Class AWSCloudTrailClient
- java.lang.Object
-
- com.amazonaws.AmazonWebServiceClient
-
- com.amazonaws.services.cloudtrail.AWSCloudTrailClient
-
- All Implemented Interfaces:
AWSCloudTrail
- Direct Known Subclasses:
AWSCloudTrailAsyncClient
@ThreadSafe public class AWSCloudTrailClient extends AmazonWebServiceClient implements AWSCloudTrail
Client for accessing CloudTrail. All service calls made using this client are blocking, and will not return until the service call completes.AWS CloudTrail This is the CloudTrail API Reference. It provides descriptions of actions, data types, common parameters, and common errors for CloudTrail.
CloudTrail is a web service that records AWS API calls for your AWS account and delivers log files to an Amazon S3 bucket. The recorded information includes the identity of the user, the start time of the AWS API call, the source IP address, the request parameters, and the response elements returned by the service.
As an alternative to the API, you can use one of the AWS SDKs, which consist of libraries and sample code for various programming languages and platforms (Java, Ruby, .NET, iOS, Android, etc.). The SDKs provide a convenient way to create programmatic access to AWSCloudTrail. For example, the SDKs take care of cryptographically signing requests, managing errors, and retrying requests automatically. For information about the AWS SDKs, including how to download and install them, see the Tools for Amazon Web Services page.
See the CloudTrail User Guide for information about the data that is included with each AWS API call listed in the log files.
-
-
Field Summary
Fields Modifier and Type Field Description protected static ClientConfigurationFactory
configFactory
Client configuration factory providing ClientConfigurations tailored to this client-
Fields inherited from class com.amazonaws.AmazonWebServiceClient
client, clientConfiguration, endpoint, LOGGING_AWS_REQUEST_METRIC, requestHandler2s, timeOffset
-
-
Constructor Summary
Constructors Constructor Description AWSCloudTrailClient()
Constructs a new client to invoke service methods on CloudTrail.AWSCloudTrailClient(AWSCredentials awsCredentials)
Constructs a new client to invoke service methods on CloudTrail using the specified AWS account credentials.AWSCloudTrailClient(AWSCredentialsProvider awsCredentialsProvider)
Constructs a new client to invoke service methods on CloudTrail using the specified AWS account credentials provider.AWSCloudTrailClient(AWSCredentialsProvider awsCredentialsProvider, ClientConfiguration clientConfiguration)
Constructs a new client to invoke service methods on CloudTrail using the specified AWS account credentials provider and client configuration options.AWSCloudTrailClient(AWSCredentialsProvider awsCredentialsProvider, ClientConfiguration clientConfiguration, RequestMetricCollector requestMetricCollector)
Constructs a new client to invoke service methods on CloudTrail using the specified AWS account credentials provider, client configuration options, and request metric collector.AWSCloudTrailClient(AWSCredentials awsCredentials, ClientConfiguration clientConfiguration)
Constructs a new client to invoke service methods on CloudTrail using the specified AWS account credentials and client configuration options.AWSCloudTrailClient(ClientConfiguration clientConfiguration)
Constructs a new client to invoke service methods on CloudTrail.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description AddTagsResult
addTags(AddTagsRequest addTagsRequest)
Adds one or more tags to a trail, up to a limit of 10.CreateTrailResult
createTrail(CreateTrailRequest createTrailRequest)
Creates a trail that specifies the settings for delivery of log data to an Amazon S3 bucket.DeleteTrailResult
deleteTrail(DeleteTrailRequest deleteTrailRequest)
Deletes a trail.DescribeTrailsResult
describeTrails()
Simplified method form for invoking the DescribeTrails operation.DescribeTrailsResult
