This topic describes the types of Cloud Config events that ActionTrail records and CloudMonitor monitors and can be published to EventBridge.
Background information
Cloud Config can be used as an event source for the following Alibaba Cloud services:
Event types
The following table describes the types of Cloud Config events that can be published to EventBridge.
Event types | Value of the type parameter |
config:Config:ConfigurationItemChangeNotification | |
A notification that indicates a resource is evaluated as non-compliant is sent | config:Config:NonCompliantNotification |
An operation is performed by Alibaba Cloud on a resource | config:ActionTrail:AliyunServiceEvent |
An API operation is called | config:ActionTrail:ApiCall |
An operation is performed in the console | config:ActionTrail:ConsoleOperation |
One or more configuration items are changed | config:CloudMonitor:ConfigurationItemChangeNotification |
For more information about the parameters defined in the CloudEvents specification, see Overview.
A notification about resource change is sent
The following example shows the event that EventBridge receives when a notification about resource change is sent:
{
"datacontenttype": "application/json;charset=utf-8",
"data": {
"resourceId":"i-bp1b4ym5yh7ciz96****",
"captureTime":"1637659288000",
"configuration":"{\"ResourceGroupId\":\"\",\"Memory\":1024,\"InstanceChargeType\":\"PostPaid\",\"Cpu\":1,\"OSName\":\"CentOS 7.6 64-bit\",\"InstanceNetworkType\":\"vpc\",\"InnerIpAddress\":{\"IpAddress\":[]},\"ExpiredTime\":\"2099-12-31T15:59Z\",\"ImageId\":\"centos_7_06_64_20G_alibase_20190218.vhd\",\"EipAddress\":{\"AllocationId\":\"\",\"IpAddress\":\"\",\"InternetChargeType\":\"\"},\"Tags\":{\"Tag\":[{\"TagKey\":\"1\",\"TagValue\":\"2\"},{\"TagKey\":\"cost-center\",\"TagValue\":\"202012301217\"},{\"TagKey\":\"d\",\"TagValue\":\"d\"},{\"TagKey\":\"cost-center-haidong\",\"TagValue\":\"1\"},{\"TagKey\":\"05\",\"TagValue\":\"17\"},{\"TagKey\":\"nba\",\"TagValue\":\"yes\"},{\"TagKey\":\"V\",\"TagValue\":\"V\"},{\"TagKey\":\"fff1\",\"TagValue\":\"ff\"},{\"TagKey\":\"fff\",\"TagValue\":\"fff\"}]},\"VlanId\":\"\",\"HostName\":\"test-instance11111name\",\"Status\":\"Stopped\",\"HibernationOptions\":{\"Configured\":false},\"MetadataOptions\":{\"HttpTokens\":\"\",\"HttpEndpoint\":\"\"},\"InstanceId\":\"i-bp1b4ym5yh7ciz96****\",\"StoppedMode\":\"StopCharging\",\"CpuOptions\":{\"ThreadsPerCore\":1,\"Numa\":\"\",\"CoreCount\":1},\"StartTime\":\"2020-11-24T02:42Z\",\"DeletionProtection\":true,\"VpcAttributes\":{\"PrivateIpAddress\":{\"IpAddress\":[\"192.168.XX.XX\"]},\"VpcId\":\"vpc-bp162ot6s0yknn7qj****\",\"VSwitchId\":\"vsw-bp1tuojvtiteqlsh8****\",\"NatIpAddress\":\"\"},\"SecurityGroupIds\":{\"SecurityGroupId\":[\"sg-bp11m8p4hsmegc6d****\"]},\"InternetChargeType\":\"PayByBandwidth\",\"InstanceName\":\"test-instance666666\",\"DeploymentSetId\":\"\",\"InternetMaxBandwidthOut\":10,\"SerialNumber\":\"e8fbd14e-19cd-47c7-b664-b6e60dc30713\",\"OSType\":\"linux\",\"CreationTime\":\"2020-11-24T02:42Z\",\"AutoReleaseTime\":\"\",\"Description\":\"Sleep