我正在尝试创建一个自动修复过程,该过程将停止/删除在eu-central-1区域外创建的任何VPC,Cloudformation Stack,VPC,Lambda,Internet Gateway或EC2。我的第一步是参数CloudWatch事件规则来检测前面提到的任何事件。
{
"source": [
"aws.cloudtrail"
],
"detail-type": [
"AWS API Call via CloudTrail"
],
"detail": {
"eventSource": [
"ec2.amazonaws.com",
"cloudformation.amazonaws.com",
"lambda.amazonaws.com"
],
"eventName": [
"CreateStack",
"CreateVpc",
"CreateFunction20150331",
"CreateInternetGateway",
"RunInstances"
],
"awsRegion": [
"us-east-1",
"us-east-2",
"us-west-1",
"us-west-2",
"ap-northeast-1",
"ap-northeast-2",
"ap-south-1",
"ap-southeast-1",
"ap-southeast-2",
"ca-central-1",
"ap-south-1",
"eu-west-1",
"eu-west-2",
"eu-west-3"
"sa-east-1"
]
}
}
目前,该事件应该只触发一个会向我发送电子邮件的SNS主题,但将来会有一个lambda函数来进行修复。
不幸的是,当我在另一个地区创建一个互联网网关时(让我们说eu-west-1),不会发生任何通知。如果我想在其上设置警报,则它不会出现,而它确实出现在CloudWatch Events中。
知道我的事件配置有什么问题吗?
答案 0 :(得分:1)
好的,我明白了。即使通知来自CloudTrail,事件的来源也会更改。 "来源"因此参数应为:
"source": [
"aws.cloudtrail",
"aws.ec2",
"aws.cloudformation",
"aws.lambda"
]