我想创建一个云监视规则来监视和警告新安全组的创建。我认为CreateSecurityGroup
事件是我正在寻找的,但在创建新安全组时没有创建任何指标。以下是此cloudwatch规则的json:
{
"detail-type": [
"AWS API Call via CloudTrail"
],
"detail": {
"eventSource": [
"ec2.amazonaws.com"
],
"eventName": [
"CreateSecurityGroup"
]
}
}
我需要更改什么才能使其正常工作?
答案 0 :(得分:2)
对我有用!
这就是我的所作所为:
CreateSecurityGroup
这是一个摘录:
"eventName":"CreateSecurityGroup","awsRegion":"ap-southeast-2","sourceIPAddress":"54.222.111.1","userAgent":"signin.amazonaws.com","requestParameters":{"groupName":"stackSG3","groupDescription":"trail notify","vpcId":"vpc-12347014"}
事件大约需要10分钟才能显示在CloudTrail控制台中,但事件是在几分钟内激活了CloudWatch Events规则。
规则中的事件模式显示为:
{
"source": [
"aws.ec2"
],
"detail-type": [
"AWS API Call via CloudTrail"
],
"detail": {
"eventSource": [
"ec2.amazonaws.com"
],
"eventName": [
"CreateSecurityGroup"
]
}
}