boto3_cloudtrail¶
Connection module for Amazon CloudTrail using boto3.¶
Renamed from
boto_cloudtrailtoboto3_cloudtrailand rewritten to use the boto3cloudtrailclient APIs directly viasaltext.boto3.utils.boto3mod. The legacy boto2 code path (object-style access, retry loops) has been removed.
- depends:
boto3 >= 1.28.0
botocore >= 1.31.0
- configuration:
This module accepts explicit CloudTrail credentials but can also utilize IAM roles assigned to the instance through Instance Profiles. Dynamic credentials are then automatically obtained from AWS API and no further configuration is necessary. More Information available at:
http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/iam-roles-for-amazon-ec2.html
If IAM roles are not used you need to specify them either in the minion’s config file or as a profile. For example, to specify them in the minion’s config file:
cloudtrail.keyid: GKTADJGHEIQSXMKKRBJ08H
cloudtrail.key: askdjghsdfjkghWupUjasdflkdfklgjsdfjajkghs
A region may also be specified in the configuration:
cloudtrail.region: us-east-1
It’s also possible to specify key, keyid and region via a profile, either as a passed in dict, or as a string to pull from pillars or minion config:
myprofile:
keyid: GKTADJGHEIQSXMKKRBJ08H
key: askdjghsdfjkghWupUjasdflkdfklgjsdfjajkghs
region: us-east-1
Added in version 1.0.0.
- saltext.boto3.modules.boto3_cloudtrail.exists(Name, region=None, key=None, keyid=None, profile=None)[source]¶
Given a trail name, check whether the given trail exists.
Returns
{"exists": True}or{"exists": False}.CLI Example:
salt myminion boto3_cloudtrail.exists mytrail
- saltext.boto3.modules.boto3_cloudtrail.create(Name, S3BucketName, S3KeyPrefix=None, SnsTopicName=None, IncludeGlobalServiceEvents=None, IsMultiRegionTrail=None, EnableLogFileValidation=None, CloudWatchLogsLogGroupArn=None, CloudWatchLogsRoleArn=None, KmsKeyId=None, region=None, key=None, keyid=None, profile=None)[source]¶
Given a valid config, create a trail.
CLI Example:
salt myminion boto3_cloudtrail.create my_trail my_bucket
- saltext.boto3.modules.boto3_cloudtrail.delete(Name, region=None, key=None, keyid=None, profile=None)[source]¶
Given a trail name, delete it.
CLI Example:
salt myminion boto3_cloudtrail.delete mytrail
- saltext.boto3.modules.boto3_cloudtrail.describe(Name, region=None, key=None, keyid=None, profile=None)[source]¶
Given a trail name describe its properties.
CLI Example:
salt myminion boto3_cloudtrail.describe mytrail
- saltext.boto3.modules.boto3_cloudtrail.status(Name, region=None, key=None, keyid=None, profile=None)[source]¶
Given a trail name return its status.
CLI Example:
salt myminion boto3_cloudtrail.status mytrail
- saltext.boto3.modules.boto3_cloudtrail.list_trails(region=None, key=None, keyid=None, profile=None)[source]¶
List all trails.
CLI Example:
salt myminion boto3_cloudtrail.list_trails
- saltext.boto3.modules.boto3_cloudtrail.update(Name, S3BucketName, S3KeyPrefix=None, SnsTopicName=None, IncludeGlobalServiceEvents=None, IsMultiRegionTrail=None, EnableLogFileValidation=None, CloudWatchLogsLogGroupArn=None, CloudWatchLogsRoleArn=None, KmsKeyId=None, region=None, key=None, keyid=None, profile=None)[source]¶
Given a valid config, update a trail.
CLI Example:
salt myminion boto3_cloudtrail.update my_trail my_bucket
- saltext.boto3.modules.boto3_cloudtrail.start_logging(Name, region=None, key=None, keyid=None, profile=None)[source]¶
Start logging for a trail.
CLI Example:
salt myminion boto3_cloudtrail.start_logging my_trail
- saltext.boto3.modules.boto3_cloudtrail.stop_logging(Name, region=None, key=None, keyid=None, profile=None)[source]¶
Stop logging for a trail.
CLI Example:
salt myminion boto3_cloudtrail.stop_logging my_trail
- saltext.boto3.modules.boto3_cloudtrail.add_tags(Name, region=None, key=None, keyid=None, profile=None, **kwargs)[source]¶
Add tags to a trail.
CLI Example:
salt myminion boto3_cloudtrail.add_tags my_trail tag_a=tag_value tag_b=tag_value