通过本文您可以了解配置审计的资源配置变更历史投递到轻量消息队列(原 MNS)的内容示例和主要参数说明。
内容示例
创建资源、修改资源和删除资源的配置变更历史投递到轻量消息队列(原 MNS)的内容示例如下:
创建资源
在单账号模式下,阿里云账号
132585902944****在对象存储OSS的北京地域创建存储空间test_bucket。{ "requestId": "c9e582cf-8aba-47bc-8bf3-8c2c5c7fa615", "dataType": "ConfigurationItemChangeNotification", "eventName": "ResourceAdd", "configurationItemDiff": { "changedProperties": {}, "changeType": "DISCOVERED" }, "eventType": "ResourceChange", "notificationCreationTime": 1629883217558, "configurationItem": { "accountId": 132585902944****, "resourceCreateTime": 1629883110000, "resourceId": "test_bucket", "resourceStatus": "", "regionId": "cn-beijing", "configuration": { "AccessControlList": { "Grant": "private" }, "ServerSideEncryptionRule": { "SSEAlgorithm": "None" }, "Comment": "", "CreationDate": "2021-08-25T09:18:30.000Z", "Owner": { "DisplayName": "132585902944****", "ID": "132585902944****" }, "StorageClass": "Standard", "DataRedundancyType": "LRS", "AllowEmptyReferer": "true", "Name": "test_bucket", "BucketPolicy": { "LogPrefix": "", "LogBucket": "" }, "ExtranetEndpoint": "oss-cn-beijing.aliyuncs.com", "IntranetEndpoint": "oss-cn-beijing-internal.aliyuncs.com", "Location": "oss-cn-beijing" }, "captureTime": 1629883213000, "resourceName": "test_bucket", "availabilityZone": "", "resourceType": "ACS::OSS::Bucket", "tags": {} } }修改资源
在单账号模式下,阿里云账号
100931896542****在云服务器ECS的呼和浩特地域将云盘名称由test_disk1修改为test_disk2。{ "requestId": "bb6f19ff-9c58-45c3-b79d-a20469c37eae", "dataType": "ConfigurationItemChangeNotification", "eventName": "ResourceUpdate", "configurationItemDiff": { "changedProperties": { "DiskName": { "changeType": "MODIFY", "previousValue": "test_disk1", "updatedValue": "test_disk2" } }, "changeType": "MODIFY" }, "eventType": "ResourceChange", "notificationCreationTime": 1629879815173, "configurationItem": { "accountId": 100931896542****, "resourceCreateTime": 162987938****, "resourceId": "d-hp3ezlgii0ltupns****", "resourceStatus": "Available", "regionId": "cn-huhehaote", "configuration": { "DetachedTime": "", "Category": "cloud_essd", "KMSKeyId": "", "Description": "", "ResourceGroupId": "", "Size": 40, "Encrypted": false, "DeleteAutoSnapshot": false, "DiskChargeType": "PostPaid", "MultiAttach": "Disabled", "ExpiredTime": "2029-09-08T16:00Z", "ImageId": "", "StorageSetId": "", "Tags": { "Tag": [] }, "Status": "Available", "AttachedTime": "", "StorageClusterId": "", "ZoneId": "cn-huhehaote-a", "InstanceId": "", "ProductCode": "", "SourceSnapshotId": "", "Device": "", "PerformanceLevel": "PL1", "DeleteWithInstance": false, "EnableAutomatedSnapshotPolicy": false, "EnableAutoSnapshot": true, "AutoSnapshotPolicyId": "", "DiskName": "test_disk2", "BdfId": "", "OperationLocks": { "OperationLock": [] }, "Portable": true, "Type": "data", "SerialNumber": "hp3ezlgii0ltupns****", "CreationTime": "2021-08-25T08:16:20Z", "RegionId": "cn-huhehaote", "DiskId": "d-hp3ezlgii0ltupns****" }, "captureTime": 1629879808000, "resourceName": "test_disk2", "availabilityZone": "cn-huhehaote-a", "resourceType": "ACS::ECS::Disk", "tags": {} } }删除资源
在单账号模式下,阿里云账号
120886317861****在对象存储OSS的北京地域删除存储空间test_bucket。{ "requestId": "e63b8fca-74d4-4709-9ea3-b7e0a3159294", "dataType": "ConfigurationItemChangeNotification", "eventName": "ResourceDelete", "configurationItemDiff": { "changedProperties": {}, "changeType": "REMOVE" }, "eventType": "ResourceChange", "notificationCreationTime": 1629883026181, "configurationItem": { "accountId": 132585902944****, "resourceCreateTime": 1629882024000, "resourceId": "test_bucket", "resourceStatus": "", "regionId": "cn-beijing", "configuration": { "AccessControlList": { "Grant": "private" }, "ServerSideEncryptionRule": { "SSEAlgorithm": "None" }, "Comment": "", "CreationDate": "2021-08-25T09:00:24.000Z", "Owner": { "DisplayName": "132585902944****", "ID": "132585902944****" }, "StorageClass": "Standard", "DataRedundancyType": "LRS", "AllowEmptyReferer": "true", "Name": "test_bucket", "BucketPolicy": { "LogPrefix": "", "LogBucket": "" }, "ExtranetEndpoint": "oss-cn-beijing.aliyuncs.com", "IntranetEndpoint": "oss-cn-beijing-internal.aliyuncs.com", "Location": "oss-cn-beijing" }, "captureTime": 1629883020000, "resourceName": "test_bucket", "availabilityZone": "", "resourceType": "ACS::OSS::Bucket", "tags": {} } }
参数说明
资源配置变更历史投递到轻量消息队列(原 MNS)的主要参数说明如下表所示。
参数 | 说明 |
dataType | 轻量消息队列(原 MNS)的接收内容。取值:
|
eventName | 事件名称。取值:
|
configurationItemDiff | 资源配置变更详情。包括资源变更类型和变更项。 |
eventType | 事件类型。取值:
|
notificationCreationTime | 创建通知的时间戳。 |
configurationItem | 资源的详细配置。包括资源ID、资源状态、资源归属地域和资源归属账号ID等。 |
captureTime | 配置审计发现资源配置变更并生成事件的时间戳。 |
resourceName | 资源名称。 |
availabilityZone | 资源可用区。 |
resourceType | 资源类型。关于支持配置审计的资源类型,请参见配置审计支持的资源类型和资源关系。 |
tags | 资源标签。 |