describeTrails(DescribeTrailsRequest describeTrailsRequest)
Retrieves settings for the trail associated with the current region for your account.ResponseMetadata
getCachedResponseMetadata(AmazonWebServiceRequest request)
Returns additional metadata for a previously executed successful, request, typically used for debugging issues where a service isn't acting as expected.GetTrailStatusResult
getTrailStatus(GetTrailStatusRequest getTrailStatusRequest)
Returns a JSON-formatted list of information about the specified trail.ListPublicKeysResult
listPublicKeys()
Simplified method form for invoking the ListPublicKeys operation.ListPublicKeysResult
listPublicKeys(ListPublicKeysRequest listPublicKeysRequest)
Returns all public keys whose private keys were used to sign the digest files within the specified time range.ListTagsResult
listTags(ListTagsRequest listTagsRequest)
Lists the tags for the trail in the current region.LookupEventsResult
lookupEvents()
Simplified method form for invoking the LookupEvents operation.LookupEventsResult
lookupEvents(LookupEventsRequest lookupEventsRequest)
Looks up API activity events captured by CloudTrail that create, update, or delete resources in your account.RemoveTagsResult
removeTags(RemoveTagsRequest removeTagsRequest)
Removes the specified tags from a trail.StartLoggingResult
startLogging(StartLoggingRequest startLoggingRequest)
Starts the recording of AWS API calls and log file delivery for a trail.StopLoggingResult
stopLogging(StopLoggingRequest stopLoggingRequest)
Suspends the recording of AWS API calls and log file delivery for the specified trail.UpdateTrailResult
updateTrail(UpdateTrailRequest updateTrailRequest)
Updates the settings that specify delivery of log files.-
Methods inherited from class com.amazonaws.AmazonWebServiceClient
addRequestHandler, addRequestHandler, beforeMarshalling, configureRegion, createExecutionContext, createExecutionContext, createExecutionContext, endClientExecution, endClientExecution, findRequestMetricCollector, getEndpointPrefix, getRequestMetricsCollector, getServiceAbbreviation, getServiceName, getServiceNameIntern, getSigner, getSignerByURI, getSignerRegionOverride, getTimeOffset, isProfilingEnabled, isRequestMetricsEnabled, removeRequestHandler, removeRequestHandler, requestMetricCollector, setEndpoint, setEndpointPrefix, setRegion, setServiceNameIntern, setSignerRegionOverride, setTimeOffset, shutdown, withEndpoint, withRegion, withRegion, withTimeOffset
-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface com.amazonaws.services.cloudtrail.AWSCloudTrail
setEndpoint, setRegion, shutdown
-
-
-
-
Field Detail
-
configFactory
protected static final ClientConfigurationFactory configFactory
Client configuration factory providing ClientConfigurations tailored to this client
-
-
Constructor Detail
-
AWSCloudTrailClient
public AWSCloudTrailClient()
Constructs a new client to invoke service methods on CloudTrail. A credentials provider chain will be used that searches for credentials in this order:- Environment Variables - AWS_ACCESS_KEY_ID and AWS_SECRET_KEY
- Java System Properties - aws.accessKeyId and aws.secretKey
- Instance profile credentials delivered through the Amazon EC2 metadata service
All service calls made using this new client object are blocking, and will not return until the service call completes.
- See Also:
DefaultAWSCredentialsProviderChain
-
AWSCloudTrailClient
public AWSCloudTrailClient(ClientConfiguration clientConfiguration)
Constructs a new client to invoke service methods on CloudTrail. A credentials provider chain will be used that searches for credentials in this order:- Environment Variables - AWS_ACCESS_KEY_ID and AWS_SECRET_KEY
- Java System Properties - aws.accessKeyId and aws.secretKey
- Instance profile credentials delivered through the Amazon EC2 metadata service
All service calls made using this new client object are blocking, and will not return until the service call completes.
