in rules/customer-fc/aggregate-ram-role-last-login-expired-check.py [0:0]
def actiontrail_get_default_trail(role_name):
client = AcsClient(AK, SK, 'cn-hangzhou')
request = CommonRequest()
request.set_accept_format('json')
request.set_domain('actiontrail.cn-hangzhou.aliyuncs.com')
request.set_method('POST')
request.set_protocol_type('https') # https | http
request.set_version('2020-07-06')
request.set_action_name('GetDefaultTrail')
try:
response = client.do_action_with_exception(request)
resource_result = str(response, encoding='utf-8')
json_res = json.loads(resource_result)
actiontrail_name_list = json_res['Name']
if actiontrail_name_list:
request = CommonRequest()
request.set_accept_format('json')
request.set_domain('actiontrail.cn-hangzhou.aliyuncs.com')
request.set_method('POST')
request.set_protocol_type('https') # https | http
request.set_version('2020-07-06')
request.set_action_name('DescribeTrails')
request.add_query_param('NameList', actiontrail_name_list)
response = client.do_action_with_exception(request)
resource_result = str(response, encoding='utf-8')
trail_detail = json.loads(resource_result)['TrailList'][0]
sls_project_arn = trail_detail['SlsProjectArn']
region_id = str.split(sls_project_arn, ':')[2]
sls_project = str.split(sls_project_arn, '/')[1]
sls_logstore = 'actiontrail_' + str.split(trail_detail['TrailArn'], '/')[1]
is_organization_trail = trail_detail['IsOrganizationTrail']
## 开启高级搜索,且为多账号
if is_organization_trail:
return region_id, sls_project, sls_logstore
except Exception as e:
logger.error('DescribeTrails error: %s' % e)