{"id":50642,"date":"2023-02-22T10:47:58","date_gmt":"2023-03-25T11:15:35","guid":{"rendered":"https:\/\/www.silicloud.com\/zh\/blog\/%e3%80%90cdk%e3%80%91%e9%aa%8c%e8%af%81%e5%ae%89%e5%85%a8%e7%9b%b8%e5%85%b3%e6%9c%8d%e5%8a%a1%e5%9c%a8slack%e4%b8%8a%e7%9a%84%e9%80%9a%e7%9f%a5\/"},"modified":"2024-04-29T15:45:02","modified_gmt":"2024-04-29T07:45:02","slug":"%e3%80%90cdk%e3%80%91%e9%aa%8c%e8%af%81%e5%ae%89%e5%85%a8%e7%9b%b8%e5%85%b3%e6%9c%8d%e5%8a%a1%e5%9c%a8slack%e4%b8%8a%e7%9a%84%e9%80%9a%e7%9f%a5","status":"publish","type":"post","link":"https:\/\/www.silicloud.com\/zh\/blog\/%e3%80%90cdk%e3%80%91%e9%aa%8c%e8%af%81%e5%ae%89%e5%85%a8%e7%9b%b8%e5%85%b3%e6%9c%8d%e5%8a%a1%e5%9c%a8slack%e4%b8%8a%e7%9a%84%e9%80%9a%e7%9f%a5\/","title":{"rendered":"\u3010CDK\u3011\u9a8c\u8bc1\u5b89\u5168\u76f8\u5173\u670d\u52a1\u5728Slack\u4e0a\u7684\u901a\u77e5"},"content":{"rendered":"<h2>\u9996\u5148<\/h2>\n<p>\u8fd9\u6b21\u6211\u7528CDK\u8bd5\u56fe\u5b9e\u73b0\u4e86\u5173\u4e8e\u5b89\u5168\u65b9\u9762\u7684Slack\u901a\u77e5\u3002\u4e0eChatbot\u6ca1\u6709\u76f4\u63a5\u96c6\u6210\u7684\u670d\u52a1\u5c06\u901a\u8fc7EventBridge\u89e6\u53d1\u4e8b\u4ef6\uff0c\u7136\u540e\u901a\u8fc7SNS-&gt;Chatbot\u6d41\u7a0b\u8fdb\u884c\u901a\u77e5\u3002<br \/>\n* \u7531\u4e8e\u8fd9\u6b21\u5185\u5bb9\u6709\u70b9\u957f\uff0c\u6240\u4ee5\u6211\u6298\u53e0\u4e86\u51e0\u4e2a\u9879\u76ee\u3002<\/p>\n<p>\u30fb\u76f8\u5173\u6587\u7ae0<br \/>\n\u3010CDK\u3011\u7531\u4e8eCost Anomaly Detection\u4e0eChatbot\u96c6\u6210\uff0c\u6211\u5728CDK\u4e2d\u8fdb\u884c\u4e86\u5b9e\u73b0\u3010\u66f4\u65b0\u3011<br \/>\n\u3010CDK\u3011\u901a\u8fc7chatbot\u5c06ECR\u955c\u50cf\u626b\u63cf\u7ed3\u679c\u901a\u77e5\u5230slack\u4e0a<\/p>\n<h2>\u5b89\u5168\u4e2d\u5fc3<\/h2>\n<blockquote><p>Q\uff1aAWS Security Hub \u662f\u4ec0\u4e48\uff1f<br \/>\nAWS Security Hub \u5728AWS\u5185\u63d0\u4f9b\u7efc\u5408\u6027\u7684\u5b89\u5168\u72b6\u6001\uff0c\u5e76\u6307\u51fa\u5176\u662f\u5426\u7b26\u5408\u5b89\u5168\u6807\u51c6\u548c\u6700\u4f73\u5b9e\u8df5\u3002\u901a\u8fc7\u5c06AWS\u8d26\u6237\u3001\u670d\u52a1\u548c\u53d7\u652f\u6301\u7684\u7b2c\u4e09\u65b9\u5408\u4f5c\u4f19\u4f34\u7684\u5b89\u5168\u68c0\u6d4b\u7ed3\u679c\u96c6\u4e2d\u5316\u548c\u4f18\u5148\u7ea7\u6392\u5e8f\uff0cAWS Security Hub\u53ef\u5206\u6790\u5b89\u5168\u8d8b\u52bf\u5e76\u786e\u5b9a\u6700\u91cd\u8981\u7684\u5b89\u5168\u95ee\u9898\u3002<\/p><\/blockquote>\n<h3>\u603b\u800c\u8a00\u4e4b<\/h3>\n<ul class=\"post-ul\">\n<li style=\"list-style-type: none;\">\n<ul class=\"post-ul\">\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30c7\u30fc\u30bf\u306e\u96c6\u7d04\u3068\u4e00\u5143\u7684\u306a\u53ef\u8996\u5316<\/ul>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<ul class=\"post-ul\">\u696d\u754c\u6a19\u6e96\u3084\u30d9\u30b9\u30c8\u30d7\u30e9\u30af\u30c6\u30a3\u30b9\u306b\u57fa\u3065\u3044\u305f\u81ea\u52d5\u30b3\u30f3\u30d7\u30e9\u30a4\u30a2\u30f3\u30b9\u30c1\u30a7\u30c3\u30af<\/ul>\n<details>\u4ee5\u4e0b\u662f\u96c6\u7d04\u5bfe\u8c61\u7684\u5b89\u5168\u6570\u636e\u6e05\u5355\uff1a\u670d\u52a1\u540d\u79f0<br \/>\n\u76ee\u6807<\/p>\n<p>Amazon GuardDuty<br \/>\n\u5173\u4e8e\u5a01\u80c1\u68c0\u6d4b\u7684\u6240\u6709\u68c0\u6d4b\u7ed3\u679c<\/p>\n<p>Amazon Inspector<br \/>\n\u901a\u8fc7\u5b89\u5168\u8bc4\u4f30\u7684\u6240\u6709\u68c0\u6d4b\u7ed3\u679c<\/p>\n<p>Amazon Macie<br \/>\n\u8fdd\u53cd\u7b56\u7565\u65f6\u7684\u68c0\u6d4b\u7ed3\u679c<\/p>\n<p>AWS IAM Access Analyzer<br \/>\n\u68c0\u6d4b\u5230\u5728\u81ea\u5df1\u8d26\u6237\u5185\u5141\u8bb8\u5916\u90e8\u8bbf\u95ee\u7684\u7b56\u7565\u63cf\u8ff0\u65f6\u7684\u68c0\u6d4b\u7ed3\u679c<\/p>\n<p>AWS Firewall Manager<br \/>\nAWS WAF\u7b56\u7565\u6216Web ACL\u89c4\u5219\u4e0d\u7b26\u5408\u5408\u89c4\u6027\u65f6\u7684\u68c0\u6d4b\u7ed3\u679c\uff1b\u672a\u53d7AWS Shield Advanced\u4fdd\u62a4\u6216\u68c0\u6d4b\u5230\u653b\u51fb\u65f6\u7684\u68c0\u6d4b\u7ed3\u679c<\/p>\n<p>AWS Systems Manager Patch Manager<br \/>\n\u68c0\u6d4b\u5230EC2\u5b9e\u4f8b\u4e0d\u7b26\u5408\u57fa\u4e8e\u8865\u4e01\u57fa\u7ebf\u7684\u5408\u89c4\u6027\u89c4\u5219\u65f6\u7684\u68c0\u6d4b\u7ed3\u679c<\/p>\n<\/details>\n<details>\u81ea\u52a8\u5408\u89c4\u68c0\u67e5\u6e05\u5355\u5bf9\u8c61\u8bf4\u660e<\/p>\n<p>AWS\u57fa\u7840\u5b89\u5168\u7684\u6700\u4f73\u5b9e\u8df5 v1.0.0<br \/>\n\u8fd9\u662f\u4e00\u7ec4\u81ea\u52a8\u5316\u7684\u5b89\u5168\u68c0\u67e5\uff0c\u7528\u4e8e\u68c0\u6d4bAWS\u8d26\u6237\u548c\u90e8\u7f72\u7684\u8d44\u6e90\u662f\u5426\u7b26\u5408\u6700\u4f73\u5b89\u5168\u5b9e\u8df5\u3002\u6b64\u6807\u51c6\u7531AWS\u5b89\u5168\u4e13\u5bb6\u5b9a\u4e49\u3002\u8fd9\u4e2a\u7ecf\u8fc7\u7cbe\u9009\u7684\u4e00\u7cfb\u5217\u63a7\u5236\u6709\u52a9\u4e8e\u6539\u8fdbAWS\u7684\u5b89\u5168\u4f53\u7cfb\uff0c\u5e76\u6db5\u76d6\u4e86AWS\u6700\u53d7\u6b22\u8fce\u7684\u57fa\u7840\u670d\u52a1\u3002<\/p>\n<p>CIS AWS Foundations Benchmark v1.2.0<br \/>\nCenter for Internet Security (CIS) AWS Foundations Benchmark v1.2.0\u662fAWS\u5b89\u5168\u8bbe\u7f6e\u7684\u6700\u4f73\u5b9e\u8df5\u96c6\u3002\u8fd9\u4e2aSecurity Hub\u6807\u51c6\u4f1a\u81ea\u52a8\u68c0\u67e5CIS\u8981\u6c42\u7684\u5b50\u96c6\u7684\u5408\u89c4\u51c6\u5907\u60c5\u51b5\u3002<\/p>\n<p>PCI DSS v3.2.1<br \/>\nPayment Card Industry Data Security Standard (PCI DSS) v3.2.1\u662f\u4e00\u9879\u9002\u7528\u4e8e\u5b58\u50a8\u3001\u5904\u7406\u548c\u4f20\u8f93\u6301\u5361\u4eba\u6570\u636e\u7684\u5b9e\u4f53\u7684\u4fe1\u606f\u5b89\u5168\u6807\u51c6\u3002\u8fd9\u4e2aSecurity Hub\u6807\u51c6\u4f1a\u81ea\u52a8\u68c0\u67e5PCI DSS\u8981\u6c42\u7684\u5b50\u96c6\u7684\u5408\u89c4\u51c6\u5907\u60c5\u51b5\u3002<\/p>\n<\/details>\n<h4>\u8bf7\u4e3a\u6211\u63d0\u4f9b\u4e00\u4e2a\u9009\u9879\u7684\u6c49\u8bed\u540c\u4e49\u8bcd\u3002<\/h4>\n<p>AWS\u9ed1\u5e26-AWSSecurityHub<\/p>\n<h2>\u914d\u7f6e<\/h2>\n<blockquote><p>AWS Config\u662f\u4ec0\u4e48\uff1f<br \/>\nAWS Config\u63d0\u4f9b\u4e86AWS\u8d26\u6237\u4e2dAWS\u8d44\u6e90\u7684\u8be6\u7ec6\u914d\u7f6e\u89c6\u56fe\u3002\u8fd9\u5305\u62ec\u8d44\u6e90\u4e4b\u95f4\u7684\u5173\u7cfb\u548c\u914d\u7f6e\u5386\u53f2\uff0c\u4f7f\u60a8\u80fd\u591f\u67e5\u770b\u914d\u7f6e\u548c\u5173\u7cfb\u968f\u7740\u65f6\u95f4\u7684\u63a8\u79fb\u800c\u53d1\u751f\u7684\u53d8\u5316\u3002<\/p><\/blockquote>\n<h3>\u603b\u4e4b<\/h3>\n<p>AWS\u30ea\u30bd\u30fc\u30b9\u306a\u3069\u306e\u69cb\u6210\u5909\u66f4\u3092\u30ed\u30ae\u30f3\u30b0 (\u3069\u306e\u30b5\u30fc\u30d3\u30b9\u3092\u3001\u8ab0\u304c\u3001\u3044\u3064\u3001\u4f55\u3092\u3057\u305f\u304b\u3092\u8a18\u9332)<br \/>\n\u203b\u4ed6\u306b\u3082ConfigRule\u3068\u3044\u3046\u8a55\u4fa1\u6a5f\u80fd\u304c\u3042\u308a\u307e\u3059\u304c\u3053\u3053\u3067\u306f\u5272\u611b<\/p>\n<h3>\u652f\u6301\u7684\u8d44\u6e90\u7c7b\u578b<\/h3>\n<p>&nbsp;<\/p>\n<h3>\u8bf7\u53c2\u9605<\/h3>\n<p>AWS-\u9ed1\u5e26_\u914d\u7f6e<\/p>\n<h2>\u5b88\u536b\u4e49\u52a1<\/h2>\n<blockquote><p>\u95ee\uff1aAmazon GuardDuty \u662f\u4ec0\u4e48?<br \/>\nAmazon GuardDuty \u662f\u4e00\u79cd\u6301\u7eed\u76d1\u63a7\u548c\u4fdd\u62a4AWS\u8d26\u6237\u3001\u5de5\u4f5c\u8d1f\u8f7d\u4ee5\u53ca\u5b58\u50a8\u5728Amazon Simple Storage Service (Amazon S3) \u4e0a\u7684\u6570\u636e\u7684\u5a01\u80c1\u68c0\u6d4b\u529f\u80fd\u3002GuardDuty \u5206\u6790\u6765\u81ea\u8d26\u6237\u751f\u6210\u7684\u6301\u7eed\u5143\u6570\u636e\u6d41\u4ee5\u53caAWS CloudTrail\u4e8b\u4ef6\u3001Amazon Virtual Private Cloud (VPC) \u6d41\u65e5\u5fd7\u548c\u57df\u540d\u7cfb\u7edf (DNS) \u65e5\u5fd7\u4e2d\u7684\u7f51\u7edc\u6d3b\u52a8\u3002\u6b64\u5916\uff0cGuardDuty \u4f7f\u7528\u5df2\u77e5\u7684\u6076\u610f IP \u5730\u5740\u3001\u5f02\u5e38\u68c0\u6d4b\u3001\u96c6\u6210\u7684\u5a01\u80c1\u60c5\u62a5\u5982\u673a\u5668\u5b66\u4e60 (ML) \u6765\u66f4\u51c6\u786e\u5730\u8bc6\u522b\u5a01\u80c1\u3002<\/p><\/blockquote>\n<h3>\u603b\u4e4b<\/h3>\n<ul class=\"post-ul\">\n<li style=\"list-style-type: none;\">\n<ul class=\"post-ul\">CloudTrail Event Logs\u3001VPCFlowlog\u3001DNS\u30ed\u30b0\u3092\u30c7\u30fc\u30bf\u30bd\u30fc\u30b9\u3068\u3057\u3066\u5206\u6790\u3057\u3066\u9a5a\u7570\u30ea\u30b9\u30af\u3092\u691c\u77e5<\/ul>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<ul class=\"post-ul\">\n<li style=\"list-style-type: none;\">\n<ul class=\"post-ul\">\u60aa\u610f\u306e\u3042\u308bIP\u30a2\u30c9\u30ec\u30b9\u3084\u30c9\u30e1\u30a4\u30f3\u3001\u7570\u5e38\u691c\u51fa\u3001\u6a5f\u68b0\u5b66\u7fd2\u3092\u4f7f\u7528\u3057\u3066\u8105\u5a01\u3092\u8b58\u5225<\/ul>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<ul class=\"post-ul\">S3\u306b\u4fdd\u5b58\u3055\u308c\u305f\u30c7\u30fc\u30bf\u306e\u4fdd\u8b77(\u30c7\u30fc\u30bf\u30a2\u30af\u30bb\u30b9\u30a4\u30d9\u30f3\u30c8\u3068\u8a2d\u5b9a\u306e\u30e2\u30cb\u30bf\u30ea\u30f3\u30b0\u3068\u30d7\u30ed\u30d5\u30a1\u30a4\u30ea\u30f3\u30b0)<\/ul>\n<details>\u68c0\u6d4b\u5230\u7684\u6f5c\u5728\u98ce\u9669\u5217\u8868<br \/>\n\u5206\u7c7b<br \/>\n\u6076\u610f\u626b\u63cf<br \/>\n\u5b9e\u4f8b\u4fa6\u67e5\uff1a\u2022 \u7aef\u53e3\u63a2\u6d4b\/\u901a\u4fe1\u63a5\u53d7\u2022 \u7aef\u53e3\u626b\u63cf\uff08VPC\u5185\u90e8\uff09\u2022 \u66b4\u529b\u7834\u89e3\u653b\u51fb\uff08IP\u5730\u5740\uff09\u2022 \u653e\u7f6e\u70b9\uff08IP\u5730\u5740\uff09\u2022 Tor\u901a\u4fe1\u8d26\u6237\u4fa6\u67e5\uff1a\u2022 Tor API\u8c03\u7528\uff08\u5931\u8d25\uff09\u8d26\u6237\u4fa6\u67e5\uff1a\u2022 Tor API\u8c03\u7528\uff08\u5931\u8d25\uff09<br \/>\n\u5bf9\u5b9e\u4f8b\u7684\u5a01\u80c1<br \/>\n\u2022 C&amp;C\u6d3b\u52a8\u2022 \u6076\u610f\u57df\u540d\u8bf7\u6c42\u2022 EC2\u5a01\u80c1\u5217\u8868\u2022 \u653e\u7f6e\u70b9IP\u5730\u5740\u2022 \u6076\u610f\u901a\u4fe1\uff08ASIS\uff09\u2022 \u6316\u77ff\u6bd4\u7279\u5e01\u2022 \u51fa\u7ad9DDoS\u2022 \u5783\u573e\u90ae\u4ef6\u673a\u5668\u4eba\u6d3b\u52a8\u2022 \u51fa\u7ad9SSH\u66b4\u529b\u7834\u89e3\u2022 \u5f02\u5e38\u7f51\u7edc\u7aef\u53e3\u2022 \u5f02\u5e38\u6d41\u91cf\u91cf\/\u6d41\u5411\u2022 \u5f02\u5e38DNS\u8bf7\u6c42\u2022 \u57df\u540d\u751f\u6210\u7b97\u6cd5<br \/>\n\u5bf9\u5e10\u6237\u7684\u5a01\u80c1<br \/>\n\u2022 \u6076\u610fAPI\u8c03\u7528\uff08\u6076\u610fIP\u5730\u5740\uff09\u2022 Tor API\u8c03\u7528\uff08\u5df2\u63a5\u53d7\uff09\u2022 CloudTrail\u5df2\u7981\u7528\u2022 \u5bc6\u7801\u7b56\u7565\u66f4\u6539\u2022 \u5b9e\u4f8b\u542f\u52a8\u5f02\u5e38\u2022 \u5f02\u5e38\u5730\u533a\u6d3b\u52a8\u2022 \u53ef\u7591\u63a7\u5236\u53f0\u767b\u5f55\u2022 \u5f02\u5e38ISP\u8c03\u7528\u8005\u2022 \u53d8\u5f02\u7684API\u8c03\u7528\uff08\u521b\u5efa\u3001\u66f4\u65b0\u3001\u5220\u9664\uff09\u2022 \u9ad8\u6570\u91cf\u7684Describe\u8c03\u7528\u2022 \u5f02\u5e38IAM\u7528\u6237\u6dfb\u52a0<\/details>\n<details>\u4ee5\u4e0b\u662f\u641c\u7d22\u7c7b\u578b\u7684\u5217\u8868\uff1a\u53d1\u73b0\u7c7b\u578b<br \/>\n\u8d44\u6e90<br \/>\n\u6570\u636e\u6e90<br \/>\n\u4e25\u91cd\u7a0b\u5ea6<\/p>\n<p>\u540e\u95e8\uff1aEC2 \/ C\uff06CActivity.B<br \/>\nEC2<br \/>\nVPC\u6d41\u91cf\u65e5\u5fd7<br \/>\n\u9ad8<\/p>\n<p>\u540e\u95e8\uff1aEC2 \/ C\uff06CActivity.B\uff01DNS<br \/>\nEC2<br \/>\nDNS\u65e5\u5fd7<br \/>\n\u9ad8<\/p>\n<p>\u540e\u95e8\uff1aEC2 \/ DenialOfService.Dns<br \/>\nEC2<br \/>\nVPC\u6d41\u91cf\u65e5\u5fd7<br \/>\n\u9ad8<\/p>\n<p>\u540e\u95e8\uff1aEC2 \/ DenialOfService.Tcp<br \/>\nEC2<br \/>\nVPC\u6d41\u91cf\u65e5\u5fd7<br \/>\n\u9ad8<\/p>\n<p>\u540e\u95e8\uff1aEC2 \/ DenialOfService.Udp<br \/>\nEC2<br \/>\nVPC\u6d41\u91cf\u65e5\u5fd7<br \/>\n\u9ad8<\/p>\n<p>\u540e\u95e8\uff1aEC2 \/ DenialOfService.UdpOnTcpPorts<br \/>\nEC2<br \/>\nVPC\u6d41\u91cf\u65e5\u5fd7<br \/>\n\u9ad8<\/p>\n<p>\u540e\u95e8\uff1aEC2 \/ DenialOfService.UnusualProtocol<br \/>\nEC2<br \/>\nVPC\u6d41\u91cf\u65e5\u5fd7<br \/>\n\u9ad8<\/p>\n<p>\u540e\u95e8\uff1aEC2 \/ Spambot<br \/>\nEC2<br \/>\nVPC\u6d41\u91cf\u65e5\u5fd7<br \/>\n\u4e2d<\/p>\n<p>\u884c\u4e3a\uff1aEC2 \/ NetworkPortUnusual<br \/>\nEC2<br \/>\nVPC\u6d41\u91cf\u65e5\u5fd7<br \/>\n\u4e2d<\/p>\n<p>\u884c\u4e3a\uff1aEC2 \/ TrafficVolumeUnusual<br \/>\nEC2<br \/>\nVPC\u6d41\u91cf\u65e5\u5fd7<br \/>\n\u4e2d<\/p>\n<p>\u51ed\u8bc1\u8bbf\u95ee\uff1aIAM\u7528\u6237\/\u5f02\u5e38\u884c\u4e3a<br \/>\nIAM<br \/>\nCloudTrail\u7ba1\u7406\u4e8b\u4ef6<br \/>\n\u4e2d<\/p>\n<p>\u51ed\u8bc1\u8bbf\u95ee\uff1aKubernetes \/ \u6076\u610fIP\u8c03\u7528\u8005<br \/>\nKubernetes<br \/>\nKubernetes\u5ba1\u8ba1\u65e5\u5fd7<br \/>\n\u9ad8<\/p>\n<p>\u51ed\u8bc1\u8bbf\u95ee\uff1aKubernetes \/ \u6076\u610fIP\u8c03\u7528\u8005.Custom<br \/>\nKubernetes<br \/>\nKubernetes\u5ba1\u8ba1\u65e5\u5fd7<br \/>\n\u9ad8<\/p>\n<p>\u51ed\u8bc1\u8bbf\u95ee\uff1aKubernetes \/ \u6210\u529f\u533f\u540d\u8bbf\u95ee<br \/>\nKubernetes<br \/>\nKubernetes\u5ba1\u8ba1\u65e5\u5fd7<br \/>\n\u9ad8<\/p>\n<p>\u51ed\u8bc1\u8bbf\u95ee\uff1aKubernetes \/ TorIP\u8c03\u7528\u8005<br \/>\nKubernetes<br \/>\nKubernetes\u5ba1\u8ba1\u65e5\u5fd7<br \/>\n\u9ad8<\/p>\n<p>\u52a0\u5bc6\u8d27\u5e01\uff1aEC2 \/ BitcoinTool.B<br \/>\nEC2<br \/>\nVPC\u6d41\u91cf\u65e5\u5fd7<br \/>\n\u9ad8<\/p>\n<p>\u52a0\u5bc6\u8d27\u5e01\uff1aEC2 \/ BitcoinTool.B\uff01DNS<br \/>\nEC2<br \/>\nDNS\u65e5\u5fd7<br \/>\n\u9ad8<\/p>\n<p>\u9632\u5fa1\u89c4\u907f\uff1aIAM\u7528\u6237\/\u5f02\u5e38\u884c\u4e3a<br \/>\nIAM<br \/>\nCloudTrail\u7ba1\u7406\u4e8b\u4ef6<br \/>\n\u4e2d<\/p>\n<p>\u9632\u5fa1\u89c4\u907f\uff1aKubernetes \/ \u6076\u610fIP\u8c03\u7528\u8005<br \/>\nKubernetes<br \/>\nKubernetes\u5ba1\u8ba1\u65e5\u5fd7<br \/>\n\u9ad8<\/p>\n<p>\u9632\u5fa1\u89c4\u907f\uff1aKubernetes \/ \u6076\u610fIP\u8c03\u7528\u8005.Custom<br \/>\nKubernetes<br \/>\nKubernetes\u5ba1\u8ba1\u65e5\u5fd7<br \/>\n\u9ad8<\/p>\n<p>\u9632\u5fa1\u89c4\u907f\uff1aKubernetes \/ \u6210\u529f\u533f\u540d\u8bbf\u95ee<br \/>\nKubernetes<br \/>\nKubernetes\u5ba1\u8ba1\u65e5\u5fd7<br \/>\n\u9ad8<\/p>\n<p>\u9632\u5fa1\u89c4\u907f\uff1aKubernetes \/ TorIP\u8c03\u7528\u8005<br \/>\nKubernetes<br \/>\nKubernetes\u5ba1\u8ba1\u65e5\u5fd7<br \/>\n\u9ad8<\/p>\n<p>\u53d1\u73b0\uff1aIAM\u7528\u6237\/\u5f02\u5e38\u884c\u4e3a<br \/>\nIAM<br \/>\nCloudTrail\u7ba1\u7406\u4e8b\u4ef6<br \/>\n\u4f4e<\/p>\n<p>\u53d1\u73b0\uff1aKubernetes \/ \u6076\u610fIP\u8c03\u7528\u8005<br \/>\nKubernetes<br \/>\nKubernetes\u5ba1\u8ba1\u65e5\u5fd7<br \/>\n\u4e2d<\/p>\n<p>\u53d1\u73b0\uff1aKubernetes \/ \u6076\u610fIP\u8c03\u7528\u8005.Custom<br \/>\nKubernetes<br \/>\nKubernetes\u5ba1\u8ba1\u65e5\u5fd7<br \/>\n\u4e2d<\/p>\n<p>\u53d1\u73b0\uff1aKubernetes \/ \u6210\u529f\u533f\u540d\u8bbf\u95ee<br \/>\nKubernetes<br \/>\nKubernetes\u5ba1\u8ba1\u65e5\u5fd7<br \/>\n\u4e2d<\/p>\n<p>\u53d1\u73b0\uff1aKubernetes \/ TorIP\u8c03\u7528\u8005<br \/>\nKubernetes<br \/>\nKubernetes\u5ba1\u8ba1\u65e5\u5fd7<br \/>\n\u4e2d<\/p>\n<p>\u53d1\u73b0\uff1aS3 \/ \u6076\u610fIP\u8c03\u7528\u8005<br \/>\nS3<br \/>\nCloudTrail S3\u6570\u636e\u4e8b\u4ef6<br \/>\n\u9ad8<\/p>\n<p>\u53d1\u73b0\uff1aS3 \/ \u6076\u610fIP\u8c03\u7528\u8005.Custom<br \/>\nS3<br \/>\nCloudTrail S3\u6570\u636e\u4e8b\u4ef6<br \/>\n\u9ad8<\/p>\n<p>\u53d1\u73b0\uff1aS3 \/ TorIP\u8c03\u7528\u8005<br \/>\nS3<br \/>\nCloudTrail S3\u6570\u636e\u4e8b\u4ef6<br \/>\n\u4e2d<\/p>\n<p>\u6267\u884c\uff1aKubernetes \/ ExecInKubeSystemPod<br \/>\nKubernetes<br \/>\nKubernetes\u5ba1\u8ba1\u65e5\u5fd7<br \/>\n\u4e2d<\/p>\n<p>\u6e17\u900f\uff1aIAM\u7528\u6237 \/ KaliLinux<br \/>\nIAM<br \/>\nCloudTrail\u7ba1\u7406\u4e8b\u4ef6<br \/>\n\u4e2d<\/p>\n<p>\u6e17\u900f\uff1aIAM\u7528\u6237 \/ ParrotLinux<br \/>\nIAM<br \/>\nCloudTrail\u7ba1\u7406\u4e8b\u4ef6<br \/>\n\u4e2d<\/p>\n<p>\u6e17\u900f\uff1aIAM\u7528\u6237 \/ PentooLinux<br \/>\nIAM<br \/>\nCloudTrail\u7ba1\u7406\u4e8b\u4ef6<br \/>\n\u4e2d<\/p>\n<p>\u6e17\u900f\uff1aS3 \/ KaliLinux<br \/>\nS3<br \/>\nCloudTrail S3\u6570\u636e\u4e8b\u4ef6<br \/>\n\u4e2d<\/p>\n<p>\u6e17\u900f\uff1aS3 \/ ParrotLinux<br \/>\nS3<br \/>\nCloudTrail S3\u6570\u636e\u4e8b\u4ef6<br \/>\n\u4e2d<\/p>\n<p>\u6e17\u900f\uff1aS3 \/ PentooLinux<br \/>\nS3<br \/>\nCloudTrail S3\u6570\u636e\u4e8b\u4ef6<br \/>\n\u4e2d<\/p>\n<p>\u6301\u4e45\u5316\uff1aIAM\u7528\u6237 \/ \u5f02\u5e38\u884c\u4e3a<br \/>\nIAM<br \/>\nCloudTrail\u7ba1\u7406\u4e8b\u4ef6<br \/>\n\u4e2d<\/p>\n<p>\u6301\u4e45\u5316\uff1aKubernetes \/ \u5177\u6709\u654f\u611f\u6302\u8f7d\u7684\u5bb9\u5668<br \/>\nKubernetes<br \/>\nKubernetes\u5ba1\u8ba1\u65e5\u5fd7<br \/>\n\u4e2d<\/p>\n<p>\u6301\u4e45\u5316\uff1aKubernetes \/ \u6076\u610fIP\u8c03\u7528\u8005<br \/>\nKubernetes<br \/>\nKubernetes\u5ba1\u8ba1\u65e5\u5fd7<br \/>\n\u4e2d<\/p>\n<p>\u6301\u4e45\u5316\uff1aKubernetes \/ \u6076\u610fIP\u8c03\u7528\u8005.Custom<br \/>\nKubernetes<br \/>\nKubernetes\u5ba1\u8ba1\u65e5\u5fd7<br \/>\n\u4e2d<\/p>\n<p>\u6301\u4e45\u5316\uff1aKubernetes \/ \u6210\u529f\u533f\u540d\u8bbf\u95ee<br \/>\nKubernetes<br \/>\nKubernetes\u5ba1\u8ba1\u65e5\u5fd7<br \/>\n\u9ad8<\/p>\n<p>\u6301\u4e45\u5316\uff1aKubernetes \/ TorIP\u8c03\u7528\u8005<br \/>\nKubernetes<br \/>\nKubernetes\u5ba1\u8ba1\u65e5\u5fd7<br \/>\n\u4e2d<\/p>\n<p>\u7b56\u7565\uff1aIAM\u7528\u6237 \/ \u6839\u51ed\u636e\u4f7f\u7528<br \/>\nIAM<br \/>\nCloudTrail\u7ba1\u7406\u4e8b\u4ef6\u6216CloudTrail\u6570\u636e\u4e8b\u4ef6<br \/>\n\u4f4e<\/p>\n<p>\u7b56\u7565\uff1aKubernetes \/ \u5bf9\u9ed8\u8ba4\u670d\u52a1\u5e10\u6237\u7684\u7ba1\u7406\u8bbf\u95ee<br \/>\nKubernetes<br \/>\nKubernetes\u5ba1\u8ba1\u65e5\u5fd7<br \/>\n\u9ad8<\/p>\n<p>\u7b56\u7565\uff1aKubernetes \/ \u6388\u4e88\u533f\u540d\u8bbf\u95ee\u6743\u9650<br \/>\nKubernetes<br \/>\nKubernetes\u5ba1\u8ba1\u65e5\u5fd7<br \/>\n\u9ad8<\/p>\n<p>\u7b56\u7565\uff1aKubernetes \/ Kubeflow\u4eea\u8868\u677f\u66b4\u9732<br \/>\nKubernetes<br \/>\nKubernetes\u5ba1\u8ba1\u65e5\u5fd7<br \/>\n\u4e2d<\/p>\n<p>\u7b56\u7565\uff1aKubernetes \/ \u66b4\u9732\u7684\u4eea\u8868\u677f<br \/>\nKubernetes<br \/>\nKubernetes\u5ba1\u8ba1\u65e5\u5fd7<br \/>\n\u4e2d<\/p>\n<p>\u7b56\u7565\uff1aS3 \/ \u7981\u7528\u5e10\u6237\u516c\u5171\u8bbf\u95ee\u5757<br \/>\nS3<br \/>\nCloudTrail\u7ba1\u7406\u4e8b\u4ef6<br \/>\n\u4f4e<\/p>\n<p>\u7b56\u7565\uff1aS3 \/ \u5b58\u50a8\u6876\u6388\u4e88\u533f\u540d\u8bbf\u95ee\u6743\u9650<br \/>\nS3<br \/>\nCloudTrail\u7ba1\u7406\u4e8b\u4ef6<br \/>\n\u9ad8<\/p>\n<p>\u7b56\u7565\uff1aS3 \/ \u5b58\u50a8\u6876\u7981\u7528\u516c\u5171\u8bbf\u95ee\u5757<br \/>\nS3<br \/>\nCloudTrail\u7ba1\u7406\u4e8b\u4ef6<br \/>\n\u4f4e<\/p>\n<p>\u7b56\u7565\uff1aS3 \/ \u5b58\u50a8\u6876\u6388\u4e88\u516c\u5171\u8bbf\u95ee\u6743\u9650<br \/>\nS3<br \/>\nCloudTrail\u7ba1\u7406\u4e8b\u4ef6<br \/>\n\u9ad8<\/p>\n<p>\u6743\u9650\u63d0\u5347\uff1aIAM\u7528\u6237 \/ \u5f02\u5e38\u884c\u4e3a<br \/>\nIAM<br \/>\nCloudTrail\u7ba1\u7406\u4e8b\u4ef6<br \/>\n\u4e2d<\/p>\n<p>\u6743\u9650\u63d0\u5347\uff1aKubernetes \/ \u7279\u6743\u5bb9\u5668<br \/>\nKubernetes<br \/>\nKubernetes\u5ba1\u8ba1\u65e5\u5fd7<br \/>\n\u4e2d<\/p>\n<p>\u4fa6\u5bdf\uff1aEC2 \/ PortProbeEMRUnprotectedPort<br \/>\nEC2<br \/>\nVPC\u6d41\u91cf\u65e5\u5fd7<br \/>\n\u9ad8<\/p>\n<p>\u4fa6\u5bdf\uff1aEC2 \/ PortProbeUnprotectedPort<br \/>\nEC2<br \/>\nVPC\u6d41\u91cf\u65e5\u5fd7<br \/>\n\u4f4e<\/p>\n<p>\u4fa6\u5bdf\uff1aEC2 \/ Portscan<br \/>\nEC2<br \/>\nVPC\u6d41\u91cf\u65e5\u5fd7<br \/>\n\u4e2d<\/p>\n<p>\u4fa6\u5bdf\uff1aIAM\u7528\u6237 \/ \u6076\u610fIP\u8c03\u7528\u8005<br \/>\nIAM<br \/>\nCloudTrail\u7ba1\u7406\u4e8b\u4ef6<br \/>\n\u4e2d<\/p>\n<p>\u4fa6\u5bdf\uff1aIAM\u7528\u6237 \/ \u6076\u610fIP\u8c03\u7528\u8005.Custom<br \/>\nIAM<br \/>\nCloudTrail\u7ba1\u7406\u4e8b\u4ef6<br \/>\n\u4e2d<\/p>\n<p>\u4fa6\u5bdf\uff1aIAM\u7528\u6237 \/ TorIP\u8c03\u7528\u8005<br \/>\nIAM<br \/>\nCloudTrail\u7ba1\u7406\u4e8b\u4ef6<br \/>\n\u4e2d<\/p>\n<p>\u9690\u533f\u6027\uff1aIAM\u7528\u6237 \/ \u7981\u7528CloudTrail\u65e5\u5fd7\u8bb0\u5f55<br \/>\nIAM<br \/>\nCloudTrail\u7ba1\u7406\u4e8b\u4ef6<br \/>\n\u4f4e<\/p>\n<p>\u9690\u533f\u6027\uff1aIAM\u7528\u6237 \/ \u5bc6\u7801\u7b56\u7565\u66f4\u6539<br \/>\nIAM<br \/>\nCloudTrail\u7ba1\u7406\u4e8b\u4ef6<br \/>\n\u4f4e<\/p>\n<p>\u9690\u533f\u6027\uff1aS3 \/ \u7981\u7528\u670d\u52a1\u5668\u8bbf\u95ee\u65e5\u5fd7\u8bb0\u5f55<br \/>\nS3<br \/>\nCloudTrail\u7ba1\u7406\u4e8b\u4ef6<br \/>\n\u4f4e<\/p>\n<p>\u7279\u6d1b\u4f0a\u6728\u9a6c\uff1aEC2 \/ BlackholeTraffic<br \/>\nEC2<br \/>\nVPC\u6d41\u91cf\u65e5\u5fd7<br \/>\n\u4e2d<\/p>\n<p>\u7279\u6d1b\u4f0a\u6728\u9a6c\uff1aEC2 \/ BlackholeTraffic\uff01DNS<br \/>\nEC2<br \/>\nDNS\u65e5\u5fd7<br \/>\n\u4e2d<\/p>\n<p>\u7279\u6d1b\u4f0a\u6728\u9a6c\uff1aEC2 \/ DGADomainRequest.B<br \/>\nEC2<br \/>\nDNS\u65e5\u5fd7<br \/>\n\u9ad8<\/p>\n<p>\u7279\u6d1b\u4f0a\u6728\u9a6c\uff1aEC2 \/ DGADomainRequest.C\uff01DNS<br \/>\nEC2<br \/>\nDNS\u65e5\u5fd7<br \/>\n\u9ad8<\/p>\n<p>\u7279\u6d1b\u4f0a\u6728\u9a6c\uff1aEC2 \/ DNSDataExfiltration<br \/>\nEC2<br \/>\nDNS\u65e5\u5fd7<br \/>\n\u9ad8<\/p>\n<p>\u7279\u6d1b\u4f0a\u6728\u9a6c\uff1aEC2 \/ DriveBySourceTraffic\uff01DNS<br \/>\nEC2<br \/>\nDNS\u65e5\u5fd7<br \/>\n\u9ad8<\/p>\n<p>\u7279\u6d1b\u4f0a\u6728\u9a6c\uff1aEC2 \/ DropPoint<br \/>\nEC2<br \/>\nVPC\u6d41\u91cf\u65e5\u5fd7<br \/>\n\u4e2d<\/p>\n<p>\u7279\u6d1b\u4f0a\u6728\u9a6c\uff1aEC<\/p>\n<\/details>\n<p>\u5982\u679c\u60a8\u67e5\u770b\u4e0a\u9762\u7684\u641c\u7d22\u7c7b\u578b\u5217\u8868\uff0c\u4f1a\u53d1\u73b0GuardDuty\u4f1a\u5206\u6790VPC\u6d41\u91cf\u65e5\u5fd7\u7b49\u6570\u636e\u6e90\uff0c\u5e76\u6839\u636e\u6bcf\u4e2aEC2\u3001IAM\u3001S3\u548cEKS\u662f\u5426\u5177\u6709\u6f5c\u5728\u98ce\u9669\u6765\u63d0\u4f9b\u901a\u77e5\u3002<\/p>\n<h3>\u8bf7\u63d0\u4f9b\u4e0b\u5217\u53c2\u8003\u3002<\/h3>\n<p>AWS-\u9ed1\u5e26_\u4e9a\u9a6c\u900a-\u5b88\u536b\u76d1\u7763<\/p>\n<h2>\u4e91\u8ddf\u8e2a<\/h2>\n<blockquote><p>Q: AWS CloudTrail \u3068\u306f\u4f55\u3067\u3059\u304b?<br \/>\nAWS CloudTrail\u662f\u901a\u8fc7\u8ddf\u8e2a\u7528\u6237\u6d3b\u52a8\u548cAPI\u7684\u4f7f\u7528\u60c5\u51b5\u6765\u5b9e\u73b0\u5ba1\u8ba1\u3001\u5b89\u5168\u76d1\u63a7\u548c\u64cd\u4f5c\u6545\u969c\u6392\u9664\u7684\u5de5\u5177\u3002CloudTrail\u4f1a\u8bb0\u5f55\u4e0e\u5ba2\u6237\u7684AWS\u57fa\u7840\u8bbe\u65bd\u76f8\u5173\u7684\u8d26\u6237\u6d3b\u52a8\uff0c\u5e76\u6301\u7eed\u76d1\u63a7\u3001\u4fdd\u7559\u3001\u5b58\u50a8\u3001\u5206\u6790\u548c\u63a7\u5236\u4fee\u590d\u64cd\u4f5c\u3002<\/p><\/blockquote>\n<h3>\u7b80\u800c\u8a00\u4e4b<\/h3>\n<ul class=\"post-ul\">AWS\u306b\u5bfe\u3059\u308bAPI\u64cd\u4f5c\u3092\u8a18\u9332\u3001\u4fdd\u5b58\u3001\u5206\u6790<\/ul>\n<details>\u30b5\u30dd\u30fc\u30c8\u3055\u308c\u308b\u30b5\u30fc\u30d3\u30b9\u4e00\u89a7AWS Service<br \/>\nCloudTrail Topics<br \/>\nSupport began<\/p>\n<p>Alexa for Business<br \/>\nLogging Alexa for Business Administration Calls Using AWS CloudTrail<br \/>\n11\/29\/2017<\/p>\n<p>AWS Amplify<br \/>\nLogging Amplify API calls using AWS CloudTrail<br \/>\n11\/30\/2020<\/p>\n<p>AWS Audit Manager<br \/>\nLogging AWS Audit Manager API calls with AWS CloudTrail<br \/>\n12\/07\/2020<\/p>\n<p>Amazon API Gateway<br \/>\nLog API management calls to Amazon API Gateway Using AWS CloudTrail<br \/>\n07\/09\/2015<\/p>\n<p>Amazon Connect<br \/>\nLogging Amazon Connect API Calls with AWS CloudTrail<br \/>\n12\/11\/2019<\/p>\n<p>Application Auto Scaling<br \/>\nLogging Application Auto Scaling API calls with AWS CloudTrail<br \/>\n10\/31\/2016<\/p>\n<p>AWS Application Discovery Service<br \/>\nLogging Application Discovery Service API Calls with AWS CloudTrail<br \/>\n05\/12\/2016<\/p>\n<p>Amazon AppFlow<br \/>\nLogging Amazon AppFlow API calls with AWS CloudTrail<br \/>\n04\/22\/2020<\/p>\n<p>AWS App Mesh<br \/>\nLogging App Mesh API Calls with AWS CloudTrail<br \/>\nAWS App Mesh 10\/30\/2019<\/p>\n<p>App Mesh Envoy Management Service 03\/18\/2022<\/p>\n<p>AWS App Runner<br \/>\nLogging App Runner API calls with AWS CloudTrail<br \/>\n05\/18\/2021<\/p>\n<p>Amazon AppStream 2.0<br \/>\nLogging Amazon AppStream 2.0 API Calls with AWS CloudTrail<br \/>\n04\/25\/2019<\/p>\n<p>AWS AppSync<br \/>\nLogging AWS AppSync API Calls with AWS CloudTrail<br \/>\n02\/13\/2018<\/p>\n<p>Amazon Athena<br \/>\nLogging Amazon Athena API Calls with AWS CloudTrail<br \/>\n05\/19\/2017<\/p>\n<p>AWS Auto Scaling<br \/>\nLogging AWS Auto Scaling API Calls By Using CloudTrail<br \/>\n08\/15\/2018<\/p>\n<p>AWS Backup<br \/>\nLogging AWS Backup API Calls with AWS CloudTrail<br \/>\n02\/04\/2019<\/p>\n<p>AWS Batch<br \/>\nLogging AWS Batch API Calls with AWS CloudTrail<br \/>\n1\/10\/2018<\/p>\n<p>AWS Billing and Cost Management<br \/>\nLogging AWS Billing and Cost Management API Calls with AWS CloudTrail<br \/>\n06\/07\/2018<\/p>\n<p>AWS BugBust<br \/>\nLogging BugBust API calls using CloudTrail<br \/>\n06\/24\/2021<\/p>\n<p>AWS Certificate Manager<br \/>\nUsing AWS CloudTrail<br \/>\n03\/25\/2016<\/p>\n<p>AWS Certificate Manager Private Certificate Authority<br \/>\nUsing CloudTrail<br \/>\n06\/06\/2019<\/p>\n<p>Amazon Chime<br \/>\nLog Amazon Chime Administration Calls Using AWS CloudTrail<br \/>\n09\/27\/2017<\/p>\n<p>Amazon Cloud Directory<br \/>\nLogging Amazon Cloud Directory API Calls Using AWS CloudTrail<br \/>\n01\/26\/2017<\/p>\n<p>AWS Cloud9<br \/>\nLogging AWS Cloud9 API Calls with AWS CloudTrail<br \/>\n01\/21\/2019<\/p>\n<p>AWS CloudFormation<br \/>\nLogging AWS CloudFormation API Calls in AWS CloudTrail<br \/>\n04\/02\/2014<\/p>\n<p>Amazon CloudFront<br \/>\nUsing AWS CloudTrail to Capture Requests Sent to the CloudFront API<br \/>\n05\/28\/2014<\/p>\n<p>AWS CloudHSM<br \/>\nLogging AWS CloudHSM API Calls By Using AWS CloudTrail<br \/>\n01\/08\/2015<\/p>\n<p>AWS Cloud Map<br \/>\nLogging AWS Cloud Map API Calls with AWS CloudTrail<br \/>\n11\/28\/2018<\/p>\n<p>Amazon CloudSearch<br \/>\nLogging Amazon CloudSearch Configuration Service Calls Using AWS CloudTrail<br \/>\n10\/16\/2014<\/p>\n<p>AWS CloudTrail<br \/>\nAWS CloudTrail API Reference\u00a0(All CloudTrail API calls are logged by CloudTrail.)