- Parameters:
clientConfiguration
- The client configuration options controlling how this client connects to CloudTrail (ex: proxy settings, retry counts, etc.).- See Also:
DefaultAWSCredentialsProviderChain
-
AWSCloudTrailClient
public AWSCloudTrailClient(AWSCredentials awsCredentials)
Constructs a new client to invoke service methods on CloudTrail using the specified AWS account credentials.All service calls made using this new client object are blocking, and will not return until the service call completes.
- Parameters:
awsCredentials
- The AWS credentials (access key ID and secret key) to use when authenticating with AWS services.
-
AWSCloudTrailClient
public AWSCloudTrailClient(AWSCredentials awsCredentials, ClientConfiguration clientConfiguration)
Constructs a new client to invoke service methods on CloudTrail using the specified AWS account credentials and client configuration options.All service calls made using this new client object are blocking, and will not return until the service call completes.
- Parameters:
awsCredentials
- The AWS credentials (access key ID and secret key) to use when authenticating with AWS services.clientConfiguration
- The client configuration options controlling how this client connects to CloudTrail (ex: proxy settings, retry counts, etc.).
-
AWSCloudTrailClient
public AWSCloudTrailClient(AWSCredentialsProvider awsCredentialsProvider)
Constructs a new client to invoke service methods on CloudTrail using the specified AWS account credentials provider.All service calls made using this new client object are blocking, and will not return until the service call completes.
- Parameters:
awsCredentialsProvider
- The AWS credentials provider which will provide credentials to authenticate requests with AWS services.
-
AWSCloudTrailClient
public AWSCloudTrailClient(AWSCredentialsProvider awsCredentialsProvider, ClientConfiguration clientConfiguration)
Constructs a new client to invoke service methods on CloudTrail using the specified AWS account credentials provider and client configuration options.All service calls made using this new client object are blocking, and will not return until the service call completes.
- Parameters:
awsCredentialsProvider
- The AWS credentials provider which will provide credentials to authenticate requests with AWS services.clientConfiguration
- The client configuration options controlling how this client connects to CloudTrail (ex: proxy settings, retry counts, etc.).
-
AWSCloudTrailClient
public AWSCloudTrailClient(AWSCredentialsProvider awsCredentialsProvider, ClientConfiguration clientConfiguration, RequestMetricCollector requestMetricCollector)
Constructs a new client to invoke service methods on CloudTrail using the specified AWS account credentials provider, client configuration options, and request metric collector.All service calls made using this new client object are blocking, and will not return until the service call completes.
- Parameters:
awsCredentialsProvider
- The AWS credentials provider which will provide credentials to authenticate requests with AWS services.clientConfiguration
- The client configuration options controlling how this client connects to CloudTrail (ex: proxy settings, retry counts, etc.).requestMetricCollector
- optional request metric collector
-
-
Method Detail
-
addTags
public AddTagsResult addTags(AddTagsRequest addTagsRequest)
Adds one or more tags to a trail, up to a limit of 10. Tags must be unique per trail. Overwrites an existing tag's value when a new value is specified for an existing tag key. If you specify a key without a value, the tag will be created with the specified key and a value of null. You can tag a trail that applies to all regions only from the region in which the trail was created (that is, from its home region).
- Specified by:
addTags
in interfaceAWSCloudTrail
- Parameters:
addTagsRequest
- Specifies the tags to add to a trail.- Returns:
- Result of the AddTags operation returned by the service.
