我试图在任何 API 调用上创建规则触发器以进行创建,但没有取得任何成功。
我有另一个规则,每当 ec2 实例运行时就会触发该规则,但该规则不会针对 RunInstances 触发,尽管我在 API 日志中看到带有 RunInstances 的 cloudtrail 日志。
我已经从 cloudtrail 创建了一个 CloudWatch 日志,并查看了应该触发它的事件,但它们没有。我缺少一个步骤吗?让 CloudWatch 正确触发 API 调用需要哪些组件?
该规则提到:
{
"source": [
"aws.cloudtrail"
],
"detail-type": [
"AWS API Call via CloudTrail"
],
"detail": {
"eventSource": [
"cloudtrail.amazonaws.com"
],
"eventName": [
"CreateUserPool",
"CreateImage",
"CreateCacheCluster",
"RunInstances",
"CreateActivation",
"RunJobFlow ",
"CreateVault",
"CreateDeliveryStream",
"CreateStream",
"CreateCluster",
"CreateDBInstance",
"CreateHostedZone",
"CreateBucket",
"CreateLaunchConfiguration",
"CreateStack",
"CreateEnvironment",
"CreateWorkspaces"
]
}
}
要在此处添加更多详细信息,请参阅我用来测试 CloudWatch 的另一条规则
{
"source": [
"aws.ec2"
],
"detail-type": [
"EC2 Instance State-change Notification"
],
"detail": {
"state": [
"running"
]
}
}
This is the log of the startInstances and the following Lambda function running.
Cloudtrail 的 lambda 函数具体哪个功能正常。
Here is the API call which should also initiate it according to the rule, but it does not.
希望这些图片能让我更清楚地了解我遇到的问题。
附:我不知道有多少信息应该被视为机密,所以我过度审查
我误解了我创建的规则。我认为使用cloudtrail服务时“来自Cloudtrail的AWS API调用”意味着Cloudtrail中存储的所有信息。事实似乎并非如此。
正如我在评论中提到的,我正在为我的问题寻找其他解决方案,但我会为此提出一个单独的问题。谢谢!