Skip to content

Client

cloudtrail R Documentation

AWS CloudTrail

Description

CloudTrail

This is the CloudTrail API Reference. It provides descriptions of actions, data types, common parameters, and common errors for CloudTrail.

CloudTrail is a web service that records Amazon Web Services API calls for your Amazon Web Services account and delivers log files to an Amazon S3 bucket. The recorded information includes the identity of the user, the start time of the Amazon Web Services API call, the source IP address, the request parameters, and the response elements returned by the service.

As an alternative to the API, you can use one of the Amazon Web Services SDKs, which consist of libraries and sample code for various programming languages and platforms (Java, Ruby, .NET, iOS, Android, etc.). The SDKs provide programmatic access to CloudTrail. For example, the SDKs handle cryptographically signing requests, managing errors, and retrying requests automatically. For more information about the Amazon Web Services SDKs, including how to download and install them, see Tools to Build on Amazon Web Services.

See the CloudTrail User Guide for information about the data that is included with each Amazon Web Services API call listed in the log files.

Usage

cloudtrail(
  config = list(),
  credentials = list(),
  endpoint = NULL,
  region = NULL
)

Arguments

config

Optional configuration of credentials, endpoint, and/or region.

  • credentials:

    • creds:

      • access_key_id: AWS access key ID

      • secret_access_key: AWS secret access key

      • session_token: AWS temporary session token

    • profile: The name of a profile to use. If not given, then the default profile is used.

    • anonymous: Set anonymous credentials.

  • endpoint: The complete URL to use for the constructed client.

  • region: The AWS Region used in instantiating the client.

  • close_connection: Immediately close all HTTP connections.

  • timeout: The time in seconds till a timeout exception is thrown when attempting to make a connection. The default is 60 seconds.

  • s3_force_path_style: Set this to true to force the request to use path-style addressing, i.e. ⁠http://s3.amazonaws.com/BUCKET/KEY⁠.

  • sts_regional_endpoint: Set sts regional endpoint resolver to regional or legacy https://docs.aws.amazon.com/sdkref/latest/guide/feature-sts-regionalized-endpoints.html

credentials

Optional credentials shorthand for the config parameter

  • creds:

    • access_key_id: AWS access key ID

    • secret_access_key: AWS secret access key

    • session_token: AWS temporary session token

  • profile: The name of a profile to use. If not given, then the default profile is used.

  • anonymous: Set anonymous credentials.

endpoint

Optional shorthand for complete URL to use for the constructed client.

region

Optional shorthand for AWS Region used in instantiating the client.

Value

A client for the service. You can call the service's operations using syntax like svc$operation(...), where svc is the name you've assigned to the client. The available operations are listed in the Operations section.

Service syntax

svc <- cloudtrail(
  config = list(
    credentials = list(
      creds = list(
        access_key_id = "string",
        secret_access_key = "string",
        session_token = "string"
      ),
      profile = "string",
      anonymous = "logical"
    ),
    endpoint = "string",
    region = "string",
    close_connection = "logical",
    timeout = "numeric",
    s3_force_path_style = "logical",
    sts_regional_endpoint = "string"
  ),
  credentials = list(
    creds = list(
      access_key_id = "string",
      secret_access_key = "string",
      session_token = "string"
    ),
    profile = "string",
    anonymous = "logical"
  ),
  endpoint = "string",
  region = "string"
)

Operations

add_tags
Adds one or more tags to a trail, event data store, or channel, up to a limit of 50
cancel_query
Cancels a query if the query is not in a terminated state, such as CANCELLED, FAILED, TIMED_OUT, or FINISHED
create_channel
Creates a channel for CloudTrail to ingest events from a partner or external source
create_event_data_store
Creates a new event data store
create_trail
Creates a trail that specifies the settings for delivery of log data to an Amazon S3 bucket
delete_channel
Deletes a channel
delete_event_data_store
Disables the event data store specified by EventDataStore, which accepts an event data store ARN
delete_resource_policy
Deletes the resource-based policy attached to the CloudTrail channel
delete_trail
Deletes a trail
deregister_organization_delegated_admin
Removes CloudTrail delegated administrator permissions from a member account in an organization
describe_query
Returns metadata about a query, including query run time in milliseconds, number of events scanned and matched, and query status
describe_trails
Retrieves settings for one or more trails associated with the current Region for your account
disable_federation
Disables Lake query federation on the specified event data store
enable_federation
Enables Lake query federation on the specified event data store
get_channel
Returns information about a specific channel
get_event_data_store
Returns information about an event data store specified as either an ARN or the ID portion of the ARN
get_event_selectors
Describes the settings for the event selectors that you configured for your trail
get_import
Returns information about a specific import
get_insight_selectors
Describes the settings for the Insights event selectors that you configured for your trail or event data store
get_query_results
Gets event data results of a query
get_resource_policy
Retrieves the JSON text of the resource-based policy document attached to the CloudTrail channel
get_trail
Returns settings information for a specified trail
get_trail_status
Returns a JSON-formatted list of information about the specified trail
list_channels
Lists the channels in the current account, and their source names
list_event_data_stores
Returns information about all event data stores in the account, in the current Region
list_import_failures
Returns a list of failures for the specified import
list_imports
Returns information on all imports, or a select set of imports by ImportStatus or Destination
list_insights_metric_data
Returns Insights metrics data for trails that have enabled Insights
list_public_keys
Returns all public keys whose private keys were used to sign the digest files within the specified time range
list_queries
Returns a list of queries and query statuses for the past seven days
list_tags
Lists the tags for the specified trails, event data stores, or channels in the current Region
list_trails
Lists trails that are in the current account
lookup_events
Looks up management events or CloudTrail Insights events that are captured by CloudTrail
put_event_selectors
Configures an event selector or advanced event selectors for your trail
put_insight_selectors
Lets you enable Insights event logging by specifying the Insights selectors that you want to enable on an existing trail or event data store
put_resource_policy
Attaches a resource-based permission policy to a CloudTrail channel that is used for an integration with an event source outside of Amazon Web Services
register_organization_delegated_admin
Registers an organization’s member account as the CloudTrail delegated administrator
remove_tags
Removes the specified tags from a trail, event data store, or channel
restore_event_data_store
Restores a deleted event data store specified by EventDataStore, which accepts an event data store ARN
start_event_data_store_ingestion
Starts the ingestion of live events on an event data store specified as either an ARN or the ID portion of the ARN
start_import
Starts an import of logged trail events from a source S3 bucket to a destination event data store
start_logging
Starts the recording of Amazon Web Services API calls and log file delivery for a trail
start_query
Starts a CloudTrail Lake query
stop_event_data_store_ingestion
Stops the ingestion of live events on an event data store specified as either an ARN or the ID portion of the ARN
stop_import
Stops a specified import
stop_logging
Suspends the recording of Amazon Web Services API calls and log file delivery for the specified trail
update_channel
Updates a channel specified by a required channel ARN or UUID
update_event_data_store
Updates an event data store
update_trail
Updates trail settings that control what events you are logging, and how to handle log files

Examples

## Not run: 
svc <- cloudtrail()
svc$add_tags(
  Foo = 123
)

## End(Not run)