- Throws:
ResourceNotFoundException
- This exception is thrown when the specified resource is not found.CloudTrailARNInvalidException
- This exception is thrown when an operation is called with an invalid trail ARN. The format of a trail ARN is:arn:aws:cloudtrail:us-east-1:123456789012:trail/MyTrail
ResourceTypeNotSupportedException
- This exception is thrown when the specified resource type is not supported by CloudTrail.TagsLimitExceededException
- The number of tags per trail has exceeded the permitted amount. Currently, the limit is 10.InvalidTrailNameException
- This exception is thrown when the provided trail name is not valid. Trail names must meet the following requirements:-
Contain only ASCII letters (a-z, A-Z), numbers (0-9), periods (.), underscores (_), or dashes (-)
-
Start with a letter or number, and end with a letter or number
-
Be between 3 and 128 characters
-
Have no adjacent periods, underscores or dashes. Names like
my-_namespace
andmy--namespace
are invalid. -
Not be in IP address format (for example, 192.168.5.4)
-
InvalidTagParameterException
- This exception is thrown when the key or value specified for the tag does not match the regular expression^([\\p{L}\\p{Z}\\p{N}_.:/=+\\-@]*)$
.UnsupportedOperationException
- This exception is thrown when the requested operation is not supported.OperationNotPermittedException
- This exception is thrown when the requested operation is not permitted.
-
createTrail
public CreateTrailResult createTrail(CreateTrailRequest createTrailRequest)
Creates a trail that specifies the settings for delivery of log data to an Amazon S3 bucket. A maximum of five trails can exist in a region, irrespective of the region in which they were created.
- Specified by:
createTrail
in interfaceAWSCloudTrail
- Parameters:
createTrailRequest
- Specifies the settings for each trail.- Returns:
- Result of the CreateTrail operation returned by the service.
- Throws:
MaximumNumberOfTrailsExceededException
- This exception is thrown when the maximum number of trails is reached.TrailAlreadyExistsException
- This exception is thrown when the specified trail already exists.S3BucketDoesNotExistException
- This exception is thrown when the specified S3 bucket does not exist.InsufficientS3BucketPolicyException
- This exception is thrown when the policy on the S3 bucket is not sufficient.InsufficientSnsTopicPolicyException
- This exception is thrown when the policy on the SNS topic is not sufficient.InsufficientEncryptionPolicyException
- This exception is thrown when the policy on the S3 bucket or KMS key is not sufficient.InvalidS3BucketNameException
- This exception is thrown when the provided S3 bucket name is not valid.InvalidS3PrefixException
- This exception is thrown when the provided S3 prefix is not valid.InvalidSnsTopicNameException
- This exception is thrown when the provided SNS topic name is not valid.InvalidKmsKeyIdException
- This exception is thrown when the KMS key ARN is invalid.InvalidTrailNameException
- This exception is thrown when the provided trail name is not valid. Trail names must meet the following requirements:-
Contain only ASCII letters (a-z, A-Z), numbers (0-9), periods (.), underscores (_), or dashes (-)
-
Start with a letter or number, and end with a letter or number
-
Be between 3 and 128 characters
-
Have no adjacent periods, underscores or dashes. Names like
my-_namespace
andmy--namespace
are invalid. -
Not be in IP address format (for example, 192.168.5.4)
-
TrailNotProvidedException
- This exception is deprecated.InvalidParameterCombinationException
- This exception is thrown when the combination of parameters provided is not valid.KmsKeyNotFoundException
- This exception is thrown when the KMS key does not exist, or when the S3 bucket and the KMS key are not in the same region.KmsKeyDisabledException
- This exception is thrown when the KMS key is disabled.InvalidCloudWatchLogsLogGroupArnException
- This exception is thrown when the provided CloudWatch log group is not valid.InvalidCloudWatchLogsRoleArnException
- This exception is thrown when the provided role is not valid.CloudWatchLogsDeliveryUnavailableException
- Cannot set a CloudWatch Logs delivery for this region.UnsupportedOperationException
- This exception is thrown when the requested operation is not supported.OperationNotPermittedException
- This exception is thrown when the requested operation is not permitted.
-
deleteTrail
public DeleteTrailResult deleteTrail(DeleteTrailRequest deleteTrailRequest)
Deletes a trail. This operation must be called from the region in which the trail was created.
DeleteTrail
cannot be called on the shadow trails (replicated trails in other regions) of a trail that is enabled in all regions.- Specified by:
deleteTrail
in interfaceAWSCloudTrail
- Parameters:
deleteTrailRequest
- The request that specifies the name of a trail to delete.- Returns:
- Result of the DeleteTrail operation returned by the service.
