New user sign up using AWS Builder ID is currently unavailable on re:Post. To sign up, please use the AWS Management Console instead.
How do I use CloudTrail to log Amazon Q Developer events that my IDE or CLI provides?
I want to log Amazon Q Developer events that my integrated development environment (IDE) or the Amazon Q command line interface (CLI) provides. I want to use AWS CloudTrail to log the events, but I can't find the events in CloudTrail Event history.
Short description
Events that your IDE or the CLI provides are CloudTrail data events. By default, CloudTrail doesn't log data events, so you can't view the events in CloudTrail Event history. To log Amazon Q Developer events that your IDE or CLI provides in CloudTrail, create a custom trail that logs data events.
Note: You must have an Amazon Q Developer Pro subscription to use the following resolution. You can't use the Free tier to log events in CloudTrail because you authenticate with AWS Builder ID and not an AWS account.
Resolution
To create a trail for Amazon Q Developer data events, complete the following steps:
- Open the CloudTrail console.
- In the navigation pane, choose Trails.
- Choose Create Trail.
- Enter the following trail attributes:
Trail name
Amazon Simple Storage Service (Amazon S3) bucket to store the logs
(Optional) Customer managed AWS Key Management Service (AWS KMS) key
Note: To create a trail for all your AWS Organizations accounts, activate an organization trail. You must sign in to the management or delegated administrator account as a user or role that has the correct permissions. - Choose Next.
- On the Choose log events page, choose Data events.
- Select CodeWhisperer.
- Choose Create trail.
You can view the new trail on the Trails page of the CloudTrail console. After 5 minutes, CloudTrail publishes log files that show your account's AWS API calls. You can view the log files in the specified S3 bucket.
You can also configure CloudTrail to send log files to Amazon CloudWatch Logs.
Events that your IDE provides include details about userIdentity and userAgent.
Example IDE event:
"userIdentity": { "type": "IdentityCenterUser", "accountId": "111122223333", "onBehalfOf": { "userId": "123456789-123456789-123456789-123456789-123456789", "identityStoreArn": "arn:aws:identitystore::111122223333:identitystore/d-123456789" } }, "userAgent": "aws-sdk-js/0.0.1 ua/2.0 os/win32# lang/js md/nodejs#18.15.0 api/codewhispererstreaming#0.0.1 AmazonQ-For-VSCode/1.23.0",
Events that the CLI provides include details about userAgent and userContext.
Example CLI event:
"userAgent": "aws-sdk-rust/1.3.3 api/codewhispererruntime/0.1.1100 os/macos lang/rust/1.80.1 app/AmazonQ-For-CLI", "userContext": { "ideCategory": "CLI", "operatingSystem": "MAC", "product": "CodeWhisperer", "ideVersion": "1.3.0" }
Note: Inline or chat prompt details are hidden in CloudTrail. To capture prompt details, use the Amazon Q Developer console to activate the prompt logging feature.
Related information
Creating a user activity dashboard for Amazon CodeWhisperer
Relevant content
- asked 3 years ago
- asked a year ago
- asked 8 months ago
- asked a year ago
- AWS OFFICIALUpdated 22 days ago
- AWS OFFICIALUpdated 3 years ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 16 days ago