<br \/>\n11\/13\/2013<\/p>\n<p>Amazon CloudWatch<br \/>\nLogging Amazon CloudWatch API Calls in AWS CloudTrail<br \/>\n04\/30\/2014<\/p>\n<p>CloudWatch Events<br \/>\nLogging Amazon CloudWatch Events API Calls in AWS CloudTrail<br \/>\n01\/16\/2016<\/p>\n<p>CloudWatch Logs<br \/>\nLogging Amazon CloudWatch Logs API Calls in AWS CloudTrail<br \/>\n03\/10\/2016<\/p>\n<p>AWS CodeBuild<br \/>\nLogging AWS CodeBuild API Calls with AWS CloudTrail<br \/>\n12\/01\/2016<\/p>\n<p>AWS CodeCommit<br \/>\nLogging AWS CodeCommit API Calls with AWS CloudTrail<br \/>\n01\/11\/2017<\/p>\n<p>AWS CodeDeploy<br \/>\nMonitoring Deployments with AWS CloudTrail<br \/>\n12\/16\/2014<\/p>\n<p>Amazon CodeGuru Reviewer<br \/>\nLogging Amazon CodeGuru Reviewer API Calls with AWS CloudTrail<br \/>\n12\/02\/2019<\/p>\n<p>AWS CodePipeline<br \/>\nLogging CodePipeline API Calls By Using AWS CloudTrail<br \/>\n07\/09\/2015<\/p>\n<p>AWS CodeStar<br \/>\nLogging AWS CodeStar API Calls with AWS CloudTrail<br \/>\n06\/14\/2017<\/p>\n<p>AWS CodeStar Notifications<br \/>\nLogging AWS CodeStar Notifications API Calls with AWS CloudTrail<br \/>\n11\/05\/2019<\/p>\n<p>Amazon Cognito<br \/>\nLogging Amazon Cognito API Calls with AWS CloudTrail<br \/>\n02\/18\/2016<\/p>\n<p>Amazon Comprehend<br \/>\nLogging Amazon Comprehend API Calls with AWS CloudTrail<br \/>\n01\/17\/2018<\/p>\n<p>Amazon Comprehend Medical<br \/>\nLogging Amazon Comprehend Medical API Calls by Using AWS CloudTrail<br \/>\n11\/27\/2018<\/p>\n<p>AWS Config<br \/>\nLogging AWS Config API Calls By with AWS CloudTrail<br \/>\n02\/10\/2015<\/p>\n<p>AWS Control Tower<br \/>\nLogging AWS Control Tower Actions with AWS CloudTrail<br \/>\n08\/12\/2019<\/p>\n<p>Amazon Data Lifecycle Manager<br \/>\nLogging Amazon Data Lifecycle Manager API Calls Using AWS CloudTrail<br \/>\n07\/24\/2018<\/p>\n<p>AWS Data Pipeline<br \/>\nLogging AWS Data Pipeline API Calls by using AWS CloudTrail<br \/>\n12\/02\/2014<\/p>\n<p>AWS Database Migration Service (AWS DMS)<br \/>\nLogging AWS Database Migration Service API Calls Using AWS CloudTrail<br \/>\n02\/04\/2016<\/p>\n<p>AWS DataSync<br \/>\nLogging AWS DataSync API Calls with AWS CloudTrail<br \/>\n11\/26\/2018<\/p>\n<p>Amazon Detective<br \/>\nLogging Amazon Detective API calls with AWS CloudTrail<br \/>\n03\/31\/2020<\/p>\n<p>AWS Device Farm<br \/>\nLogging AWS Device Farm API Calls By Using AWS CloudTrail<br \/>\n07\/13\/2015<\/p>\n<p>AWS Direct Connect<br \/>\nLogging AWS Direct Connect API Calls in AWS CloudTrail<br \/>\n03\/08\/2014<\/p>\n<p>AWS Directory Service<br \/>\nLogging AWS Directory Service API Calls by Using CloudTrail<br \/>\n05\/14\/2015<\/p>\n<p>Amazon DocumentDB (with MongoDB compatibility)<br \/>\nLogging Amazon DocumentDB API Calls with AWS CloudTrail<br \/>\n01\/09\/2019<\/p>\n<p>Amazon DynamoDB<br \/>\nLogging DynamoDB Operations By Using AWS CloudTrail<br \/>\n05\/28\/2015<\/p>\n<p>Amazon Elastic Container Registry (Amazon ECR)<br \/>\nLogging Amazon ECR API Calls By Using AWS CloudTrail<br \/>\n12\/21\/2015<\/p>\n<p>Amazon Elastic Container Service (Amazon ECS)<br \/>\nLogging Amazon ECS API Calls By Using AWS CloudTrail<br \/>\n04\/09\/2015<\/p>\n<p>AWS Elastic Beanstalk (Elastic Beanstalk)<br \/>\nUsing Elastic Beanstalk API Calls with AWS CloudTrail<br \/>\n03\/31\/2014<\/p>\n<p>Amazon Elastic Block Store (Amazon EBS)<br \/>\nLogging API Calls Using AWS CloudTrail<br \/>\nAmazon EBS: 11\/13\/2013<\/p>\n<p>EBS direct APIs<br \/>\nLog API Calls for the EBS direct APIs with AWS CloudTrail<br \/>\nEBS direct APIs: 06\/30\/2020<\/p>\n<p>Amazon Elastic Compute Cloud (Amazon EC2)<br \/>\nLogging API Calls Using AWS CloudTrail<br \/>\n11\/13\/2013<\/p>\n<p>Amazon EC2 Auto Scaling<br \/>\nLogging Auto Scaling API Calls By Using CloudTrail<br \/>\n07\/16\/2014<\/p>\n<p>Amazon EC2 Image Builder<br \/>\nLogging EC2 Image Builder API calls using CloudTrail<br \/>\n12\/02\/2019<\/p>\n<p>Amazon Elastic File System (Amazon EFS)<br \/>\nLogging Amazon EFS API Calls with AWS CloudTrail<br \/>\n06\/28\/2016<\/p>\n<p>Amazon Fraud Detector<br \/>\nLogging Amazon Fraud Detector API Calls with AWS CloudTrail<br \/>\n01\/09\/2020<\/p>\n<p>Amazon GameSparks<br \/>\nLog GameSparks API calls with AWS CloudTrail<br \/>\n03\/23\/2022<\/p>\n<p>Amazon Elastic Kubernetes Service (Amazon EKS)<br \/>\nLogging Amazon EKS API Calls with AWS CloudTrail<br \/>\n06\/05\/2018<\/p>\n<p>Elastic Load Balancing<br \/>\nAWS CloudTrail Logging for Your Classic Load Balancer\u00a0and\u00a0AWS CloudTrail Logging for Your Application Load Balancer<br \/>\n04\/04\/2014<\/p>\n<p>Amazon Elastic Transcoder<br \/>\nLogging Amazon Elastic Transcoder API Calls with AWS CloudTrail<br \/>\n10\/27\/2014<\/p>\n<p>Amazon ElastiCache<br \/>\nLogging Amazon ElastiCache API Calls Using AWS CloudTrail<br \/>\n09\/15\/2014<\/p>\n<p>Amazon OpenSearch Service<br \/>\nAuditing Amazon OpenSearch Service Domains with AWS CloudTrail<br \/>\n10\/01\/2015<\/p>\n<p>AWS Elemental MediaConnect<br \/>\nLogging AWS Elemental MediaConnect API Calls with AWS CloudTrail<br \/>\n11\/27\/2018<\/p>\n<p>AWS Elemental MediaConvert<br \/>\nLogging AWS Elemental MediaConvert API Calls with CloudTrail<br \/>\n11\/27\/2017<\/p>\n<p>AWS Elemental MediaLive<br \/>\nLogging MediaLive API Calls with AWS CloudTrail<br \/>\n01\/19\/2019<\/p>\n<p>AWS Elemental MediaPackage<br \/>\nLogging AWS Elemental MediaPackage API Calls with AWS CloudTrail<br \/>\n12\/21\/2018<\/p>\n<p>AWS Elemental MediaStore<br \/>\nLogging AWS Elemental MediaStore API Calls with CloudTrail<br \/>\n11\/27\/2017<\/p>\n<p>AWS Elemental MediaTailor<br \/>\nLogging AWS Elemental MediaTailor API Calls with AWS CloudTrail<br \/>\n02\/11\/2019<\/p>\n<p>Amazon EMR<br \/>\nLogging Amazon EMR API Calls in AWS CloudTrail<br \/>\n04\/04\/2014<\/p>\n<p>Amazon EMR on EKS<br \/>\nLogging Amazon EMR on EKS API calls using AWS CloudTrail<br \/>\n12\/09\/2020<\/p>\n<p>AWS Fault Injection Simulator<br \/>\nLog API calls with AWS CloudTrail<br \/>\n03\/15\/2021<\/p>\n<p>AWS Firewall Manager<br \/>\nLogging AWS Firewall Manager API Calls with AWS CloudTrail<br \/>\n04\/05\/2018<\/p>\n<p>Amazon Forecast<br \/>\nLogging Amazon Forecast API Calls with AWS CloudTrail<br \/>\n11\/28\/2018<\/p>\n<p>FreeRTOS Over-the-Air Updates (OTA)<br \/>\nLogging AWS IoT OTA API Calls with AWS CloudTrail<br \/>\n05\/22\/2019<\/p>\n<p>Amazon FSx for Lustre<br \/>\nLogging Amazon FSx for Lustre API Calls with AWS CloudTrail<br \/>\n01\/11\/2019<\/p>\n<p>Amazon FSx for Windows File Server<br \/>\nMonitoring with AWS CloudTrail<br \/>\n11\/28\/2018<\/p>\n<p>Amazon GameLift<br \/>\nLogging Amazon GameLift API Calls with AWS CloudTrail<br \/>\n01\/27\/2016<\/p>\n<p>Amazon S3 Glacier<br \/>\nLogging S3 Glacier API Calls By Using AWS CloudTrail<br \/>\n12\/11\/2014<\/p>\n<p>AWS Global Accelerator<br \/>\nLogging AWS Global Accelerator API Calls with AWS CloudTrail<br \/>\n11\/26\/2018<\/p>\n<p>AWS Glue<br \/>\nLogging AWS Glue Operations Using AWS CloudTrail<br \/>\n11\/07\/2017<\/p>\n<p>AWS Ground Station<br \/>\nLogging AWS Ground Station API Calls with AWS CloudTrail<br \/>\n05\/31\/2019<\/p>\n<p>Amazon GuardDuty<br \/>\nLogging Amazon GuardDuty API Calls with AWS CloudTrail<br \/>\n02\/12\/2018<\/p>\n<p>AWS Health<br \/>\nLogging AWS Health API Calls with AWS CloudTrail<br \/>\n11\/21\/2016<\/p>\n<p>Amazon HealthLake<br \/>\nLogging Amazon HealthLake API calls with AWS CloudTrail<br \/>\n12\/07\/2020<\/p>\n<p>Amazon Honeycode<br \/>\nLogging Amazon Honeycode API Calls with AWS CloudTrail<br \/>\n06\/24\/2020<\/p>\n<p>Amazon Inspector<br \/>\nLogging Amazon Inspector API calls with AWS CloudTrail<br \/>\n04\/20\/2016<\/p>\n<p>Amazon Interactive Video Service<br \/>\nLogging Amazon IVS API Calls with AWS CloudTrail<br \/>\n07\/15\/2020<\/p>\n<p>AWS IoT<br \/>\nLogging AWS IoT API Calls with AWS CloudTrail<br \/>\n04\/11\/2016<\/p>\n<p>AWS IoT Analytics<br \/>\nLogging AWS IoT Analytics API calls with AWS CloudTrail<br \/>\n04\/23\/2018<\/p>\n<p>AWS IoT 1-Click<br \/>\nLogging AWS IoT 1-Click API Calls with AWS CloudTrail<br \/>\n05\/14\/2018<\/p>\n<p>AWS IoT Events<br \/>\nLogging AWS IoT Events API Calls with AWS CloudTrail<br \/>\n06\/11\/2019<\/p>\n<p>AWS IoT Greengrass<br \/>\nLogging AWS IoT Greengrass API Calls with AWS CloudTrail<br \/>\n10\/29\/2018<\/p>\n<p>AWS IoT Greengrass V2<br \/>\nLog AWS IoT Greengrass V2 API calls with AWS CloudTrail<br \/>\n12\/14\/2020<\/p>\n<p>AWS IoT SiteWise<br \/>\nLogging AWS IoT SiteWise API calls with AWS CloudTrail<br \/>\n04\/29\/2020<\/p>\n<p>AWS IoT Things Graph<br \/>\nLogging AWS IoT Things Graph API Calls with AWS CloudTrail<br \/>\n05\/31\/2019<\/p>\n<p>AWS Identity and Access Management (IAM)<br \/>\nLogging IAM Events with AWS CloudTrail<br \/>\n11\/13\/2013<\/p>\n<p>Amazon Kendra<br \/>\nLogging Amazon Kendra API calls with AWS CloudTrail<br \/>\n05\/11\/2020<\/p>\n<p>AWS Key Management Service (AWS KMS)<br \/>\nLogging AWS KMS API Calls using AWS CloudTrail<br \/>\n11\/12\/2014<\/p>\n<p>Amazon Kinesis Data Analytics<br \/>\nMonitoring Amazon Kinesis Data Analytics with AWS CloudTrail (SQL Applications)\u00a0and\u00a0Monitoring Amazon Kinesis Data Analytics with AWS CloudTrail (Apache Flink Applications)<br \/>\n03\/22\/2019<\/p>\n<p>Amazon Kinesis Data Firehose<br \/>\nMonitoring Amazon Kinesis Data Firehose API Calls with AWS CloudTrail<br \/>\n03\/17\/2016<\/p>\n<p>Amazon Kinesis Data Streams<br \/>\nLogging Amazon Kinesis Data Streams API Calls Using AWS CloudTrail<br \/>\n04\/25\/2014<\/p>\n<p>Amazon Kinesis Video Streams<br \/>\nLogging Kinesis Video Streams API Calls with AWS CloudTrail<br \/>\n05\/24\/2018<\/p>\n<p>AWS Lake Formation<br \/>\nLogging AWS Lake Formation API Calls Using AWS CloudTrail<br \/>\n08\/09\/2019<\/p>\n<p>AWS Lambda<br \/>\nLogging AWS Lambda API Calls By Using AWS CloudTrail<br \/>\nManagement events: 04\/09\/2015<\/p>\n<p>Using Lambda with AWS CloudTrail<br \/>\nData events: 11\/30\/2017<\/p>\n<p>Amazon Lex<br \/>\nLogging Amazon Lex API Calls with CloudTrail<br \/>\n08\/15\/2017<\/p>\n<p>AWS License Manager<br \/>\nLogging AWS License Manager API Calls with AWS CloudTrail<br \/>\n03\/01\/2019<\/p>\n<p>Amazon Lightsail<br \/>\nLogging Lightsail API Calls with AWS CloudTrail<br \/>\n12\/23\/2016<\/p>\n<p>Amazon Location Service<br \/>\nLogging and monitoring with AWS CloudTrail<br \/>\n12\/15\/2020<\/p>\n<p>Amazon Lookout for Vision<br \/>\nLogging Amazon Lookout for Vision calls with AWS CloudTrail<br \/>\n12\/01\/2020<\/p>\n<p>Amazon Lookout for Equipment<br \/>\nMonitoring Amazon Lookout for Equipment calls with AWS CloudTrail<br \/>\n12\/01\/2020<\/p>\n<p>Amazon Lookout for Metrics<br \/>\nViewing Amazon Lookout for Metrics API activity in AWS CloudTrail<br \/>\n12\/08\/2020<\/p>\n<p>Amazon Machine Learning<br \/>\nLogging Amazon ML API Calls By Using AWS CloudTrail<br \/>\n12\/10\/2015<\/p>\n<p>Amazon Macie<br \/>\nLog Amazon Macie API calls using AWS CloudTrail<br \/>\n05\/13\/2020<\/p>\n<p>Amazon Managed Blockchain<br \/>\nLogging Amazon Managed Blockchain API calls using AWS CloudTrail<br \/>\n04\/01\/2019<\/p>\n<p>Logging Ethereum for Managed Blockchain API calls using AWS CloudTrail\u00a0(Preview)<\/p>\n<p>Amazon Managed Grafana<br \/>\nLogging Amazon Managed Grafana API calls using AWS CloudTrail<br \/>\n12\/15\/2020<\/p>\n<p>Amazon Managed Service for Prometheus<br \/>\nLogging Amazon Managed Service for Prometheus API calls using AWS CloudTrail<br \/>\n12\/15\/2020<\/p>\n<p>Amazon Keyspaces (for Apache Cassandra)<br \/>\nLogging Amazon Keyspaces API calls with AWS CloudTrail<br \/>\n01\/13\/2020<\/p>\n<p>AWS Managed Services<br \/>\nAWS Managed Services<br \/>\n12\/21\/2016<\/p>\n<p>Amazon Managed Streaming for Apache Kafka<br \/>\nLogging Amazon MSK API Calls with AWS CloudTrail<br \/>\n12\/11\/2018<\/p>\n<p>Amazon Managed Workflows for Apache Airflow<br \/>\nMonitoring Amazon MWAA API activity with AWS CloudTrail<br \/>\n11\/24\/2020<\/p>\n<p>AWS Marketplace<br \/>\nLogging AWS Marketplace API Calls with AWS CloudTrail<br \/>\n05\/02\/2017<\/p>\n<p>AWS Marketplace Metering Service<br \/>\nLogging AWS Marketplace API Calls with AWS CloudTrail<br \/>\n08\/22\/2018<\/p>\n<p>AWS Migration Hub<br \/>\nLogging AWS Migration Hub API Calls with AWS CloudTrail<br \/>\n08\/14\/2017<\/p>\n<p>AWS Mobile Hub<br \/>\nLogging AWS Mobile CLI API Calls with AWS CloudTrail<br \/>\n06\/29\/2018<\/p>\n<p>Amazon MQ<br \/>\nLogging Amazon MQ API Calls Using AWS CloudTrail<br \/>\n07\/19\/2018<\/p>\n<p>Amazon Neptune<br \/>\nLogging Amazon Neptune API Calls Using AWS CloudTrail<br \/>\n05\/30\/2018<\/p>\n<p>AWS Network Firewall<br \/>\nLogging calls to the AWS Network Firewall API with AWS CloudTrail<br \/>\n11\/17\/2020<\/p>\n<p>AWS OpsWorks for Chef Automate<br \/>\nLogging AWS OpsWorks for Chef Automate API Calls with AWS CloudTrail<br \/>\n07\/16\/2018<\/p>\n<p>AWS OpsWorks for Puppet Enterprise<br \/>\nLogging OpsWorks for Puppet Enterprise API Calls with AWS CloudTrail<br \/>\n07\/16\/2018<\/p>\n<p>AWS OpsWorks Stacks<br \/>\nLogging AWS OpsWorks Stacks API Calls with AWS CloudTrail<br \/>\n06\/04\/2014<\/p>\n<p>AWS Organizations<br \/>\nLogging AWS Organizations Events with AWS CloudTrail<br \/>\n02\/27\/2017<\/p>\n<p>AWS Outposts<br \/>\nLogging AWS Outposts API calls with AWS CloudTrail<br \/>\n02\/04\/2020<\/p>\n<p>AWS Health Dashboard<br \/>\nLogging AWS Health API Calls with AWS CloudTrail<br \/>\n12\/01\/2016<\/p>\n<p>Amazon Personalize<br \/>\nLogging Amazon Personalize API Calls with AWS CloudTrail<br \/>\n11\/28\/2018<\/p>\n<p>Amazon Pinpoint<br \/>\nLogging Amazon Pinpoint API Calls with AWS CloudTrail<br \/>\n02\/06\/2018<\/p>\n<p>Amazon Pinpoint SMS and Voice API<br \/>\nLogging Amazon Pinpoint API Calls with AWS CloudTrail<br \/>\n11\/16\/2018<\/p>\n<p>Amazon Polly<br \/>\nLogging Amazon Polly API Calls with AWS CloudTrail<br \/>\n11\/30\/2016<\/p>\n<p>Amazon Quantum Ledger Database (Amazon QLDB)<br \/>\nLogging Amazon QLDB API Calls with AWS CloudTrail<br \/>\n09\/10\/2019<\/p>\n<p>AWS Certificate Manager Private Certificate Authority<br \/>\nUsing CloudTrail<br \/>\n04\/04\/2018<\/p>\n<p>Amazon QuickSight<br \/>\nLogging Operations with CloudTrail<br \/>\n04\/28\/2017<\/p>\n<p>Amazon Redshift<br \/>\nLogging Amazon Redshift API Calls with AWS CloudTrail<br \/>\n06\/10\/2014<\/p>\n<p>Amazon Rekognition<br \/>\nLogging Amazon Rekognition API Calls Using AWS CloudTrail<br \/>\n04\/6\/2018<\/p>\n<p>Amazon Relational Database Service (Amazon RDS)<br \/>\nLogging Amazon RDS API Calls Using AWS CloudTrail<br \/>\n11\/13\/2013<\/p>\n<p>Amazon RDS Performance Insights<br \/>\nLogging Amazon RDS API Calls Using AWS CloudTrail<br \/>\n06\/21\/2018<\/p>\n<p>The Amazon RDS Performance Insights API is a subset of the Amazon RDS API.