通过本文您可以了解配置审计的资源配置变更历史投递到消息服务MNS的内容示例和主要参数说明。

内容示例

创建资源、修改资源和删除资源的配置变更历史投递到消息服务MNS的内容示例如下:
  • 创建资源
    普通账号132585902944****在对象存储OSS的北京地域创建存储空间test_bucket
    {
        "requestId": "c9e582cf-8aba-47bc-8bf3-8c2c5c7fa615",
        "dataType": "ConfigurationItemChangeNotification",
        "eventName": "ResourceAdd",
        "configurationItemDiff": {
            "changedProperties": {},
            "changeType": "DISCOVERED"
        },
        "eventType": "ResourceChange",
        "notificationCreationTime": 1629883217558,
        "configurationItem": {
            "accountId": 132585902944****,
            "resourceCreateTime": 1629883110000,
            "resourceId": "test_bucket",
            "resourceStatus": "",
            "regionId": "cn-beijing",
            "configuration": {
                "AccessControlList": {
                    "Grant": "private"
                },
                "ServerSideEncryptionRule": {
                    "SSEAlgorithm": "None"
                },
                "Comment": "",
                "CreationDate": "2021-08-25T09:18:30.000Z",
                "Owner": {
                    "DisplayName": "132585902944****",
                    "ID": "132585902944****"
                },
                "StorageClass": "Standard",
                "DataRedundancyType": "LRS",
                "AllowEmptyReferer": "true",
                "Name": "test_bucket",
                "BucketPolicy": {
                    "LogPrefix": "",
                    "LogBucket": ""
                },
                "ExtranetEndpoint": "oss-cn-beijing.aliyuncs.com",
                "IntranetEndpoint": "oss-cn-beijing-internal.aliyuncs.com",
                "Location": "oss-cn-beijing"
            },
            "captureTime": 1629883213000,
            "resourceName": "test_bucket",
            "arn": "acs:oss:cn-beijing:132585902944****:test_bucket",
            "availabilityZone": "",
            "resourceType": "ACS::OSS::Bucket",
            "tags": {}
        }
    }
  • 修改资源
    普通账号100931896542****在云服务器ECS的呼和浩特地域将云盘名称由test_disk1修改为test_disk2
    {
        "requestId": "bb6f19ff-9c58-45c3-b79d-a20469c37eae",
        "dataType": "ConfigurationItemChangeNotification",
        "eventName": "ResourceUpdate",
        "configurationItemDiff": {
            "changedProperties": {
                "DiskName": {
                    "changeType": "MODIFY",
                    "previousValue": "test_disk1",
                    "updatedValue": "test_disk2"
                }
            },
            "changeType": "MODIFY"
        },
        "eventType": "ResourceChange",
        "notificationCreationTime": 1629879815173,
        "configurationItem": {
            "accountId": 100931896542****,
            "resourceCreateTime": 162987938****,
            "resourceId": "d-hp3ezlgii0ltupns****",
            "resourceStatus": "Available",
            "regionId": "cn-huhehaote",
            "configuration": {
                "DetachedTime": "",
                "Category": "cloud_essd",
                "KMSKeyId": "",
                "Description": "",
                "ResourceGroupId": "",
                "Size": 40,
                "Encrypted": false,
                "DeleteAutoSnapshot": false,
                "DiskChargeType": "PostPaid",
                "MultiAttach": "Disabled",
                "ExpiredTime": "2029-09-08T16:00Z",
                "ImageId": "",
                "StorageSetId": "",
                "Tags": {
                    "Tag": []
                },
                "Status": "Available",
                "AttachedTime": "",
                "StorageClusterId": "",
                "ZoneId": "cn-huhehaote-a",
