Trail
Provides a ActionTrail Trail resource. For information about alicloud actiontrail trail and how to use it, see What is Resource Alicloud ActionTrail Trail.
NOTE: Available since v1.95.0. NOTE: You can create a trail to deliver events to Log Service, Object Storage Service (OSS), or both. Before you call this operation to create a trail, make sure that the following requirements are met.
Deliver events to Log Service: A project is created in Log Service.
Deliver events to OSS: A bucket is created in OSS.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as alicloud from "@pulumi/alicloud";
import * as random from "@pulumi/random";
const config = new pulumi.Config();
const name = config.get("name") || "tf-example";
const _default = new random.index.Integer("default", {
min: 10000,
max: 99999,
});
const example = alicloud.getRegions({
current: true,
});
const exampleGetAccount = alicloud.getAccount({});
const exampleProject = new alicloud.log.Project("example", {
projectName: `${name}-${_default.result}`,
description: "tf actiontrail example",
});
const exampleGetRoles = alicloud.ram.getRoles({
nameRegex: "AliyunServiceRoleForActionTrail",
});
const exampleTrail = new alicloud.actiontrail.Trail("example", {
trailName: name,
slsWriteRoleArn: exampleGetRoles.then(exampleGetRoles => exampleGetRoles.roles?.[0]?.arn),
slsProjectArn: pulumi.all([example, exampleGetAccount, exampleProject.projectName]).apply(([example, exampleGetAccount, projectName]) => `acs:log:${example.regions?.[0]?.id}:${exampleGetAccount.id}:project/${projectName}`),
});Content copied to clipboard
import pulumi
import pulumi_alicloud as alicloud
import pulumi_random as random
config = pulumi.Config()
name = config.get("name")
if name is None:
name = "tf-example"
default = random.index.Integer("default",
min=10000,
max=99999)
example = alicloud.get_regions(current=True)
example_get_account = alicloud.get_account()
example_project = alicloud.log.Project("example",
project_name=f"{name}-{default['result']}",
description="tf actiontrail example")
example_get_roles = alicloud.ram.get_roles(name_regex="AliyunServiceRoleForActionTrail")
example_trail = alicloud.actiontrail.Trail("example",
trail_name=name,
sls_write_role_arn=example_get_roles.roles[0].arn,
sls_project_arn=example_project.project_name.apply(lambda project_name: f"acs:log:{example.regions[0].id}:{example_get_account.id}:project/{project_name}"))Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AliCloud = Pulumi.AliCloud;
using Random = Pulumi.Random;
return await Deployment.RunAsync(() =>
{
var config = new Config();
var name = config.Get("name") ?? "tf-example";
var @default = new Random.Index.Integer("default", new()
{
Min = 10000,
Max = 99999,
});
var example = AliCloud.GetRegions.Invoke(new()
{
Current = true,
});
var exampleGetAccount = AliCloud.GetAccount.Invoke();
var exampleProject = new AliCloud.Log.Project("example", new()
{
ProjectName = $"{name}-{@default.Result}",
Description = "tf actiontrail example",
});
var exampleGetRoles = AliCloud.Ram.GetRoles.Invoke(new()
{
NameRegex = "AliyunServiceRoleForActionTrail",
});
var exampleTrail = new AliCloud.ActionTrail.Trail("example", new()
{
TrailName = name,
SlsWriteRoleArn = exampleGetRoles.Apply(getRolesResult => getRolesResult.Roles[0]?.Arn),
SlsProjectArn = Output.Tuple(example, exampleGetAccount, exampleProject.ProjectName).Apply(values =>
{
var example = values.Item1;
var exampleGetAccount = values.Item2;
var projectName = values.Item3;
return $"acs:log:{example.Apply(getRegionsResult => getRegionsResult.Regions[0]?.Id)}:{exampleGetAccount.Apply(getAccountResult => getAccountResult.Id)}:project/{projectName}";
}),
});
});Content copied to clipboard
package main
import (
"fmt"
"github.com/pulumi/pulumi-alicloud/sdk/v3/go/alicloud"
"github.com/pulumi/pulumi-alicloud/sdk/v3/go/alicloud/actiontrail"
"github.com/pulumi/pulumi-alicloud/sdk/v3/go/alicloud/log"
"github.com/pulumi/pulumi-alicloud/sdk/v3/go/alicloud/ram"
"github.com/pulumi/pulumi-random/sdk/v4/go/random"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
cfg := config.New(ctx, "")
name := "tf-example"
if param := cfg.Get("name"); param != "" {
name = param
}
_default, err := random.NewInteger(ctx, "default", &random.IntegerArgs{
Min: 10000,
Max: 99999,
})
if err != nil {
return err
}
example, err := alicloud.GetRegions(ctx, &alicloud.GetRegionsArgs{
Current: pulumi.BoolRef(true),
}, nil)
if err != nil {
return err
}
