amazonaws_cloudtrail

@datafire/amazonaws_cloudtrail

Client library for AWS CloudTrail

Installation and Usage

npm install --save @datafire/amazonaws_cloudtrail

let amazonaws_cloudtrail = require('@datafire/amazonaws_cloudtrail').create({
  accessKeyId: "",
  secretAccessKey: "",
  region: ""
});

.then(data => {
  console.log(data);
});

Description

AWS CloudTrail

This is the CloudTrail API Reference. It provides descriptions of actions, data types, common parameters, and common errors for CloudTrail.

CloudTrail is a web service that records AWS API calls for your AWS account and delivers log files to an Amazon S3 bucket. The recorded information includes the identity of the user, the start time of the AWS API call, the source IP address, the request parameters, and the response elements returned by the service.

As an alternative to the API, you can use one of the AWS SDKs, which consist of libraries and sample code for various programming languages and platforms (Java, Ruby, .NET, iOS, Android, etc.). The SDKs provide a convenient way to create programmatic access to AWSCloudTrail. For example, the SDKs take care of cryptographically signing requests, managing errors, and retrying requests automatically. For information about the AWS SDKs, including how to download and install them, see the Tools for Amazon Web Services page.

See the AWS CloudTrail User Guide for information about the data that is included with each AWS API call listed in the log files.

Actions

AddTags

amazonaws_cloudtrail.AddTags({
  "ResourceId": null
}, context)

Input

• input object
  • ResourceId required
  • TagsList
    • items Tag

Output

• output AddTagsResponse

CreateTrail

amazonaws_cloudtrail.CreateTrail({
  "Name": null,
  "S3BucketName": null
}, context)

Input

• input object
  • CloudWatchLogsLogGroupArn
  • CloudWatchLogsRoleArn
  • EnableLogFileValidation
  • IncludeGlobalServiceEvents
  • IsMultiRegionTrail
  • IsOrganizationTrail
  • KmsKeyId
  • Name required
  • S3BucketName required
  • S3KeyPrefix
  • SnsTopicName
  • TagsList TagsList

Output

• output CreateTrailResponse

DeleteTrail

amazonaws_cloudtrail.DeleteTrail({
  "Name": null
}, context)

Input

• input object
  • Name required

Output

• output DeleteTrailResponse

DescribeTrails

amazonaws_cloudtrail.DescribeTrails({}, context)

Input

• input object
  • includeShadowTrails
  • trailNameList
    • items String

Output

• output DescribeTrailsResponse

GetEventSelectors

amazonaws_cloudtrail.GetEventSelectors({
  "TrailName": null
}, context)

Input

• input object
  • TrailName required

Output

• output GetEventSelectorsResponse

GetInsightSelectors

amazonaws_cloudtrail.GetInsightSelectors({
  "TrailName": null
}, context)

Input

• input object
  • TrailName required

Output

• output GetInsightSelectorsResponse

GetTrail

amazonaws_cloudtrail.GetTrail({
  "Name": null
}, context)

Input

• input object
  • Name required

Output

• output GetTrailResponse

GetTrailStatus

amazonaws_cloudtrail.GetTrailStatus({
  "Name": null
}, context)

Input

• input object
  • Name required

Output

• output GetTrailStatusResponse

ListPublicKeys

amazonaws_cloudtrail.ListPublicKeys({}, context)

Input

• input object
  • NextToken string
  • EndTime
  • NextToken
  • StartTime

Output

• output ListPublicKeysResponse

ListTags

amazonaws_cloudtrail.ListTags({
  "ResourceIdList": null
}, context)

Input

• input object
  • NextToken string
  • NextToken
  • ResourceIdList required
    • items String

Output

• output ListTagsResponse

ListTrails

amazonaws_cloudtrail.ListTrails({}, context)

Input

• input object
  • NextToken string
  • NextToken

Output

• output ListTrailsResponse

LookupEvents

amazonaws_cloudtrail.LookupEvents({}, context)

Input

• input object
  • MaxResults string
  • NextToken string
  • EndTime
  • EventCategory
  • LookupAttributes
    • items LookupAttribute
  • MaxResults
  • NextToken
  • StartTime

Output

• output LookupEventsResponse

PutEventSelectors

amazonaws_cloudtrail.PutEventSelectors({
  "TrailName": null
}, context)