<\/p>\n<p>AWS Resilience Hub<br \/>\nAWS CloudTrail<br \/>\n11\/10\/2021<\/p>\n<p>AWS Resource Access Manager (AWS RAM)<br \/>\nLogging AWS RAM API Calls with AWS CloudTrail<br \/>\n11\/20\/2018<\/p>\n<p>AWS Resource Groups<br \/>\nLogging AWS Resource Groups API Calls with AWS CloudTrail<br \/>\n06\/29\/2018<\/p>\n<p>AWS RoboMaker<br \/>\nLogging AWS RoboMaker API Calls with AWS CloudTrail<br \/>\n01\/16\/2019<\/p>\n<p>Amazon Route\u00a053<br \/>\nUsing AWS CloudTrail to Capture Requests Sent to the Route\u00a053 API<br \/>\n02\/11\/2015<\/p>\n<p>Amazon Route\u00a053 Application Recovery Controller<br \/>\nLogging Amazon Route\u00a053 Application Recovery Controller API calls using AWS CloudTrail<br \/>\n07\/27\/2021<\/p>\n<p>Amazon SageMaker<br \/>\nLogging Amazon SageMaker API Calls with AWS CloudTrail<br \/>\n01\/11\/2018<\/p>\n<p>AWS Secrets Manager<br \/>\nMonitor the Use of Your AWS Secrets Manager Secrets<br \/>\n04\/05\/2018<\/p>\n<p>AWS Security Hub<br \/>\nLogging AWS Security Hub API Calls with AWS CloudTrail<br \/>\n11\/27\/2018<\/p>\n<p>AWS Security Token Service (AWS STS)<br \/>\nLogging IAM Events with AWS CloudTrail<br \/>\n11\/13\/2013<\/p>\n<p>The IAM topic includes information for AWS STS.<\/p>\n<p>AWS Server Migration Service<br \/>\nAWS SMS API Reference<br \/>\n11\/14\/2016<\/p>\n<p>AWS Serverless Application Repository<br \/>\nLogging AWS Serverless Application Repository API Calls with AWS CloudTrail<br \/>\n02\/20\/2018<\/p>\n<p>AWS Service Catalog<br \/>\nLogging AWS Service Catalog API Calls with AWS CloudTrail<br \/>\n07\/06\/2016<\/p>\n<p>Service Quotas<\/p>\n<p>06\/24\/2019<\/p>\n<p>AWS Shield<br \/>\nLogging Shield Advanced API Calls with AWS CloudTrail<br \/>\n02\/08\/2018<\/p>\n<p>Amazon Simple Email Service (Amazon SES)<br \/>\nLogging Amazon SES API Calls By Using AWS CloudTrail<br \/>\n05\/07\/2015<\/p>\n<p>Amazon Simple Notification Service (Amazon SNS)<br \/>\nLogging Amazon Simple Notification Service API Calls By Using AWS CloudTrail<br \/>\n10\/09\/2014<\/p>\n<p>Amazon Simple Queue Service (Amazon SQS)<br \/>\nLogging Amazon SQS API Actions Using AWS CloudTrail<br \/>\n07\/16\/2014<\/p>\n<p>Amazon Simple Storage Service<br \/>\nLogging Amazon S3 API Calls By Using AWS CloudTrail<br \/>\nManagement events: 09\/01\/2015<\/p>\n<p>Data events: 11\/21\/2016<\/p>\n<p>Amazon Simple Workflow Service (Amazon SWF)<br \/>\nLogging Amazon Simple Workflow Service API Calls with AWS CloudTrail<br \/>\n05\/13\/2014<\/p>\n<p>AWS Single Sign-On (AWS SSO)<br \/>\nLogging AWS SSO API Calls with AWS CloudTrail<br \/>\n12\/07\/2017<\/p>\n<p>AWS Snowball<br \/>\nLogging AWS Snowball API Calls with AWS CloudTrail<br \/>\n01\/25\/2019<\/p>\n<p>AWS Snowball Edge<br \/>\nLogging AWS Snowball Edge API Calls with AWS CloudTrail<br \/>\n01\/25\/2019<\/p>\n<p>AWS Step Functions<br \/>\nLogging AWS Step Functions API Calls with AWS CloudTrail<br \/>\n12\/01\/2016<\/p>\n<p>Storage Gateway<br \/>\nLogging Storage Gateway API Calls by Using AWS CloudTrail<br \/>\n12\/16\/2014<\/p>\n<p>AWS Support<br \/>\nLogging AWS Support API Calls with AWS CloudTrail<br \/>\n04\/21\/2016<\/p>\n<p>AWS Systems Manager<br \/>\nLogging AWS Systems Manager API Calls with AWS CloudTrail<br \/>\n11\/13\/2013<\/p>\n<p>AWS Systems Manager Incident Manager<br \/>\nLogging AWS Systems Manager Incident Manager API calls using AWS CloudTrail<br \/>\n05\/10\/2021<\/p>\n<p>Amazon Textract<br \/>\nLogging Amazon Textract API Calls with AWS CloudTrail<br \/>\n05\/29\/2019<\/p>\n<p>Amazon Transcribe<br \/>\nLogging Amazon Transcribe API Calls with AWS CloudTrail<br \/>\n06\/28\/2018<\/p>\n<p>AWS Transfer for SFTP<br \/>\nLogging AWS Transfer for SFTP API Calls with AWS CloudTrail<br \/>\n01\/08\/2019<\/p>\n<p>Amazon Translate<br \/>\nLogging Amazon Translate API Calls with AWS CloudTrail<br \/>\n04\/04\/2018<\/p>\n<p>AWS Transit Gateway<br \/>\nLogging API Calls for Your Transit Gateway Using AWS CloudTrail<br \/>\n11\/26\/2018<\/p>\n<p>AWS Trusted Advisor<br \/>\nLogging AWS Trusted Advisor console actions with AWS CloudTrail<br \/>\n10\/22\/2020<\/p>\n<p>Amazon Virtual Private Cloud (Amazon VPC)<br \/>\nLogging API Calls Using AWS CloudTrail<br \/>\n11\/13\/2013<\/p>\n<p>The Amazon VPC API is a subset of the Amazon EC2 API.<\/p>\n<p>AWS WAF<br \/>\nLogging AWS WAF API Calls with AWS CloudTrail<br \/>\n04\/28\/2016<\/p>\n<p>AWS Well-Architected Tool<br \/>\nLogging AWS Well-Architected Tool API Calls with AWS CloudTrail<br \/>\n12\/15\/2020<\/p>\n<p>Amazon WorkDocs<br \/>\nLogging Amazon WorkDocs API Calls By Using AWS CloudTrail<br \/>\n08\/27\/2014<\/p>\n<p>Amazon WorkLink<br \/>\nLogging Amazon WorkLink API Calls with AWS CloudTrail<br \/>\n01\/23\/2019<\/p>\n<p>Amazon WorkMail<br \/>\nLogging Amazon WorkMail API Calls Using AWS CloudTrail<br \/>\n12\/12\/2017<\/p>\n<p>Amazon WorkSpaces<br \/>\nLogging Amazon WorkSpaces API Calls by Using CloudTrail<br \/>\n04\/09\/2015<\/p>\n<p>Amazon WorkSpaces Web<br \/>\nLogging Amazon WorkSpaces Web API calls using AWS CloudTrail<br \/>\n11\/30\/2021<\/p>\n<p>AWS X-Ray<br \/>\nLogging AWS X-Ray API Calls With CloudTrail<br \/>\n04\/25\/2018<\/p>\n<\/details>\n<details>AWS\u4e0d\u652f\u6301\u7684\u670d\u52a1\u5217\u8868AWS\u670d\u52a1 \u5f00\u59cb\u65e5\u671f<\/p>\n<p>AWS Import\/Export 2020\u5e746\u670817\u65e5<br \/>\nAWS Price List 2018\u5e7412\u670817\u65e5<br \/>\nAWS Deep Learning AMI 2017\u5e7411\u670815\u65e5<br \/>\nAmazon WorkSpaces Application Manager 2015\u5e744\u67089\u65e5<br \/>\nAWS Artifact 2016\u5e7411\u670830\u65e5<br \/>\nAWS DeepComposer 2019\u5e7412\u67082\u65e5<br \/>\nAWS DeepLens 2017\u5e7411\u670829\u65e5<br \/>\nAWS DeepRacer 2019\u5e744\u670829\u65e5<br \/>\nAWS Snowmobile 2016\u5e7411\u670830\u65e5<br \/>\nAmazon Sumerian 2018\u5e745\u670815\u65e5<\/p>\n<\/details>\n<h3>\u8bf7\u63d0\u4f9b\u4e0b\u8ff0\u7684\u53c2\u8003\u8d44\u6599\u3002<\/h3>\n<p>\u4e9a\u9a6c\u900a\u7f51\u7edc\u670d\u52a1\u9ed1\u5e26_\u4e91\u8ddf\u8e2a<\/p>\n<h2>\u4e8b\u524d\u51c6\u5907 (Sh\u00ec<\/h2>\n<div><img decoding=\"async\" class=\"post-images\" title=\"\" src=\"https:\/\/cdn.silicloud.com\/blog-img\/blog\/img\/657d9310913a08637a6e57e1\/37-1.png\" alt=\"\u30b9\u30af\u30ea\u30fc\u30f3\u30b7\u30e7\u30c3\u30c8_2022-03-12_16_13_16.png (69.1 kB)\" \/><\/div>\n<h2>CDK<\/h2>\n<p>\u6211\u5011\u5c07\u5728\u672c\u6b21\u9032\u884c\u4e2d\u4f7f\u7528\u591a\u500bStack\u4f86\u90e8\u7f72\u76f8\u95dc\u8cc7\u6e90\u3002<\/p>\n<p>\u6aa2\u67e5\u8005\u53ef\u6839\u64da\u9700\u8981\u6307\u5b9aContext\u7684slackWorkspaceId\u548cslackChannelId\u3002<\/p>\n<details>cdk.jsoncdk.json<br \/>\n{<br \/>\n&#8220;app&#8221;: &#8220;npx ts-node &#8211;prefer-ts-exts bin\/src.ts&#8221;,<br \/>\n&#8220;watch&#8221;: {<br \/>\n&#8220;include&#8221;: [<br \/>\n&#8220;**&#8221;<br \/>\n],<br \/>\n&#8220;exclude&#8221;: [<br \/>\n&#8220;README.md&#8221;,<br \/>\n&#8220;cdk*.json&#8221;,<br \/>\n&#8220;**\/*.d.ts&#8221;,<br \/>\n&#8220;**\/*.js&#8221;,<br \/>\n&#8220;tsconfig.json&#8221;,<br \/>\n&#8220;package*.json&#8221;,<br \/>\n&#8220;yarn.lock&#8221;,<br \/>\n&#8220;node_modules&#8221;,<br \/>\n&#8220;test&#8221;<br \/>\n]<br \/>\n},<br \/>\n&#8220;context&#8221;: {<br \/>\n&#8220;@aws-cdk\/aws-apigateway:usagePlanKeyOrderInsensitiveId&#8221;: true,<br \/>\n&#8220;@aws-cdk\/core:stackRelativeExports&#8221;: true,<br \/>\n&#8220;@aws-cdk\/aws-rds:lowercaseDbIdentifier&#8221;: true,<br \/>\n&#8220;@aws-cdk\/aws-lambda:recognizeVersionProps&#8221;: true,<br \/>\n&#8220;@aws-cdk\/aws-cloudfront:defaultSecurityPolicyTLSv1.2_2021&#8221;: true,<br \/>\n&#8220;@aws-cdk-containers\/ecs-service-extensions:enableDefaultLogDriver&#8221;: true,<br \/>\n&#8220;@aws-cdk\/core:target-partitions&#8221;: [<br \/>\n&#8220;aws&#8221;,<br \/>\n&#8220;aws-cn&#8221;<br \/>\n],<br \/>\n&#8220;prefix&#8221;: &#8220;\u6837\u672c&#8221;,<br \/>\n&#8220;slackWorkspaceId&#8221;:&#8221;xxxxxxxxx&#8221;,<br \/>\n&#8220;slackChannelId&#8221;:&#8221;xxxxxxxxxx&#8221;,<br \/>\n}<br \/>\n}<\/p>\n<\/details>\n<details>bin\/src.ts<br \/>\n#!\/usr\/bin\/env node<br \/>\nimport * as cdk from &#8220;aws-cdk-lib&#8221;;<br \/>\nimport { SnsStack } from &#8220;..\/lib\/sns-stack&#8221;;<br \/>\nimport { ChatbotStack } from &#8220;..\/lib\/chatbot-stack&#8221;;<br \/>\nimport { SecrityStack } from &#8220;..\/lib\/secrity-stack&#8221;;const app = new cdk.App();<br \/>\nconst prefix = app.node.tryGetContext(&#8220;prefix&#8221;); \/\/ \u83b7\u53d6Context\u4e2d\u6307\u5b9a\u7684prefix<\/p>\n<p>const snsStack = new SnsStack(app, `${prefix}-sns-stack`);<br \/>\nconst chatbotStack = new ChatbotStack(app, `${prefix}-chatbot-stack`, snsStack);<br \/>\nconst securityStack = new SecrityStack(app, `${prefix}-security-stack`, snsStack);<\/p>\n<p>chatbotStack.addDependency(snsStack);<br \/>\nsecurityStack.addDependency(snsStack);<\/p>\n<\/details>\n<details>lib\/sns-stack.tssns-stack.ts<br \/>\nimport * as cdk from &#8220;aws-cdk-lib&#8221;;<br \/>\nimport * as sns from &#8220;aws-cdk-lib\/aws-sns&#8221;;<br \/>\nimport * as iam from &#8216;aws-cdk-lib\/aws-iam&#8217;;<\/p>\n<p>export interface SnsStackProps {<br \/>\nreadonly snsTopic: sns.Topic<br \/>\n}<\/p>\n<p>export class SnsStack extends cdk.Stack {<br \/>\npublic readonly snsTopic: sns.Topic<\/p>\n<p>\/\/ \u521b\u5efaSNS\u4e3b\u9898<br \/>\nprivate createSnsTopic(name: string): sns.Topic {<\/p>\n<p>const snsTopic = new sns.Topic(this, `${name}`, {<br \/>\ndisplayName: &#8220;\u5b89\u5168\u901a\u77e5&#8221;,<br \/>\ntopicName: name,<br \/>\n});<br \/>\nsnsTopic.addToResourcePolicy(new iam.PolicyStatement({<br \/>\nsid: &#8216;SNSPublishingPermissions&#8217;,<br \/>\neffect: iam.Effect.ALLOW,<br \/>\nprincipals: [<br \/>\nnew iam.ServicePrincipal(&#8216;config.amazonaws.com&#8217;),<br \/>\nnew iam.ServicePrincipal(&#8216;events.amazonaws.com&#8217;)<br \/>\n],<br \/>\nactions: [&#8216;SNS:Publish&#8217;],<br \/>\nresources: [snsTopic.topicArn],<br \/>\n}));<br \/>\nreturn snsTopic;<br \/>\n}<\/p>\n<p>constructor(scope: cdk.App, id: string, props?: cdk.StackProps) {<br \/>\nsuper(scope, id, props);<\/p>\n<p>const prefix = this.node.tryGetContext(&#8220;prefix&#8221;); \/\/ \u83b7\u53d6\u4e0a\u4e0b\u6587\u4e2d\u6307\u5b9a\u7684\u524d\u7f00<\/p>\n<p>this.snsTopic = this.createSnsTopic(`${prefix}-sns-topic`);<br \/>\n}<br \/>\n}<\/p>\n<\/details>\n<details>lib\/chatbot-stack.tschatbot-stack.ts<br \/>\nimport * as cdk from &#8220;aws-cdk-lib&#8221;;<br \/>\nimport * as sns from &#8220;aws-cdk-lib\/aws-sns&#8221;;<br \/>\nimport type { SnsStackProps } from &#8220;.