Vh)dZdZdZ ddlZddlmZddlmZddl m Z ddl m Z d Z d Zd Zd Zed k(reyy#e$rY9wxYw)a --- module: cloudtrail_info version_added: 5.0.0 short_description: Gather information about trails in AWS Cloud Trail description: - Gather information about trails in AWS CloudTrail. author: "Gomathi Selvi Srinivasan (@GomathiselviS)" options: trail_names: type: list elements: str default: [] description: - Specifies a list of trail names, trail ARNs, or both, of the trails to describe. - If an empty list is specified, information for the trail in the current region is returned. include_shadow_trails: type: bool default: true description: Specifies whether to include shadow trails in the response. extends_documentation_fragment: - amazon.aws.common.modules - amazon.aws.region.modules - amazon.aws.boto3 a= # Note: These examples do not set authentication details, see the AWS Guide for details. # Gather information about all trails - amazon.aws.cloudtrail_info: # Gather information about a particular trail - amazon.aws.cloudtrail_info: trail_names: - arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail a3 trail_list: description: List of trail objects. Each element consists of a dict with all the information related to that cloudtrail. type: list elements: dict returned: always contains: name: description: Name of the trail. type: str sample: "MyTrail" s3_bucket_name: description: Name of the Amazon S3 bucket into which CloudTrail delivers the trail files. type: str sample: "aws-cloudtrail-logs-xxxx" s3_key_prefix: description: Amazon S3 key prefix that comes after the name of the bucket that is designated for log file delivery. type: str sample: "xxxx" sns_topic_arn: description: ARN of the Amazon SNS topic that CloudTrail uses to send notifications when log files are delivered. type: str sample: "arn:aws:sns:us-east-2:123456789012:MyTopic" include_global_service_events: description: If True, AWS API calls from AWS global services such as IAM are included. type: bool sample: true is_multi_region_trail: description: Specifies whether the trail exists only in one region or exists in all regions. type: bool sample: true home_region: description: The region in which the trail was created. type: str sample: "us-east-1" trail_arn: description: Specifies the ARN of the trail. type: str sample: "arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail" log_file_validation_enabled: description: Specifies whether log file validation is enabled. type: bool sample: true cloud_watch_logs_log_group_arn: description: Specifies an ARN, that represents the log group to which CloudTrail logs will be delivered. type: str sample: "arn:aws:sns:us-east-2:123456789012:Mylog" cloud_watch_logs_role_arn: description: Specifies the role for the CloudWatch Logs endpoint to assume to write to a user's log group. type: str sample: "arn:aws:sns:us-east-2:123456789012:Mylog" kms_key_id: description: Specifies the KMS key ID that encrypts the logs delivered by CloudTrail. type: str sample: "arn:aws:kms:us-east-2:123456789012:key/12345678-1234-1234-1234-123456789012" has_custom_event_selectors: description: Specifies if the trail has custom event selectors. type: bool sample: true has_insight_selectors: description: Specifies whether a trail has insight types specified in an InsightSelector list. type: bool sample: true is_organization_trail: description: Specifies whether the trail is an organization trail. type: bool sample: true is_logging: description: Whether the CloudTrail is currently logging AWS API calls. type: bool sample: true latest_delivery_error: description: Displays any Amazon S3 error that CloudTrail encountered when attempting to deliver log files to the designated bucket. type: str latest_notification_attempt_time: description: Specifies the date and time that CloudTrail last attempt to deliver a notification. type: str latest_notification_attempt_succeeded: