Updates the configurations of a trail.
Operation description
This topic shows you how to change the destination Object Storage Service (OSS) bucket of a sample trail named trail-test
to audit-log
.
Debugging
Authorization information
The following table shows the authorization information corresponding to the API. The authorization information can be used in the Action
policy element to grant a RAM user or RAM role the permissions to call this API operation. Description:
- Operation: the value that you can use in the Action element to specify the operation on a resource.
- Access level: the access level of each operation. The levels are read, write, and list.
- Resource type: the type of the resource on which you can authorize the RAM user or the RAM role to perform the operation. Take note of the following items:
- The required resource types are displayed in bold characters.
- If the permissions cannot be granted at the resource level,
All Resources
is used in the Resource type column of the operation.
- Condition Key: the condition key that is defined by the cloud service.
- Associated operation: other operations that the RAM user or the RAM role must have permissions to perform to complete the operation. To complete the operation, the RAM user or the RAM role must have the permissions to perform the associated operations.
Operation | Access level | Resource type | Condition key | Associated operation |
---|---|---|---|---|
actiontrail:UpdateTrail | update |
|
| none |
Request parameters
Parameter | Type | Required | Description | Example |
---|---|---|---|---|
Name | string | Yes | The name of the trail whose configurations you want to update. The name must be 6 to 36 characters in length and can contain lowercase letters, digits, hyphens (-), and underscores (_). It must start with a lowercase letter. Note
The name must be unique within an Alibaba Cloud account.
| trail-test |
OssBucketName | string | No | The name of the Object Storage Service (OSS) bucket to which you want to deliver events. The name must be 3 to 63 characters in length. The name must start with a lowercase letter or a digit and can contain lowercase letters, digits, and hyphens (-). Note
Make sure that the bucket exists before you update the configuration of the trail.
| audit-log |
OssKeyPrefix | string | No | The prefix of the files that are stored in the OSS bucket. The prefix must be 6 to 32 characters in length. The prefix must start with a letter and can contain letters, digits, hyphens (-), forward slashes (/), and underscores (_). | at-product-account-audit-B |
OssWriteRoleArn | string | No | The Alibaba Cloud Resource Name (ARN) of the RAM role that is assumed by ActionTrail to deliver events to the OSS bucket.
| acs:ram::***:role/aliyunserviceroleforactiontrail |
SlsProjectArn | string | No | The ARN of the Log Service project to which you want to deliver events. | acs:log:cn-shanghai::project/*** |
SlsWriteRoleArn | string | No | The ARN of the RAM role that is assumed by ActionTrail to deliver events to the Log Service project.
| acs:ram::***:role/aliyunserviceroleforactiontrail |
EventRW | string | No | The read/write type of the events to be delivered. Valid values:
| All |
TrailRegion | string | No | The region of the trail.
You can also specify specific regions. You can call the DescribeRegions operation to query all the supported regions. | All |
For more information about common request parameters, see Common parameters.
Response parameters
Examples
Sample success responses
JSON
format
{
"SlsProjectArn": "acs:log:cn-hangzhou:151266687691****:project/test-project",
"OssWriteRoleArn": "acs:ram::***:role/aliyunserviceroleforactiontrail",
"EventRW": "Write",
"RequestId": "2599A180-5236-44D8-9490-50B6F4F8BA35",
"HomeRegion": "cn-hangzhou",
"OssKeyPrefix": "at-product-account-audit-B",
"OssBucketName": "audit-log",
"SlsWriteRoleArn": "acs:ram::***:role/aliyunserviceroleforactiontrail",
"TrailRegion": "All",
"Name": "trail-test"
}
Error codes
HTTP status code | Error code | Error message | Description |
---|---|---|---|
400 | RepeatOssBucket | The specified OSS bucket is already in use. We recommend that you modify the existing Trail or specify another bucket. | The specified OSS Bucket is already in used,.We recommend that you modify the tracking area in that Trail. |
400 | SlsProjectDoesNotExistException | The specified Log Service project does not exist. | The specified SLS Project is not existed. |
400 | IncompleteSignature | The request signature does not conform to Alibaba Cloud standards. | The request signature does not conform to Alibaba Cloud standards. |
400 | InvalidDeliveryConfigurationException | You must specify at least one Log Service project or OSS bucket for a Trail. | Trail must have at least one delivery destination |
400 | InvalidPrefixException | The specified OSS bucket prefix is invalid. | The specified OSS bucket prefix is not valid. |
403 | InsufficientBucketPolicyException | Access to the specified OSS bucket was denied. | Access OSS bucket denied. |
403 | InsufficientSlsPolicyException | Access to the specified Log Service project was denied. | Access SLS Project denied. |
404 | TrailNotFoundException | The specified Trail does not exist. | The specified Trail is not existed. |
404 | BucketDoesNotExistException | The specified OSS bucket does not exist. | The specified OSS Bucket is not existed. |
For a list of error codes, visit the Service error codes.
Change history
Change time | Summary of changes | Operation |
---|---|---|
2024-01-09 | The Error code has changed. The request parameters of the API has changed. The response structure of the API has changed | View Change Details |