\/sns-stack&#8221;<br \/>\nimport * as chatbot from &#8220;aws-cdk-lib\/aws-chatbot&#8221;;<\/p>\n<p>export class ChatbotStack extends cdk.Stack {<\/p>\n<p>\/\/ \u804a\u5929\u673a\u5668\u4eba<br \/>\nprivate createChatbot(name: string, sns: sns.Topic): chatbot.SlackChannelConfiguration {<br \/>\nconst slackWorkspaceId = this.node.tryGetContext(&#8220;slackWorkspaceId&#8221;); \/\/ \u83b7\u53d6\u4e0a\u4e0b\u6587\u4e2d\u6307\u5b9a\u7684slackworkspaceid<br \/>\nconst slackChannelId = this.node.tryGetContext(&#8220;slackChannelId&#8221;); \/\/ \u83b7\u53d6\u4e0a\u4e0b\u6587\u4e2d\u6307\u5b9a\u7684slackchannelid<\/p>\n<p>const slackchatbot = new chatbot.SlackChannelConfiguration(this, `${name}`, {<br \/>\nslackChannelConfigurationName: name,<br \/>\nslackWorkspaceId: slackWorkspaceId, \/\/ \u9884\u5148\u5728\u63a7\u5236\u53f0\u4e0a\u5411chatbot\u6388\u4e88\u8bbf\u95eeslackworkspace\u7684\u6743\u9650<br \/>\nslackChannelId: slackChannelId,<br \/>\nloggingLevel: chatbot.LoggingLevel.INFO,<br \/>\nnotificationTopics: [sns],<br \/>\n});<br \/>\nreturn slackchatbot;<br \/>\n}<\/p>\n<p>constructor(scope: cdk.App, id: string, SnsStack: SnsStackProps, props?: cdk.StackProps) {<br \/>\nsuper(scope, id, props);<\/p>\n<p>const prefix = this.node.tryGetContext(&#8220;prefix&#8221;); \/\/ \u83b7\u53d6\u4e0a\u4e0b\u6587\u4e2d\u6307\u5b9a\u7684\u524d\u7f00<\/p>\n<p>this.createChatbot(`${prefix}-chatbot`, SnsStack.snsTopic);<br \/>\n}<br \/>\n}<\/p>\n<\/details>\n<h3>\u5b89\u5168\u5806\u6808<\/h3>\n<p>\u521b\u5efa\u8d44\u6e90<\/p>\n<div>\n<div class=\"post-table\">\u30ea\u30bd\u30fc\u30b9\u8a2d\u5b9a\u5024S3\u6697\u53f7\u5316<br \/>\n1\u5e74\u5f8c\u306bGlacier\u3078\u79fb\u884c<br \/>\n\u30d1\u30d6\u30ea\u30c3\u30af\u30fb\u30a2\u30af\u30bb\u30b9\u30d6\u30ed\u30c3\u30af<br \/>\n\u524a\u9664\u30dd\u30ea\u30b7\u30fc(Destroy)SecurityHub\u57fa\u790e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u306e\u30d9\u30b9\u30c8\u30d7\u30e9\u30af\u30c6\u30a3\u30b9\u306e\u81ea\u52d5\u30c1\u30a7\u30c3\u30af\u6709\u52b9\u5316GuardDutyGuardDuty\u6709\u52b9\u5316CloudTrailCloudWatchlogs\u3078\u914d\u4fe1\u6709\u52b9\u5316<br \/>\n\u30ed\u30b0\u30d5\u30a1\u30a4\u30eb\u306e\u6574\u5408\u6027\u306e\u691c\u8a3c\u3092\u6709\u52b9Config\u30b5\u30dd\u30fc\u30c8\u3055\u308c\u3066\u3044\u308b\u5168\u3066\u306e\u30b5\u30fc\u30d3\u30b9\u3092\u8a18\u9332(\u30b0\u30ed\u30fc\u30d0\u30eb\u30b5\u30fc\u30d3\u30b9\u542b\u3080)<br \/>\n24\u6642\u9593\u6bce\u306b\u8a18\u9332\u60c5\u5831\u3092S3\u3001sns\u306b\u914d\u4fe1EventBridgeGuardDuty-&gt;\u91cd\u8981\u5ea6\uff1a\u9ad8\u4ee5\u4e0a\u3067\u901a\u77e5<br \/>\nSecurityHub-&gt;\u30b3\u30f3\u30d7\u30e9\u30a4\u30a2\u30f3\u30b9\u30c1\u30a7\u30c3\u30af\u306bPass\u3057\u306a\u304b\u3063\u305f\u3082\u306e\u3067\u3001\u91cd\u8981\u5ea6\u304cMIDDLE\u4ee5\u4e0a\u306e\u65b0\u898f\u9805\u76ee\u3092\u901a\u77e5<br \/>\nConfig-&gt;\u30ea\u30bd\u30fc\u30b9\u8a2d\u5b9a\u306a\u3069\u304c\u5909\u66f4\u3055\u308c\u305f\u3082\u306e\u3092\u901a\u77e5<br \/>\nTrail-&gt;Root\u30e6\u30fc\u30b6\u306b\u3088\u308bAWS\u30b3\u30f3\u30bd\u30fc\u30eb\u30ed\u30b0\u30a4\u30f3\u3092\u901a\u77e5<\/div>\n<\/div>\n<p>\u9664\u4e86\u9ed8\u8ba4\u7684\u5e94\u7528\u8bbe\u7f6e\u4e4b\u5916\u7684\u9879\u76ee<\/p>\n<pre class=\"post-pre\"><code><span class=\"k\">import<\/span> <span class=\"o\">*<\/span> <span class=\"k\">as<\/span> <span class=\"nx\">cdk<\/span> <span class=\"k\">from<\/span> <span class=\"dl\">\"<\/span><span class=\"s2\">aws-cdk-lib<\/span><span class=\"dl\">\"<\/span><span class=\"p\">;<\/span>\r\n<span class=\"k\">import<\/span> <span class=\"kd\">type<\/span> <span class=\"p\">{<\/span> <span class=\"nx\">SnsStackProps<\/span> <span class=\"p\">}<\/span> <span class=\"k\">from<\/span> <span class=\"dl\">\"<\/span><span class=\"s2\">.\/sns-stack<\/span><span class=\"dl\">\"<\/span>\r\n<span class=\"k\">import<\/span> <span class=\"o\">*<\/span> <span class=\"k\">as<\/span> <span class=\"nx\">iam<\/span> <span class=\"k\">from<\/span> <span class=\"dl\">'<\/span><span class=\"s1\">aws-cdk-lib\/aws-iam<\/span><span class=\"dl\">'<\/span><span class=\"p\">;<\/span>\r\n<span class=\"k\">import<\/span> <span class=\"o\">*<\/span> <span class=\"k\">as<\/span> <span class=\"nx\">sns<\/span> <span class=\"k\">from<\/span> <span class=\"dl\">'<\/span><span class=\"s1\">aws-cdk-lib\/aws-sns<\/span><span class=\"dl\">'<\/span><span class=\"p\">;<\/span>\r\n<span class=\"k\">import<\/span> <span class=\"o\">*<\/span> <span class=\"k\">as<\/span> <span class=\"nx\">s3<\/span> <span class=\"k\">from<\/span> <span class=\"dl\">\"<\/span><span class=\"s2\">aws-cdk-lib\/aws-s3<\/span><span class=\"dl\">\"<\/span><span class=\"p\">;<\/span>\r\n<span class=\"k\">import<\/span> <span class=\"o\">*<\/span> <span class=\"k\">as<\/span> <span class=\"nx\">sechub<\/span> <span class=\"k\">from<\/span> <span class=\"dl\">'<\/span><span class=\"s1\">aws-cdk-lib\/aws-securityhub<\/span><span class=\"dl\">'<\/span><span class=\"p\">;<\/span>\r\n<span class=\"k\">import<\/span> <span class=\"o\">*<\/span> <span class=\"k\">as<\/span> <span class=\"nx\">guardduty<\/span> <span class=\"k\">from<\/span> <span class=\"dl\">'<\/span><span class=\"s1\">aws-cdk-lib\/aws-guardduty<\/span><span class=\"dl\">'<\/span><span class=\"p\">;<\/span>\r\n<span class=\"k\">import<\/span> <span class=\"o\">*<\/span> <span class=\"k\">as<\/span> <span class=\"nx\">config<\/span> <span class=\"k\">from<\/span> <span class=\"dl\">'<\/span><span class=\"s1\">aws-cdk-lib\/aws-config<\/span><span class=\"dl\">'<\/span><span class=\"p\">;<\/span>\r\n<span class=\"k\">import<\/span> <span class=\"o\">*<\/span> <span class=\"k\">as<\/span> <span class=\"nx\">trail<\/span> <span class=\"k\">from<\/span> <span class=\"dl\">'<\/span><span class=\"s1\">aws-cdk-lib\/aws-cloudtrail<\/span><span class=\"dl\">'<\/span><span class=\"p\">;<\/span>\r\n<span class=\"k\">import<\/span> <span class=\"o\">*<\/span> <span class=\"k\">as<\/span> <span class=\"nx\">events<\/span> <span class=\"k\">from<\/span> <span class=\"dl\">\"<\/span><span class=\"s2\">aws-cdk-lib\/aws-events<\/span><span class=\"dl\">\"<\/span><span class=\"p\">;<\/span>\r\n<span class=\"k\">import<\/span> <span class=\"o\">*<\/span> <span class=\"k\">as<\/span> <span class=\"nx\">targets<\/span> <span class=\"k\">from<\/span> <span class=\"dl\">\"<\/span><span class=\"s2\">aws-cdk-lib\/aws-events-targets<\/span><span class=\"dl\">\"<\/span><span class=\"p\">;<\/span>\r\n\r\n<span class=\"k\">export<\/span> <span class=\"kr\">interface<\/span> <span class=\"nx\">SecrityStackProps<\/span> <span class=\"p\">{<\/span>\r\n  <span class=\"k\">readonly<\/span> <span class=\"nx\">s3bucket<\/span><span class=\"p\">:<\/span> <span class=\"nx\">s3<\/span><span class=\"p\">.<\/span><span class=\"nx\">Bucket<\/span><span class=\"p\">;<\/span>\r\n<span class=\"p\">}<\/span>\r\n\r\n<span class=\"k\">export<\/span> <span class=\"kd\">class<\/span> <span class=\"nc\">SecrityStack<\/span> <span class=\"kd\">extends<\/span> <span class=\"nc\">cdk<\/span><span class=\"p\">.<\/span><span class=\"nx\">Stack<\/span> <span class=\"p\">{<\/span>\r\n  <span class=\"k\">public<\/span> <span class=\"k\">readonly<\/span> <span class=\"nx\">s3bucket<\/span><span class=\"p\">:<\/span> <span class=\"nx\">s3<\/span><span class=\"p\">.<\/span><span class=\"nx\">Bucket<\/span><span class=\"p\">;<\/span>\r\n\r\n  <span class=\"c1\">\/\/ S3<\/span>\r\n  <span class=\"k\">private<\/span> <span class=\"nf\">createS3Bucket<\/span><span class=\"p\">(<\/span><span class=\"nx\">name<\/span><span class=\"p\">:<\/span> <span class=\"kr\">string<\/span><span class=\"p\">):<\/span> <span class=\"nx\">s3<\/span><span class=\"p\">.<\/span><span class=\"nx\">Bucket<\/span> <span class=\"p\">{<\/span>\r\n    <span class=\"kd\">const<\/span> <span class=\"nx\">accountId<\/span> <span class=\"o\">=<\/span> <span class=\"nx\">cdk<\/span><span class=\"p\">.<\/span><span class=\"nx\">Stack<\/span><span class=\"p\">.<\/span><span class=\"k\">of<\/span><span class=\"p\">(<\/span><span class=\"k\">this<\/span><span class=\"p\">).<\/span><span class=\"nx\">account<\/span><span class=\"p\">;<\/span>\r\n\r\n    <span class=\"kd\">const<\/span> <span class=\"nx\">s3bucket<\/span> <span class=\"o\">=<\/span> <span class=\"k\">new<\/span> <span class=\"nx\">s3<\/span><span class=\"p\">.<\/span><span class=\"nc\">Bucket<\/span><span class=\"p\">(<\/span><span class=\"k\">this<\/span><span class=\"p\">,<\/span> <span class=\"s2\">`<\/span><span class=\"p\">${<\/span><span class=\"nx\">name<\/span><span class=\"p\">}<\/span><span class=\"s2\">`<\/span><span class=\"p\">,<\/span> <span class=\"p\">{<\/span>\r\n      <span class=\"na\">bucketName<\/span><span class=\"p\">:<\/span> <span class=\"nx\">name<\/span><span class=\"p\">,<\/span>\r\n      <span class=\"na\">encryption<\/span><span class=\"p\">:<\/span> <span class=\"nx\">s3<\/span><span class=\"p\">.<\/span><span class=\"nx\">BucketEncryption<\/span><span class=\"p\">.<\/span><span class=\"nx\">S3_MANAGED<\/span><span class=\"p\">,<\/span>\r\n      <span class=\"na\">blockPublicAccess<\/span><span class=\"p\">:<\/span> <span class=\"nx\">s3<\/span><span class=\"p\">.<\/span><span class=\"nx\">BlockPublicAccess<\/span><span class=\"p\">.<\/span><span class=\"nx\">BLOCK_ALL<\/span><span class=\"p\">,<\/span>\r\n      <span class=\"na\">removalPolicy<\/span><span class=\"p\">:<\/span> <span class=\"nx\">cdk<\/span><span class=\"p\">.<\/span><span class=\"nx\">RemovalPolicy<\/span><span class=\"p\">.<\/span><span class=\"nx\">DESTROY<\/span><span class=\"p\">,<\/span> <span class=\"c1\">\/\/ \u52d5\u4f5c\u78ba\u8a8d\u5f8c\u306b\u524a\u9664\u3055\u305b\u308b\u305f\u3081'DESTROY'<\/span>\r\n      <span class=\"na\">lifecycleRules<\/span><span class=\"p\">:<\/span> <span class=\"p\">[{<\/span>\r\n        <span class=\"na\">id<\/span><span class=\"p\">:<\/span> <span class=\"s2\">`<\/span><span class=\"p\">${<\/span><span class=\"nx\">name<\/span><span class=\"p\">}<\/span><span class=\"s2\">-lifecycleRule`<\/span><span class=\"p\">,<\/span>\r\n        <span class=\"na\">transitions<\/span><span class=\"p\">:<\/span> <span class=\"p\">[<\/span>\r\n          <span class=\"p\">{<\/span><span class=\"na\">storageClass<\/span><span class=\"p\">:<\/span> <span class=\"nx\">s3<\/span><span class=\"p\">.<\/span><span class=\"nx\">StorageClass<\/span><span class=\"p\">.<\/span><span class=\"nx\">GLACIER<\/span><span class=\"p\">,<\/span> <span class=\"na\">transitionAfter<\/span><span class=\"p\">:<\/span> <span class=\"nx\">cdk<\/span><span class=\"p\">.<\/span><span class=\"nx\">Duration<\/span><span class=\"p\">.<\/span><span class=\"nf\">days<\/span><span class=\"p\">(<\/span><span class=\"mi\">365<\/span><span class=\"p\">)},<\/span> <span class=\"c1\">\/\/ 1\u5e74\u5f8cGlacier\u3078<\/span>\r\n        <span class=\"p\">]<\/span>\r\n      <span class=\"p\">}]<\/span>\r\n    <span class=\"p\">});<\/span>\r\n    <span class=\"nx\">s3bucket<\/span><span class=\"p\">.<\/span><span class=\"nf\">addToResourcePolicy<\/span><span class=\"p\">(<\/span><span class=\"k\">new<\/span> <span class=\"nx\">iam<\/span><span class=\"p\">.<\/span><span class=\"nc\">PolicyStatement<\/span><span class=\"p\">({<\/span>\r\n      <span class=\"na\">sid<\/span><span class=\"p\">:<\/span> <span class=\"s2\">`AWSConfigBucketPermissionsCheck`<\/span><span class=\"p\">,<\/span>\r\n      <span class=\"na\">effect<\/span><span class=\"p\">:<\/span> <span class=\"nx\">iam<\/span><span class=\"p\">.<\/span><span class=\"nx\">Effect<\/span><span class=\"p\">.<\/span><span class=\"nx\">ALLOW<\/span><span class=\"p\">,<\/span>\r\n      <span class=\"na\">principals<\/span><span class=\"p\">:<\/span> <span class=\"p\">[<\/span><span class=\"k\">new<\/span> <span class=\"nx\">iam<\/span><span class=\"p\">.<\/span><span class=\"nc\">ServicePrincipal<\/span><span class=\"p\">(<\/span><span class=\"s2\">`config.amazonaws.com`<\/span><span class=\"p\">)],<\/span>\r\n      <span class=\"na\">actions<\/span><span class=\"p\">:<\/span> <span class=\"p\">[<\/span><span class=\"dl\">\"<\/span><span class=\"s2\">s3:GetBucketAcl<\/span><span class=\"dl\">\"<\/span><span class=\"p\">],<\/span>\r\n      <span class=\"na\">resources<\/span><span class=\"p\">:<\/span> <span class=\"p\">[<\/span><span class=\"nx\">s3bucket<\/span><span class=\"p\">.<\/span><span class=\"nx\">bucketArn<\/span><span class=\"p\">],<\/span>\r\n    <span class=\"p\">}))<\/span>\r\n    <span class=\"nx\">s3bucket<\/span><span class=\"p\">.<\/span><span class=\"nf\">addToResourcePolicy<\/span><span class=\"p\">(<\/span><span class=\"k\">new<\/span> <span class=\"nx\">iam<\/span><span class=\"p\">.<\/span><span class=\"nc\">PolicyStatement<\/span><span class=\"p\">({<\/span>\r\n      <span class=\"na\">sid<\/span><span class=\"p\">:<\/span> <span class=\"s2\">`AWSConfigBucketDelivery`<\/span><span class=\"p\">,<\/span>\r\n      <span class=\"na\">effect<\/span><span class=\"p\">:<\/span> <span class=\"nx\">iam<\/span><span class=\"p\">.<\/span><span class=\"nx\">Effect<\/span><span class=\"p\">.<\/span><span class=\"nx\">ALLOW<\/span><span class=\"p\">,<\/span>\r\n      <span class=\"na\">principals<\/span><span class=\"p\">:<\/span> <span class=\"p\">[<\/span><span class=\"k\">new<\/span> <span class=\"nx\">iam<\/span><span class=\"p\">.<\/span><span class=\"nc\">ServicePrincipal<\/span><span class=\"p\">(<\/span><span class=\"s2\">`config.amazonaws.com`<\/span><span class=\"p\">)],<\/span>\r\n      <span class=\"na\">actions<\/span><span class=\"p\">:<\/span> <span class=\"p\">[<\/span><span class=\"dl\">\"<\/span><span class=\"s2\">s3:PutObject<\/span><span class=\"dl\">\"<\/span><span class=\"p\">],<\/span>\r\n      <span class=\"na\">resources<\/span><span class=\"p\">:<\/span> <span class=\"p\">[<\/span><span class=\"nx\">s3bucket<\/span><span class=\"p\">.<\/span><span class=\"nx\">bucketArn<\/span> <span class=\"o\">+<\/span> <span class=\"dl\">\"<\/span><span class=\"s2\">\/AWSLogs\/<\/span><span class=\"dl\">\"<\/span> <span class=\"o\">+<\/span> <span class=\"nx\">accountId<\/span> <span class=\"o\">+<\/span> <span class=\"dl\">\"<\/span><span class=\"s2\">\/*<\/span><span class=\"dl\">\"<\/span><span class=\"p\">],<\/span>\r\n    <span class=\"p\">}))<\/span>\r\n  <span class=\"k\">return<\/span> <span class=\"nx\">s3bucket<\/span><span class=\"p\">;<\/span>\r\n  <span class=\"p\">}<\/span>\r\n\r\n  <span class=\"c1\">\/\/ securityhub<\/span>\r\n  <span class=\"k\">private<\/span> <span class=\"nf\">createSecurityHub<\/span><span class=\"p\">(<\/span><span class=\"nx\">name<\/span><span class=\"p\">:<\/span> <span class=\"kr\">string<\/span><span class=\"p\">):<\/span> <span class=\"k\">void<\/span> <span class=\"p\">{<\/span>\r\n\r\n    <span class=\"kd\">const<\/span> <span class=\"nx\">securityhub<\/span> <span class=\"o\">=<\/span> <span class=\"k\">new<\/span> <span class=\"nx\">sechub<\/span><span class=\"p\">.