Create, update, and manage CloudTrail Lake integrations with the Amazon CLI - Amazon CloudTrail
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Create, update, and manage CloudTrail Lake integrations with the Amazon CLI

This section describes the commands you can use to create, update and manage your CloudTrail Lake integrations using the Amazon CLI.

When using the Amazon CLI, remember that your commands run in the Amazon Web Services Region configured for your profile. If you want to run the commands in a different Region, either change the default Region for your profile, or use the --region parameter with the command.

Available commands for CloudTrail Lake integrations

Commands for creating, updating, and managing integrations in CloudTrail Lake include:

  • create-event-data-store to create an event data store for events outside of Amazon.

  • delete-channel to delete a channel used for an integration.

  • delete-resource-policy to delete the resource policy attached to a channel for a CloudTrail Lake integration.

  • get-channel to return information about a CloudTrail channel.

  • get-resource-policy to retrieve the JSON text of the resource-based policy document attached to the CloudTrail channel.

  • list-channels to list the channels in the current account, and their source names.

  • put-audit-events to ingest your application events into CloudTrail Lake. A required parameter, auditEvents, accepts the JSON records (also called payload) of events that you want CloudTrail to ingest. You can add up to 100 of these events (or up to 1 MB) per PutAuditEvents request.

  • put-resource-policy to attach a resource-based permission policy to a CloudTrail channel that is used for an integration with an event source outside of Amazon. For more information about resource-based policies, see Amazon CloudTrail resource-based policy examples.

  • update-channel to update a channel specified by a required channel ARN or UUID.

For a list of available commands for CloudTrail Lake event data stores, see Available commands for event data stores.

For a list of available commands for CloudTrail Lake queries, see Available commands for CloudTrail Lake queries.

For a list of available commands for CloudTrail Lake dashboards, see Available commands for dashboards.