Enabling CTS
CTS records operations performed on cloud resources in your account. The operation logs can be used to perform security analysis, track resource changes, perform compliance audits, and locate faults.
It is recommended that you enable the CTS service to record key IAM operations, such as creating and deleting users.
Procedure
- Log in to the management console.
- Click Service List and choose Management & Deployment > Cloud Trace Service.
- Click Trackers in the navigation pane.
- Click Enable CTS.
- In the displayed dialog box, click Enable. The system automatically creates a tracker.
After you enable CTS, you can view the tracker information on the Trackers page.
Operation |
Resource Type |
Trace Name |
|---|---|---|
Login |
user |
login |
Logging in as a user of the Cloud Alliance |
user |
cloudLoginBySaml |
Login failure |
user |
loginFailed |
Logout |
user |
logout |
Logging in as a federated user |
user |
tenantLoginBySamlSuccess/ oidcLoginSuccess |
(IAM user) Changing the password at first login, when the password will expire, or after the password expires |
user |
changePassword |
Creating a user |
user |
createUser |
Modifying user information |
user |
updateUser |
Deleting a user |
user |
deleteUser |
Creating an access key (AK/SK) |
user |
createCredential and addCredential |
Deleting an access key (AK/SK) |
user |
deleteCredential |
Disabling or enabling an access key (AK/SK) |
user |
changeCredentialStatus |
Modifying an access key (AK/SK) |
user |
updateCredential |
Changing the email address |
user |
modifyUserEmail |
Changing the mobile number |
user |
modifyUserMobile |
Changing the password |
user |
modifyUserPassword |
Setting a password for a user (by the administrator) |
user |
setPasswordByAdmin |
Creating a user group |
userGroup |
createUserGroup |
Modifying user group information |
userGroup |
updateGroup and updateUserGroup |
Deleting a user group |
userGroup |
deleteUserGroup |
Adding users to a user group |
userGroup |
addUserToGroup and updateUser/updateUserGroup |
Removing users from a user group |
userGroup |
removeUserFromGroup and updateUser/updateUserGroup |
Creating a project |
project |
createProject |
Modifying a project |
project |
updateProject |
Deleting a project |
project |
deleteProject |
Creating an agency |
agency |
createAgency |
Modifying an agency |
agency |
updateAgency |
Deleting an agency |
agency |
deleteAgency |
Switching roles |
agency |
switchRole |
Token |
createToken |
|
Creating an identity provider |
identityProvider |
createIdentityProvider |
Modifying an identity provider |
identityProvider |
updateIdentityProvider |
Deleting an identity provider |
identityProvider |
deleteIdentityProvider |
Uploading IdP metadata |
identityProvider |
updateMetaConfigure and uploadMetadataFile |
Editing IdP metadata |
identityProvider |
updateMetaConfigure |
Registering a mapping |
mapping |
createMapping |
Updating a mapping |
mapping |
updateMapping |
Deleting a mapping |
mapping |
deleteMapping |
Registering a protocol |
protocol |
createProtocol |
Updating a protocol |
protocol |
updateProtocol |
Deleting a protocol |
protocol |
deleteProtocol |
Creating a custom policy |
role |
createRole |
Modifying a custom policy |
role |
updateRole |
Deleting a custom policy |
role |
deleteRole |
Modifying the login authentication policy |
domain |
updateSecurityPolicies |
Modifying the password policy |
domain |
updatePasswordPolicies |
Modifying the ACL |
domain |
updateACLPolicies |
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
