Table of Contents
CloudTrail.
Client
¶A low-level client representing AWS CloudTrail:
client = session.create_client('cloudtrail')
These are the available methods:
can_paginate()
create_trail()
delete_trail()
describe_trails()
generate_presigned_url()
get_paginator()
get_trail_status()
get_waiter()
lookup_events()
start_logging()
stop_logging()
update_trail()
can_paginate
(operation_name)¶Check if an operation can be paginated.
Parameters: | operation_name (string) -- The operation name. This is the same name
as the method name on the client. For example, if the
method name is create_foo , and you'd normally invoke the
operation as client.create_foo(**kwargs) , if the
create_foo operation can be paginated, you can use the
call client.get_paginator("create_foo") . |
---|---|
Returns: | True if the operation can be paginated,
False otherwise. |
create_trail
(**kwargs)¶From the command line, use create-subscription
.
Creates a trail that specifies the settings for delivery of log data to an Amazon S3 bucket.
Request Syntax
response = client.create_trail(
Name='string',
S3BucketName='string',
S3KeyPrefix='string',
SnsTopicName='string',
IncludeGlobalServiceEvents=True|False,
CloudWatchLogsLogGroupArn='string',
CloudWatchLogsRoleArn='string'
)
Parameters: |
|
---|---|
Return type: | dict |
Returns: | Response Syntax {
'Name': 'string',
'S3BucketName': 'string',
'S3KeyPrefix': 'string',
'SnsTopicName': 'string',
'IncludeGlobalServiceEvents': True|False,
'CloudWatchLogsLogGroupArn': 'string',
'CloudWatchLogsRoleArn': 'string'
}
Response Structure
|
delete_trail
(**kwargs)¶Deletes a trail.
Request Syntax
response = client.delete_trail(
Name='string'
)
Parameters: | Name (string) -- [REQUIRED] The name of a trail to be deleted. |
---|---|
Return type: | dict |
Returns: | Response Syntax{}
Response Structure
|
describe_trails
(**kwargs)¶Retrieves settings for the trail associated with the current region for your account.
Request Syntax
response = client.describe_trails(
trailNameList=[
'string',
]
)
Parameters: | trailNameList (list) -- The trail returned.
|
---|---|
Return type: | dict |
Returns: | Response Syntax{
'trailList': [
{
'Name': 'string',
'S3BucketName': 'string',
'S3KeyPrefix': 'string',
'SnsTopicName': 'string',
'IncludeGlobalServiceEvents': True|False,
'CloudWatchLogsLogGroupArn': 'string',
'CloudWatchLogsRoleArn': 'string'
},
]
}
Response Structure
|
generate_presigned_url
(ClientMethod, Params=None, ExpiresIn=3600, HttpMethod=None)¶Generate a presigned url given a client, its method, and arguments
Parameters: |
|
---|---|
Returns: | The presigned url |
get_paginator
(operation_name)¶Create a paginator for an operation.
Parameters: | operation_name (string) -- The operation name. This is the same name
as the method name on the client. For example, if the
method name is create_foo , and you'd normally invoke the
operation as client.create_foo(**kwargs) , if the
create_foo operation can be paginated, you can use the
call client.get_paginator("create_foo") . |
---|---|
Raises OperationNotPageableError: | |
Raised if the operation is not
pageable. You can use the client.can_paginate method to
check if an operation is pageable. |
|
Return type: | L{botocore.paginate.Paginator} |
Returns: | A paginator object. |
get_trail_status
(**kwargs)¶Returns a JSON-formatted list of information about the specified trail. Fields include information on delivery errors, Amazon SNS and Amazon S3 errors, and start and stop logging times for each trail.