- Throws:
TrailNotFoundException
- This exception is thrown when the trail with the given name is not found.InvalidTrailNameException
- This exception is thrown when the provided trail name is not valid. Trail names must meet the following requirements:-
Contain only ASCII letters (a-z, A-Z), numbers (0-9), periods (.), underscores (_), or dashes (-)
-
Start with a letter or number, and end with a letter or number
-
Be between 3 and 128 characters
-
Have no adjacent periods, underscores or dashes. Names like
my-_namespace
andmy--namespace
are invalid. -
Not be in IP address format (for example, 192.168.5.4)
-
InvalidHomeRegionException
- This exception is thrown when an operation is called on a trail from a region other than the region in which the trail was created.
-
describeTrails
public DescribeTrailsResult describeTrails(DescribeTrailsRequest describeTrailsRequest)
Retrieves settings for the trail associated with the current region for your account.
- Specified by:
describeTrails
in interfaceAWSCloudTrail
- Parameters:
describeTrailsRequest
- Returns information about the trail.- Returns:
- Result of the DescribeTrails operation returned by the service.
- Throws:
UnsupportedOperationException
- This exception is thrown when the requested operation is not supported.OperationNotPermittedException
- This exception is thrown when the requested operation is not permitted.
-
describeTrails
public DescribeTrailsResult describeTrails()
Description copied from interface:AWSCloudTrail
Simplified method form for invoking the DescribeTrails operation.- Specified by:
describeTrails
in interfaceAWSCloudTrail
- See Also:
AWSCloudTrail.describeTrails(DescribeTrailsRequest)
-
getTrailStatus
public GetTrailStatusResult getTrailStatus(GetTrailStatusRequest getTrailStatusRequest)
Returns a JSON-formatted list of information about the specified trail. Fields include information on delivery errors, Amazon SNS and Amazon S3 errors, and start and stop logging times for each trail. This operation returns trail status from a single region. To return trail status from all regions, you must call the operation on each region.
- Specified by:
getTrailStatus
in interfaceAWSCloudTrail
- Parameters:
getTrailStatusRequest
- The name of a trail about which you want the current status.- Returns:
- Result of the GetTrailStatus operation returned by the service.
- Throws:
TrailNotFoundException
- This exception is thrown when the trail with the given name is not found.InvalidTrailNameException
- This exception is thrown when the provided trail name is not valid. Trail names must meet the following requirements:-
Contain only ASCII letters (a-z, A-Z), numbers (0-9), periods (.), underscores (_), or dashes (-)
-
Start with a letter or number, and end with a letter or number
-
Be between 3 and 128 characters
-
Have no adjacent periods, underscores or dashes. Names like
my-_namespace
andmy--namespace
are invalid. -
Not be in IP address format (for example, 192.168.5.4)
-
-
listPublicKeys
public ListPublicKeysResult listPublicKeys(ListPublicKeysRequest listPublicKeysRequest)
Returns all public keys whose private keys were used to sign the digest files within the specified time range. The public key is needed to validate digest files that were signed with its corresponding private key.
CloudTrail uses different private/public key pairs per region. Each digest file is signed with a private key unique to its region. Therefore, when you validate a digest file from a particular region, you must look in the same region for its corresponding public key.
- Specified by:
listPublicKeys
in interfaceAWSCloudTrail
- Parameters:
listPublicKeysRequest
- Requests the public keys for a specified time range.- Returns:
- Result of the ListPublicKeys operation returned by the service.
- Throws:
InvalidTimeRangeException
- Occurs if the timestamp values are invalid. Either the start time occurs after the end time or the time range is outside the range of possible values.UnsupportedOperationException
- This exception is thrown when the requested operation is not supported.OperationNotPermittedException
- This exception is thrown when the requested operation is not permitted.InvalidTokenException
- Reserved for future use.
