Categorygithub.com/awsdocs/aws-doc-sdk-examplesgocloudtrail
package
0.0.0-20250312200722-bc14b7464845
Repository: https://github.com/awsdocs/aws-doc-sdk-examples.git
Documentation: pkg.go.dev
Overview
Versions
1
Dependencies
10
Dependents
0
Files
333 SLOC

# README

AWS SDK for Go code examples for AWS CloudTrail

Purpose

These examples demonstrate how to perform some AWS CloudTrail operations.

Prerequisites

You must have an AWS account, and have your default credentials and AWS Region configured as described in Configuring the AWS SDK for Go in the AWS SDK for Go Developer Guide.

Running the code examples

All of these code examples perform the operations in the default AWS Region and use your default credentials.

Operations

The cloudtrailOps.go file defines several AWS CloudTrail operations.

Use the following command to display the commands that invoke these operations.

go run cloudtrailOps.go -h

Notes

  • You should grant these code examples least privilege, or at most the minimum permissions required to perform the task. For more information, see Grant Least Privilege in the AWS Identity and Access Management User Guide.
  • This code has not been tested in all regions. Some AWS services are available only in specific Regions.
  • Running this code might result in charges to your AWS account.

Running the Unit Tests

Unit tests should delete any resources they create. However, they might result in charges to your AWS account if a test fails. If you run the tests with the option of seeing log messages and a test fails, as described later in this document, you'll see a log message that tells you which resources you must manually delete.

If you want to use the unit tests with an existing trail, set the TrailName entry in config.json.

Otherwise, the unit tests create a trail with a random name that starts with MyTrail- to which the bucket events are sent

If you want to use the unit tests with an existing bucket, set the BucketName entry in config.json.

Otherwise, the unit tests create a bucket with a random name that starts with mybucket-.

The unit test cloudtrailOps_test.go:

  • Adds a couple of items to the bucket
  • Displays a list of trails
  • Lists any events in the trail from the current user
  • If the unit test created a trail, it deletes the trail
  • If the unit test created a bucket, it deletes the bucket

To run the unit test, enter:

go test

You should see something like the following, where PATH is the path to folder containing the Go files:

PASS
ok      PATH 6.224s

If you want to see any log messages, enter:

go test -test.v

You should see some additional log messages. The last two lines should be similar to the previous output shown.

You can confirm it has deleted any trail it created by looking at the remaining trails for any that start with MyTrail-:

go run cloudtrailOps.go -l

# Functions

ConfigureBucket configures a bucket to send event activity to AWS CloudTrail Inputs: sess is the current session, which provides configuration for the SDK's service clients trailName is the name of the trail bucketName is the name of the bucket Output: If success, nil Otherwise, an error from the call to sts.GetCallerIdentity, json.Marshal, or s3.PutBucketPolicy snippet-start:[cloudtrail.go.configure_trail].
CreateTrail creates a trail to get event activity from a bucket Inputs: sess is the current session, which provides configuration for the SDK's service clients trailName is the name of the trail bucketName is the name of the bucket Output: If success, nil Otherwise, an error from the call to sts.GetCallerIdentity, json.Marshal, or s3.PutBucketPolicy snippet-start:[cloudtrail.go.create_trail].
DeleteTrail deletes a trail Inputs: sess is the current session, which provides configuration for the SDK's service clients trailName is the name of the trail Output: If success, nil Otherwise, an error from a call to DeleteTrail snippet-start:[cloudtrail.go.delete_trail].
GetTrailEvents gets the events for a trail Inputs: sess is the current session, which provides configuration for the SDK's service clients trailName is the name of the trail Output: If success, a list of Event objects and nil Otherwise, a nil object and an error from a call to LookupEvents.
GetTrails gets a list of trails Inputs: sess is the current session, which provides configuration for the SDK's service clients Output: If success, a list of Trail objects and nil Otherwise, a nil object and an error from a call to DescribeTrails.
GetUser retrieves the name of the logged on user Inputs: sess is the current session, which provides configuration for the SDK's service clients Output: If success, the user name and nil Otherwise, an empty string and an error from a call to GetCallerIdentity.