All Products
Search

This Product

    ActionTrail:Auditable events of RAM

    Document Center

    ActionTrail:Auditable events of RAM

    Last Updated:Jan 12, 2023

    Resource Access Management (RAM) is integrated with ActionTrail. In the ActionTrail console, you can query the user-initiated events that are generated when you manage RAM resources. ActionTrail can deliver user-initiated events to Logstores in Log Service or Object Storage Service (OSS) buckets. This way, you can audit the events in real time and troubleshoot issues.

    ActionTrail records the user-initiated events that are generated when you manage cloud resources by calling API operations or in the Alibaba Cloud Management Console. The following table describes the user-initiated events of RAM that you can query in the ActionTrail console.

    Event

    Description

    AddUserToGroup

    A RAM user is added to a RAM user group.

    AttachPolicyToGroup

    A policy is attached to a RAM user group.

    AttachPolicyToRole

    A policy is attached to a RAM role.

    AttachPolicyToUser

    A policy is attached to a RAM user.

    BindMFADevice

    A multi-factor authentication (MFA) device is bound to a RAM user.

    ChangePassword

    The password of a RAM user is changed.

    ClearAccountAlias

    The alias of an Alibaba Cloud account is deleted.

    CreateAccessKey

    An AccessKey pair is created for a RAM user.

    CreateGroup

    A RAM user group is created.

    CreateLoginProfile

    Console logon is enabled for a RAM user.

    CreatePolicy

    A policy is created.

    CreatePolicyVersion

    A version of a policy is created.

    CreateRole

    A RAM role is created.

    CreateUser

    A RAM user is created.

    CreateVirtualMFADevice

    An MFA device is created.

    DeleteAccessKey

    An AccessKey pair of a RAM user is deleted.

    DeleteGroup

    A RAM user group is deleted.

    DeleteLoginProfile

    Console logon is disabled for a RAM user.

    DeletePolicy

    A policy is deleted.

    DeletePolicyVersion

    A policy version is deleted.

    DeleteRole

    A RAM role is deleted.

    DeleteUser

    A RAM user is deleted.

    DeleteVirtualMFADevice

    An MFA device is deleted.

    DetachPolicyFromGroup

    A policy is detached from a RAM user group.

    DetachPolicyFromRole

    A policy is detached from a RAM role.

    DetachPolicyFromUser

    A policy is detached from a RAM user.

    GetAccessKeyLastUsed

    The time when an AccessKey pair is last used is queried.

    GetAccountAlias

    The alias of an Alibaba Cloud account is queried.

    GetAccountSummary

    Statistics are queried.

    GetGroup

    The information about a RAM user group is queried.

    GetLoginProfile

    The logon configurations of a RAM user are queried.

    GetPasswordPolicy

    The password policy of RAM users, including the password strength, is queried.

    GetPolicy

    The information about a policy is queried.

    GetPolicyVersion

    The information about a policy version is queried.

    GetPublicKey

    A public key is queried.

    GetRole

    The information about a RAM role is queried.

    GetSecurityPreference

    The details of the security preferences are queried.

    GetServiceStatus

    The status of RAM is queried.

    GetUser

    The information about a RAM user is queried.

    GetUserMFAInfo

    The MFA device that is attached to a RAM user is queried.

    ListAccessKeys

    AccessKey pairs that belong to an Alibaba Cloud account or a RAM user are queried.

    ListEntitiesForPolicy

    The entities to which a policy is attached are queried.

    ListGroups

    RAM user groups are queried.

    ListGroupsForUser

    The RAM user groups to which a RAM user belongs are queried.

    ListPolicies

    Policies are queried.

    ListPoliciesForGroup

    The policies that are attached to a RAM user group are queried.

    ListPoliciesForRole

    The policies that are attached to a RAM role are queried.

    ListPoliciesForUser

    The policies that are attached to a RAM user are queried.

    ListPolicyVersions

    The versions of a policy are queried.

    ListPublicKeys

    Public keys are queried.

    ListRoles

    RAM roles are queried.

    ListUsers

    All RAM users are queried.

    ListUsersForGroup

    RAM users in a RAM user group are queried.

    ListVirtualMFADevices

    MFA devices are queried.

    OpenService

    A service is activated.

    ReleaseAccountResource

    An Alibaba Cloud account and the resources of the account are released with one click.

    RemoveUserFromGroup

    A RAM user is removed from a RAM user group.

    SetAccountAlias

    An alias is configured for an Alibaba Cloud account.

    SetDefaultPolicyVersion

    A version is specified for a policy as the default version.

    SetPasswordPolicy

    The password policy for RAM users, including the password strength, is configured.

    SetSecurityPreference

    The security preferences are configured.

    UnbindMFADevice

    An MFA device is unbound from a RAM user.

    UpdateAccessKey

    The status of an AccessKey pair that belongs to a RAM user is changed.

    UpdateGroup

    The information about a RAM user group is modified.

    UpdateLoginProfile

    The logon configurations of a RAM user are modified.

    UpdatePolicyDescription

    The description of a custom policy is modified.

    UpdatePublicKey

    A public key is modified.

    UpdateRole

    The information about a RAM role is modified.

    UpdateUser

    The information about a RAM user is modified.

    UploadPublicKey

    A public key is uploaded.