exampleGetAccount, err := alicloud.GetAccount(ctx, map[string]interface{}{}, nil)
if err != nil {
return err
}
exampleProject, err := log.NewProject(ctx, "example", &log.ProjectArgs{
ProjectName: pulumi.Sprintf("%v-%v", name, _default.Result),
Description: pulumi.String("tf actiontrail example"),
})
if err != nil {
return err
}
exampleGetRoles, err := ram.GetRoles(ctx, &ram.GetRolesArgs{
NameRegex: pulumi.StringRef("AliyunServiceRoleForActionTrail"),
}, nil)
if err != nil {
return err
}
_, err = actiontrail.NewTrail(ctx, "example", &actiontrail.TrailArgs{
TrailName: pulumi.String(name),
SlsWriteRoleArn: pulumi.String(exampleGetRoles.Roles[0].Arn),
SlsProjectArn: exampleProject.ProjectName.ApplyT(func(projectName string) (string, error) {
return fmt.Sprintf("acs:log:%v:%v:project/%v", example.Regions[0].Id, exampleGetAccount.Id, projectName), nil
}).(pulumi.StringOutput),
})
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.random.integer;
import com.pulumi.random.IntegerArgs;
import com.pulumi.alicloud.AlicloudFunctions;
import com.pulumi.alicloud.inputs.GetRegionsArgs;
import com.pulumi.alicloud.log.Project;
import com.pulumi.alicloud.log.ProjectArgs;
import com.pulumi.alicloud.ram.RamFunctions;
import com.pulumi.alicloud.ram.inputs.GetRolesArgs;
import com.pulumi.alicloud.actiontrail.Trail;
import com.pulumi.alicloud.actiontrail.TrailArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var config = ctx.config();
final var name = config.get("name").orElse("tf-example");
var default_ = new Integer("default", IntegerArgs.builder()
.min(10000)
.max(99999)
.build());
final var example = AlicloudFunctions.getRegions(GetRegionsArgs.builder()
.current(true)
.build());
final var exampleGetAccount = AlicloudFunctions.getAccount();
var exampleProject = new Project("exampleProject", ProjectArgs.builder()
.projectName(String.format("%s-%s", name,default_.result()))
.description("tf actiontrail example")
.build());
final var exampleGetRoles = RamFunctions.getRoles(GetRolesArgs.builder()
.nameRegex("AliyunServiceRoleForActionTrail")
.build());
var exampleTrail = new Trail("exampleTrail", TrailArgs.builder()
.trailName(name)
.slsWriteRoleArn(exampleGetRoles.applyValue(getRolesResult -> getRolesResult.roles()[0].arn()))
.slsProjectArn(exampleProject.projectName().applyValue(projectName -> String.format("acs:log:%s:%s:project/%s", example.applyValue(getRegionsResult -> getRegionsResult.regions()[0].id()),exampleGetAccount.applyValue(getAccountResult -> getAccountResult.id()),projectName)))
.build());
}
}Content copied to clipboard
configuration:
name:
type: string
default: tf-example
resources:
default:
type: random:integer
properties:
min: 10000
max: 99999
exampleProject:
type: alicloud:log:Project
name: example
properties:
projectName: ${name}-${default.result}
description: tf actiontrail example
exampleTrail:
type: alicloud:actiontrail:Trail
name: example
properties:
trailName: ${name}
slsWriteRoleArn: ${exampleGetRoles.roles[0].arn}
slsProjectArn: acs:log:${example.regions[0].id}:${exampleGetAccount.id}:project/${exampleProject.projectName}
variables:
example:
fn::invoke:
function: alicloud:getRegions
arguments:
current: true
exampleGetAccount:
fn::invoke:
function: alicloud:getAccount
arguments: {}
exampleGetRoles:
fn::invoke:
function: alicloud:ram:getRoles
arguments:
nameRegex: AliyunServiceRoleForActionTrailContent copied to clipboard
Import
Action trail can be imported using the id or trail_name, e.g.
$ pulumi import alicloud:actiontrail/trail:Trail default abc12345678Content copied to clipboard
Properties
Link copied to clipboard
Specifies whether to create a multi-account trail. Valid values:true: Create a multi-account trail.false: Create a single-account trail. It is the default value.
Link copied to clipboard
Field mns_topic_arn has been deprecated from version 1.118.0.
Link copied to clipboard
The OSS bucket to which the trail delivers logs. Ensure that this is an existing OSS bucket.
Link copied to clipboard
The prefix of the specified OSS bucket name. This parameter can be left empty.
Link copied to clipboard
The unique ARN of the Oss role.
Link copied to clipboard
Link copied to clipboard
Link copied to clipboard
Link copied to clipboard
The unique ARN of the Log Service project. Ensure that sls_project_arn is valid .
Link copied to clipboard
The unique ARN of the Log Service role.
Link copied to clipboard
The regions to which the trail is applied. Default to All.