<\/span><span class=\"nc\">CfnHub<\/span><span class=\"p\">(<\/span><span class=\"k\">this<\/span><span class=\"p\">,<\/span> <span class=\"s2\">`<\/span><span class=\"p\">${<\/span><span class=\"nx\">name<\/span><span class=\"p\">}<\/span><span class=\"s2\">`<\/span><span class=\"p\">,<\/span> <span class=\"p\">{<\/span>\r\n      <span class=\"na\">tags<\/span><span class=\"p\">:<\/span> <span class=\"p\">{<\/span>\r\n        <span class=\"na\">key<\/span><span class=\"p\">:<\/span> <span class=\"dl\">\"<\/span><span class=\"s2\">Name<\/span><span class=\"dl\">\"<\/span><span class=\"p\">,<\/span>\r\n        <span class=\"na\">value<\/span><span class=\"p\">:<\/span> <span class=\"s2\">`<\/span><span class=\"p\">${<\/span><span class=\"nx\">name<\/span><span class=\"p\">}<\/span><span class=\"s2\">`<\/span><span class=\"p\">,<\/span>\r\n      <span class=\"p\">},<\/span>\r\n    <span class=\"p\">});<\/span>\r\n  <span class=\"p\">}<\/span>\r\n\r\n  <span class=\"c1\">\/\/ GuardDuty<\/span>\r\n  <span class=\"k\">private<\/span> <span class=\"nf\">createGuardDuty<\/span><span class=\"p\">(<\/span><span class=\"nx\">name<\/span><span class=\"p\">:<\/span> <span class=\"kr\">string<\/span><span class=\"p\">):<\/span> <span class=\"k\">void<\/span> <span class=\"p\">{<\/span>\r\n\r\n    <span class=\"kd\">const<\/span> <span class=\"nx\">detector<\/span> <span class=\"o\">=<\/span> <span class=\"k\">new<\/span> <span class=\"nx\">guardduty<\/span><span class=\"p\">.<\/span><span class=\"nc\">CfnDetector<\/span><span class=\"p\">(<\/span><span class=\"k\">this<\/span><span class=\"p\">,<\/span> <span class=\"s2\">`<\/span><span class=\"p\">${<\/span><span class=\"nx\">name<\/span><span class=\"p\">}<\/span><span class=\"s2\">`<\/span><span class=\"p\">,<\/span> <span class=\"p\">{<\/span>\r\n      <span class=\"na\">enable<\/span><span class=\"p\">:<\/span> <span class=\"kc\">true<\/span><span class=\"p\">,<\/span>\r\n    <span class=\"p\">});<\/span>\r\n  <span class=\"p\">}<\/span>\r\n\r\n  <span class=\"c1\">\/\/ Config<\/span>\r\n  <span class=\"k\">private<\/span> <span class=\"nf\">createConfig<\/span><span class=\"p\">(<\/span><span class=\"nx\">name<\/span><span class=\"p\">:<\/span> <span class=\"kr\">string<\/span><span class=\"p\">,<\/span> <span class=\"nx\">sns<\/span><span class=\"p\">:<\/span> <span class=\"nx\">sns<\/span><span class=\"p\">.<\/span><span class=\"nx\">Topic<\/span><span class=\"p\">,<\/span> <span class=\"nx\">s3<\/span><span class=\"p\">:<\/span> <span class=\"nx\">s3<\/span><span class=\"p\">.<\/span><span class=\"nx\">IBucket<\/span><span class=\"p\">):<\/span> <span class=\"k\">void<\/span> <span class=\"p\">{<\/span>\r\n\r\n    <span class=\"kd\">const<\/span> <span class=\"nx\">configrole<\/span> <span class=\"o\">=<\/span> <span class=\"k\">new<\/span> <span class=\"nx\">iam<\/span><span class=\"p\">.<\/span><span class=\"nc\">Role<\/span><span class=\"p\">(<\/span><span class=\"k\">this<\/span><span class=\"p\">,<\/span> <span class=\"s2\">`<\/span><span class=\"p\">${<\/span><span class=\"nx\">name<\/span><span class=\"p\">}<\/span><span class=\"s2\">-configrole`<\/span><span class=\"p\">,<\/span> <span class=\"p\">{<\/span>\r\n      <span class=\"na\">roleName<\/span><span class=\"p\">:<\/span> <span class=\"nx\">name<\/span><span class=\"p\">,<\/span>\r\n      <span class=\"na\">path<\/span><span class=\"p\">:<\/span> <span class=\"dl\">'<\/span><span class=\"s1\">\/<\/span><span class=\"dl\">'<\/span><span class=\"p\">,<\/span>\r\n      <span class=\"na\">assumedBy<\/span><span class=\"p\">:<\/span> <span class=\"k\">new<\/span> <span class=\"nx\">iam<\/span><span class=\"p\">.<\/span><span class=\"nc\">CompositePrincipal<\/span><span class=\"p\">(<\/span>\r\n        <span class=\"k\">new<\/span> <span class=\"nx\">iam<\/span><span class=\"p\">.<\/span><span class=\"nc\">ServicePrincipal<\/span><span class=\"p\">(<\/span><span class=\"dl\">'<\/span><span class=\"s1\">config.amazonaws.com<\/span><span class=\"dl\">'<\/span><span class=\"p\">)<\/span>\r\n      <span class=\"p\">),<\/span>\r\n      <span class=\"na\">managedPolicies<\/span><span class=\"p\">:<\/span> <span class=\"p\">[<\/span>\r\n        <span class=\"nx\">iam<\/span><span class=\"p\">.<\/span><span class=\"nx\">ManagedPolicy<\/span><span class=\"p\">.<\/span><span class=\"nf\">fromAwsManagedPolicyName<\/span><span class=\"p\">(<\/span><span class=\"dl\">'<\/span><span class=\"s1\">service-role\/AWS_ConfigRole<\/span><span class=\"dl\">'<\/span><span class=\"p\">),<\/span>\r\n      <span class=\"p\">]<\/span>\r\n    <span class=\"p\">});<\/span>\r\n\r\n    <span class=\"kd\">const<\/span> <span class=\"nx\">recorder<\/span> <span class=\"o\">=<\/span> <span class=\"k\">new<\/span> <span class=\"nx\">config<\/span><span class=\"p\">.<\/span><span class=\"nc\">CfnConfigurationRecorder<\/span><span class=\"p\">(<\/span><span class=\"k\">this<\/span><span class=\"p\">,<\/span> <span class=\"s2\">`<\/span><span class=\"p\">${<\/span><span class=\"nx\">name<\/span><span class=\"p\">}<\/span><span class=\"s2\">-configdetector`<\/span><span class=\"p\">,<\/span> <span class=\"p\">{<\/span>\r\n      <span class=\"na\">name<\/span><span class=\"p\">:<\/span> <span class=\"nx\">name<\/span><span class=\"p\">,<\/span>\r\n      <span class=\"na\">recordingGroup<\/span><span class=\"p\">:<\/span> <span class=\"p\">{<\/span>\r\n        <span class=\"na\">allSupported<\/span><span class=\"p\">:<\/span> <span class=\"kc\">true<\/span><span class=\"p\">,<\/span> <span class=\"c1\">\/\/ \u30b5\u30dd\u30fc\u30c8\u3055\u308c\u3066\u3044\u308b\u5168\u3066\u306e\u30b5\u30fc\u30d3\u30b9\u3092\u8a18\u9332<\/span>\r\n        <span class=\"na\">includeGlobalResourceTypes<\/span><span class=\"p\">:<\/span> <span class=\"kc\">true<\/span> <span class=\"c1\">\/\/ \u30b0\u30ed\u30fc\u30d0\u30eb\u30ea\u30bd\u30fc\u30b9\u3092\u542b\u3081\u308b<\/span>\r\n      <span class=\"p\">},<\/span>\r\n      <span class=\"na\">roleArn<\/span><span class=\"p\">:<\/span> <span class=\"nx\">configrole<\/span><span class=\"p\">.<\/span><span class=\"nx\">roleArn<\/span>\r\n    <span class=\"p\">});<\/span>\r\n\r\n    <span class=\"kd\">const<\/span> <span class=\"nx\">deliverychannel<\/span> <span class=\"o\">=<\/span> <span class=\"k\">new<\/span> <span class=\"nx\">config<\/span><span class=\"p\">.<\/span><span class=\"nc\">CfnDeliveryChannel<\/span><span class=\"p\">(<\/span><span class=\"k\">this<\/span><span class=\"p\">,<\/span> <span class=\"s2\">`<\/span><span class=\"p\">${<\/span><span class=\"nx\">name<\/span><span class=\"p\">}<\/span><span class=\"s2\">-cinfigdeliverychannel`<\/span><span class=\"p\">,<\/span> <span class=\"p\">{<\/span>\r\n      <span class=\"na\">name<\/span><span class=\"p\">:<\/span> <span class=\"nx\">name<\/span><span class=\"p\">,<\/span>\r\n      <span class=\"na\">s3BucketName<\/span><span class=\"p\">:<\/span> <span class=\"nx\">s3<\/span><span class=\"p\">.<\/span><span class=\"nx\">bucketName<\/span><span class=\"p\">,<\/span>\r\n      <span class=\"na\">configSnapshotDeliveryProperties<\/span><span class=\"p\">:<\/span> <span class=\"p\">{<\/span><span class=\"na\">deliveryFrequency<\/span><span class=\"p\">:<\/span> <span class=\"dl\">'<\/span><span class=\"s1\">TwentyFour_Hours<\/span><span class=\"dl\">'<\/span><span class=\"p\">},<\/span><span class=\"err\">\u3000<\/span><span class=\"c1\">\/\/ 24\u6642\u9593\u6bce\u306b\u8a18\u9332\u60c5\u5831\u3092\u914d\u4fe1<\/span>\r\n      <span class=\"na\">snsTopicArn<\/span><span class=\"p\">:<\/span> <span class=\"nx\">sns<\/span><span class=\"p\">.<\/span><span class=\"nx\">topicArn<\/span><span class=\"p\">,<\/span>\r\n    <span class=\"p\">});<\/span>\r\n  <span class=\"p\">}<\/span>\r\n\r\n  <span class=\"c1\">\/\/ CloudTrail<\/span>\r\n  <span class=\"k\">private<\/span> <span class=\"nf\">createCloudTrail<\/span><span class=\"p\">(<\/span><span class=\"nx\">name<\/span><span class=\"p\">:<\/span> <span class=\"kr\">string<\/span><span class=\"p\">,<\/span> <span class=\"nx\">s3<\/span><span class=\"p\">:<\/span> <span class=\"nx\">s3<\/span><span class=\"p\">.<\/span><span class=\"nx\">Bucket<\/span><span class=\"p\">):<\/span> <span class=\"k\">void<\/span> <span class=\"p\">{<\/span>\r\n\r\n    <span class=\"kd\">const<\/span> <span class=\"nx\">cloudtrail<\/span> <span class=\"o\">=<\/span> <span class=\"k\">new<\/span> <span class=\"nx\">trail<\/span><span class=\"p\">.<\/span><span class=\"nc\">Trail<\/span><span class=\"p\">(<\/span><span class=\"k\">this<\/span><span class=\"p\">,<\/span> <span class=\"s2\">`<\/span><span class=\"p\">${<\/span><span class=\"nx\">name<\/span><span class=\"p\">}<\/span><span class=\"s2\">`<\/span><span class=\"p\">,<\/span> <span class=\"p\">{<\/span>\r\n      <span class=\"na\">trailName<\/span><span class=\"p\">:<\/span> <span class=\"nx\">name<\/span><span class=\"p\">,<\/span>\r\n      <span class=\"na\">sendToCloudWatchLogs<\/span><span class=\"p\">:<\/span> <span class=\"kc\">true<\/span><span class=\"p\">,<\/span> <span class=\"c1\">\/\/ logs\u9001\u4fe1\u3092\u6709\u52b9<\/span>\r\n      <span class=\"na\">enableFileValidation<\/span><span class=\"p\">:<\/span> <span class=\"kc\">true<\/span><span class=\"p\">,<\/span> <span class=\"c1\">\/\/ \u30ed\u30b0\u30d5\u30a1\u30a4\u30eb\u306e\u6574\u5408\u6027\u306e\u691c\u8a3c\u3092\u6709\u52b9<\/span>\r\n      <span class=\"na\">bucket<\/span><span class=\"p\">:<\/span> <span class=\"nx\">s3<\/span><span class=\"p\">,<\/span>\r\n    <span class=\"p\">});<\/span>\r\n  <span class=\"p\">}<\/span>\r\n\r\n  <span class=\"c1\">\/\/ EventBridge<\/span>\r\n  <span class=\"k\">private<\/span> <span class=\"nf\">createEvent<\/span><span class=\"p\">(<\/span><span class=\"nx\">name<\/span><span class=\"p\">:<\/span> <span class=\"kr\">string<\/span><span class=\"p\">,<\/span> <span class=\"nx\">sns<\/span><span class=\"p\">:<\/span> <span class=\"nx\">sns<\/span><span class=\"p\">.<\/span><span class=\"nx\">Topic<\/span><span class=\"p\">):<\/span> <span class=\"k\">void<\/span> <span class=\"p\">{<\/span>\r\n\r\n    <span class=\"c1\">\/\/ GuardDuty(\u8105\u5a01\u691c\u51fa\u306eEvent\u901a\u77e5)<\/span>\r\n    <span class=\"kd\">const<\/span> <span class=\"nx\">guardDutyRule<\/span> <span class=\"o\">=<\/span> <span class=\"k\">new<\/span> <span class=\"nx\">events<\/span><span class=\"p\">.<\/span><span class=\"nc\">Rule<\/span><span class=\"p\">(<\/span><span class=\"k\">this<\/span><span class=\"p\">,<\/span> <span class=\"s2\">`<\/span><span class=\"p\">${<\/span><span class=\"nx\">name<\/span><span class=\"p\">}<\/span><span class=\"s2\">-guardduty`<\/span><span class=\"p\">,<\/span> <span class=\"p\">{<\/span>\r\n      <span class=\"na\">eventPattern<\/span><span class=\"p\">:<\/span> <span class=\"p\">{<\/span>\r\n        <span class=\"na\">source<\/span><span class=\"p\">:<\/span> <span class=\"p\">[<\/span><span class=\"dl\">'<\/span><span class=\"s1\">aws.guardduty<\/span><span class=\"dl\">'<\/span><span class=\"p\">],<\/span>\r\n        <span class=\"na\">detailType<\/span><span class=\"p\">:<\/span> <span class=\"p\">[<\/span><span class=\"dl\">'<\/span><span class=\"s1\">GuardDuty Finding<\/span><span class=\"dl\">'<\/span><span class=\"p\">],<\/span>\r\n        <span class=\"na\">detail<\/span><span class=\"p\">:<\/span> <span class=\"p\">{<\/span>\r\n          <span class=\"na\">severity<\/span><span class=\"p\">:[{<\/span><span class=\"na\">numeric<\/span><span class=\"p\">:<\/span> <span class=\"p\">[<\/span><span class=\"dl\">\"<\/span><span class=\"s2\">&gt;=<\/span><span class=\"dl\">\"<\/span><span class=\"p\">,<\/span> <span class=\"mi\">7<\/span><span class=\"p\">]}]<\/span> <span class=\"c1\">\/\/\u3000\u91cd\u8981\u5ea6\uff1a\u9ad8\u3000\u4ee5\u4e0a\u3067\u901a\u77e5\u3002\u3000\u4f4e:0.1\u301c3.9,\u4e2d:4.0\u301c6.9,\u9ad8:7.0\u301c8.9<\/span>\r\n        <span class=\"p\">}<\/span>\r\n      <span class=\"p\">},<\/span>\r\n      <span class=\"na\">ruleName<\/span><span class=\"p\">:<\/span> <span class=\"s2\">`<\/span><span class=\"p\">${<\/span><span class=\"nx\">name<\/span><span class=\"p\">}<\/span><span class=\"s2\">-guardduty`<\/span><span class=\"p\">,<\/span>\r\n    <span class=\"p\">});<\/span>\r\n    <span class=\"nx\">guardDutyRule<\/span><span class=\"p\">.<\/span><span class=\"nf\">addTarget<\/span><span class=\"p\">(<\/span><span class=\"k\">new<\/span> <span class=\"nx\">targets<\/span><span class=\"p\">.