AWS CloudTrail (cloudtrail)

2023-01-13

7 new actions | 13 updated actions, 1 updated resource

Additions

    Actions
  • GetChannel
    • Description:  Grants permission to return information about a specific channel
    • Access:  Read
    • Resources: 

      Name: channel

      Required: Yes

  • GetImport
    • Description:  Grants permission to return information about a specific import
    • Access:  Read
  • ListChannels
    • Description:  Grants permission to list the channels in the current account, and their source names
    • Access:  List
  • ListImportFailures
    • Description:  Grants permission to return a list of failures for the specified import
    • Access:  Read
  • ListImports
    • Description:  Grants permission to return information on all imports, or a select set of imports by ImportStatus or Destination
    • Access:  List
  • StartImport
    • Description:  Grants permission to start an import of logged trail events from a source S3 bucket to a destination event data store
    • Access:  Write
  • StopImport
    • Description:  Grants permission to stop a specified import
    • Access:  Write

Updates

    Actions
  • CreateTrail
      Dependents
    • + cloudtrail:AddTags
    • + iam:CreateServiceLinkedRole
    • + iam:GetRole
    • + organizations:ListAWSServiceAccessForOrganization
    • - s3:PutObject
  • CancelQuery
      Resources
    • + eventdatastore
  • CreateEventDataStore
      Dependents
    • + cloudtrail:AddTags
    • + iam:CreateServiceLinkedRole
    • + iam:GetRole
    • + kms:Decrypt
    • + kms:GenerateDataKey
    • + organizations:ListAWSServiceAccessForOrganization
  • DeregisterOrganizationDelegatedAdmin
      Dependents
    • + organizations:DeregisterDelegatedAdministrator
    • + organizations:ListAWSServiceAccessForOrganization
  • DescribeQuery
      Resources
    • + eventdatastore
  • GetEventDataStore
      Resources
    • + eventdatastore
  • GetQueryResults
      Resources
    • + eventdatastore
      Dependents
    • + kms:Decrypt
    • + kms:GenerateDataKey
  • GetTrail
      Resources
    • + trail
  • ListQueries
      Resources
    • + eventdatastore
  • RegisterOrganizationDelegatedAdmin
      Dependents
    • + iam:CreateServiceLinkedRole
    • + iam:GetRole
    • + organizations:ListAWSServiceAccessForOrganization
    • + organizations:RegisterDelegatedAdministrator
  • StartQuery
      Resources
    • + eventdatastore
      Dependents
    • + kms:Decrypt
    • + kms:GenerateDataKey
  • UpdateEventDataStore
      Dependents
    • + iam:CreateServiceLinkedRole
    • + iam:GetRole
    • + kms:Decrypt
    • + kms:GenerateDataKey
    • + organizations:ListAWSServiceAccessForOrganization
  • UpdateTrail
      Dependents
    • + iam:CreateServiceLinkedRole
    • + iam:GetRole
    • + organizations:ListAWSServiceAccessForOrganization
    Resources
  • trail
      Conditions
    • - aws:ResourceTag/${TagKey}