当配置审计发现资源变更时,会及时通过消息服务MNS向您发送通知。通过本文您可以了解资源变更事件的主要参数说明和代码示例。

资源变更事件的主要参数说明如下表所示。
参数 说明
accountId 资源所属阿里云账号ID。
resourceName 资源名称。
AvailabilityZone 资源可用区。
resourceType 资源类型。支持的资源类型请参见支持配置审计的云服务
resourceEventType 资源变更事件的类型。取值:
  • DISCOVERED:新建资源事件。
  • MODIFY:修改资源事件。
  • REMOVE:删除资源事件。
resourceCreateTime 新建资源的时间戳。时间戳转换方法,请参见Unix时间戳
RelationshipDiff 关联资源的变更项。
captureTime 配置审计发现资源变更事件并生成日志的时间戳。时间戳转换方法,请参见Unix时间戳
configurationDiff 资源事件的变更项。
resourceId 资源ID。
Relationship 关联资源。
region 资源所在地域。
tags 资源的标签。

新建资源

阿里云账号在对象存储OSS的上海地域新建存储桶new-bucket,在configurationDiff中显示变更前信息(null)和变更后信息。代码示例如下:
{
          "AccountId":120886317861****,
          "ResourceName":"new-bucket",
          "AvailabilityZone":"cn-shanghai-a",
          "ResourceType":"ACS::OSS::Bucket",
          "ResourceEventType":"DISCOVERED",
          "ResourceCreateTime":"",
          "RelationshipDiff":"",
          "CaptureTime":1605759241690,
          "ConfigurationDiff":"{\"AccessControlList\":[null,{\"Grant\":\"private\"}],\"ServerSideEncryptionRule\":[null,{\"SSEAlgorithm\":\"None\"}],\"CreationDate\":[null,\"2020-11-19T04:07:44.000Z\"],\"Owner\":[null,{\"DisplayName\":\"120886317861****\",\"ID\":\"120886317861****\"}],\"StorageClass\":[null,\"Standard\"],\"DataRedundancyType\":[null,\"LRS\"],\"AllowEmptyReferer\":[null,\"true\"],\"Name\":[null,\"new-bucket\"],\"Versioning\":[null,\"Enabled\"],\"BucketPolicy\":[null,{\"LogPrefix\":\"\",\"LogBucket\":\"\"}],\"ExtranetEndpoint\":[null,\"oss-cn-shanghai.aliyuncs.com\"],\"IntranetEndpoint\":[null,\"oss-cn-shanghai-internal.aliyuncs.com\"],\"Location\":[null,\"oss-cn-shanghai\"]}",
          "ResourceId":"new-bucket",
          "Relationship":"",
          "Region":"cn-shanghai",
          "Tags":"{}"
        }

更新资源

阿里云账号在对象存储OSS的上海地域更新存储桶new-bucket的加密方式,在configurationDiff中显示变更前信息None(不加密)和变更后信息AES256。代码示例如下:
{
          "AccountId":120886317861****,
          "ResourceName":"new-bucket",
          "AvailabilityZone":"cn-shanghai-a",
          "ResourceType":"ACS::OSS::Bucket",
          "ResourceEventType":"MODIFY",
          "ResourceCreateTime":"",
          "RelationshipDiff":"",
          "CaptureTime":1605779129000,
          "ConfigurationDiff":"{\"ServerSideEncryptionRule\":[{\"SSEAlgorithm\":\"None\"},{\"SSEAlgorithm\":\"AES256\"}]}",
          "ResourceId":"new-bucket",
          "Relationship":"",
          "Region":"cn-shanghai",
          "Tags":"{}"
        }

删除资源

阿里云账号在对象存储OSS的上海地域删除存储桶new-bucket,在configurationDiff中显示变更前信息和变更后信息(null)。代码示例如下:
{
          "AccountId":12088631786****,
          "ResourceName":"new-bucket",
          "AvailabilityZone":"cn-shanghai-a",
          "ResourceType":"ACS::OSS::Bucket",
          "ResourceEventType":"REMOVE",
          "ResourceCreateTime":"",
          "RelationshipDiff":"",
          "CaptureTime":1605860519000,
          "ConfigurationDiff":"{\"AccessControlList\":[{\"Grant\":\"private\"},null],\"ServerSideEncryptionRule\":[{\"SSEAlgorithm\":\"AES256\"},null],\"CreationDate\":[\"2020-05-15T09:39:59.000Z\",null],\"Owner\":[{\"DisplayName\":\"120886317861****\",\"ID\":\"120886317861****\"},null],\"StorageClass\":[\"Standard\",null],\"DataRedundancyType\":[\"LRS\",null],\"RefererList\":[{\"Referer\":[\"https://www.tmall.com\"]},null],\"AllowEmptyReferer\":[\"false\",null],\"Name\":[\"ddddss\",null],\"BucketPolicy\":[{\"LogPrefix\":\"\",\"LogBucket\":\"\"},null],\"TagSet\":[]},null],\"ExtranetEndpoint\":[\"oss-cn-shanghai.aliyuncs.com\",null],\"Region\":[\"cn-shanghai\",null],\"IntranetEndpoint\":[\"oss-cn-shanghai-internal.aliyuncs.com\",null],\"Location\":[\"oss-cn-shanghai\",null]}",
          "ResourceId":"new-bucket",
          "Relationship":"",
          "Region":"cn-shanghai",
          "Tags":"{}"
        }