<\/span><span class=\"nc\">SnsTopic<\/span><span class=\"p\">(<\/span><span class=\"nx\">sns<\/span><span class=\"p\">))<\/span> \r\n\r\n    <span class=\"c1\">\/\/ SecurityHub(\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30c1\u30a7\u30c3\u30af\u7d50\u679c\u306eEvent\u901a\u77e5)<\/span>\r\n    <span class=\"kd\">const<\/span> <span class=\"nx\">secrityHubRule<\/span> <span class=\"o\">=<\/span> <span class=\"k\">new<\/span> <span class=\"nx\">events<\/span><span class=\"p\">.<\/span><span class=\"nc\">Rule<\/span><span class=\"p\">(<\/span><span class=\"k\">this<\/span><span class=\"p\">,<\/span> <span class=\"s2\">`<\/span><span class=\"p\">${<\/span><span class=\"nx\">name<\/span><span class=\"p\">}<\/span><span class=\"s2\">-sechub`<\/span><span class=\"p\">,<\/span> <span class=\"p\">{<\/span>\r\n      <span class=\"na\">eventPattern<\/span><span class=\"p\">:<\/span> <span class=\"p\">{<\/span>\r\n        <span class=\"na\">source<\/span><span class=\"p\">:<\/span> <span class=\"p\">[<\/span><span class=\"dl\">'<\/span><span class=\"s1\">aws.securityhub<\/span><span class=\"dl\">'<\/span><span class=\"p\">],<\/span>\r\n        <span class=\"na\">detailType<\/span><span class=\"p\">:<\/span> <span class=\"p\">[<\/span><span class=\"dl\">'<\/span><span class=\"s1\">Security Hub Findings - Imported<\/span><span class=\"dl\">'<\/span><span class=\"p\">],<\/span>\r\n        <span class=\"na\">detail<\/span><span class=\"p\">:<\/span> <span class=\"p\">{<\/span>\r\n          <span class=\"na\">findings<\/span><span class=\"p\">:<\/span> <span class=\"p\">{<\/span>\r\n            <span class=\"na\">Compliance<\/span><span class=\"p\">:<\/span> <span class=\"p\">{<\/span> <span class=\"na\">Status<\/span><span class=\"p\">:<\/span> <span class=\"p\">[<\/span><span class=\"dl\">'<\/span><span class=\"s1\">FAILED<\/span><span class=\"dl\">'<\/span><span class=\"p\">,<\/span> <span class=\"dl\">'<\/span><span class=\"s1\">WARNING<\/span><span class=\"dl\">'<\/span><span class=\"p\">,<\/span> <span class=\"dl\">'<\/span><span class=\"s1\">NOT_AVAILABLE<\/span><span class=\"dl\">'<\/span><span class=\"p\">]},<\/span> <span class=\"c1\">\/\/\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30c1\u30a7\u30c3\u30af\u306b\"PASSED\"\u3057\u306a\u304b\u3063\u305f\u3082\u306e\u4ee5\u5916<\/span>\r\n            <span class=\"na\">RecordState<\/span><span class=\"p\">:<\/span> <span class=\"p\">[<\/span><span class=\"dl\">'<\/span><span class=\"s1\">ACTIVE<\/span><span class=\"dl\">'<\/span><span class=\"p\">],<\/span>\r\n            <span class=\"na\">Severity<\/span><span class=\"p\">:<\/span> <span class=\"p\">{<\/span> <span class=\"na\">Label<\/span><span class=\"p\">:<\/span> <span class=\"p\">[<\/span><span class=\"dl\">'<\/span><span class=\"s1\">MEDIUM<\/span><span class=\"dl\">'<\/span> <span class=\"p\">,<\/span><span class=\"dl\">'<\/span><span class=\"s1\">HIGH<\/span><span class=\"dl\">'<\/span><span class=\"p\">,<\/span> <span class=\"dl\">'<\/span><span class=\"s1\">CRITICAL<\/span><span class=\"dl\">'<\/span><span class=\"p\">]},<\/span> <span class=\"c1\">\/\/\u3000\u91cd\u8981\u5ea6\u304cMEDIUM\u3001HIGH\u3001CRITICAL\u306e\u3082\u306e\u3092\u5bfe\u8c61<\/span>\r\n            <span class=\"na\">Workflow<\/span><span class=\"p\">:<\/span> <span class=\"p\">{<\/span> <span class=\"na\">Status<\/span><span class=\"p\">:<\/span> <span class=\"p\">[<\/span><span class=\"dl\">'<\/span><span class=\"s1\">NEW<\/span><span class=\"dl\">'<\/span><span class=\"p\">]}<\/span> <span class=\"c1\">\/\/\u3000\u901a\u77e5\u6e08\u306e\u3082\u306e\u306f\u9664\u5916\u3057\u3066\u3001\u65b0\u898f\u306e\u3082\u306e\u3060\u3051<\/span>\r\n          <span class=\"p\">}<\/span>\r\n        <span class=\"p\">}<\/span>\r\n      <span class=\"p\">},<\/span>\r\n      <span class=\"na\">ruleName<\/span><span class=\"p\">:<\/span> <span class=\"s2\">`<\/span><span class=\"p\">${<\/span><span class=\"nx\">name<\/span><span class=\"p\">}<\/span><span class=\"s2\">-sechub`<\/span><span class=\"p\">,<\/span>\r\n    <span class=\"p\">});<\/span>\r\n    <span class=\"nx\">secrityHubRule<\/span><span class=\"p\">.<\/span><span class=\"nf\">addTarget<\/span><span class=\"p\">(<\/span><span class=\"k\">new<\/span> <span class=\"nx\">targets<\/span><span class=\"p\">.<\/span><span class=\"nc\">SnsTopic<\/span><span class=\"p\">(<\/span><span class=\"nx\">sns<\/span><span class=\"p\">))<\/span>\r\n\r\n    <span class=\"c1\">\/\/ Config(\u30ea\u30bd\u30fc\u30b9\u5404\u7a2e\u306e\u8a2d\u5b9a\u5909\u66f4\u3067Event\u901a\u77e5)<\/span>\r\n    <span class=\"c1\">\/\/ \u203b\u901a\u77e5\u304c\u975e\u5e38\u306b\u591a\u304f\u306a\u308b\u306e\u3067\u5b9f\u969b\u306b\u306f\u5bfe\u8c61\u3092\u7d5e\u308b\u306a\u308a\u3059\u308b<\/span>\r\n    <span class=\"kd\">const<\/span> <span class=\"nx\">configRule<\/span> <span class=\"o\">=<\/span> <span class=\"k\">new<\/span> <span class=\"nx\">events<\/span><span class=\"p\">.<\/span><span class=\"nc\">Rule<\/span><span class=\"p\">(<\/span><span class=\"k\">this<\/span><span class=\"p\">,<\/span> <span class=\"s2\">`<\/span><span class=\"p\">${<\/span><span class=\"nx\">name<\/span><span class=\"p\">}<\/span><span class=\"s2\">-config`<\/span><span class=\"p\">,<\/span> <span class=\"p\">{<\/span>\r\n      <span class=\"na\">eventPattern<\/span><span class=\"p\">:<\/span> <span class=\"p\">{<\/span>\r\n        <span class=\"na\">source<\/span><span class=\"p\">:<\/span> <span class=\"p\">[<\/span><span class=\"dl\">'<\/span><span class=\"s1\">aws.config<\/span><span class=\"dl\">'<\/span><span class=\"p\">],<\/span>\r\n        <span class=\"na\">detailType<\/span><span class=\"p\">:<\/span> <span class=\"p\">[<\/span><span class=\"dl\">'<\/span><span class=\"s1\">Config Configuration Item Change<\/span><span class=\"dl\">'<\/span><span class=\"p\">],<\/span>\r\n        <span class=\"na\">detail<\/span><span class=\"p\">:<\/span> <span class=\"p\">{<\/span>\r\n          <span class=\"na\">messageType<\/span><span class=\"p\">:[<\/span><span class=\"dl\">'<\/span><span class=\"s1\">ConfigurationItemChangeNotification<\/span><span class=\"dl\">'<\/span><span class=\"p\">]<\/span>\r\n        <span class=\"p\">}<\/span>\r\n      <span class=\"p\">},<\/span>\r\n      <span class=\"na\">ruleName<\/span><span class=\"p\">:<\/span> <span class=\"s2\">`<\/span><span class=\"p\">${<\/span><span class=\"nx\">name<\/span><span class=\"p\">}<\/span><span class=\"s2\">-config`<\/span><span class=\"p\">,<\/span>\r\n    <span class=\"p\">});<\/span>\r\n    <span class=\"nx\">configRule<\/span><span class=\"p\">.<\/span><span class=\"nf\">addTarget<\/span><span class=\"p\">(<\/span><span class=\"k\">new<\/span> <span class=\"nx\">targets<\/span><span class=\"p\">.<\/span><span class=\"nc\">SnsTopic<\/span><span class=\"p\">(<\/span><span class=\"nx\">sns<\/span><span class=\"p\">))<\/span>\r\n\r\n    <span class=\"c1\">\/\/ root login(root\u30e6\u30fc\u30b6\u306b\u3088\u308bAWS\u30b3\u30f3\u30bd\u30fc\u30eb\u30ed\u30b0\u30a4\u30f3\u3067Event\u901a\u77e5)<\/span>\r\n    <span class=\"kd\">const<\/span> <span class=\"nx\">rootloginRule<\/span> <span class=\"o\">=<\/span> <span class=\"k\">new<\/span> <span class=\"nx\">events<\/span><span class=\"p\">.<\/span><span class=\"nc\">Rule<\/span><span class=\"p\">(<\/span><span class=\"k\">this<\/span><span class=\"p\">,<\/span> <span class=\"s2\">`<\/span><span class=\"p\">${<\/span><span class=\"nx\">name<\/span><span class=\"p\">}<\/span><span class=\"s2\">-rootlogin`<\/span><span class=\"p\">,<\/span> <span class=\"p\">{<\/span>\r\n      <span class=\"na\">eventPattern<\/span><span class=\"p\">:<\/span> <span class=\"p\">{<\/span>\r\n        <span class=\"na\">detailType<\/span><span class=\"p\">:<\/span> <span class=\"p\">[<\/span><span class=\"dl\">'<\/span><span class=\"s1\">AWS Console Sign In via CloudTrail<\/span><span class=\"dl\">'<\/span><span class=\"p\">],<\/span>\r\n        <span class=\"na\">detail<\/span><span class=\"p\">:<\/span> <span class=\"p\">{<\/span>\r\n          <span class=\"na\">userIdentity<\/span><span class=\"p\">:<\/span> <span class=\"p\">{<\/span>\r\n            <span class=\"na\">type<\/span><span class=\"p\">:<\/span> <span class=\"p\">[<\/span><span class=\"dl\">'<\/span><span class=\"s1\">Root<\/span><span class=\"dl\">'<\/span><span class=\"p\">]<\/span>\r\n          <span class=\"p\">}<\/span>\r\n        <span class=\"p\">}<\/span>\r\n      <span class=\"p\">},<\/span>\r\n      <span class=\"na\">ruleName<\/span><span class=\"p\">:<\/span> <span class=\"s2\">`<\/span><span class=\"p\">${<\/span><span class=\"nx\">name<\/span><span class=\"p\">}<\/span><span class=\"s2\">-rootlogin`<\/span><span class=\"p\">,<\/span>\r\n    <span class=\"p\">});<\/span>\r\n    <span class=\"nx\">rootloginRule<\/span><span class=\"p\">.<\/span><span class=\"nf\">addTarget<\/span><span class=\"p\">(<\/span><span class=\"k\">new<\/span> <span class=\"nx\">targets<\/span><span class=\"p\">.<\/span><span class=\"nc\">SnsTopic<\/span><span class=\"p\">(<\/span><span class=\"nx\">sns<\/span><span class=\"p\">))<\/span>\r\n  <span class=\"p\">}<\/span>\r\n\r\n  <span class=\"nf\">constructor<\/span><span class=\"p\">(<\/span><span class=\"nx\">scope<\/span><span class=\"p\">:<\/span> <span class=\"nx\">cdk<\/span><span class=\"p\">.<\/span><span class=\"nx\">App<\/span><span class=\"p\">,<\/span> <span class=\"nx\">id<\/span><span class=\"p\">:<\/span> <span class=\"kr\">string<\/span><span class=\"p\">,<\/span> <span class=\"nx\">SnsStack<\/span><span class=\"p\">:<\/span> <span class=\"nx\">SnsStackProps<\/span><span class=\"p\">,<\/span> <span class=\"nx\">props<\/span><span class=\"p\">?:<\/span> <span class=\"nx\">cdk<\/span><span class=\"p\">.<\/span><span class=\"nx\">StackProps<\/span><span class=\"p\">)<\/span> <span class=\"p\">{<\/span>\r\n    <span class=\"k\">super<\/span><span class=\"p\">(<\/span><span class=\"nx\">scope<\/span><span class=\"p\">,<\/span> <span class=\"nx\">id<\/span><span class=\"p\">,<\/span> <span class=\"nx\">props<\/span><span class=\"p\">);<\/span>\r\n\r\n    <span class=\"kd\">const<\/span> <span class=\"nx\">prefix<\/span> <span class=\"o\">=<\/span> <span class=\"k\">this<\/span><span class=\"p\">.<\/span><span class=\"nx\">node<\/span><span class=\"p\">.<\/span><span class=\"nf\">tryGetContext<\/span><span class=\"p\">(<\/span><span class=\"dl\">\"<\/span><span class=\"s2\">prefix<\/span><span class=\"dl\">\"<\/span><span class=\"p\">);<\/span> <span class=\"c1\">\/\/ Context\u3067\u6307\u5b9a\u3057\u305fprefix\u3092\u53d6\u5f97<\/span>\r\n\r\n    <span class=\"k\">this<\/span><span class=\"p\">.<\/span><span class=\"nx\">s3bucket<\/span> <span class=\"o\">=<\/span> <span class=\"k\">this<\/span><span class=\"p\">.<\/span><span class=\"nf\">createS3Bucket<\/span><span class=\"p\">(<\/span><span class=\"s2\">`<\/span><span class=\"p\">${<\/span><span class=\"nx\">prefix<\/span><span class=\"p\">}<\/span><span class=\"s2\">-s3bucket`<\/span><span class=\"p\">);<\/span>\r\n    <span class=\"k\">this<\/span><span class=\"p\">.<\/span><span class=\"nf\">createSecurityHub<\/span><span class=\"p\">(<\/span><span class=\"s2\">`<\/span><span class=\"p\">${<\/span><span class=\"nx\">prefix<\/span><span class=\"p\">}<\/span><span class=\"s2\">-securityhub`<\/span><span class=\"p\">);<\/span>\r\n    <span class=\"k\">this<\/span><span class=\"p\">.<\/span><span class=\"nf\">createGuardDuty<\/span><span class=\"p\">(<\/span><span class=\"s2\">`<\/span><span class=\"p\">${<\/span><span class=\"nx\">prefix<\/span><span class=\"p\">}<\/span><span class=\"s2\">-detector`<\/span><span class=\"p\">);<\/span>\r\n    <span class=\"k\">this<\/span><span class=\"p\">.<\/span><span class=\"nf\">createConfig<\/span><span class=\"p\">(<\/span><span class=\"s2\">`<\/span><span class=\"p\">${<\/span><span class=\"nx\">prefix<\/span><span class=\"p\">}<\/span><span class=\"s2\">-config`<\/span><span class=\"p\">,<\/span> <span class=\"nx\">SnsStack<\/span><span class=\"p\">.<\/span><span class=\"nx\">snsTopic<\/span><span class=\"p\">,<\/span> <span class=\"k\">this<\/span><span class=\"p\">.<\/span><span class=\"nx\">s3bucket<\/span><span class=\"p\">);<\/span>\r\n    <span class=\"k\">this<\/span><span class=\"p\">.<\/span><span class=\"nf\">createCloudTrail<\/span><span class=\"p\">(<\/span><span class=\"s2\">`<\/span><span class=\"p\">${<\/span><span class=\"nx\">prefix<\/span><span class=\"p\">}<\/span><span class=\"s2\">-trail`<\/span><span class=\"p\">,<\/span><span class=\"k\">this<\/span><span class=\"p\">.<\/span><span class=\"nx\">s3bucket<\/span><span class=\"p\">);<\/span>\r\n    <span class=\"k\">this<\/span><span class=\"p\">.<\/span><span class=\"nf\">createEvent<\/span><span class=\"p\">(<\/span><span class=\"s2\">`<\/span><span class=\"p\">${<\/span><span class=\"nx\">prefix<\/span><span class=\"p\">}<\/span><span class=\"s2\">-event`<\/span><span class=\"p\">,<\/span> <span class=\"nx\">SnsStack<\/span><span class=\"p\">.