Input

• input object
  • AdvancedEventSelectors
    • items AdvancedEventSelector
  • EventSelectors
    • items EventSelector
  • TrailName required

Output

• output PutEventSelectorsResponse

PutInsightSelectors

amazonaws_cloudtrail.PutInsightSelectors({
  "TrailName": null,
  "InsightSelectors": null
}, context)

Input

• input object
  • InsightSelectors required
    • items InsightSelector
  • TrailName required

Output

• output PutInsightSelectorsResponse

RemoveTags

amazonaws_cloudtrail.RemoveTags({
  "ResourceId": null
}, context)

Input

• input object
  • ResourceId required
  • TagsList
    • items Tag

Output

• output RemoveTagsResponse

StartLogging

amazonaws_cloudtrail.StartLogging({
  "Name": null
}, context)

Input

• input object
  • Name required

Output

• output StartLoggingResponse

StopLogging

amazonaws_cloudtrail.StopLogging({
  "Name": null
}, context)

Input

• input object
  • Name required

Output

• output StopLoggingResponse

UpdateTrail

amazonaws_cloudtrail.UpdateTrail({
  "Name": null
}, context)

Input

• input object
  • CloudWatchLogsLogGroupArn
  • CloudWatchLogsRoleArn
  • EnableLogFileValidation
  • IncludeGlobalServiceEvents
  • IsMultiRegionTrail
  • IsOrganizationTrail
  • KmsKeyId
  • Name required
  • S3BucketName
  • S3KeyPrefix
  • SnsTopicName

Output

• output UpdateTrailResponse

Definitions

AddTagsRequest

• AddTagsRequest object: Specifies the tags to add to a trail.
  • ResourceId required
  • TagsList
    • items Tag

AddTagsResponse

• AddTagsResponse object: Returns the objects or data listed below if successful. Otherwise, returns an error.

AdvancedEventSelector

• AdvancedEventSelector object:

  Advanced event selectors let you create fine-grained selectors for the following AWS CloudTrail event record fields. They help you control costs by logging only those events that are important to you. For more information about advanced event selectors, see Logging data events for trails in the AWS CloudTrail User Guide.

  • readOnly

  • eventSource

  • eventName

  • eventCategory

  • resources.type

  • resources.ARN

  You cannot apply both event selectors and advanced event selectors to a trail.

  • FieldSelectors required
    • items AdvancedFieldSelector
  • Name

AdvancedEventSelectors

• AdvancedEventSelectors array
  • items AdvancedEventSelector

AdvancedFieldSelector

• AdvancedFieldSelector object: A single selector statement in an advanced event selector.
  • EndsWith
    • items OperatorValue
  • Equals
    • items OperatorValue
  • Field required
  • NotEndsWith
    • items OperatorValue
  • NotEquals
    • items OperatorValue
  • NotStartsWith
    • items OperatorValue
  • StartsWith
    • items OperatorValue

AdvancedFieldSelectors

• AdvancedFieldSelectors array
  • items AdvancedFieldSelector

Boolean

• Boolean boolean

ByteBuffer

• ByteBuffer string

CloudTrailARNInvalidException

CloudTrailAccessNotEnabledException

CloudTrailInvalidClientTokenIdException

CloudWatchLogsDeliveryUnavailableException

CreateTrailRequest

• CreateTrailRequest object: Specifies the settings for each trail.
  • CloudWatchLogsLogGroupArn
  • CloudWatchLogsRoleArn
  • EnableLogFileValidation
  • IncludeGlobalServiceEvents
  • IsMultiRegionTrail
  • IsOrganizationTrail
  • KmsKeyId
  • Name required
  • S3BucketName required
  • S3KeyPrefix
  • SnsTopicName
  • TagsList TagsList

CreateTrailResponse

• CreateTrailResponse object: Returns the objects or data listed below if successful. Otherwise, returns an error.
  • CloudWatchLogsLogGroupArn
  • CloudWatchLogsRoleArn
  • IncludeGlobalServiceEvents
  • IsMultiRegionTrail
  • IsOrganizationTrail
  • KmsKeyId
  • LogFileValidationEnabled
  • Name
  • S3BucketName
  • S3KeyPrefix
  • SnsTopicARN
  • SnsTopicName
  • TrailARN

DataResource

• DataResource object:

  The Amazon S3 buckets or AWS Lambda functions that you specify in your event selectors for your trail to log data events. Data events provide information about the resource operations performed on or within a resource itself. These are also known as data plane operations. You can specify up to 250 data resources for a trail.