Request Syntax
response = client.get_trail_status(
Name='string'
)
Parameters: | Name (string) -- [REQUIRED] The name of the trail for which you are requesting the current status. |
---|---|
Return type: | dict |
Returns: | Response Syntax{
'IsLogging': True|False,
'LatestDeliveryError': 'string',
'LatestNotificationError': 'string',
'LatestDeliveryTime': datetime(2015, 1, 1),
'LatestNotificationTime': datetime(2015, 1, 1),
'StartLoggingTime': datetime(2015, 1, 1),
'StopLoggingTime': datetime(2015, 1, 1),
'LatestCloudWatchLogsDeliveryError': 'string',
'LatestCloudWatchLogsDeliveryTime': datetime(2015, 1, 1)
}
Response Structure
|
get_waiter
(waiter_name)¶lookup_events
(**kwargs)¶Looks up API activity events captured by CloudTrail that create, update, or delete resources in your account. Events for a region can be looked up for the times in which you had CloudTrail turned on in that region during the last seven days. Lookup supports five different attributes: time range (defined by a start time and end time), user name, event name, resource type, and resource name. All attributes are optional. The maximum number of attributes that can be specified in any one lookup request are time range and one other attribute. The default number of results returned is 10, with a maximum of 50 possible. The response includes a token that you can use to get the next page of results. The rate of lookup requests is limited to one per second per account.
Warning
Events that occurred during the selected time range will not be available for lookup if CloudTrail logging was not enabled when the events occurred.
Request Syntax
response = client.lookup_events(
LookupAttributes=[
{
'AttributeKey': 'EventId'|'EventName'|'Username'|'ResourceType'|'ResourceName',
'AttributeValue': 'string'
},
],
StartTime=datetime(2015, 1, 1),
EndTime=datetime(2015, 1, 1),
MaxResults=123,
NextToken='string'
)
Parameters: |
|
---|---|
Return type: | dict |
Returns: | Response Syntax {
'Events': [
{
'EventId': 'string',
'EventName': 'string',
'EventTime': datetime(2015, 1, 1),
'Username': 'string',
'Resources': [
{
'ResourceType': 'string',
'ResourceName': 'string'
},
],
'CloudTrailEvent': 'string'
},
],
'NextToken': 'string'
}
Response Structure
|
start_logging
(**kwargs)¶Starts the recording of AWS API calls and log file delivery for a trail.
Request Syntax
response = client.start_logging(
Name='string'
)
Parameters: | Name (string) -- [REQUIRED] The name of the trail for which CloudTrail logs AWS API calls. |
---|---|
Return type: | dict |
Returns: | Response Syntax{}
Response Structure
|
stop_logging
(**kwargs)¶Suspends the recording of AWS API calls and log file delivery for the specified trail. Under most circumstances, there is no need to use this action. You can update a trail without stopping it first. This action is the only way to stop recording.
Request Syntax
response = client.stop_logging(
Name='string'
)
Parameters: | Name (string) -- [REQUIRED] Communicates to CloudTrail the name of the trail for which to stop logging AWS API calls. |
---|---|
Return type: | dict |
Returns: | Response Syntax{}
Response Structure
|
update_trail
(**kwargs)¶From the command line, use update-subscription
.
Updates the settings that specify delivery of log files. Changes to a trail do not require stopping the CloudTrail service. Use this action to designate an existing bucket for log delivery. If the existing bucket has previously been a target for CloudTrail log files, an IAM policy exists for the bucket.
Request Syntax
response = client.update_trail(
Name='string',
S3BucketName='string',
S3KeyPrefix='string',
SnsTopicName='string',
IncludeGlobalServiceEvents=True|False,
CloudWatchLogsLogGroupArn='string',
CloudWatchLogsRoleArn='string'
)
Parameters: |
|
---|---|
Return type: | dict |
Returns: | Response Syntax {
'Name': 'string',
'S3BucketName': 'string',
'S3KeyPrefix': 'string',
'SnsTopicName': 'string',
'IncludeGlobalServiceEvents': True|False,
'CloudWatchLogsLogGroupArn': 'string',
'CloudWatchLogsRoleArn': 'string'
}
Response Structure
|