Audit Events Overview
Send WireMock Cloud audit events to an AWS S3 bucket you own
The audit events feature is currently in private beta. If you would like access to this feature contact us via
the Get Support
link in the menu bar.
WireMock Cloud generates audit events when you perform various actions within your account. For example, creating or deleting Mock APIs, changing settings or logging in and many more. For our enterprise customers we provide the ability to push these audit events to an AWS S3 bucket stored within your AWS account.
Usage
The audit event feature is only available to users on our Enterprise or Enterprise Trial plans and you will need to be an organisation administrator to create and manage audit event destinations.
To create and manage your S3 bucket destination, navigate to the Organisation Page
on your account. On this page you will see the Audit Events
section.

This is where you will create and manage your S3 audit event destination. To set up an S3 audit event destination you will need to configure your AWS account with an S3 bucket and a role to allow WireMock Cloud to push audit events to that bucket.
Configure Your AWS Account
The first step in setting up your S3 audit event destination is to configure your AWS account to allow WireMock Cloud to save audit events to your bucket. You can do this in the following way:
- Create the S3 bucket
<your-company-name>-wiremock-cloud-audit-events
(you can use any bucket name if you have your own naming convention but be sure to update the bucket name in the examples below) - Create a policy called
wiremock-cloud-put-audit-events
withs3:PutObject
onarn:aws:s3:::<your-company-name>-wiremock-cloud-audit-events/*
- Create an AWS account role for another AWS account
- Specify account id
499333472133
. - Do NOT require external ID or MFA.
- Choose
wiremock-cloud-put-audit-events
as the policy (the one you created above) - Name it
wiremock-cloud-put-audit-events
- Set the trust policy as so:
- Specify account id
Once you have completed the steps above, you can navigate to the Organisation Page and continue the configuration there.
Configure Your WireMock Cloud Account
Now you have configured your AWS account with the new bucket and role, you can add those details to the Audit Events
section on the Organisations page:
- Enter the bucket name into the
Bucket name
field - Enter the full role arn into the
Role ARN
field

- Click on the
Save
button to add the S3 audit destination to your organisation
Once you have saved the audit destination, you will see some documentation you can copy to make sure the role permission
and trust relationship you created above is correct. For a newly created audit destination you should see the status
message - Status: Audit events are yet to be sent to this destination

Testing Your S3 Audit Event Destination
Now you saved the S3 audit event destination you can test it to make sure everything works end to end. Clicking on the
Test
button will make WireMock Cloud attempt to post a test file to the bucket you created above. If all works
correctly the button will turn green and you should have a new file saved to your S3 bucket called test-wiremock-cloud-integration.txt
.
This file will contain the date and time the test was performed.

Should an error occur trying to post the file to your S3 bucket, an error will be displayed to help you diagnose the issue.

Deleting Your S3 Audit Event Destination
If you no longer require audit events to be sent to your S3 bucket you can delete the audit event destination from your
organisation. This will stop audit events being set to your S3 bucket. To do this you can click on the Delete
button. This will display a confirmation dialog to allow you to confirm the deletion.

Clicking on No
will close the dialog and no action will be taken, clicking on Yes
will delete your S3 audit event
destination and no more audit events will be sent.
Sending Audit Events To Your S3 Bucket
WireMock Cloud will send audit events to your S3 bucket in batches every 10 minutes. There is a lookback window of 7 days for audit events. This means if you are setting up an S3 audit event destination and have been a customer for a while, the first batch of audit events sent to your bucket will span back 7 days prior to the date you setup the destination.
Once audit events are successfully being sent to your bucket you will see the status message update on the Organisation page:

If WireMock Cloud encounters an error while sending audit events to your S3 bucket, the status will be updated to highlight the error. If audit events have been successfully sent in the past, the error will also contain the date the last successful attempt was made:

Audit events are saved in your S3 bucket using the following structure:
Each file follows the new line delimited JSON specification.
Audit events for the following items in WireMock Cloud are sent to your S3 bucket:
- Mock APIs
- Users
- Teams
- Organisations
- API Templates
- API Template Catalogues
- Data Sources
- Database Connections
- Keys
- Stub Mappings
- Mock API Settings
- Subscriptions
- Open API Git Integrations
- API Keys
- S3 Audit Destinations
More information about working with the audit event json can be found here.
Limits
You can read more about plan limits here.