation is called with an invalid number of event selectors, data resources, or an invalid value for a parameter:-
Specify a valid number of event selectors (1 to 5) for a trail.
-
Specify a valid number of data resources (1 to 250) for an event selector.
-
Specify a valid value for a parameter. For example, specifying the
ReadWriteType
parameter with a value ofread-only
is invalid.
-
InvalidHomeRegionException
- InvalidHomeRegionException
object
: This exception is thrown when an operation is called on a trail from a region other than the region in which the trail was created.
InvalidKmsKeyIdException
- InvalidKmsKeyIdException
object
: This exception is thrown when the KMS key ARN is invalid.
InvalidLookupAttributesException
- InvalidLookupAttributesException
object
: Occurs when an invalid lookup attribute is specified.
InvalidMaxResultsException
- InvalidMaxResultsException
object
: This exception is thrown if the limit specified is invalid.
InvalidNextTokenException
- InvalidNextTokenException
object
: Invalid token or token that was previously used in a request with different parameters. This exception is thrown if the token is invalid.
InvalidParameterCombinationException
- InvalidParameterCombinationException
object
: This exception is thrown when the combination of parameters provided is not valid.
InvalidS3BucketNameException
- InvalidS3BucketNameException
object
: This exception is thrown when the provided S3 bucket name is not valid.
InvalidS3PrefixException
- InvalidS3PrefixException
object
: This exception is thrown when the provided S3 prefix is not valid.
InvalidSnsTopicNameException
- InvalidSnsTopicNameException
object
: This exception is thrown when the provided SNS topic name is not valid.
InvalidTagParameterException
- InvalidTagParameterException
object
: This exception is thrown when the key or value specified for the tag does not match the regular expression^([\p{L}\p{Z}\p{N}_.:/=+\-@]*)$
.
InvalidTimeRangeException
- InvalidTimeRangeException
object
: Occurs if the timestamp values are invalid. Either the start time occurs after the end time or the time range is outside the range of possible values.
InvalidTokenException
- InvalidTokenException
object
: Reserved for future use.
InvalidTrailNameException
- InvalidTrailNameException
object
:This exception is thrown when the provided trail name is not valid. Trail names must meet the following requirements:
-
Contain only ASCII letters (a-z, A-Z), numbers (0-9), periods (.), underscores (_), or dashes (-)
-
Start with a letter or number, and end with a letter or number
-
Be between 3 and 128 characters
-
Have no adjacent periods, underscores or dashes. Names like
my-_namespace
andmy--namespace
are invalid. -
Not be in IP address format (for example, 192.168.5.4)
-
KmsException
- KmsException
object
: This exception is thrown when there is an issue with the specified KMS key and the trail can’t be updated.
KmsKeyDisabledException
- KmsKeyDisabledException
object
: This exception is deprecated.
KmsKeyNotFoundException
- KmsKeyNotFoundException
object
: This exception is thrown when the KMS key does not exist, or when the S3 bucket and the KMS key are not in the same region.
ListPublicKeysRequest
- ListPublicKeysRequest
object
: Requests the public keys for a specified time range.
ListPublicKeysResponse
- ListPublicKeysResponse
object
: Returns the objects or data listed below if successful. Otherwise, returns an error.- NextToken String
- PublicKeyList PublicKeyList
ListTagsRequest
- ListTagsRequest
object
: Specifies a list of trail tags to return.- NextToken String
- ResourceIdList required ResourceIdList
ListTagsResponse
- ListTagsResponse
object
: Returns the objects or data listed below if successful. Otherwise, returns an error.- NextToken String
- ResourceTagList ResourceTagList
LookupAttribute
- LookupAttribute
object
: Specifies an attribute and value that filter the events returned.- AttributeKey required LookupAttributeKey
- AttributeValue required String
LookupAttributeKey
- LookupAttributeKey
string
(values: EventId, EventName, Username, ResourceType, ResourceName, EventSource)
LookupAttributesList
- LookupAttributesList
array
- items LookupAttribute
LookupEventsRequest
- LookupEventsRequest
object
: Contains a request for LookupEvents.- EndTime Date
- LookupAttributes LookupAttributesList
- MaxResults MaxResults
- NextToken NextToken
- StartTime Date
LookupEventsResponse
- LookupEventsResponse
object
: Contains a response to a LookupEvents action.- Events EventsList
- NextToken NextToken
MaxResults
- MaxResults
integer
MaximumNumberOfTrailsExceededException
- MaximumNumberOfTrailsExceededException
object
: This exception is thrown when the maximum number of trails is reached.