  The total number of allowed data resources is 250. This number can be distributed between 1 and 5 event selectors, but the total cannot exceed 250 across all selectors.

  If you are using advanced event selectors, the maximum total number of values for all conditions, across all advanced event selectors for the trail, is 500.

  The following example demonstrates how logging works when you configure logging of all data events for an S3 bucket named bucket-1. In this example, the CloudTrail user specified an empty prefix, and the option to log both Read and Write data events.

  1. A user uploads an image file to bucket-1.

  2. The PutObject API operation is an Amazon S3 object-level API. It is recorded as a data event in CloudTrail. Because the CloudTrail user specified an S3 bucket with an empty prefix, events that occur on any object in that bucket are logged. The trail processes and logs the event.

  3. A user uploads an object to an Amazon S3 bucket named arn:aws:s3:::bucket-2.

  4. The PutObject API operation occurred for an object in an S3 bucket that the CloudTrail user didn't specify for the trail. The trail doesn’t log the event.

  The following example demonstrates how logging works when you configure logging of AWS Lambda data events for a Lambda function named MyLambdaFunction, but not for all AWS Lambda functions.

  1. A user runs a script that includes a call to the MyLambdaFunction function and the MyOtherLambdaFunction function.

  2. The Invoke API operation on MyLambdaFunction is an AWS Lambda API. It is recorded as a data event in CloudTrail. Because the CloudTrail user specified logging data events for MyLambdaFunction, any invocations of that function are logged. The trail processes and logs the event.

  3. The Invoke API operation on MyOtherLambdaFunction is an AWS Lambda API. Because the CloudTrail user did not specify logging data events for all Lambda functions, the Invoke operation for MyOtherLambdaFunction does not match the function specified for the trail. The trail doesn’t log the event.

  • Type
  • Values
    • items String

DataResourceValues

• DataResourceValues array
  • items String

DataResources

• DataResources array
  • items DataResource

Date

• Date string

DeleteTrailRequest

• DeleteTrailRequest object: The request that specifies the name of a trail to delete.
  • Name required

DeleteTrailResponse

• DeleteTrailResponse object: Returns the objects or data listed below if successful. Otherwise, returns an error.

DescribeTrailsRequest

• DescribeTrailsRequest object: Returns information about the trail.
  • includeShadowTrails
  • trailNameList
    • items String

DescribeTrailsResponse

• DescribeTrailsResponse object: Returns the objects or data listed below if successful. Otherwise, returns an error.
  • trailList
    • items Trail

Event

• Event object: Contains information about an event that was returned by a lookup request. The result includes a representation of a CloudTrail event.
  • AccessKeyId
  • CloudTrailEvent
  • EventId
  • EventName
  • EventSource
  • EventTime
  • ReadOnly
  • Resources
    • items Resource
  • Username

EventCategory

• EventCategory string (values: insight)

EventSelector

• EventSelector object:

  Use event selectors to further specify the management and data event settings for your trail. By default, trails created without specific event selectors will be configured to log all read and write management events, and no data events. When an event occurs in your account, CloudTrail evaluates the event selector for all trails. For each trail, if the event matches any event selector, the trail processes and logs the event. If the event doesn't match any event selector, the trail doesn't log the event.

  You can configure up to five event selectors for a trail.

  You cannot apply both event selectors and advanced event selectors to a trail.

  • DataResources
    • items DataResource
  • ExcludeManagementEventSources
    • items String
  • IncludeManagementEvents
  • ReadWriteType

EventSelectors

• EventSelectors array
  • items EventSelector

EventsList

• EventsList array
  • items Event

ExcludeManagementEventSources

• ExcludeManagementEventSources array
  • items String

GetEventSelectorsRequest

• GetEventSelectorsRequest object
  • TrailName required

GetEventSelectorsResponse

• GetEventSelectorsResponse object
  • AdvancedEventSelectors
    • items AdvancedEventSelector
  • EventSelectors
    • items EventSelector
  • TrailARN

GetInsightSelectorsRequest

• GetInsightSelectorsRequest object
  • TrailName required

GetInsightSelectorsResponse

• GetInsightSelectorsResponse object
  • InsightSelectors
    • items InsightSelector
  • TrailARN

