资源配置变更历史内容示例

通过本文您可以了解配置审计的资源配置变更历史投递到轻量消息队列(原 MNS)的内容示例和主要参数说明。

内容示例

创建资源、修改资源和删除资源的配置变更历史投递到轻量消息队列(原 MNS)的内容示例如下:

  • 创建资源

    在单账号模式下,阿里云账号132585902944****在对象存储OSS的北京地域创建存储空间test_bucket

    {
        "requestId": "c9e582cf-8aba-47bc-8bf3-8c2c5c7fa615",
        "dataType": "ConfigurationItemChangeNotification",
        "eventName": "ResourceAdd",
        "configurationItemDiff": {
            "changedProperties": {},
            "changeType": "DISCOVERED"
        },
        "eventType": "ResourceChange",
        "notificationCreationTime": 1629883217558,
        "configurationItem": {
            "accountId": 132585902944****,
            "resourceCreateTime": 1629883110000,
            "resourceId": "test_bucket",
            "resourceStatus": "",
            "regionId": "cn-beijing",
            "configuration": {
                "AccessControlList": {
                    "Grant": "private"
                },
                "ServerSideEncryptionRule": {
                    "SSEAlgorithm": "None"
                },
                "Comment": "",
                "CreationDate": "2021-08-25T09:18:30.000Z",
                "Owner": {
                    "DisplayName": "132585902944****",
                    "ID": "132585902944****"
                },
                "StorageClass": "Standard",
                "DataRedundancyType": "LRS",
                "AllowEmptyReferer": "true",
                "Name": "test_bucket",
                "BucketPolicy": {
                    "LogPrefix": "",
                    "LogBucket": ""
                },
                "ExtranetEndpoint": "oss-cn-beijing.aliyuncs.com",
                "IntranetEndpoint": "oss-cn-beijing-internal.aliyuncs.com",
                "Location": "oss-cn-beijing"
            },
            "captureTime": 1629883213000,
            "resourceName": "test_bucket",
            "availabilityZone": "",
            "resourceType": "ACS::OSS::Bucket",
            "tags": {}
        }
    }
  • 修改资源

    在单账号模式下,阿里云账号100931896542****在云服务器ECS的呼和浩特地域将云盘名称由test_disk1修改为test_disk2

    {
        "requestId": "bb6f19ff-9c58-45c3-b79d-a20469c37eae",
        "dataType": "ConfigurationItemChangeNotification",
        "eventName": "ResourceUpdate",
        "configurationItemDiff": {
            "changedProperties": {
                "DiskName": {
                    "changeType": "MODIFY",
                    "previousValue": "test_disk1",
                    "updatedValue": "test_disk2"
                }
            },
            "changeType": "MODIFY"
        },
        "eventType": "ResourceChange",
        "notificationCreationTime": 1629879815173,
        "configurationItem": {
            "accountId": 100931896542****,
            "resourceCreateTime": 162987938****,
            "resourceId": "d-hp3ezlgii0ltupns****",
            "resourceStatus": "Available",
            "regionId": "cn-huhehaote",
            "configuration": {
                "DetachedTime": "",
                "Category": "cloud_essd",
                "KMSKeyId": "",
                "Description": "",
                "ResourceGroupId": "",
                "Size": 40,
                "Encrypted": false,
                "DeleteAutoSnapshot": false,
                "DiskChargeType": "PostPaid",
                "MultiAttach": "Disabled",
                "ExpiredTime": "2029-09-08T16:00Z",
                "ImageId": "",
                "StorageSetId": "",
                "Tags": {
                    "Tag": []
                },
                "Status": "Available",
                "AttachedTime": "",
                "StorageClusterId": "",
                "ZoneId": "cn-huhehaote-a",
                "InstanceId": "",
                "ProductCode": "",
                "SourceSnapshotId": "",
                "Device": "",
                "PerformanceLevel": "PL1",
                "DeleteWithInstance": false,
                "EnableAutomatedSnapshotPolicy": false,
                "EnableAutoSnapshot": true,
                "AutoSnapshotPolicyId": "",
                "DiskName": "test_disk2",
                "BdfId": "",
                "OperationLocks": {
                    "OperationLock": []
                },
                "Portable": true,
                "Type": "data",
                "SerialNumber": "hp3ezlgii0ltupns****",
                "CreationTime": "2021-08-25T08:16:20Z",
                "RegionId": "cn-huhehaote",
                "DiskId": "d-hp3ezlgii0ltupns****"
            },
            "captureTime": 1629879808000,
            "resourceName": "test_disk2",
            "availabilityZone": "cn-huhehaote-a",
            "resourceType": "ACS::ECS::Disk",
            "tags": {}
        }
    }
  • 删除资源

    在单账号模式下,阿里云账号120886317861****在对象存储OSS的北京地域删除存储空间test_bucket

    {
        "requestId": "e63b8fca-74d4-4709-9ea3-b7e0a3159294",
        "dataType": "ConfigurationItemChangeNotification",
        "eventName": "ResourceDelete",
        "configurationItemDiff": {
            "changedProperties": {},
            "changeType": "REMOVE"
        },
        "eventType": "ResourceChange",
        "notificationCreationTime": 1629883026181,
        "configurationItem": {
            "accountId": 132585902944****,
            "resourceCreateTime": 1629882024000,
            "resourceId": "test_bucket",
            "resourceStatus": "",
            "regionId": "cn-beijing",
            "configuration": {
                "AccessControlList": {
                    "Grant": "private"
                },
                "ServerSideEncryptionRule": {
                    "SSEAlgorithm": "None"
                },
                "Comment": "",
                "CreationDate": "2021-08-25T09:00:24.000Z",
                "Owner": {
                    "DisplayName": "132585902944****",
                    "ID": "132585902944****"
                },
                "StorageClass": "Standard",
                "DataRedundancyType": "LRS",
                "AllowEmptyReferer": "true",
                "Name": "test_bucket",
                "BucketPolicy": {
                    "LogPrefix": "",
                    "LogBucket": ""
                },
                "ExtranetEndpoint": "oss-cn-beijing.aliyuncs.com",
                "IntranetEndpoint": "oss-cn-beijing-internal.aliyuncs.com",
                "Location": "oss-cn-beijing"
            },
            "captureTime": 1629883020000,
            "resourceName": "test_bucket",
            "availabilityZone": "",
            "resourceType": "ACS::OSS::Bucket",
            "tags": {}
        }
    }

参数说明

资源配置变更历史投递到轻量消息队列(原 MNS)的主要参数说明如下表所示。

参数

说明

dataType

轻量消息队列(原 MNS)的接收内容。取值:

  • ConfigurationItemChangeNotification:资源配置变更历史。

  • NonCompliantNotification:资源不合规事件。

eventName

事件名称。取值:

  • ResourceAdd:创建资源事件。

  • ResourceUpdate:修改资源事件。

  • ResourceDelete:删除资源事件。

configurationItemDiff

资源配置变更详情。包括资源变更类型和变更项。

eventType

事件类型。取值:

  • ResourceChange:资源配置变更历史事件。

  • ResourceCompliance:资源不合规事件。

notificationCreationTime

创建通知的时间戳。

configurationItem

资源的详细配置。包括资源ID、资源状态、资源归属地域和资源归属账号ID等。

captureTime

配置审计发现资源配置变更并生成事件的时间戳。

resourceName

资源名称。

availabilityZone

资源可用区。

resourceType

资源类型。关于支持配置审计的资源类型,请参见配置审计支持的资源类型和资源关系

tags

资源标签。