-
listPublicKeys
public ListPublicKeysResult listPublicKeys()
Description copied from interface:AWSCloudTrail
Simplified method form for invoking the ListPublicKeys operation.- Specified by:
listPublicKeys
in interfaceAWSCloudTrail
- See Also:
AWSCloudTrail.listPublicKeys(ListPublicKeysRequest)
-
listTags
public ListTagsResult listTags(ListTagsRequest listTagsRequest)
Lists the tags for the trail in the current region.
- Specified by:
listTags
in interfaceAWSCloudTrail
- Parameters:
listTagsRequest
- Specifies a list of trail tags to return.- Returns:
- Result of the ListTags operation returned by the service.
- Throws:
ResourceNotFoundException
- This exception is thrown when the specified resource is not found.CloudTrailARNInvalidException
- This exception is thrown when an operation is called with an invalid trail ARN. The format of a trail ARN is:arn:aws:cloudtrail:us-east-1:123456789012:trail/MyTrail
ResourceTypeNotSupportedException
- This exception is thrown when the specified resource type is not supported by CloudTrail.InvalidTrailNameException
- This exception is thrown when the provided trail name is not valid. Trail names must meet the following requirements:-
Contain only ASCII letters (a-z, A-Z), numbers (0-9), periods (.), underscores (_), or dashes (-)
-
Start with a letter or number, and end with a letter or number
-
Be between 3 and 128 characters
-
Have no adjacent periods, underscores or dashes. Names like
my-_namespace
andmy--namespace
are invalid. -
Not be in IP address format (for example, 192.168.5.4)
-
UnsupportedOperationException
- This exception is thrown when the requested operation is not supported.OperationNotPermittedException
- This exception is thrown when the requested operation is not permitted.InvalidTokenException
- Reserved for future use.
-
lookupEvents
public LookupEventsResult lookupEvents(LookupEventsRequest lookupEventsRequest)
Looks up API activity events captured by CloudTrail that create, update, or delete resources in your account. Events for a region can be looked up for the times in which you had CloudTrail turned on in that region during the last seven days. Lookup supports five different attributes: time range (defined by a start time and end time), user name, event name, resource type, and resource name. All attributes are optional. The maximum number of attributes that can be specified in any one lookup request are time range and one other attribute. The default number of results returned is 10, with a maximum of 50 possible. The response includes a token that you can use to get the next page of results.
The rate of lookup requests is limited to one per second per account. If this limit is exceeded, a throttling error occurs.
Events that occurred during the selected time range will not be available for lookup if CloudTrail logging was not enabled when the events occurred.
- Specified by:
lookupEvents
in interfaceAWSCloudTrail
- Parameters:
lookupEventsRequest
- Contains a request for LookupEvents.- Returns:
- Result of the LookupEvents operation returned by the service.
- Throws:
InvalidLookupAttributesException
- Occurs when an invalid lookup attribute is specified.InvalidTimeRangeException
- Occurs if the timestamp values are invalid. Either the start time occurs after the end time or the time range is outside the range of possible values.InvalidMaxResultsException
- This exception is thrown if the limit specified is invalid.InvalidNextTokenException
- Invalid token or token that was previously used in a request with different parameters. This exception is thrown if the token is invalid.
-
lookupEvents
public LookupEventsResult lookupEvents()
Description copied from interface:AWSCloudTrail
Simplified method form for invoking the LookupEvents operation.- Specified by:
lookupEvents
in interfaceAWSCloudTrail
- See Also:
AWSCloudTrail.lookupEvents(LookupEventsRequest)
-
removeTags
public RemoveTagsResult removeTags(RemoveTagsRequest removeTagsRequest)
Removes the specified tags from a trail.
- Specified by:
removeTags
in interfaceAWSCloudTrail
- Parameters:
removeTagsRequest
- Specifies the tags to remove from a trail.- Returns:
- Result of the RemoveTags operation returned by the service.
