SDK for PHP 3.x
AWS CloudTrail Data Service 2021-08-11
- Client: Aws\CloudTrailData\CloudTrailDataClient
- Service ID: cloudtrail-data
- Version: 2021-08-11
This page describes the parameters and results for the operations of the AWS CloudTrail Data Service (2021-08-11), and shows how to use the Aws\CloudTrailData\CloudTrailDataClient object to call the described operations. This documentation is specific to the 2021-08-11 API version of the service.
Operation Summary
Each of the following operations can be created from a client using
$client->getCommand('CommandName'), where "CommandName" is the
name of one of the following operations. Note: a command is a value that
encapsulates an operation and the parameters used to create an HTTP request.
You can also create and send a command immediately using the magic methods
available on a client object: $client->commandName(/* parameters */).
You can send the command asynchronously (returning a promise) by appending the
word "Async" to the operation name: $client->commandNameAsync(/* parameters */).
- PutAuditEvents ( array $params = [] )
- Ingests your application events into CloudTrail Lake.
Operations
PutAuditEvents
$result = $client->putAuditEvents([/* ... */]); $promise = $client->putAuditEventsAsync([/* ... */]);
Ingests your application events into CloudTrail Lake. A required parameter, auditEvents, accepts the JSON records (also called payload) of events that you want CloudTrail to ingest. You can add up to 100 of these events (or up to 1 MB) per PutAuditEvents request.
Parameter Syntax
$result = $client->putAuditEvents([
'auditEvents' => [ // REQUIRED
[
'eventData' => '<string>', // REQUIRED
'eventDataChecksum' => '<string>',
'id' => '<string>', // REQUIRED
],
// ...
],
'channelArn' => '<string>', // REQUIRED
'externalId' => '<string>',
]);
Parameter Details
Members
- auditEvents
-
- Required: Yes
- Type: Array of AuditEvent structures
The JSON payload of events that you want to ingest. You can also point to the JSON event payload in a file.
- channelArn
-
- Required: Yes
- Type: string
The ARN or ID (the ARN suffix) of a channel.
- externalId
-
- Type: string
A unique identifier that is conditionally required when the channel's resource policy includes an external ID. This value can be any string, such as a passphrase or account number.
Result Syntax
[
'failed' => [
[
'errorCode' => '<string>',
'errorMessage' => '<string>',
'id' => '<string>',
],
// ...
],
'successful' => [
[
'eventID' => '<string>',
'id' => '<string>',
],
// ...
],
]
Result Details
Members
- failed
-
- Required: Yes
- Type: Array of ResultErrorEntry structures
Lists events in the provided event payload that could not be ingested into CloudTrail, and includes the error code and error message returned for events that could not be ingested.
- successful
-
- Required: Yes
- Type: Array of AuditEventResultEntry structures
Lists events in the provided event payload that were successfully ingested into CloudTrail.
Errors
- ChannelInsufficientPermission:
The caller's account ID must be the same as the channel owner's account ID.
- ChannelNotFound:
The channel could not be found.
- InvalidChannelARN:
The specified channel ARN is not a valid channel ARN.
- ChannelUnsupportedSchema:
The schema type of the event is not supported.
- DuplicatedAuditEventId:
Two or more entries in the request have the same event ID.
- UnsupportedOperationException:
The operation requested is not supported in this region or account.
Shapes
AuditEvent
Description
An event from a source outside of Amazon Web Services that you want CloudTrail to log.
Members
- eventData
-
- Required: Yes
- Type: string
The content of an audit event that comes from the event, such as
userIdentity,userAgent, andeventSource. - eventDataChecksum
-
- Type: string
A checksum is a base64-SHA256 algorithm that helps you verify that CloudTrail receives the event that matches with the checksum. Calculate the checksum by running a command like the following:
printf %s $eventdata | openssl dgst -binary -sha256 | base64 - id
-
- Required: Yes
- Type: string
The original event ID from the source event.
AuditEventResultEntry
Description
A response that includes successful and failed event results.
Members
- eventID
-
- Required: Yes
- Type: string
The event ID assigned by CloudTrail.
- id
-
- Required: Yes
- Type: string
The original event ID from the source event.
ChannelInsufficientPermission
Description
The caller's account ID must be the same as the channel owner's account ID.
Members
- message
-
- Type: string
ChannelNotFound
Description
The channel could not be found.
Members
- message
-
- Type: string
ChannelUnsupportedSchema
Description
The schema type of the event is not supported.
Members
- message
-
- Type: string
DuplicatedAuditEventId
Description
Two or more entries in the request have the same event ID.
Members
- message
-
- Type: string
InvalidChannelARN
Description
The specified channel ARN is not a valid channel ARN.
Members
- message
-
- Type: string
ResultErrorEntry
Description
Includes the error code and error message for events that could not be ingested by CloudTrail.
Members
- errorCode
-
- Required: Yes
- Type: string
The error code for events that could not be ingested by CloudTrail. Possible error codes include:
FieldTooLong,FieldNotFound,InvalidChecksum,InvalidData,InvalidRecipient,InvalidEventSource,AccountNotSubscribed,Throttling, andInternalFailure. - errorMessage
-
- Required: Yes
- Type: string
The message that describes the error for events that could not be ingested by CloudTrail.
- id
-
- Required: Yes
- Type: string
The original event ID from the source event that could not be ingested by CloudTrail.
UnsupportedOperationException
Description
The operation requested is not supported in this region or account.
Members
- message
-
- Type: string