NextToken
- NextToken
string
OperationNotPermittedException
- OperationNotPermittedException
object
: This exception is thrown when the requested operation is not permitted.
PublicKey
- PublicKey
object
: Contains information about a returned public key.- Fingerprint String
- ValidityEndTime Date
- ValidityStartTime Date
- Value ByteBuffer
PublicKeyList
- PublicKeyList
array
- items PublicKey
PutEventSelectorsRequest
- PutEventSelectorsRequest
object
- EventSelectors required EventSelectors
- TrailName required String
PutEventSelectorsResponse
- PutEventSelectorsResponse
object
- EventSelectors EventSelectors
- TrailARN String
ReadWriteType
- ReadWriteType
string
(values: ReadOnly, WriteOnly, All)
RemoveTagsRequest
- RemoveTagsRequest
object
: Specifies the tags to remove from a trail.
RemoveTagsResponse
- RemoveTagsResponse
object
: Returns the objects or data listed below if successful. Otherwise, returns an error.
Resource
- Resource
object
: Specifies the type and name of a resource referenced by an event.
ResourceIdList
- ResourceIdList
array
- items String
ResourceList
- ResourceList
array
: A list of resources referenced by the event returned.- items Resource
ResourceNotFoundException
- ResourceNotFoundException
object
: This exception is thrown when the specified resource is not found.
ResourceTag
ResourceTagList
- ResourceTagList
array
- items ResourceTag
ResourceTypeNotSupportedException
- ResourceTypeNotSupportedException
object
: This exception is thrown when the specified resource type is not supported by CloudTrail.
S3BucketDoesNotExistException
- S3BucketDoesNotExistException
object
: This exception is thrown when the specified S3 bucket does not exist.
StartLoggingRequest
- StartLoggingRequest
object
: The request to CloudTrail to start logging AWS API calls for an account.- Name required String
StartLoggingResponse
- StartLoggingResponse
object
: Returns the objects or data listed below if successful. Otherwise, returns an error.
StopLoggingRequest
- StopLoggingRequest
object
: Passes the request to CloudTrail to stop logging AWS API calls for the specified account.- Name required String
StopLoggingResponse
- StopLoggingResponse
object
: Returns the objects or data listed below if successful. Otherwise, returns an error.
String
- String
string
Tag
- Tag
object
: A custom key-value pair associated with a resource such as a CloudTrail trail.
TagsLimitExceededException
- TagsLimitExceededException
object
: The number of tags per trail has exceeded the permitted amount. Currently, the limit is 50.
TagsList
- TagsList
array
: A list of tags.- items Tag
Trail
- Trail
object
: The settings for a trail.- CloudWatchLogsLogGroupArn String
- CloudWatchLogsRoleArn String
- HasCustomEventSelectors Boolean
- HomeRegion String
- IncludeGlobalServiceEvents Boolean
- IsMultiRegionTrail Boolean
- KmsKeyId String
- LogFileValidationEnabled Boolean
- Name String
- S3BucketName String
- S3KeyPrefix String
- SnsTopicARN String
- SnsTopicName String
- TrailARN String
TrailAlreadyExistsException
- TrailAlreadyExistsException
object
: This exception is thrown when the specified trail already exists.
TrailList
- TrailList
array
- items Trail
TrailNameList
- TrailNameList
array
- items String
TrailNotFoundException
- TrailNotFoundException
object
: This exception is thrown when the trail with the given name is not found.
TrailNotProvidedException
- TrailNotProvidedException
object
: This exception is deprecated.
UnsupportedOperationException
- UnsupportedOperationException
object
: This exception is thrown when the requested operation is not supported.
UpdateTrailRequest
- UpdateTrailRequest
object
: Specifies settings to update for the trail.
UpdateTrailResponse
- UpdateTrailResponse
object
: Returns the objects or data listed below if successful. Otherwise, returns an error.