Does this tool connect to my account?

No. This tool runs entirely in your browser. It never connects to any cloud account.

Are configs production-ready?

The tool produces valid configurations. Always review and test before deploying to production.

Alibaba ActionTrail Config Builder

MonitoringAlibaba Cloud

Build ActionTrail audit configurations with multi-region trails, OSS archiving, SLS delivery, and event filters.

Alibaba Cloud ActionTrail Configuration

Build ActionTrail audit configurations with multi-region trails, OSS archiving, SLS delivery, event filters, and security alerts.

Required Fields

trailNametrailRegion

{
  "trailName": "prod-audit-trail",
  "trailRegion": "All",
  "eventRW": "All",
  "ossConfig": {
    "ossBucketName": "audit-trail-archive",
    "ossKeyPrefix": "actiontrail/",
    "ossBucketRegion": "cn-hangzhou"
  },
  "slsConfig": {
    "slsProjectArn": "acs:log:cn-hangzhou:*:project/audit-log-project",
    "slsWriteRoleArn": "acs:ram::*:role/aliyunactiontraildefaultrole"
  },
  "eventFilters": [
    {
      "name": "iam-changes",
      "eventSource": "ram.aliyuncs.com",
      "eventNames": [
        "CreateUser",
        "DeleteUser",
        "AttachPolicyToUser",
        "CreateAccessKey",
        "DeleteAccessKey"
      ],
      "description": "Track all RAM user and policy changes"
    },
    {
      "name": "security-group-changes",
      "eventSource": "ecs.aliyuncs.com",
      "eventNames": [
        "AuthorizeSecurityGroup",
        "RevokeSecurityGroup",
        "CreateSecurityGroup",
        "DeleteSecurityGroup"
      ],
      "description": "Track security group modifications"
    },
    {
      "name": "console-logins",
      "eventSource": "signin.aliyuncs.com",
      "eventNames": ["ConsoleSignin"],
      "description": "Track console sign-in events"
    }
  ],
  "alertRules": [
    {
      "name": "root-account-usage",
      "query": "event.userIdentity.type: root-account",
      "condition": {
        "threshold": 1,
        "timeWindow": 300
      },
      "notifications": [
        { "type": "Email", "recipients": ["security@example.com"] },
        { "type": "DingTalk", "channel": "#security-alerts" }
      ]
    }
  ]
}

Generated Output

Output will appear here...

About This Tool

Build ActionTrail audit configurations with multi-region trails, OSS archiving, SLS delivery, and event filters. This tool helps Alibaba Cloud engineers generate valid configurations quickly. All processing runs in your browser.

When to Use This Tool

•Generating configurations for new Alibaba Cloud deployments.
•Validating configurations against best practices.
•Learning Alibaba Cloud service patterns through examples.

Frequently Asked Questions

Does this tool connect to my account?: No. This tool runs entirely in your browser. It never connects to any cloud account.
Are configs production-ready?: The tool produces valid configurations. Always review and test before deploying to production.

Related Learning Guides

Alibaba Cloud Cost Optimization22 min read

Disclaimer: This tool runs entirely in your browser. No data is sent to our servers. Always verify outputs before using them in production. AWS, Azure, and GCP are trademarks of their respective owners.