- Throws:
ResourceNotFoundException
- This exception is thrown when the specified resource is not found.CloudTrailARNInvalidException
- This exception is thrown when an operation is called with an invalid trail ARN. The format of a trail ARN is:arn:aws:cloudtrail:us-east-1:123456789012:trail/MyTrail
ResourceTypeNotSupportedException
- This exception is thrown when the specified resource type is not supported by CloudTrail.InvalidTrailNameException
- This exception is thrown when the provided trail name is not valid. Trail names must meet the following requirements:-
Contain only ASCII letters (a-z, A-Z), numbers (0-9), periods (.), underscores (_), or dashes (-)
-
Start with a letter or number, and end with a letter or number
-
Be between 3 and 128 characters
-
Have no adjacent periods, underscores or dashes. Names like
my-_namespace
andmy--namespace
are invalid. -
Not be in IP address format (for example, 192.168.5.4)
-
InvalidTagParameterException
- This exception is thrown when the key or value specified for the tag does not match the regular expression^([\\p{L}\\p{Z}\\p{N}_.:/=+\\-@]*)$
.UnsupportedOperationException
- This exception is thrown when the requested operation is not supported.OperationNotPermittedException
- This exception is thrown when the requested operation is not permitted.
-
startLogging
public StartLoggingResult startLogging(StartLoggingRequest startLoggingRequest)
Starts the recording of AWS API calls and log file delivery for a trail. For a trail that is enabled in all regions, this operation must be called from the region in which the trail was created. This operation cannot be called on the shadow trails (replicated trails in other regions) of a trail that is enabled in all regions.
- Specified by:
startLogging
in interfaceAWSCloudTrail
- Parameters:
startLoggingRequest
- The request to CloudTrail to start logging AWS API calls for an account.- Returns:
- Result of the StartLogging operation returned by the service.
- Throws:
TrailNotFoundException
- This exception is thrown when the trail with the given name is not found.InvalidTrailNameException
- This exception is thrown when the provided trail name is not valid. Trail names must meet the following requirements:-
Contain only ASCII letters (a-z, A-Z), numbers (0-9), periods (.), underscores (_), or dashes (-)
-
Start with a letter or number, and end with a letter or number
-
Be between 3 and 128 characters
-
Have no adjacent periods, underscores or dashes. Names like
my-_namespace
andmy--namespace
are invalid. -
Not be in IP address format (for example, 192.168.5.4)
-
InvalidHomeRegionException
- This exception is thrown when an operation is called on a trail from a region other than the region in which the trail was created.
-
stopLogging
public StopLoggingResult stopLogging(StopLoggingRequest stopLoggingRequest)
Suspends the recording of AWS API calls and log file delivery for the specified trail. Under most circumstances, there is no need to use this action. You can update a trail without stopping it first. This action is the only way to stop recording. For a trail enabled in all regions, this operation must be called from the region in which the trail was created, or an
InvalidHomeRegionException
will occur. This operation cannot be called on the shadow trails (replicated trails in other regions) of a trail enabled in all regions.- Specified by:
stopLogging
in interfaceAWSCloudTrail
- Parameters:
stopLoggingRequest
- Passes the request to CloudTrail to stop logging AWS API calls for the specified account.- Returns:
- Result of the StopLogging operation returned by the service.
- Throws:
TrailNotFoundException
- This exception is thrown when the trail with the given name is not found.InvalidTrailNameException
- This exception is thrown when the provided trail name is not valid. Trail names must meet the following requirements:-
Contain only ASCII letters (a-z, A-Z), numbers (0-9), periods (.), underscores (_), or dashes (-)
-
Start with a letter or number, and end with a letter or number
-
Be between 3 and 128 characters
-
Have no adjacent periods, underscores or dashes. Names like
my-_namespace
andmy--namespace
are invalid. -
Not be in IP address format (for example, 192.168.5.4)
-
InvalidHomeRegionException
- This exception is thrown when an operation is called on a trail from a region other than the region in which the trail was created.
