Resource Access Management (RAM) is integrated with ActionTrail. You can query user-initiated events generated by RAM operations in the ActionTrail console. ActionTrail can deliver these events to Log Service Logstores or Object Storage Service (OSS) buckets for real-time auditing and troubleshooting.
ActionTrail records user-initiated events generated when you manage cloud resources by calling API operations or by using the Alibaba Cloud Management Console. The following table lists the RAM events that you can query in ActionTrail.
|
Event |
Description |
|
AddUserToGroup |
A RAM user is added to a RAM user group. |
|
AttachPolicyToGroup |
A policy is attached to a RAM user group. |
|
AttachPolicyToRole |
A policy is attached to a RAM role. |
|
AttachPolicyToUser |
A policy is attached to a RAM user. |
|
BindMFADevice |
A multi-factor authentication (MFA) device is bound to a RAM user. |
|
ChangePassword |
The password of a RAM user is changed. |
|
ClearAccountAlias |
The alias of an Alibaba Cloud account is deleted. |
|
CreateAccessKey |
An AccessKey pair is created for a RAM user. |
|
CreateGroup |
A RAM user group is created. |
|
CreateLoginProfile |
Console logon is enabled for a RAM user. |
|
CreatePolicy |
A policy is created. |
|
CreatePolicyVersion |
A version of a policy is created. |
|
CreateRole |
A RAM role is created. |
|
CreateUser |
A RAM user is created. |
|
CreateVirtualMFADevice |
An MFA device is created. |
|
DeleteAccessKey |
An AccessKey pair of a RAM user is deleted. |
|
DeleteGroup |
A RAM user group is deleted. |
|
DeleteLoginProfile |
Console logon is disabled for a RAM user. |
|
DeletePolicy |
A policy is deleted. |
|
DeletePolicyVersion |
A policy version is deleted. |
|
DeleteRole |
A RAM role is deleted. |
|
DeleteUser |
A RAM user is deleted. |
|
DeleteVirtualMFADevice |
An MFA device is deleted. |
|
DetachPolicyFromGroup |
A policy is detached from a RAM user group. |
|
DetachPolicyFromRole |
A policy is detached from a RAM role. |
|
DetachPolicyFromUser |
A policy is detached from a RAM user. |
|
GetAccessKeyLastUsed |
The time when an AccessKey pair is last used is queried. |
|
GetAccountAlias |
The alias of an Alibaba Cloud account is queried. |
|
GetAccountSummary |
Statistics are queried. |
|
GetGroup |
The information about a RAM user group is queried. |
|
GetLoginProfile |
The logon configurations of a RAM user are queried. |
|
GetPasswordPolicy |
The password policy of RAM users, including the password strength, is queried. |
|
GetPolicy |
The information about a policy is queried. |
|
GetPolicyVersion |
The information about a policy version is queried. |
|
GetPublicKey |
A public key is queried. |
|
GetRole |
The information about a RAM role is queried. |
|
GetSecurityPreference |
The details of the security preferences are queried. |
|
GetServiceStatus |
The status of RAM is queried. |
|
GetUser |
The information about a RAM user is queried. |
|
GetUserMFAInfo |
The MFA device that is attached to a RAM user is queried. |
|
ListAccessKeys |
AccessKey pairs that belong to an Alibaba Cloud account or a RAM user are queried. |
|
ListEntitiesForPolicy |
The entities to which a policy is attached are queried. |
|
ListGroups |
RAM user groups are queried. |
|
ListGroupsForUser |
The RAM user groups to which a RAM user belongs are queried. |
|
ListPolicies |
Policies are queried. |
|
ListPoliciesForGroup |
The policies that are attached to a RAM user group are queried. |
|
ListPoliciesForRole |
The policies that are attached to a RAM role are queried. |
|
ListPoliciesForUser |
The policies that are attached to a RAM user are queried. |
|
ListPolicyVersions |
The versions of a policy are queried. |
|
ListPublicKeys |
Public keys are queried. |
|
ListRoles |
RAM roles are queried. |
|
ListUsers |
All RAM users are queried. |
|
ListUsersForGroup |
RAM users in a RAM user group are queried. |
|
ListVirtualMFADevices |
MFA devices are queried. |
|
OpenService |
A service is activated. |
|
ReleaseAccountResource |
An Alibaba Cloud account and the resources of the account are released with one click. |
|
RemoveUserFromGroup |
A RAM user is removed from a RAM user group. |
|
SetAccountAlias |
An alias is configured for an Alibaba Cloud account. |
|
SetDefaultPolicyVersion |
A version is specified for a policy as the default version. |
|
SetPasswordPolicy |
The password policy for RAM users, including the password strength, is configured. |
|
SetSecurityPreference |
The security preferences are configured. |
|
UnbindMFADevice |
An MFA device is unbound from a RAM user. |
|
UpdateAccessKey |
The status of an AccessKey pair that belongs to a RAM user is changed. |
|
UpdateGroup |
The information about a RAM user group is modified. |
|
UpdateLoginProfile |
The logon configurations of a RAM user are modified. |
|
UpdatePolicyDescription |
The description of a custom policy is modified. |
|
UpdatePublicKey |
A public key is modified. |
|
UpdateRole |
The information about a RAM role is modified. |
|
UpdateUser |
The information about a RAM user is modified. |
|
UploadPublicKey |
A public key is uploaded. |