                "InstanceId": "",
                "ProductCode": "",
                "SourceSnapshotId": "",
                "Device": "",
                "PerformanceLevel": "PL1",
                "DeleteWithInstance": false,
                "EnableAutomatedSnapshotPolicy": false,
                "EnableAutoSnapshot": true,
                "AutoSnapshotPolicyId": "",
                "DiskName": "test_disk2",
                "BdfId": "",
                "OperationLocks": {
                    "OperationLock": []
                },
                "Portable": true,
                "Type": "data",
                "SerialNumber": "hp3ezlgii0ltupns****",
                "CreationTime": "2021-08-25T08:16:20Z",
                "RegionId": "cn-huhehaote",
                "DiskId": "d-hp3ezlgii0ltupns****"
            },
            "captureTime": 1629879808000,
            "resourceName": "test_disk2",
            "arn": "acs:ecs:cn-huhehaote:100931896542****:disk/d-hp3ezlgii0ltupns****",
            "availabilityZone": "cn-huhehaote-a",
            "resourceType": "ACS::ECS::Disk",
            "tags": {}
        }
    }
  • 删除资源
    普通账号120886317861****在对象存储OSS的北京地域删除存储空间test_bucket
    {
        "requestId": "e63b8fca-74d4-4709-9ea3-b7e0a3159294",
        "dataType": "ConfigurationItemChangeNotification",
        "eventName": "ResourceDelete",
        "configurationItemDiff": {
            "changedProperties": {},
            "changeType": "REMOVE"
        },
        "eventType": "ResourceChange",
        "notificationCreationTime": 1629883026181,
        "configurationItem": {
            "accountId": 132585902944****,
            "resourceCreateTime": 1629882024000,
            "resourceId": "test_bucket",
            "resourceStatus": "",
            "regionId": "cn-beijing",
            "configuration": {
                "AccessControlList": {
                    "Grant": "private"
                },
                "ServerSideEncryptionRule": {
                    "SSEAlgorithm": "None"
                },
                "Comment": "",
                "CreationDate": "2021-08-25T09:00:24.000Z",
                "Owner": {
                    "DisplayName": "132585902944****",
                    "ID": "132585902944****"
                },
                "StorageClass": "Standard",
                "DataRedundancyType": "LRS",
                "AllowEmptyReferer": "true",
                "Name": "test_bucket",
                "BucketPolicy": {
                    "LogPrefix": "",
                    "LogBucket": ""
                },
                "ExtranetEndpoint": "oss-cn-beijing.aliyuncs.com",
                "IntranetEndpoint": "oss-cn-beijing-internal.aliyuncs.com",
                "Location": "oss-cn-beijing"
            },
            "captureTime": 1629883020000,
            "resourceName": "test_bucket",
            "arn": "acs:oss:cn-beijing:132585902944****:test_bucket",
            "availabilityZone": "",
            "resourceType": "ACS::OSS::Bucket",
            "tags": {}
        }
    }

参数说明

资源配置变更历史投递到消息服务MNS的主要参数说明如下表所示。
参数 说明
dataType 消息服务MNS的接收内容。取值:
  • ConfigurationItemChangeNotification:资源配置变更历史。
  • NonCompliantNotification:资源不合规事件。
eventName 事件名称。取值:
  • ResourceAdd:创建资源事件。
  • ResourceUpdate:修改资源事件。
  • ResourceDelete:删除资源事件。
configurationItemDiff 资源配置变更详情。包括资源变更类型和变更项。
eventType 事件类型。取值:
  • ResourceChange:资源配置变更历史事件。
  • ResourceCompliance:资源不合规事件。
notificationCreationTime 创建通知的时间戳。
configurationItem 资源的详细配置。包括资源ID、资源状态、资源归属地域和资源归属账号ID等。
captureTime 配置审计发现资源配置变更并生成事件的时间戳。
resourceName 资源名称。
arn 资源ARN。关于各云服务资源类型对应的ARN格式,请参见ARN格式
availabilityZone 资源可用区。
resourceType 资源类型。关于支持配置审计的资源类型,请参见支持配置审计的资源类型和资源关系
tags 资源标签。