GetTrailRequest

• GetTrailRequest object
  • Name required

GetTrailResponse

• GetTrailResponse object
  • Trail Trail

GetTrailStatusRequest

• GetTrailStatusRequest object: The name of a trail about which you want the current status.
  • Name required

GetTrailStatusResponse

• GetTrailStatusResponse object: Returns the objects or data listed below if successful. Otherwise, returns an error.
  • IsLogging
  • LatestCloudWatchLogsDeliveryError
  • LatestCloudWatchLogsDeliveryTime
  • LatestDeliveryAttemptSucceeded
  • LatestDeliveryAttemptTime
  • LatestDeliveryError
  • LatestDeliveryTime
  • LatestDigestDeliveryError
  • LatestDigestDeliveryTime
  • LatestNotificationAttemptSucceeded
  • LatestNotificationAttemptTime
  • LatestNotificationError
  • LatestNotificationTime
  • StartLoggingTime
  • StopLoggingTime
  • TimeLoggingStarted
  • TimeLoggingStopped

InsightNotEnabledException

InsightSelector

• InsightSelector object: A JSON string that contains a list of insight types that are logged on a trail.
  • InsightType

InsightSelectors

• InsightSelectors array
  • items InsightSelector

InsightType

• InsightType string (values: ApiCallRateInsight)

InsufficientDependencyServiceAccessPermissionException

InsufficientEncryptionPolicyException

InsufficientS3BucketPolicyException

InsufficientSnsTopicPolicyException

InvalidCloudWatchLogsLogGroupArnException

InvalidCloudWatchLogsRoleArnException

InvalidEventCategoryException

InvalidEventSelectorsException

InvalidHomeRegionException

InvalidInsightSelectorsException

InvalidKmsKeyIdException

InvalidLookupAttributesException

InvalidMaxResultsException

InvalidNextTokenException

InvalidParameterCombinationException

InvalidS3BucketNameException

InvalidS3PrefixException

InvalidSnsTopicNameException

InvalidTagParameterException

InvalidTimeRangeException

InvalidTokenException

InvalidTrailNameException

KmsException

KmsKeyDisabledException

KmsKeyNotFoundException

ListPublicKeysRequest

• ListPublicKeysRequest object: Requests the public keys for a specified time range.
  • EndTime
  • NextToken
  • StartTime

ListPublicKeysResponse

• ListPublicKeysResponse object: Returns the objects or data listed below if successful. Otherwise, returns an error.
  • NextToken
  • PublicKeyList
    • items PublicKey

ListTagsRequest

• ListTagsRequest object: Specifies a list of trail tags to return.
  • NextToken
  • ResourceIdList required
    • items String

ListTagsResponse

• ListTagsResponse object: Returns the objects or data listed below if successful. Otherwise, returns an error.
  • NextToken
  • ResourceTagList
    • items ResourceTag

ListTrailsRequest

• ListTrailsRequest object
  • NextToken

ListTrailsResponse

• ListTrailsResponse object
  • NextToken
  • Trails
    • items TrailInfo

LookupAttribute

• LookupAttribute object: Specifies an attribute and value that filter the events returned.
  • AttributeKey required
  • AttributeValue required

LookupAttributeKey

• LookupAttributeKey string (values: EventId, EventName, ReadOnly, Username, ResourceType, ResourceName, EventSource, AccessKeyId)

LookupAttributesList

• LookupAttributesList array
  • items LookupAttribute

LookupEventsRequest

• LookupEventsRequest object: Contains a request for LookupEvents.
  • EndTime
  • EventCategory
  • LookupAttributes
    • items LookupAttribute
  • MaxResults
  • NextToken
  • StartTime

LookupEventsResponse

• LookupEventsResponse object: Contains a response to a LookupEvents action.
  • Events
    • items Event
  • NextToken

MaxResults

• MaxResults integer

MaximumNumberOfTrailsExceededException

NextToken

• NextToken string

NotOrganizationMasterAccountException

OperationNotPermittedException

Operator

• Operator array
  • items OperatorValue

OperatorValue

• OperatorValue string

OrganizationNotInAllFeaturesModeException

OrganizationsNotInUseException

PublicKey

• PublicKey object: Contains information about a returned public key.
  • Fingerprint
  • ValidityEndTime
  • ValidityStartTime
  • Value