Olympiad\",\"InstanceTypeFamily\":\"ecs.xn4\",\"DedicatedInstanceAttribute\":{\"Tenancy\":\"\",\"Affinity\":\"\"},\"PublicIpAddress\":{\"IpAddress\":[]},\"GPUSpec\":\"\",\"NetworkInterfaces\":{\"NetworkInterface\":[{\"Type\":\"Primary\",\"PrimaryIpAddress\":\"192.168.XX.XX\",\"MacAddress\":\"00:16:3f:00:XX:XX\",\"NetworkInterfaceId\":\"eni-bp15hr53jws8jqza****\",\"PrivateIpSets\":{\"PrivateIpSet\":[{\"PrivateIpAddress\":\"192.168.XX.XX\",\"Primary\":true}]}}]},\"SpotPriceLimit\":0.0,\"SaleCycle\":\"\",\"DeviceAvailable\":true,\"InstanceType\":\"ecs.xn4.small\",\"OSNameEn\":\"CentOS 7.6 64 bit\",\"SpotStrategy\":\"NoSpot\",\"IoOptimized\":true,\"ZoneId\":\"cn-hangzhou-b\",\"ClusterId\":\"\",\"EcsCapacityReservation****\":{\"CapacityReservationPreference\":\"\",\"CapacityReservationId\":\"\"},\"DedicatedHostAttribute\":{\"DedicatedHostId\":\"\",\"DedicatedHostName\":\"\",\"DedicatedHostClusterId\":\"\"},\"GPUAmount\":0,\"OperationLocks\":{\"LockReason\":[]},\"InternetMaxBandwidthIn\":100,\"Recyclable\":false,\"RegionId\":\"cn-hangzhou\",\"CreditSpecification\":\"\"}",
"availabilityZone":"cn-hangzhou-b",
"requestId":"d641cac9-b079-4c68-bead-bd7d687e****",
"resourceGroupId":"rg-acfmw3ty5y7****",
"arn":"acs:ecs:cn-hangzhou:120886317861****:instance/i-bp1b4ym5yh7ciz96****",
"relationship":"[{\"regionId\":\"cn-hangzhou\",\"relationType\":\"Contains\",\"resourceId\":\"eni-bp15hr53jws8jqza****\",\"resourceType\":\"ACS::ECS::NetworkInterface\"},{\"regionId\":\"cn-hangzhou\",\"relationType\":\"IsAssociatedIn\",\"resourceId\":\"sg-bp11m8p4hsmegc6d****\",\"resourceType\":\"ACS::ECS::SecurityGroup\"},{\"regionId\":\"cn-hangzhou\",\"relationType\":\"IsContained\",\"resourceId\":\"vpc-bp162ot6s0yknn7qj****\",\"resourceType\":\"ACS::VPC::VPC\"},{\"regionId\":\"cn-hangzhou\",\"relationType\":\"IsContained\",\"resourceId\":\"vsw-bp1tuojvtiteqlsh8****\",\"resourceType\":\"ACS::VPC::VSwitch\"},{\"regionId\":\"cn-hangzhou\",\"relationType\":\"IsAttachedTo\",\"resourceId\":\"d-bp1egkvbrif67h8n****\",\"resourceType\":\"ACS::ECS::Disk\"}]",
"configurationDiff":"{\"InstanceName\":[\"test-instance222345\",\"test-instance666666\"]}",
"resourceEventType":"MODIFY",
"resourceCreateTime":"1606185720000",
"dataType":"ConfigurationItemChangeNotification",
"resourceName":"test-instance666666",
"tags":"{\"1\":[\"2\"],\"d\":[\"d\"],\"fff1\":[\"ff\"],\"05\":[\"17\"],\"V\":[\"V\"],\"fff\":[\"fff\"],\"cost-center-haidong\":[\"1\"],\"nba\":[\"yes\"],\"cost-center\":[\"202012301217\"]}",
"accountId":"120886317861****",
"relationshipDiff":"{\"relationship_diff\":{\"relationship_add\":[],\"relationship_delete\":[]}}",
"resourceStatus":"Stopped",
"regionId":"cn-hangzhou",
"configAggregators":"",
"logtime":1637659293,
"resourceType":"ACS::ECS::Instance"
},
"id": "45ef4dewdwe1-7c35-447a-bd93-fab****",
"source": "acs.config",
"specversion": "1.0",
"subject": "acs.config:cn-hangzhou:123456789098****:215672",
"time": "2020-11-19T21:04:41+08:00",
"type": "config:Config:ConfigurationItemChangeNotification",
"aliyunaccountid": "123456789098****",
"aliyunpublishtime": "2020-11-19T21:04:42Z",
"aliyuneventbusname": "default",
"aliyunregionid": "cn-hangzhou",
"aliyunpublishaddr": "172.25.XX.XX"
}The following table describes parameters in the data field.
