You can call this operation to create a trail.

You can select an appropriate destination for delivering events as needed, such as a Log Service project or an Object Storage Service (OSS) bucket.

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer. OpenAPI Explorer dynamically generates the sample code of the operation for different SDKs.

Request parameters

Parameter Type Required Example Description
Action String Yes CreateTrail

The operation that you want to perform. Set the value to CreateTrail.

Name String Yes trail-test

The name of the trail to be created.

The name must be 6 to 36 characters in length. It must start with a letter and can contain letters, digits, hyphens (-), and underscores (_).

Note The name must be unique under the account.
RoleName String Yes aliyunactiontraildefaultrole

The name of the Resource Access Management (RAM) role that ActionTrail is allowed to assume. Default value: aliyunactiontraildefaultrole.

OssBucketName string No yuanch****

The name of the OSS bucket to which events are delivered.

The name must be 3 to 63 characters in length. It must start with a lowercase letter or digit and can contain lowercase letters, digits, and hyphens (-).

Note Make sure that the bucket exists before you create the trail.
OssKeyPrefix string No at-product-account-audit-B

The name prefix of objects to be written to the OSS bucket. This parameter can be left empty.

The name must be 6 to 32 characters in length. It must start with a letter and can contain letters, digits, hyphens (-), forward slashes (/), and underscores (_).

SlsProjectArn string No acs:log:cn-shanghai::project/***

The unique ARN of the Log Service project to which events are delivered.

SlsWriteRoleArn string No acs:ram::***:role/aliyunactiontraildefaultrole

The unique ARN of the role assumed by ActionTrail for delivering logs to the destination Log Service project.

EventRW string No Write

The read/write type of the delivered events. Valid values:

  • Write(Default)
  • Read
  • All
TrailRegion string No All

The regions to which the trail is applied. Valid values:

  • All(Default): tracks events in all regions
  • cn-hangzhou : tracks events only in China (Hangzhou).
  • cn-beijing: only events in Beijing are tracked.
MnsTopicArn string No acs:mns:cn-hangzhou:1111:/topics/your-topic-name

The ARN of the Message Service topic to which ActionTrail sends messages. The ARN is in the acs:mns:<Region>:<Account ID>:/topics/<topicName> format. After you specify this parameter, a message is generated and delivered to the MNS Topic when an event is delivered to OSS.

Response parameters

Prameter Type Sample response Description
Name String trail-test

The name of the RAM role that ActionTrail is allowed to assume.

EventRW String Write

The read/write type of the delivered events. Valid values:

  • Write(Default)
  • Read
  • All
HomeRegion Boolean cn-hangzhou

The home region of the trail.

OssBucketName String yuanch****

The name of the OSS bucket to which events are delivered.

OssKeyPrefix String at-product-account-audit-B

The name prefix of objects to be written to the OSS bucket. This parameter may be left empty.

RoleName String aliyunactiontraildefaultrole

The name of the RAM role that ActionTrail is allowed to assume.

SlsWriteRoleArn String acs:log:cn-shanghai::project/***

The unique ARN of the role assumed by ActionTrail for delivering logs to the destination Log Service project.

SlsProjectArn String acs:ram::***:role/aliyunactiontraildefaultrole

The unique ARN of the Log Service project to which events are delivered.

RequestId String 145318BE-DEE1-4C57-AA7C-5BE7D34A6AE0

The ID of the request.

MnsTopicArn String acs:mns:cn-hangzhou:1111:/topics/your-topic-name

The ARN of the Message Service topic to which ActionTrail sends messages. The ARN is in the acs:mns:<Region>:<Account ID>:/topics/<topicName> format. After you specify this parameter, a message is generated and delivered to the MNS Topic when an event is delivered to OSS.

TrailRegion String All

The regions to which the trail is applied. Valid values:

  • All(Default): tracks events in all regions
  • cn-hangzhou : tracks events only in China (Hangzhou).
  • cn-beijing: only events in Beijing are tracked.

Examples

Sample requests

http(s)://[Endpoint]/? Action=CreateTrail
&Name=trail-test
&RoleName=aliyunactiontraildefaultrole
&<Common request parameters>

Sample success responses

XML format

<RequestId>04F0F334-1335-436C-A1D7-6C044FE73368</RequestId>
<Name>trail-test</Name>
<HomeRegion>cn-hangzhou</HomeRegion>
<OssBucketName>yuanch****</OssBucketName>
<OssKeyPrefix>at-product-account-audit-B</OssKeyPrefix>
<RoleName>aliyunactiontraildefaultrole</RoleName>
<SlsProjectArn>acs:log:cn-shanghai::project/***</SlsProjectArn>
<SlsWriteRoleArn>acs:ram::***:role/aliyunactiontraildefaultrole</SlsWriteRoleArn>

JSON format

{
  "RequestId":"04F0F334-1335-436C-A1D7-6C044FE73368",
  "Name": "trail-test",
  "HomeRegion": "cn-hangzhou",
  "OssBucketName": "yuanch****",
  "OssKeyPrefix": "at-product-account-audit-B",
  "RoleName": "aliyunactiontraildefaultrole",
  "SlsProjectArn":"acs:log:cn-shanghai::project/***",
  "SlsWriteRoleArn":"acs:ram::***:role/aliyunactiontraildefaultrole"
}

Error codes

HTTP status code Error code Error message Description
404 BucketDoesNotExistException The specified OSS bucket does not exist. The error message returned because the specified OSS bucket does not exist.
403 InsufficientBucketPolicyException Access to the specified OSS bucket was denied. The error message returned because you are not authorized to access the specified OSS bucket.
403 InsufficientSlsPolicyException Access to the specified Log Service project was denied. The error message returned because you are not authorized to access the specified Log Service project.
400 InvalidDeliveryConfigurationException You must specify at least one Log Service project or OSS bucket for a Trail. The error message returned because you did not specify a Log Service project or an OSS bucket as the event delivery destination.
400 InvalidPrefixException The specified OSS bucket prefix is invalid. The error message returned because the object name prefix specified for the destination OSS bucket is invalid.
400 InvalidQueryParameter The specified query parameter is invalid. The error message returned because the specified query parameter is invalid.
400 InvalidTrailNameException The specified Trail name is invalid. The error message returned because the specified trail name was invalid. Modify the name based on the correct format.
403 MaximumNumberOfTrailsExceededException The number of Trails in the same region exceeds the upper limit (5). The error message returned because you cannot create more than five trails for a region.
400 RepeatOssBucket The specified OSS bucket is already in use. We recommend that you modify the existing Trail or specify another bucket. The error message returned because the specified OSS bucket has been used by an existing trail. We recommend that you update the existing trail or specify another OSS bucket.
400 SlsProjectDoesNotExistException The specified Log Service project does not exist. The error message returned because the specified Log Service project does not exist.
400 TrailAlreadyExistsException The specified Trail name already exists. The error message returned because the specified name of the trail exists. Change the name.

For a list of error codes, visit the API Error Center.