Creates a trail.

You can select an appropriate destination for delivering events as needed, such as a Log Service project or an Object Storage Service (OSS) bucket.

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer. OpenAPI Explorer dynamically generates the sample code of the operation for different SDKs.

Request parameters

Parameter Type Required Example Description
Action String Yes CreateTrail

The operation that you want to perform. Set the value to CreateTrail.

Name String Yes trail-test

The name of the trail to be created.

The name must be 6 to 36 characters in length. It must start with a letter and can contain letters, digits, hyphens (-), and underscores (_).

Note The name must be unique under the Alibaba Cloud account.
RoleName String Yes aliyunactiontraildefaultrole

The name of the Resource Access Management (RAM) role that ActionTrail is allowed to assume. Default value: aliyunactiontraildefaultrole.

OssBucketName String No yuanch****

The name of the OSS bucket to which events are to be delivered.

The name must be 3 to 63 characters in length. It must start with a lowercase letter or digit and can contain lowercase letters, digits, and hyphens (-).

Note Make sure that the bucket exists before you create the trail.
OssKeyPrefix String No at-product-account-audit-B

The prefix of log files to be stored in the OSS bucket. This parameter can be left empty.

The prefix must be 6 to 32 characters in length. It must start with a letter and can contain letters, digits, hyphens (-), forward slashes (/), and underscores (_).

SlsProjectArn String No acs:log:cn-shanghai::project/***

The Alibaba Cloud Resource Name (ARN) of the Log Service project to which events are to be delivered.

SlsWriteRoleArn String No acs:ram::***:role/aliyunactiontraildefaultrole

The ARN of the RAM role assumed by ActionTrail for delivering logs to the destination Log Service project.

EventRW String No Write

The read/write type of the events to be delivered. Valid values:

  • Write: write events. It is the default value.
  • Read: read events.
  • All: read and write events.
TrailRegion String No All

The regions to which the trail is applied. Valid values:

  • All: tracks events in all regions. It is the default value.
  • cn-hangzhou: tracks only events that occur in the China (Hangzhou) region.
  • cn-beijing: tracks only events that occur in the China (Beijing) region.
MnsTopicArn String No acs:mns:cn-hangzhou:1111:/topics/your-topic-name

The ARN of the Message Service (MNS) topic to which ActionTrail sends messages. The ARN is in the format of acs:mns:<Region>:<Account ID>:/topics/<topicName>. If the ARN is specified, a message is generated and delivered to the MNS topic whenever an event is delivered to OSS.

Response parameters

Parameter Type Example Description
Name String trail-test

The name of the trail.

EventRW String Write

The read/write type of the delivered events. Valid values:

  • Write: write events. It is the default value.
  • Read: read events.
  • All: read and write events.
HomeRegion String cn-hangzhou

The home region of the trail.

OssBucketName String yuanch****

The name of the OSS bucket to which events are delivered.

OssKeyPrefix String at-product-account-audit-B

The prefix of log files stored in the OSS bucket. This parameter can be left empty.

RoleName String aliyunactiontraildefaultrole

The name of the RAM role that ActionTrail is allowed to assume.

SlsWriteRoleArn String acs:ram::***:role/aliyunactiontraildefaultrole

The ARN of the RAM role assumed by ActionTrail for delivering logs to the destination Log Service project.

SlsProjectArn String acs:log:cn-shanghai::project/***

The ARN of the Log Service project to which events are delivered.

RequestId String 145318BE-DEE1-4C57-AA7C-5BE7D34A6AE0

The ID of the request.

MnsTopicArn String acs:mns:cn-hangzhou:1111:/topics/your-topic-name

The ARN of the MNS topic to which ActionTrail sends messages. The ARN is in the format of acs:mns:<Region>:<Account ID>:/topics/<topicName>.

TrailRegion String All

The regions to which the trail is applied. Valid values:

  • All: tracks events in all regions. It is the default value.
  • cn-hangzhou: tracks only events that occur in the China (Hangzhou) region.
  • cn-beijing: tracks only events that occur in the China (Beijing) region.

Examples

Sample requests

http(s)://[Endpoint]/? Action=CreateTrail
&Name=trail-test
&RoleName=aliyunactiontraildefaultrole
&<Common request parameters>

Sample success responses

XML format

<RequestId>04F0F334-1335-436C-A1D7-6C044FE73368</RequestId>
<Name>trail-test</Name>
<HomeRegion>cn-hangzhou</HomeRegion>
<OssBucketName>yuanch****</OssBucketName>
<OssKeyPrefix>at-product-account-audit-B</OssKeyPrefix>
<RoleName>aliyunactiontraildefaultrole</RoleName>
<SlsProjectArn>acs:log:cn-shanghai::project/***</SlsProjectArn>
<SlsWriteRoleArn>acs:ram::***:role/aliyunactiontraildefaultrole</SlsWriteRoleArn>

JSON format

{
  "RequestId":"04F0F334-1335-436C-A1D7-6C044FE73368",
  "Name": "trail-test",
  "HomeRegion": "cn-hangzhou",
  "OssBucketName": "yuanch****",
  "OssKeyPrefix": "at-product-account-audit-B",
  "RoleName": "aliyunactiontraildefaultrole",
  "SlsProjectArn":"acs:log:cn-shanghai::project/***",
  "SlsWriteRoleArn":"acs:ram::***:role/aliyunactiontraildefaultrole"
}

Error codes

HTTP status code Error code Error message Description
404 BucketDoesNotExistException The specified OSS bucket does not exist. The error message returned because the specified OSS bucket does not exist.
403 InsufficientBucketPolicyException Access to the specified OSS bucket was denied. The error message returned because you are not authorized to access the specified OSS bucket.
403 InsufficientSlsPolicyException Access to the specified Log Service project was denied. The error message returned because you are not authorized to access the specified Log Service project.
400 InvalidDeliveryConfigurationException You must specify at least one Log Service project or OSS bucket for a Trail. The error message returned because you did not specify a Log Service project or an OSS bucket as the event delivery destination.
400 InvalidPrefixException The specified OSS bucket prefix is invalid. The error message returned because the log file prefix specified for the destination OSS bucket is invalid.
400 InvalidQueryParameter The specified query parameter is invalid. The error message returned because the specified query parameter is invalid.
400 InvalidTrailNameException The specified Trail name is invalid. The error message returned because the specified trail name is invalid. Modify the name based on the correct format.
403 MaximumNumberOfTrailsExceededException The number of Trails in the same region exceeds the upper limit (5). The error message returned because you cannot create more than five trails in a region.
400 RepeatOssBucket The specified OSS bucket is already in use. We recommend that you modify the existing Trail or specify another bucket. The error message returned because the specified OSS bucket has been used by an existing trail. We recommend that you update the existing trail or specify another OSS bucket.
400 SlsProjectDoesNotExistException The specified Log Service project does not exist. The error message returned because the specified Log Service project does not exist.
400 TrailAlreadyExistsException The specified Trail name already exists. The error message returned because the specified trail name exists. Modify the name.

For a list of error codes, visit the API Error Center.