All Products
Search

This Product

    ActionTrail:Auditable events of CloudSSO

    Document Center

    ActionTrail:Auditable events of CloudSSO

    Last Updated:Jan 12, 2023

    CloudSSO is integrated with ActionTrail. In the ActionTrail console, you can query the user-initiated events that are generated when you manage CloudSSO resources. ActionTrail can deliver user-initiated events to Logstores in Log Service or Object Storage Service (OSS) buckets. This way, you can audit the events in real time and troubleshoot issues.

    ActionTrail records the user-initiated events that are generated when you manage cloud resources by calling API operations or in the Alibaba Cloud Management Console. The following table describes the user-initiated events of CloudSSO that you can query in the ActionTrail console.

    Event

    Description

    AddExternalSAMLIdPCertificate

    A Security Assertion Markup Language (SAML) signing certificate is added.

    AddPermissionPolicyToAccessConfiguration

    A policy is added to an access configuration.

    AddUserToGroup

    A user is added to a group.

    ChangePassword

    The password of a user is modified.

    CheckRDFeaturePrerequisite

    The prerequisites for enabling the resource directory integration feature are checked.

    CheckServiceLinkedRoleForDeleting

    Whether a service-linked role can be deleted is checked.

    ClearExternalSAMLIdentityProvider

    The configurations of a SAML identity provider (IdP) are cleared.

    CreateAccessAssignment

    Access permissions on an account in your resource directory are granted to a user or a group by using an access configuration.

    CreateAccessConfiguration

    An access configuration is created.

    CreateCloudCredential

    A temporary key for accessing Alibaba Cloud is created.

    CreateDirectory

    A directory is created.

    CreateGroup

    A group is created.

    CreateSCIMServerCredential

    A cross-domain identity management (SCIM) credential is created.

    CreateUser

    A user is created.

    DeleteAccessAssignment

    The access permissions on an account in a resource directory are removed.

    DeleteAccessConfiguration

    An access configuration is deleted.

    DeleteDirectory

    A directory is deleted.

    DeleteGroup

    A group is deleted.

    DeleteMFADevice

    A multi-factor authentication (MFA) device is deleted.

    DeleteMFADeviceForUser

    An MFA device is unbound from a user.

    DeleteSCIMServerCredential

    A SCIM credential is deleted.

    DeleteUser

    A user is deleted.

    DeprovisionAccessConfiguration

    An access configuration is de-provisioned from an account in your resource directory.

    DisableService

    CloudSSO is deactivated.

    EnableDirectoryRDFeature

    The resource directory integration feature of CloudSSO is enabled.

    EnableService

    CloudSSO is activated.

    GetAccessConfiguration

    The information about an access configuration is queried.

    GetDirectory

    Information about a directory is queried.

    GetDirectoryRDFeatureStatus

    Whether the resource directory integration feature of CloudSSO is enabled is queried.

    GetDirectorySAMLServiceProviderInfo

    The information about a SAML service provider is queried.

    GetDirectoryStatistics

    The statistics of a directory are queried.

    GetExternalSAMLIdentityProvider

    The configurations of a SAML IdP are queried.

    GetGroup

    The information about a group is queried.

    GetMFAAuthenticationSettings

    The MFA settings of all users are queried.

    GetMFAAuthenticationStatus

    Whether MFA is enabled for users is checked.

    GetNewMFADevice

    A new MFA device is queried.

    GetSCIMSynchronizationStatus

    The status of SCIM synchronization is queried.

    GetServiceStatus

    The status of CloudSSO is queried.

    GetTask

    The information about an asynchronous task is queried.

    GetTaskStatus

    The status of an asynchronous task is queried.

    GetUser

    The information about a user is queried.

    GetUserMFAAuthenticationSettings

    The MFA setting of a user is queried.

    ListAccessAssignments

    The access permissions that are assigned are queried.

    ListAccessConfigurationProvisionings

    The access configurations that are provisioned are queried.

    ListAccessConfigurations

    Access configurations are queried.

    ListAccessConfigurationsForAccount

    The access configurations of an account in a resource directory are queried.

    ListAccounts

    All the Alibaba Cloud accounts that a user can use to access Alibaba Cloud are queried.

    ListDirectories

    Directories are queried.

    ListExternalSAMLIdPCertificates

    SAML signing certificates are queried.

    ListGroupMembers

    The users in a group are queried.

    ListGroups

    Groups are queried.

    ListJoinedGroupsForUser

    The groups to which a user is added are queried.

    ListMFADevices

    MFA devices are queried.

    ListMFADevicesForUser

    The MFA devices that are bound to a user are queried.

    ListPermissionPoliciesInAccessConfiguration

    The policies that are created for an access configuration are queried.

    ListSCIMServerCredentials

    SCIM credentials are queried.

    ListTasks

    Asynchronous tasks are queried.

    ListUsers

    Users are queried.

    Login

    The Alibaba Cloud Management Console is logged on.

    LoginToAccount

    An account in a resource directory is logged on.

    ProvisionAccessConfiguration

    An access configuration for an account in your resource directory is provisioned.

    RegisterMFADevice

    An MFA device is bound.

    RemoveExternalSAMLIdPCertificate

    A SAML signing certificate is removed.

    RemovePermissionPolicyFromAccessConfiguration

    A policy is removed from an access configuration.

    RemoveUserFromGroup

    A user is removed from a group.

    ResetUserPassword

    The password of a user is reset.

    RevokeAccessToken

    An access token is discontinued.

    SetExternalSAMLIdentityProvider

    A SAML IdP is configured.

    SetMFAAuthenticationStatus

    MFA is enabled or disabled for users in a directory.

    SetSCIMSynchronizationStatus

    SCIM synchronization is enabled or disabled.

    UpdateAccessConfiguration

    The information about an access configuration is modified.

    UpdateDirectory

    The name of a directory is changed.

    UpdateGroup

    The information about a group is modified.

    UpdateInlinePolicyForAccessConfiguration

    An inline policy that is created for an access configuration is modified.

    UpdateMFAAuthenticationSettings

    The MFA settings of all users are modified.

    UpdateMFADevice

    The details of an MFA device are modified.

    UpdateSCIMServerCredentialStatus

    A SCIM credential is enabled or disabled.

    UpdateUser

    The information about a user is modified.

    UpdateUserMFAAuthenticationSettings

    The MFA setting of a user is modified.

    UpdateUserStatus

    The status of a user is changed.