Uso de CloudTrail para solucionar problemas con las llamadas a la API de cuadernos de Athena
Para solucionar problemas con las llamadas a la API de cuadernos, puede examinar los registros de CloudTrail de Athena para buscar anomalías o descubrir las acciones iniciadas por los usuarios. Para obtener información sobre el uso de CloudTrail con Athena, consulte Registro de las llamadas a la API de Amazon Athena con AWS CloudTrail.
Los siguientes son ejemplos de entradas de registro de CloudTrail para las API de cuadernos de Athena:
StartSession
El siguiente ejemplo muestra el registro de CloudTrail de un evento StartSession de cuaderno.
{
"eventVersion": "1.08",
"userIdentity": {
"type": "AssumedRole",
"principalId": "EXAMPLE_PRINCIPAL_ID:alias",
"arn": "arn:aws:sts::123456789012:assumed-role/Admin/alias",
"accountId": "123456789012",
"accessKeyId": "EXAMPLE_KEY_ID",
"sessionContext": {
"sessionIssuer": {
"type": "Role",
"principalId": "EXAMPLE_PRINCIPAL_ID",
"arn": "arn:aws:iam::123456789012:role/Admin",
"accountId": "123456789012",
"userName": "Admin"
},
"webIdFederationData": {},
"attributes": {
"creationDate": "2022-10-14T16:41:51Z",
"mfaAuthenticated": "false"
}
}
},
"eventTime": "2022-10-14T17:05:36Z",
"eventSource": "athena.amazonaws.com",
"eventName": "StartSession",
"awsRegion": "us-east-1",
"sourceIPAddress": "203.0.113.10",
"userAgent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36",
"requestParameters": {
"workGroup": "notebook-workgroup",
"engineConfiguration": {
"coordinatorDpuSize": 1,
"maxConcurrentDpus": 20,
"defaultExecutorDpuSize": 1,
"additionalConfigs": {
"NotebookId": "b8f5854b-1042-4b90-9d82-51d3c2fd5c04",
"NotebookIframeParentUrl": "https://us-east-1.console.aws.amazon.com"
}
},
"notebookVersion": "KeplerJupyter-1.x",
"sessionIdleTimeoutInMinutes": 20,
"clientRequestToken": "d646ff46-32d2-42f0-94d1-d060ec3e5d78"
},
"responseElements": {
"sessionId": "a2c1ebba-ad01-865f-ed2d-a142b7451f7e",
"state": "CREATED"
},
"requestID": "d646ff46-32d2-42f0-94d1-d060ec3e5d78",
"eventID": "b58ce998-eb89-43e9-8d67-d3d8e30561c9",
"readOnly": false,
"eventType": "AwsApiCall",
"managementEvent": true,
"recipientAccountId": "123456789012",
"eventCategory": "Management",
"tlsDetails": {
"tlsVersion": "TLSv1.2",
"cipherSuite": "ECDHE-RSA-AES128-GCM-SHA256",
"clientProvidedHostHeader": "athena.us-east-1.amazonaws.com"
},
"sessionCredentialFromConsole": "true"
}TerminateSession
El siguiente ejemplo muestra el registro de CloudTrail de un evento TerminateSession de cuaderno.
{
"eventVersion": "1.08",
"userIdentity": {
"type": "AssumedRole",
"principalId": "EXAMPLE_PRINCIPAL_ID:alias",
"arn": "arn:aws:sts::123456789012:assumed-role/Admin/alias",
"accountId": "123456789012",
"accessKeyId": "EXAMPLE_KEY_ID",
"sessionContext": {
"sessionIssuer": {
"type": "Role",
"principalId": "EXAMPLE_PRINCIPAL_ID",
"arn": "arn:aws:iam::123456789012:role/Admin",
"accountId": "123456789012",
"userName": "Admin"
},
"webIdFederationData": {},
"attributes": {
"creationDate": "2022-10-14T16:41:51Z",
"mfaAuthenticated": "false"
}
}
},
"eventTime": "2022-10-14T17:21:03Z",
"eventSource": "athena.amazonaws.com",
"eventName": "TerminateSession",
"awsRegion": "us-east-1",
"sourceIPAddress": "203.0.113.11",
"userAgent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36",
"requestParameters": {
"sessionId": "a2c1ebba-ad01-865f-ed2d-a142b7451f7e"
},
"responseElements": {
"state": "TERMINATING"
},
"requestID": "438ea37e-b704-4cb3-9a76-391997cf42ee",
"eventID": "49026c5a-bf58-4cdb-86ca-978e711ad238",
"readOnly": false,
"eventType": "AwsApiCall",
"managementEvent": true,
"recipientAccountId": "123456789012",
"eventCategory": "Management",
"tlsDetails": {
"tlsVersion": "TLSv1.2",
"cipherSuite": "ECDHE-RSA-AES128-GCM-SHA256",
"clientProvidedHostHeader": "athena.us-east-1.amazonaws.com"
},
"sessionCredentialFromConsole": "true"
}ImportNotebook
El siguiente ejemplo muestra el registro de CloudTrail de un evento ImportNotebook de cuaderno. Por motivos de seguridad, parte del contenido está oculto.