PublicKeyList

• PublicKeyList array
  • items PublicKey

PutEventSelectorsRequest

• PutEventSelectorsRequest object
  • AdvancedEventSelectors
    • items AdvancedEventSelector
  • EventSelectors
    • items EventSelector
  • TrailName required

PutEventSelectorsResponse

• PutEventSelectorsResponse object
  • AdvancedEventSelectors
    • items AdvancedEventSelector
  • EventSelectors
    • items EventSelector
  • TrailARN

PutInsightSelectorsRequest

• PutInsightSelectorsRequest object
  • InsightSelectors required
    • items InsightSelector
  • TrailName required

PutInsightSelectorsResponse

• PutInsightSelectorsResponse object
  • InsightSelectors
    • items InsightSelector
  • TrailARN

ReadWriteType

• ReadWriteType string (values: ReadOnly, WriteOnly, All)

RemoveTagsRequest

• RemoveTagsRequest object: Specifies the tags to remove from a trail.
  • ResourceId required
  • TagsList
    • items Tag

RemoveTagsResponse

• RemoveTagsResponse object: Returns the objects or data listed below if successful. Otherwise, returns an error.

Resource

• Resource object: Specifies the type and name of a resource referenced by an event.
  • ResourceName
  • ResourceType

ResourceIdList

• ResourceIdList array
  • items String

ResourceList

• ResourceList array: A list of resources referenced by the event returned.
  • items Resource

ResourceNotFoundException

ResourceTag

• ResourceTag object: A resource tag.
  • ResourceId
  • TagsList
    • items Tag

ResourceTagList

• ResourceTagList array
  • items ResourceTag

ResourceTypeNotSupportedException

S3BucketDoesNotExistException

SelectorField

• SelectorField string

SelectorName

• SelectorName string

StartLoggingRequest

• StartLoggingRequest object: The request to CloudTrail to start logging AWS API calls for an account.
  • Name required

StartLoggingResponse

• StartLoggingResponse object: Returns the objects or data listed below if successful. Otherwise, returns an error.

StopLoggingRequest

• StopLoggingRequest object: Passes the request to CloudTrail to stop logging AWS API calls for the specified account.
  • Name required

StopLoggingResponse

• StopLoggingResponse object: Returns the objects or data listed below if successful. Otherwise, returns an error.

String

• String string

Tag

• Tag object: A custom key-value pair associated with a resource such as a CloudTrail trail.
  • Key required
  • Value

TagsLimitExceededException

TagsList

• TagsList array: A list of tags.
  • items Tag

Trail

• Trail object: The settings for a trail.
  • CloudWatchLogsLogGroupArn
  • CloudWatchLogsRoleArn
  • HasCustomEventSelectors
  • HasInsightSelectors
  • HomeRegion
  • IncludeGlobalServiceEvents
  • IsMultiRegionTrail
  • IsOrganizationTrail
  • KmsKeyId
  • LogFileValidationEnabled
  • Name
  • S3BucketName
  • S3KeyPrefix
  • SnsTopicARN
  • SnsTopicName
  • TrailARN

TrailAlreadyExistsException

TrailInfo

• TrailInfo object: Information about a CloudTrail trail, including the trail's name, home region, and Amazon Resource Name (ARN).
  • HomeRegion
  • Name
  • TrailARN

TrailList

• TrailList array
  • items Trail

TrailNameList

• TrailNameList array
  • items String

TrailNotFoundException

TrailNotProvidedException

Trails

• Trails array
  • items TrailInfo

UnsupportedOperationException

UpdateTrailRequest

• UpdateTrailRequest object: Specifies settings to update for the trail.
  • CloudWatchLogsLogGroupArn
  • CloudWatchLogsRoleArn
  • EnableLogFileValidation
  • IncludeGlobalServiceEvents
  • IsMultiRegionTrail
  • IsOrganizationTrail
  • KmsKeyId
  • Name required
  • S3BucketName
  • S3KeyPrefix
  • SnsTopicName

UpdateTrailResponse

• UpdateTrailResponse object: Returns the objects or data listed below if successful. Otherwise, returns an error.
  • CloudWatchLogsLogGroupArn
  • CloudWatchLogsRoleArn
  • IncludeGlobalServiceEvents
  • IsMultiRegionTrail
  • IsOrganizationTrail
  • KmsKeyId
  • LogFileValidationEnabled
  • Name
  • S3BucketName
  • S3KeyPrefix
  • SnsTopicARN
  • SnsTopicName
  • TrailARN