CloudSSO is integrated with ActionTrail. You can query CloudSSO management events in the ActionTrail console. ActionTrail delivers these events to Log Service Logstores or Object Storage Service (OSS) buckets for real-time auditing and troubleshooting.
ActionTrail records events generated when you manage cloud resources through API operations or the Alibaba Cloud Management Console. The following table lists CloudSSO events available in ActionTrail.
|
Event |
Description |
|
AddExternalSAMLIdPCertificate |
Adds a Security Assertion Markup Language (SAML) signing certificate. |
|
AddPermissionPolicyToAccessConfiguration |
Adds a policy to an access configuration. |
|
AddUserToGroup |
Adds a user to a group. |
|
ChangePassword |
Modifies a user password. |
|
CheckRDFeaturePrerequisite |
Checks prerequisites for enabling the resource directory integration feature. |
|
CheckServiceLinkedRoleForDeleting |
Checks whether a service-linked role can be deleted. |
|
ClearExternalSAMLIdentityProvider |
Clears SAML identity provider (IdP) configurations. |
|
CreateAccessAssignment |
Grants a user or group access to a resource directory account through an access configuration. |
|
CreateAccessConfiguration |
Creates an access configuration. |
|
CreateCloudCredential |
Creates a temporary Alibaba Cloud access key. |
|
CreateDirectory |
Creates a directory. |
|
CreateGroup |
Creates a group. |
|
CreateSCIMServerCredential |
Creates a cross-domain identity management (SCIM) credential. |
|
CreateUser |
Creates a user. |
|
DeleteAccessAssignment |
Removes access permissions from a resource directory account. |
|
DeleteAccessConfiguration |
Deletes an access configuration. |
|
DeleteDirectory |
Deletes a directory. |
|
DeleteGroup |
Deletes a group. |
|
DeleteMFADevice |
Deletes a multi-factor authentication (MFA) device. |
|
DeleteMFADeviceForUser |
Unbinds an MFA device from a user. |
|
DeleteSCIMServerCredential |
Deletes a SCIM credential. |
|
DeleteUser |
Deletes a user. |
|
DeprovisionAccessConfiguration |
De-provisions an access configuration from a resource directory account. |
|
DisableService |
Deactivates CloudSSO. |
|
EnableDirectoryRDFeature |
Enables the CloudSSO resource directory integration feature. |
|
EnableService |
Activates CloudSSO. |
|
GetAccessConfiguration |
Queries access configuration details. |
|
GetDirectory |
Queries directory details. |
|
GetDirectoryRDFeatureStatus |
Queries the CloudSSO resource directory integration feature status. |
|
GetDirectorySAMLServiceProviderInfo |
Queries SAML service provider details. |
|
GetDirectoryStatistics |
Queries directory statistics. |
|
GetExternalSAMLIdentityProvider |
Queries SAML IdP configurations. |
|
GetGroup |
Queries group details. |
|
GetMFAAuthenticationSettings |
Queries MFA settings for all users. |
|
GetMFAAuthenticationStatus |
Checks whether MFA is enabled for users. |
|
GetNewMFADevice |
Queries a new MFA device. |
|
GetSCIMSynchronizationStatus |
Queries SCIM synchronization status. |
|
GetServiceStatus |
Queries CloudSSO status. |
|
GetTask |
Queries asynchronous task details. |
|
GetTaskStatus |
Queries asynchronous task status. |
|
GetUser |
Queries user details. |
|
GetUserMFAAuthenticationSettings |
Queries a user's MFA setting. |
|
ListAccessAssignments |
Queries assigned access permissions. |
|
ListAccessConfigurationProvisionings |
Queries provisioned access configurations. |
|
ListAccessConfigurations |
Queries access configurations. |
|
ListAccessConfigurationsForAccount |
Queries access configurations for a resource directory account. |
|
ListAccounts |
Queries all Alibaba Cloud accounts accessible to a user. |
|
ListDirectories |
Queries directories. |
|
ListExternalSAMLIdPCertificates |
Queries SAML signing certificates. |
|
ListGroupMembers |
Queries group members. |
|
ListGroups |
Queries groups. |
|
ListJoinedGroupsForUser |
Queries groups that a user belongs to. |
|
ListMFADevices |
Queries MFA devices. |
|
ListMFADevicesForUser |
Queries MFA devices bound to a user. |
|
ListPermissionPoliciesInAccessConfiguration |
Queries policies in an access configuration. |
|
ListSCIMServerCredentials |
Queries SCIM credentials. |
|
ListTasks |
Queries asynchronous tasks. |
|
ListUsers |
Queries users. |
|
Login |
Logs on to the Alibaba Cloud Management Console. |
|
LoginToAccount |
Logs on to a resource directory account. |
|
ProvisionAccessConfiguration |
Provisions an access configuration for a resource directory account. |
|
RegisterMFADevice |
Binds an MFA device. |
|
RemoveExternalSAMLIdPCertificate |
Removes a SAML signing certificate. |
|
RemovePermissionPolicyFromAccessConfiguration |
Removes a policy from an access configuration. |
|
RemoveUserFromGroup |
Removes a user from a group. |
|
ResetUserPassword |
Resets a user password. |
|
RevokeAccessToken |
Revokes an access token. |
|
SetExternalSAMLIdentityProvider |
Configures a SAML IdP. |
|
SetMFAAuthenticationStatus |
Enables or disables MFA for directory users. |
|
SetSCIMSynchronizationStatus |
Enables or disables SCIM synchronization. |
|
UpdateAccessConfiguration |
Modifies access configuration details. |
|
UpdateDirectory |
Renames a directory. |
|
UpdateGroup |
Modifies group details. |
|
UpdateInlinePolicyForAccessConfiguration |
Modifies an inline policy in an access configuration. |
|
UpdateMFAAuthenticationSettings |
Modifies MFA settings for all users. |
|
UpdateMFADevice |
Modifies MFA device details. |
|
UpdateSCIMServerCredentialStatus |
Enables or disables a SCIM credential. |
|
UpdateUser |
Modifies user details. |
|
UpdateUserMFAAuthenticationSettings |
Modifies a user's MFA setting. |
|
UpdateUserStatus |
Changes user status. |