description: Specifies the date and time that CloudTrail last successful attempt to deliver a notification. type: str latest_notification_error: description: Displays any Amazon SNS error that CloudTrail encountered when attempting to send a notification. type: str latest_delivery_attempt_succeeded: description: Specifies the date and time that CloudTrail last successful attempt to deliver log files to an account's Amazon S3 bucket. type: str latest_delivery_attempt_time: description: Specifies the date and time that CloudTrail last attempt to deliver log files to an account's Amazon S3 bucket. type: str latest_delivery_time: description: Specifies the date and time that CloudTrail last delivered log files to an account's Amazon S3 bucket. type: str start_logging_time: description: Specifies the most recent date and time when CloudTrail started recording API calls for an AWS account. type: str stop_logging_time: description: Specifies the most recent date and time when CloudTrail stopped recording API calls for an AWS account. type: str latest_cloud_watch_logs_delivery_error: description: Displays any CloudWatch Logs error that CloudTrail encountered when attempting to deliver logs to CloudWatch Logs. type: str latest_cloud_watch_logs_delivery_time: description: Displays the most recent date and time when CloudTrail delivered logs to CloudWatch Logs. type: str latest_digest_delivery_time: description: Specifies the date and time that CloudTrail last delivered a digest file to an account's Amazon S3 bucket. type: str latest_digest_delivery_error: description: Displays any Amazon S3 error that CloudTrail encountered when attempting to deliver a digest file to the designated bucket. type: str resource_id: description: Specifies the ARN of the resource. type: str tags: description: Any tags assigned to the cloudtrail. type: dict returned: always sample: "{ 'my_tag_key': 'my_tag_value' }" N)camel_dict_to_snake_dict)AnsibleAWSModule)AWSRetry)boto3_tag_list_to_ansible_dictc:g} |jd}j D]}|jt||S#tjjtjjf$r}|j |dYd}~d}~wwxYw)N list_trailsFailed to get the trails.msg) get_paginatorbotocore exceptions ClientError BotoCoreError fail_json_awspaginateextendlist_cloud_trails) connectionmodule all_trailsresultetrails n/home/dcms/DCMS/lib/python3.12/site-packages/ansible_collections/amazon/aws/plugins/modules/cloudtrail_info.py get_trailsrsJA))-8"4+E234     + +X-@-@-N-N OAQ$?@@AsA7B=BBc8|dDcgc]}|d c}Scc}w)NTrailsTrailARN) trail_dictxs rrrs#-h#7 8aAjM 88 8s c,i}|jjd}|jjd}|s t||} |j||d}g}dD]w} |j|dd } |j|  |j|dg } | d D]} |j|  |jt|y|D]$} d| vrt| ddd| d<| d=d| vs"| d=&||d<|S#tj j tj jf$r}|j|dYd}~d}~wwxYw#tj j tj jf$r}|j|d Yd}~'d}~wwxYw#tj j tj jf$r}|jd |Yd}~Md}~wwxYw)N trail_namesinclude_shadow_trailsT) trailNameListincludeShadowTrails aws_retryr r trailListr)Namer(zFailed to get the trail status)ResourceIdListResourceTagListzFailed to get the trail tags - tags_listkeyvaluetagsresponse_metadata trail_list)paramsgetrdescribe_trailsr rrrrget_trail_statusupdate list_tagswarnappendrr) rroutputtrail_name_listr%rrsnaked_cloud_trail cloud_trail status_dicttag_listtag_dicttrs rget_trail_detailrCs7 Fmm'' 6O"MM--.EF $Z8A++)?T`d,  k* I  J$55;z;R^b5cK   { + ?!++K > ?sHD ''E%1F= 7E"EE"%7F:F55F:=7H4HHcttddgtdd}t|d} |jd tj }t|}|jd i|y#t j jt j jf$r}|j|d Yd}~nd}~wwxYw)Nliststr)typeelementsdefaultboolT)rGrI)r$r%) argument_specsupports_check_mode cloudtrail)retry_decoratorzFailed to connect to AWSr r ) dictrclientrjittered_backoffr rrrrrC exit_json)rKrrrrs rmainrSsfubA"=M Mt TF@]]<AZAZA\]] j& 1FFv    + +X-@-@-N-N O@Q$>??@s%A777C .CC __main__) DOCUMENTATIONEXAMPLESRETURNr ImportError0ansible.module_utils.common.dict_transformationsr;ansible_collections.amazon.aws.plugins.module_utils.modulesr;ansible_collections.amazon.aws.plugins.module_utils.retriesr;ansible_collections.amazon.aws.plugins.module_utils.taggingrrrrCrS__name__r rr_sq 4 v p VXPf9$N   zFa  s>AA