turbot/alicloud

GitHub
steampipe plugin install alicloudsteampipe plugin install alicloud
alicloud_accountalicloud_action_trailalicloud_cas_certificatealicloud_cms_monitor_hostalicloud_cs_kubernetes_clusteralicloud_cs_kubernetes_cluster_nodealicloud_ecs_auto_provisioning_groupalicloud_ecs_autoscaling_groupalicloud_ecs_diskalicloud_ecs_disk_metric_read_iopsalicloud_ecs_disk_metric_read_iops_dailyalicloud_ecs_disk_metric_read_iops_hourlyalicloud_ecs_disk_metric_write_iopsalicloud_ecs_disk_metric_write_iops_dailyalicloud_ecs_disk_metric_write_iops_hourlyalicloud_ecs_imagealicloud_ecs_instancealicloud_ecs_instance_metric_cpu_utilization_dailyalicloud_ecs_instance_metric_cpu_utilization_hourlyalicloud_ecs_key_pairalicloud_ecs_launch_templatealicloud_ecs_network_interfacealicloud_ecs_regionalicloud_ecs_security_groupalicloud_ecs_snapshotalicloud_ecs_zonealicloud_kms_keyalicloud_kms_secretalicloud_oss_bucketalicloud_ram_access_keyalicloud_ram_credential_reportalicloud_ram_groupalicloud_ram_password_policyalicloud_ram_policyalicloud_ram_rolealicloud_ram_security_preferencealicloud_ram_useralicloud_rds_backupalicloud_rds_databasealicloud_rds_instancealicloud_rds_instance_metric_connectionsalicloud_rds_instance_metric_connections_dailyalicloud_rds_instance_metric_cpu_utilizationalicloud_rds_instance_metric_cpu_utilization_dailyalicloud_rds_instance_metric_cpu_utilization_hourlyalicloud_security_center_field_statisticsalicloud_security_center_versionalicloud_slb_load_balanceralicloud_vpcalicloud_vpc_dhcp_options_setalicloud_vpc_eipalicloud_vpc_flow_logalicloud_vpc_nat_gatewayalicloud_vpc_network_aclalicloud_vpc_route_entryalicloud_vpc_route_tablealicloud_vpc_ssl_vpn_client_certalicloud_vpc_ssl_vpn_serveralicloud_vpc_vpn_connectionalicloud_vpc_vpn_customer_gatewayalicloud_vpc_vpn_gatewayalicloud_vpc_vswitch

Table: alicloud_action_trail

Alibaba Cloud ActionTrail is a service that monitors and records the actions of your Alibaba Cloud account, including the access to and use of cloud products and services through the Alibaba Cloud console, API operations, and SDKs. ActionTrail records these actions as events. You can download these events from the ActionTrail console or configure ActionTrail to deliver these events to Log Service Logstores or Object Storage Service (OSS) buckets. Then, you can perform behavior analysis, security analysis, resource change tracking, and compliance auditing based on the events.

Examples

Basic info

select
name,
home_region,
event_rw,
status,
trail_region
from
alicloud_action_trail;

List enabled trails

select
name,
home_region,
event_rw,
status,
trail_region
from
alicloud_action_trail
where
status = 'Enable';

List multi-account trails

select
name,
home_region,
is_organization_trail,
status,
trail_region
from
alicloud_action_trail
where
is_organization_trail;

List shadow trails

select
name,
region,
home_region
from
alicloud_action_trail
where
trail_region = 'All'
and home_region <> region;

Query examples

Control examples

.inspect alicloud_action_trail

Alicloud Action Trail

NameTypeDescription
_ctxjsonbSteampipe context in JSON form, e.g. connection_name.
account_idtextThe Alicloud Account ID in which the resource is located.
akasjsonbArray of globally unique identifier strings (also known as) for the resource.
create_timetimestamp with time zoneThe time when the trail was created.
event_rwtextThe read/write type of the delivered events.
home_regiontextThe home region of the trail.
is_organization_trailbooleanIndicates whether the trail was created as a multi-account trail.
nametextThe name of the trail.
oss_bucket_nametextThe name of the OSS bucket to which events are delivered.
oss_key_prefixtextThe prefix of log files stored in the OSS bucket.
regiontextThe Alicloud region in which the resource is located.
role_nametextThe name of the Resource Access Management (RAM) role that ActionTrail is allowed to assume.
sls_project_arntextThe ARN of the Log Service project to which events are delivered.
sls_write_role_arntextThe ARN of the RAM role assumed by ActionTrail for delivering logs to the destination Log Service project.
start_logging_timetimestamp with time zoneThe most recent date and time when logging was enabled for the trail.
statustextThe status of the trail.
stop_logging_timetimestamp with time zoneThe most recent date and time when logging was disabled for the trail.
titletextTitle of the resource.
trail_regiontextThe regions to which the trail is applied.
update_timetimestamp with time zoneThe most recent time when the configuration of the trail was updated.