Parameter | Required | Example | Description |
resourceId | String | i-bp1b4ym5yh7ciz96**** | The resource ID. |
captureTime | String | 1637659288000 | The time when the change is captured. |
configuration | String | | The resource configuration. The value is a JSON string. |
availabilityZone | String | cn-hangzhou-b | The Alibaba Cloud zone. |
requestId | String | d641cac9-b079-4c68-bead-bd7d687e**** | The request ID. |
resourceGroupId | String | rg-acfmw3ty5y7**** | The ID of the resource group. |
arn | String | acs:ecs:cn-hangzhou:120886317861****:instance/i-bp1b4ym5yh7ciz96**** | The name of the resource group. |
relationship | String | | The relationship between the resource and the related resources. The value is a JSON string. |
configurationDiff | String | | The configuration change. The value is a JSON string. |
resourceEventType | String | MODIFY | The type of the resource event. |
resourceCreateTime | String | 1606185720000 | The time when the resource was created. |
dataType | String | ConfigurationItemChangeNotification | The data type. |
resourceName | String | test-instance666666 | The resource name. |
tags | String | | The resource tags. The value is a JSON string. |
accountId | String | 120886317861**** | The Alibaba Cloud account ID. |
relationshipDiff | String | {\"relationship_diff\":{\"relationship_add\":[],\"relationship_delete\":[]}} | The relationship change. The value is a JSON string. |
resourceStatus | String | Stopped | The resource status. |
regionId | String | cn-hangzhou | The region ID. |
configAggregators | String | None | Indicates whether an aggregator is configured. |
logtime | Number | 1637659293 | The time when logs are generated. |
resourceType | String | ACS::ECS::Instance | The resource type. |
A notification that indicates a resource is evaluated as non-compliant is sent
The following example shows the event that EventBridge receives when a notification that indicates a resource is evaluated as non-compliant is sent:
{
"datacontenttype": "application/json;charset=utf-8",
"data": {
"annotation":"{\"configuration\":\"[{\\\"Type\\\":\\\"ecs\\\",\\\"ServerId\\\":\\\"i-bp18fnpdsieogla2****\\\",\\\"Port\\\":443,\\\"Weight\\\":0}]\",\"operator\":\"IsEmpty\",\"property\":\"$.data[?(@.Weight==0)]\"}",
"riskLevel":"Critical",
"dataType":"NonCompliantNotification",
"evaluationResultIdentifier":"{\"orderingTimestamp\":1637657187979,\"evaluationResultQualifier\":{\"resourceId\":\"lb-bp1pcf5uglae1016r****\",\"configRuleName\":\"slb_backendserver_weight_check\",\"configRuleId\":\"cr-aa5e626622af00c5****\",\"captureTime\":1637657187979,\"resourceName\":\"lb-bp1pcf5uglae1016raewv\",\"configRuleArn\":\"acs:config::100931896542****:rule/cr-aa5e626622af00c5bc65\",\"regionId\":\"cn-hangzhou\",\"resourceOwnerId\":100931896542****,\"resourceType\":\"ACS::SLB::LoadBalancer\"}}"
"eventType":"ResourceCompliance",
"invokingEventMessageType":"Manual",
"configRuleInvokedTimestamp":1637657187979,
"complianceType":"NON_COMPLIANT",
"accountId":100931896542****,
"requestId":"96dc838e-708d-4429-aa1b-121d1fee****",
"resultRecordedTimestamp":1637658505230,
"eventName":"NonCompliant",
"notificationCreationTime":1637658505710
},
"id": "45ef4dewdwe1-7c35-447a-bd93-fab****",
"source": "acs.config",
"specversion": "1.0",
"subject": "acs.config:cn-hangzhou:123456789098****:215672",
"time": "2020-11-19T21:04:41+08:00",
"type": "config:Config:NonCompliantNotification",
"aliyunaccountid": "123456789098****",
"aliyunpublishtime": "2020-11-19T21:04:42Z",
"aliyuneventbusname": "default",
"aliyunregionid": "cn-hangzhou",
"aliyunpublishaddr": "172.25.XX.XX"
}The following table describes parameters in the data field.
Parameter | Required | Example | Description |
annotation | String | | The annotation. The value is a JSON string. |
riskLevel | String | Critical | The risk level. |
dataType | String | NonCompliantNotification | The data type. |
evaluationResultIdentifier | String | | The evaluation result identifier. The value is a JSON string. |
eventType | String | ResourceCompliance | The event type. |
invokingEventMessageType | String | Manual | The mode in which the event is invoked. |
configRuleInvokedTimestamp | Number | 1637657187979 | The timestamp that indicates when the configuration rule is invoked. |
complianceType | String | NON_COMPLIANT | The compliance evaluation result. |
accountId | String | 100931896542**** | The Alibaba Cloud account ID. |
requestId | String | 96dc838e-708d-4429-aa1b-121d1fee**** | The request ID. |
resultRecordedTimestamp | Number | 1637658505230 | The timestamp that indicates when the result was recorded. |
eventName | String | NonCompliant | The event name. |
notificationCreationTime | Number | 1637658505710 | The time when the notification event was created. |