<\/span><span class=\"nx\">snsTopic<\/span><span class=\"p\">);<\/span>\r\n  <span class=\"p\">}<\/span>\r\n<span class=\"p\">}<\/span>\r\n<\/code><\/pre>\n<h2>\u786e\u8ba4\u52a8\u4f5c\u901a\u8fc7Slack\u901a\u77e5<\/h2>\n<h3>\u5b89\u5168\u4e2d\u5fc3<\/h3>\n<div><img decoding=\"async\" class=\"post-images\" title=\"\" src=\"https:\/\/cdn.silicloud.com\/blog-img\/blog\/img\/657d9310913a08637a6e57e1\/52-0.png\" alt=\"\u30b9\u30af\u30ea\u30fc\u30f3\u30b7\u30e7\u30c3\u30c8_2022-03-22_1_04_35.png (46.3 kB)\" \/><\/div>\n<h3>\u5b89\u5168\u536b\u58eb<\/h3>\n<div><img decoding=\"async\" class=\"post-images\" title=\"\" src=\"https:\/\/cdn.silicloud.com\/blog-img\/blog\/img\/657d9310913a08637a6e57e1\/54-0.png\" alt=\"\u30b9\u30af\u30ea\u30fc\u30f3\u30b7\u30e7\u30c3\u30c8_2022-03-22_1_05_39.png (42.0 kB)\" \/><\/div>\n<h3>\u914d\u7f6e<\/h3>\n<div><img decoding=\"async\" class=\"post-images\" title=\"\" src=\"https:\/\/cdn.silicloud.com\/blog-img\/blog\/img\/657d9310913a08637a6e57e1\/56-0.png\" alt=\"\u30b9\u30af\u30ea\u30fc\u30f3\u30b7\u30e7\u30c3\u30c8_2022-03-22_1_05_03.png (40.4 kB)\" \/><\/div>\n<h3>\u4e91\u8ff9\uff08RootLogin\uff09<\/h3>\n<div><img decoding=\"async\" class=\"post-images\" title=\"\" src=\"https:\/\/cdn.silicloud.com\/blog-img\/blog\/img\/657d9310913a08637a6e57e1\/58-0.png\" alt=\"\u30b9\u30af\u30ea\u30fc\u30f3\u30b7\u30e7\u30c3\u30c8_2022-03-22_1_39_20.png (58.9 kB)\" \/><\/div>\n<h2>\u6700\u540e<\/h2>\n<div>\u968f\u77402021\u5e74\u6625\u5b63\uff0cChatbot\u5728EventBridge\u4e0a\u5927\u5e45\u6269\u5c55\u4e86\u4e8b\u4ef6\u6a21\u5f0f\u7684\u652f\u6301\uff0c\u4ece\u800c\u4f7f\u5f97\u53ef\u4ee5\u5c06\u5404\u79cd\u4e8b\u4ef6\u8fdb\u884c\u534f\u4f5c\uff0c\u5e76\u4e14\u5b9e\u73b0\u4e86\u5bf9Slack\u7684\u901a\u77e5\u66f4\u52a0\u8f7b\u677e\u7684\u5b9e\u73b0\u3002AWS Chatbot\u901a\u8fc7Amazon EventBridge\u6269\u5c55\u4e86\u5bf9AWS\u670d\u52a1\u7684\u76d1\u63a7\u8303\u56f4\u3002<\/div>\n<p>\u4ee5\u524d\u6211\u4eec\u5fc5\u987b\u4f7f\u7528Lambda\u4e4b\u7c7b\u7684\u5de5\u5177\u6765\u8fdb\u884c\u4e00\u4e9b\u590d\u6742\u64cd\u4f5c\uff0c\u4f46\u7531\u4e8e\u8fd9\u4e2a\u539f\u56e0\uff0c\u73b0\u5728\u5373\u4f7f\u5728CDK\u4e2d\uff0c\u53ea\u8981\u5145\u5206\u5229\u7528EventBridge\uff0c\u6211\u4eec\u4e5f\u80fd\u57fa\u672c\u5b8c\u6210\uff0c\u611f\u89c9\u4e0aChatOps\u7684\u672a\u6765\u4f1a\u66f4\u987a\u5229\u3002<\/p>\n<p>\u6211\u770b\u8d77\u6765\u50cf\u4e00\u4e2a\u7ecf\u5e38\u4f7f\u7528CDK\u5c06\u901a\u77e5\u53d1\u9001\u5230Slack\u7684\u4eba\uff0c\u4f46\u7531\u4e8e\u5df2\u7ecf\u9002\u5e94\u4e86\uff0c\u6240\u4ee5\u4e0b\u6b21\u6211\u6253\u7b97\u5199\u70b9\u4e0d\u540c\u7684\u4e1c\u897f\uff01<\/p>\n<h2>\u8bf7\u53c2\u8003<\/h2>\n<p>\u4ee5\u4e0b\u662f\u4e00\u4e9bAWS CDK\u4e2d\u4e0e\u5b89\u5168\u76f8\u5173\u7684\u6a21\u5757\u7684\u6587\u6863\u94fe\u63a5\uff1a<\/p>\n<p>1. AWS GuardDuty\u6a21\u5757\u6587\u6863\uff1ahttps:\/\/docs.aws.amazon.com\/cdk\/api\/v2\/docs\/aws-cdk-lib.aws_guardduty-readme.html<\/p>\n<p>2. AWS Config\u6a21\u5757\u6587\u6863\uff1ahttps:\/\/docs.aws.amazon.com\/cdk\/api\/v2\/docs\/aws-cdk-lib.aws_config-readme.html<\/p>\n<p>3. AWS SecurityHub\u6a21\u5757\u6587\u6863\uff1ahttps:\/\/docs.aws.amazon.com\/cdk\/api\/v2\/docs\/aws-cdk-lib.aws_securityhub-readme.html<\/p>\n<p>4. AWS CloudTrail\u6a21\u5757\u6587\u6863\uff1ahttps:\/\/docs.aws.amazon.com\/cdk\/api\/v2\/docs\/aws-cdk-lib.aws_cloudtrail-readme.html<\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u9996\u5148 \u8fd9\u6b21\u6211\u7528CDK\u8bd5\u56fe\u5b9e\u73b0\u4e86\u5173\u4e8e\u5b89\u5168\u65b9\u9762\u7684Slack\u901a\u77e5\u3002\u4e0eChatbot\u6ca1\u6709\u76f4\u63a5\u96c6\u6210\u7684\u670d\u52a1\u5c06\u901a\u8fc7Event [&hellip;]<\/p>\n","protected":false},"author":7,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-50642","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v21.5 (Yoast SEO v21.5) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>\u3010CDK\u3011\u9a8c\u8bc1\u5b89\u5168\u76f8\u5173\u670d\u52a1\u5728Slack\u4e0a\u7684\u901a\u77e5 - Blog - Silicon Cloud<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.silicloud.com\/zh\/blog\/\u3010cdk\u3011\u9a8c\u8bc1\u5b89\u5168\u76f8\u5173\u670d\u52a1\u5728slack\u4e0a\u7684\u901a\u77e5\/\" \/>\n<meta property=\"og:locale\" content=\"zh_CN\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"\u3010CDK\u3011\u9a8c\u8bc1\u5b89\u5168\u76f8\u5173\u670d\u52a1\u5728Slack\u4e0a\u7684\u901a\u77e5\" \/>\n<meta property=\"og:description\" content=\"\u9996\u5148 \u8fd9\u6b21\u6211\u7528CDK\u8bd5\u56fe\u5b9e\u73b0\u4e86\u5173\u4e8e\u5b89\u5168\u65b9\u9762\u7684Slack\u901a\u77e5\u3002\u4e0eChatbot\u6ca1\u6709\u76f4\u63a5\u96c6\u6210\u7684\u670d\u52a1\u5c06\u901a\u8fc7Event [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.silicloud.com\/zh\/blog\/\u3010cdk\u3011\u9a8c\u8bc1\u5b89\u5168\u76f8\u5173\u670d\u52a1\u5728slack\u4e0a\u7684\u901a\u77e5\/\" \/>\n<meta property=\"og:site_name\" content=\"Blog - Silicon Cloud\" \/>\n<meta property=\"article:published_time\" content=\"2023-03-25T11:15:35+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-04-29T07:45:02+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/cdn.silicloud.com\/blog-img\/blog\/img\/657d9310913a08637a6e57e1\/37-1.png\" \/>\n<meta name=\"author\" content=\"\u79d1, \u9896\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"\u4f5c\u8005\" \/>\n\t<meta name=\"twitter:data1\" content=\"\u79d1, \u9896\" \/>\n\t<meta name=\"twitter:label2\" content=\"\u9884\u8ba1\u9605\u8bfb\u65f6\u95f4\" \/>\n\t<meta name=\"twitter:data2\" content=\"19 \u5206\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/%e3%80%90cdk%e3%80%91%e9%aa%8c%e8%af%81%e5%ae%89%e5%85%a8%e7%9b%b8%e5%85%b3%e6%9c%8d%e5%8a%a1%e5%9c%a8slack%e4%b8%8a%e7%9a%84%e9%80%9a%e7%9f%a5\/\",\"url\":\"https:\/\/www.silicloud.com\/zh\/blog\/%e3%80%90cdk%e3%80%91%e9%aa%8c%e8%af%81%e5%ae%89%e5%85%a8%e7%9b%b8%e5%85%b3%e6%9c%8d%e5%8a%a1%e5%9c%a8slack%e4%b8%8a%e7%9a%84%e9%80%9a%e7%9f%a5\/\",\"name\":\"\u3010CDK\u3011\u9a8c\u8bc1\u5b89\u5168\u76f8\u5173\u670d\u52a1\u5728Slack\u4e0a\u7684\u901a\u77e5 - Blog - Silicon Cloud\",\"isPartOf\":{\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/#website\"},\"datePublished\":\"2023-03-25T11:15:35+00:00\",\"dateModified\":\"2024-04-29T07:45:02+00:00\",\"author\":{\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/8ca01ba7f7362ad4edb7da206a12f29e\"},\"breadcrumb\":{\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/%e3%80%90cdk%e3%80%91%e9%aa%8c%e8%af%81%e5%ae%89%e5%85%a8%e7%9b%b8%e5%85%b3%e6%9c%8d%e5%8a%a1%e5%9c%a8slack%e4%b8%8a%e7%9a%84%e9%80%9a%e7%9f%a5\/#breadcrumb\"},\"inLanguage\":\"zh-Hans\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.silicloud.com\/zh\/blog\/%e3%80%90cdk%e3%80%91%e9%aa%8c%e8%af%81%e5%ae%89%e5%85%a8%e7%9b%b8%e5%85%b3%e6%9c%8d%e5%8a%a1%e5%9c%a8slack%e4%b8%8a%e7%9a%84%e9%80%9a%e7%9f%a5\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/%e3%80%90cdk%e3%80%91%e9%aa%8c%e8%af%81%e5%ae%89%e5%85%a8%e7%9b%b8%e5%85%b3%e6%9c%8d%e5%8a%a1%e5%9c%a8slack%e4%b8%8a%e7%9a%84%e9%80%9a%e7%9f%a5\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"\u9996\u9875\",\"item\":\"https:\/\/www.silicloud.com\/zh\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"\u3010CDK\u3011\u9a8c\u8bc1\u5b89\u5168\u76f8\u5173\u670d\u52a1\u5728Slack\u4e0a\u7684\u901a\u77e5\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/#website\",\"url\":\"https:\/\/www.silicloud.com\/zh\/blog\/\",\"name\":\"Blog - Silicon Cloud\",\"description\":\"\",\"inLanguage\":\"zh-Hans\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/8ca01ba7f7362ad4edb7da206a12f29e\",\"name\":\"\u79d1, \u9896\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-Hans\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/8a6fb3cc7ba2f69d2189ba532aec4633ea7ed75ac0af162ec367cb3abc0fb2af?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/8a6fb3cc7ba2f69d2189ba532aec4633ea7ed75ac0af162ec367cb3abc0fb2af?s=96&d=mm&r=g\",\"caption\":\"\u79d1, \u9896\"},\"url\":\"https:\/\/www.silicloud.com\/zh\/blog\/author\/keying\/\"},{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-Hans\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/%e3%80%90cdk%e3%80%91%e9%aa%8c%e8%af%81%e5%ae%89%e5%85%a8%e7%9b%b8%e5%85%b3%e6%9c%8d%e5%8a%a1%e5%9c%a8slack%e4%b8%8a%e7%9a%84%e9%80%9a%e7%9f%a5\/#local-main-organization-logo\",\"url\":\"\",\"contentUrl\":\"\",\"caption\":\"Blog - Silicon Cloud\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"\u3010CDK\u3011\u9a8c\u8bc1\u5b89\u5168\u76f8\u5173\u670d\u52a1\u5728Slack\u4e0a\u7684\u901a\u77e5 - Blog - Silicon Cloud","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.silicloud.com\/zh\/blog\/\u3010cdk\u3011\u9a8c\u8bc1\u5b89\u5168\u76f8\u5173\u670d\u52a1\u5728slack\u4e0a\u7684\u901a\u77e5\/","og_locale":"zh_CN","og_type":"article","og_title":"\u3010CDK\u3011\u9a8c\u8bc1\u5b89\u5168\u76f8\u5173\u670d\u52a1\u5728Slack\u4e0a\u7684\u901a\u77e5","og_description":"\u9996\u5148 \u8fd9\u6b21\u6211\u7528CDK\u8bd5\u56fe\u5b9e\u73b0\u4e86\u5173\u4e8e\u5b89\u5168\u65b9\u9762\u7684Slack\u901a\u77e5\u3002\u4e0eChatbot\u6ca1\u6709\u76f4\u63a5\u96c6\u6210\u7684\u670d\u52a1\u5c06\u901a\u8fc7Event [&hellip;]","og_url":"https:\/\/www.silicloud.com\/zh\/blog\/\u3010cdk\u3011\u9a8c\u8bc1\u5b89\u5168\u76f8\u5173\u670d\u52a1\u5728slack\u4e0a\u7684\u901a\u77e5\/","og_site_name":"Blog - Silicon Cloud","article_published_time":"2023-03-25T11:15:35+00:00","article_modified_time":"2024-04-29T07:45:02+00:00","og_image":[{"url":"https:\/\/cdn.silicloud.com\/blog-img\/blog\/img\/657d9310913a08637a6e57e1\/37-1.png"}],"author":"\u79d1, \u9896","twitter_card":"summary_large_image","twitter_misc":{"\u4f5c\u8005":"\u79d1, \u9896","\u9884\u8ba1\u9605\u8bfb\u65f6\u95f4":"19 \u5206"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.silicloud.com\/zh\/blog\/%e3%80%90cdk%e3%80%91%e9%aa%8c%e8%af%81%e5%ae%89%e5%85%a8%e7%9b%b8%e5%85%b3%e6%9c%8d%e5%8a%a1%e5%9c%a8slack%e4%b8%8a%e7%9a%84%e9%80%9a%e7%9f%a5\/","url":"https:\/\/www.silicloud.com\/zh\/blog\/%e3%80%90cdk%e3%80%91%e9%aa%8c%e8%af%81%e5%ae%89%e5%85%a8%e7%9b%b8%e5%85%b3%e6%9c%8d%e5%8a%a1%e5%9c%a8slack%e4%b8%8a%e7%9a%84%e9%80%9a%e7%9f%a5\/","name":"\u3010CDK\u3011\u9a8c\u8bc1\u5b89\u5168\u76f8\u5173\u670d\u52a1\u5728Slack\u4e0a\u7684\u901a\u77e5 - Blog - Silicon Cloud","isPartOf":{"@id":"https:\/\/www.silicloud.com\/zh\/blog\/#website"},"datePublished":"2023-03-25T11:15:35+00:00","dateModified":"2024-04-29T07:45:02+00:00","author":{"@id":"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/8ca01ba7f7362ad4edb7da206a12f29e"},"breadcrumb":{"@id":"https:\/\/www.silicloud.com\/zh\/blog\/%e3%80%90cdk%e3%80%91%e9%aa%8c%e8%af%81%e5%ae%89%e5%85%a8%e7%9b%b8%e5%85%b3%e6%9c%8d%e5%8a%a1%e5%9c%a8slack%e4%b8%8a%e7%9a%84%e9%80%9a%e7%9f%a5\/#breadcrumb"},"inLanguage":"zh-Hans","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.silicloud.com\/zh\/blog\/%e3%80%90cdk%e3%80%91%e9%aa%8c%e8%af%81%e5%ae%89%e5%85%a8%e7%9b%b8%e5%85%b3%e6%9c%8d%e5%8a%a1%e5%9c%a8slack%e4%b8%8a%e7%9a%84%e9%80%9a%e7%9f%a5\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.silicloud.com\/zh\/blog\/%e3%80%90cdk%e3%80%91%e9%aa%8c%e8%af%81%e5%ae%89%e5%85%a8%e7%9b%b8%e5%85%b3%e6%9c%8d%e5%8a%a1%e5%9c%a8slack%e4%b8%8a%e7%9a%84%e9%80%9a%e7%9f%a5\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"\u9996\u9875","item":"https:\/\/www.silicloud.com\/zh\/blog\/"},{"@type":"ListItem","position":2,"name":"\u3010CDK\u3011\u9a8c\u8bc1\u5b89\u5168\u76f8\u5173\u670d\u52a1\u5728Slack\u4e0a\u7684\u901a\u77e5"}]},{"@type":"WebSite","@id":"https:\/\/www.silicloud.com\/zh\/blog\/#website","url":"https:\/\/www.silicloud.com\/zh\/blog\/","name":"Blog - Silicon Cloud","description":"","inLanguage":"zh-Hans"},{"@type":"Person","@id":"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/8ca01ba7f7362ad4edb7da206a12f29e","name":"\u79d1, \u9896","image":{"@type":"ImageObject","inLanguage":"zh-Hans","@id":"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/8a6fb3cc7ba2f69d2189ba532aec4633ea7ed75ac0af162ec367cb3abc0fb2af?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/8a6fb3cc7ba2f69d2189ba532aec4633ea7ed75ac0af162ec367cb3abc0fb2af?s=96&d=mm&r=g","caption":"\u79d1, \u9896"},"url":"https:\/\/www.silicloud.com\/zh\/blog\/author\/keying\/"},{"@type":"ImageObject","inLanguage":"zh-Hans","@id":"https:\/\/www.silicloud.com\/zh\/blog\/%e3%80%90cdk%e3%80%91%e9%aa%8c%e8%af%81%e5%ae%89%e5%85%a8%e7%9b%b8%e5%85%b3%e6%9c%8d%e5%8a%a1%e5%9c%a8slack%e4%b8%8a%e7%9a%84%e9%80%9a%e7%9f%a5\/#local-main-organization-logo","url":"","contentUrl":"","caption":"Blog - Silicon Cloud"}]}},"_links":{"self":[{"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/posts\/50642","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/users\/7"}],"replies":[{"embeddable":true,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/comments?post=50642"}],"version-history":[{"count":2,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/posts\/50642\/revisions"}],"predecessor-version":[{"id":86175,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/posts\/50642\/revisions\/86175"}],"wp:attachment":[{"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/media?parent=50642"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/categories?post=50642"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/tags?post=50642"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}