-
updateTrail
public UpdateTrailResult updateTrail(UpdateTrailRequest updateTrailRequest)
Updates the settings that specify delivery of log files. Changes to a trail do not require stopping the CloudTrail service. Use this action to designate an existing bucket for log delivery. If the existing bucket has previously been a target for CloudTrail log files, an IAM policy exists for the bucket.
UpdateTrail
must be called from the region in which the trail was created; otherwise, anInvalidHomeRegionException
is thrown.- Specified by:
updateTrail
in interfaceAWSCloudTrail
- Parameters:
updateTrailRequest
- Specifies settings to update for the trail.- Returns:
- Result of the UpdateTrail operation returned by the service.
- Throws:
S3BucketDoesNotExistException
- This exception is thrown when the specified S3 bucket does not exist.InsufficientS3BucketPolicyException
- This exception is thrown when the policy on the S3 bucket is not sufficient.InsufficientSnsTopicPolicyException
- This exception is thrown when the policy on the SNS topic is not sufficient.InsufficientEncryptionPolicyException
- This exception is thrown when the policy on the S3 bucket or KMS key is not sufficient.TrailNotFoundException
- This exception is thrown when the trail with the given name is not found.InvalidS3BucketNameException
- This exception is thrown when the provided S3 bucket name is not valid.InvalidS3PrefixException
- This exception is thrown when the provided S3 prefix is not valid.InvalidSnsTopicNameException
- This exception is thrown when the provided SNS topic name is not valid.InvalidKmsKeyIdException
- This exception is thrown when the KMS key ARN is invalid.InvalidTrailNameException
- This exception is thrown when the provided trail name is not valid. Trail names must meet the following requirements:-
Contain only ASCII letters (a-z, A-Z), numbers (0-9), periods (.), underscores (_), or dashes (-)
-
Start with a letter or number, and end with a letter or number
-
Be between 3 and 128 characters
-
Have no adjacent periods, underscores or dashes. Names like
my-_namespace
andmy--namespace
are invalid. -
Not be in IP address format (for example, 192.168.5.4)
-
TrailNotProvidedException
- This exception is deprecated.InvalidParameterCombinationException
- This exception is thrown when the combination of parameters provided is not valid.InvalidHomeRegionException
- This exception is thrown when an operation is called on a trail from a region other than the region in which the trail was created.KmsKeyNotFoundException
- This exception is thrown when the KMS key does not exist, or when the S3 bucket and the KMS key are not in the same region.KmsKeyDisabledException
- This exception is thrown when the KMS key is disabled.InvalidCloudWatchLogsLogGroupArnException
- This exception is thrown when the provided CloudWatch log group is not valid.InvalidCloudWatchLogsRoleArnException
- This exception is thrown when the provided role is not valid.CloudWatchLogsDeliveryUnavailableException
- Cannot set a CloudWatch Logs delivery for this region.UnsupportedOperationException
- This exception is thrown when the requested operation is not supported.OperationNotPermittedException
- This exception is thrown when the requested operation is not permitted.
-
getCachedResponseMetadata
public ResponseMetadata getCachedResponseMetadata(AmazonWebServiceRequest request)
Returns additional metadata for a previously executed successful, request, typically used for debugging issues where a service isn't acting as expected. This data isn't considered part of the result data returned by an operation, so it's available through this separate, diagnostic interface.Response metadata is only cached for a limited period of time, so if you need to access this extra diagnostic information for an executed request, you should use this method to retrieve it as soon as possible after executing the request.
- Specified by:
getCachedResponseMetadata
in interfaceAWSCloudTrail
- Parameters:
request
- The originally executed request- Returns:
- The response metadata for the specified request, or null if none is available.
-
-