{
"eventVersion": "1.08",
"userIdentity": {
"type": "AssumedRole",
"principalId": "EXAMPLE_PRINCIPAL_ID:alias",
"arn": "arn:aws:sts::123456789012:assumed-role/Admin/alias",
"accountId": "123456789012",
"accessKeyId": "EXAMPLE_KEY_ID",
"sessionContext": {
"sessionIssuer": {
"type": "Role",
"principalId": "EXAMPLE_PRINCIPAL_ID",
"arn": "arn:aws:iam::123456789012:role/Admin",
"accountId": "123456789012",
"userName": "Admin"
},
"webIdFederationData": {},
"attributes": {
"creationDate": "2022-10-14T16:41:51Z",
"mfaAuthenticated": "false"
}
}
},
"eventTime": "2022-10-14T17:08:54Z",
"eventSource": "athena.amazonaws.com",
"eventName": "ImportNotebook",
"awsRegion": "us-east-1",
"sourceIPAddress": "203.0.113.12",
"userAgent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36",
"requestParameters": {
"workGroup": "notebook-workgroup",
"name": "example-notebook-name",
"payload": "HIDDEN_FOR_SECURITY_REASONS",
"type": "IPYNB",
"contentMD5": "HIDDEN_FOR_SECURITY_REASONS"
},
"responseElements": {
"notebookId": "05f6225d-bdcc-4935-bc25-a8e19434652d"
},
"requestID": "813e777f-6dac-41f4-82a7-e99b7b33f319",
"eventID": "4abec837-143b-4458-9c1f-fa9fb88ab69b",
"readOnly": false,
"eventType": "AwsApiCall",
"managementEvent": true,
"recipientAccountId": "123456789012",
"eventCategory": "Management",
"tlsDetails": {
"tlsVersion": "TLSv1.2",
"cipherSuite": "ECDHE-RSA-AES128-GCM-SHA256",
"clientProvidedHostHeader": "athena.us-east-1.amazonaws.com"
},
"sessionCredentialFromConsole": "true"
}UpdateNotebook
El siguiente ejemplo muestra el registro de CloudTrail de un evento UpdateNotebook de cuaderno. Por motivos de seguridad, parte del contenido está oculto.
{
"eventVersion": "1.08",
"userIdentity": {
"type": "AssumedRole",
"principalId": "EXAMPLE_PRINCIPAL_ID:AthenaExecutor-9cc1ebb2-aac5-b1ca-8247-5d827bd8232f",
"arn": "arn:aws:sts::123456789012:assumed-role/AWSAthenaSparkExecutionRole-om0yj71w5l/AthenaExecutor-9cc1ebb2-aac5-b1ca-8247-5d827bd8232f",
"accountId": "123456789012",
"accessKeyId": "EXAMPLE_KEY_ID",
"sessionContext": {
"sessionIssuer": {
"type": "Role",
"principalId": "EXAMPLE_PRINCIPAL_ID",
"arn": "arn:aws:iam::123456789012:role/service-role/AWSAthenaSparkExecutionRole-om0yj71w5l",
"accountId": "123456789012",
"userName": "AWSAthenaSparkExecutionRole-om0yj71w5l"
},
"webIdFederationData": {},
"attributes": {
"creationDate": "2022-10-14T16:48:06Z",
"mfaAuthenticated": "false"
}
}
},
"eventTime": "2022-10-14T16:52:22Z",
"eventSource": "athena.amazonaws.com",
"eventName": "UpdateNotebook",
"awsRegion": "us-east-1",
"sourceIPAddress": "203.0.113.13",
"userAgent": "Boto3/1.24.84 Python/3.8.14 Linux/4.14.225-175.364.amzn2.aarch64 Botocore/1.27.84",
"requestParameters": {
"notebookId": "c87553ff-e740-44b5-884f-a70e575e08b9",
"payload": "HIDDEN_FOR_SECURITY_REASONS",
"type": "IPYNB",
"contentMD5": "HIDDEN_FOR_SECURITY_REASONS",
"sessionId": "9cc1ebb2-aac5-b1ca-8247-5d827bd8232f"
},
"responseElements": null,
"requestID": "baaba1d2-f73d-4df1-a82b-71501e7374f1",
"eventID": "745cdd6f-645d-4250-8831-d0ffd2fe3847",
"readOnly": false,
"eventType": "AwsApiCall",
"managementEvent": true,
"recipientAccountId": "123456789012",
"eventCategory": "Management",
"tlsDetails": {
"tlsVersion": "TLSv1.2",
"cipherSuite": "ECDHE-RSA-AES128-GCM-SHA256",
"clientProvidedHostHeader": "athena.us-east-1.amazonaws.com"
}
}StartCalculationExecution
El siguiente ejemplo muestra el registro de CloudTrail de un evento StartCalculationExecution de cuaderno. Por motivos de seguridad, parte del contenido está oculto.
{
"eventVersion": "1.08",
"userIdentity": {
"type": "AssumedRole",
"principalId": "EXAMPLE_PRINCIPAL_ID:AthenaExecutor-9cc1ebb2-aac5-b1ca-8247-5d827bd8232f",
"arn": "arn:aws:sts::123456789012:assumed-role/AWSAthenaSparkExecutionRole-om0yj71w5l/AthenaExecutor-9cc1ebb2-aac5-b1ca-8247-5d827bd8232f",
"accountId": "123456789012",
"accessKeyId": "EXAMPLE_KEY_ID",
"sessionContext": {
"sessionIssuer": {
"type": "Role",
"principalId": "EXAMPLE_PRINCIPAL_ID",
"arn": "arn:aws:iam::123456789012:role/service-role/AWSAthenaSparkExecutionRole-om0yj71w5l",
"accountId": "123456789012",
"userName": "AWSAthenaSparkExecutionRole-om0yj71w5l"
},
"webIdFederationData": {},
"attributes": {
"creationDate": "2022-10-14T16:48:06Z",
"mfaAuthenticated": "false"
}
}
},
"eventTime": "2022-10-14T16:52:37Z",
"eventSource": "athena.amazonaws.com",
"eventName": "StartCalculationExecution",
"awsRegion": "us-east-1",
"sourceIPAddress": "203.0.113.14",
"userAgent": "Boto3/1.24.84 Python/3.8.14 Linux/4.14.225-175.364.amzn2.aarch64 Botocore/1.27.84",
"requestParameters": {
"sessionId": "9cc1ebb2-aac5-b1ca-8247-5d827bd8232f",
"description": "Calculation started via Jupyter notebook",
"codeBlock": "HIDDEN_FOR_SECURITY_REASONS",
"clientRequestToken": "0111cd63-4fd0-4ad8-a738-fd350115fc21"
},
"responseElements": {
"calculationExecutionId": "82c1ebb4-bd08-e4c3-5631-a662fb2ff2c5",
"state": "CREATING"
},
"requestID": "1a107461-3f1b-481e-b8a2-7fbd524e2373",
"eventID": "b74dbd00-e839-4bd1-a1da-b75fbc70ab9a",
"readOnly": false,
"eventType": "AwsApiCall",
"managementEvent": true,
"recipientAccountId": "123456789012",
"eventCategory": "Management",
"tlsDetails": {
"tlsVersion": "TLSv1.2",
"cipherSuite": "ECDHE-RSA-AES128-GCM-SHA256",
"clientProvidedHostHeader": "athena.us-east-1.amazonaws.com"
}
}