サポートされている AWS サービスからの EventBridge イベントの例
以下のリストの AWS のサービスでは、EventBridge によって検出できるイベントを出力します。
また、EventBridge は、イベントを出力しないが、このページに記載されていないサービスで使用することもできます。そのためには、CloudTrail を使用して送信されるイベントを監視します。詳細については、「CloudTrail 経由で配信されたイベント」を参照してください。
イベントタイプ
- Amazon Augmented AI イベント
- Application Auto Scaling イベント
- AWS Batch イベント
- Amazon EventBridge 予定されているイベント
- Amazon Chime イベント
- CloudWatch からのイベント
- CodeBuild イベント
- CodeCommit イベント
- AWS CodeDeploy イベント
- CodePipeline イベント
- AWS Config イベント
- Amazon EBS イベント
- Amazon EC2 Auto Scaling イベント
- Amazon EC2 スポットインスタンスの中断イベント
- Amazon EC2 状態変更イベント
- Amazon Elastic Container Registry (Amazon ECR) イベント
- Amazon Elastic Container Service (Amazon ECS) イベント
- AWS Elemental MediaConvert イベント
- AWS Elemental MediaPackage イベント
- AWS Elemental MediaStore イベント
- Amazon EMR イベント
- Amazon GameLift イベント
- AWS Glue イベント
- AWS IoT Greengrass イベント
- AWS Ground Station イベント
- Amazon GuardDuty イベント
- AWS Health イベント
- AWS KMS イベント
- Amazon Macie イベント
- AWS マネジメントコンソール サインインイベント
- AWS OpsWorks スタックイベント
- SageMaker イベント
- AWS Security Hub イベント
- AWS Server Migration Service イベント
- AWS Systems Manager イベント
- AWS Systems Manager 設定コンプライアンスイベント
- AWS Systems Manager メンテナンスウィンドウのイベント
- AWS Systems Manager パラメータストアのイベント
- AWS Step Functions イベント
- AWS リソースのタグ変更イベント
- AWS Trusted Advisor イベント
- Amazon WorkSpaces イベント
- CloudTrail 経由で配信されたイベント
Amazon Augmented AI イベント
Amazon Augmented AI によって生成されるイベントの例については、「Amazon Augmented AI でイベントを使用する」を参照してください。
Application Auto Scaling イベント
Application Auto Scaling によって生成されるイベントの例については、「アプリケーションの Auto Scaling イベントと EventBridge」を参照してください。
AWS Batch イベント
AWS Batch により生成されたイベントの例については、「AWS Batch イベント」を参照してください。
Amazon EventBridge 予定されているイベント
予定されているイベントの例を次に示します。
{
"id": "53dc4d37-cffa-4f76-80c9-8b7d4a4d2eaa",
"detail-type": "Scheduled Event",
"source": "aws.events",
"account": "123456789012",
"time": "2015-10-08T16:53:06Z",
"region": "us-east-1",
"resources": [ "arn:aws:events:us-east-1:123456789012:rule/MyScheduledRule" ],
"detail": {}
}Amazon Chime イベント
Amazon Chime によって生成されるイベントの例については、「EventBridge を使用した Amazon Chime の自動化」を参照してください。
CloudWatch からのイベント
CloudWatch からのイベントの例については、AWS CodeBuild ユーザーガイドの「アラームイベントと EventBridge」を参照してください。
CodeBuild イベント
CodeBuild のサンプルイベントについては、『AWS CodeBuild ユーザーガイド』の「ビルド通知入力形式リファレンス」を参照してください。
CodeCommit イベント
CodeCommit のイベント例については、AWS CodeCommit ユーザーガイドの「EventBridge および CloudWatch イベント の CodeCommit イベントのモニタリング」を参照してください。
AWS CodeDeploy イベント
以下は、CodeDeploy のイベントの例です。詳細については、『AWS CodeDeploy User Guide』の「CloudWatch イベント によるデプロイのモニタリング」を参照してください。
CodeDeploy のデプロイ状態変更通知
デプロイの状態に変化がありました。
{
"account": "123456789012",
"region": "us-east-1",
"detail-type": "CodeDeploy Deployment State-change Notification",
"source": "aws.codedeploy",
"version": "0",
"time": "2016-06-30T22:06:31Z",
"id": "c071bfbf-83c4-49ca-a6ff-3df053957145",
"resources": [
"arn:aws:codedeploy:us-east-1:123456789012:application:myApplication",
"arn:aws:codedeploy:us-east-1:123456789012:deploymentgroup:myApplication/myDeploymentGroup"
],
"detail": {
"instanceGroupId": "9fd2fbef-2157-40d8-91e7-6845af69e2d2",
"region": "us-east-1",
"application": "myApplication",
"deploymentId": "d-123456789",
"state": "SUCCESS",
"deploymentGroup": "myDeploymentGroup"
}
}CodeDeploy インスタンスの状態変更通知
デプロイグループに属するインスタンスの状態に変化がありました。
{
"account": "123456789012",
"region": "us-east-1",
"detail-type": "CodeDeploy Instance State-change Notification",
"source": "aws.codedeploy",
"version": "0",
"time": "2016-06-30T23:18:50Z",
"id": "fb1d3015-c091-4bf9-95e2-d98521ab2ecb",
"resources": [
"arn:aws:ec2:us-east-1:123456789012:instance/i-0000000aaaaaaaaaa",
"arn:aws:codedeploy:us-east-1:123456789012:deploymentgroup:myApplication/myDeploymentGroup",
"arn:aws:codedeploy:us-east-1:123456789012:application:myApplication"
],
"detail": {
"instanceId": "i-0000000aaaaaaaaaa",
"region": "us-east-1",
"state": "SUCCESS",
"application": "myApplication",
"deploymentId": "d-123456789",
"instanceGroupId": "8cd3bfa8-9e72-4cbe-a1e5-da4efc7efd49",
"deploymentGroup": "myDeploymentGroup"
}
}CodePipeline イベント
以下は、CodePipeline のイベントの例です。
パイプライン実行の状態変更
{
"version": "0",
"id": "CWE-event-id",
"detail-type": "CodePipeline Pipeline Execution State Change",
"source": "aws.codepipeline",
"account": "123456789012",
"time": "2017-04-22T03:31:47Z",
"region": "us-east-1",
"resources": [
"arn:aws:codepipeline:us-east-1:123456789012:pipeline:myPipeline"
],
"detail": {
"pipeline": "myPipeline",
"version": "1",
"state": "STARTED",
"execution-id": "01234567-0123-0123-0123-012345678901"
}
}ステージ実行の状態変更
{
"version": "0",
"id": "CWE-event-id",
"detail-type": "CodePipeline Stage Execution State Change",
"source": "aws.codepipeline",
"account": "123456789012",
"time": "2017-04-22T03:31:47Z",
"region": "us-east-1",
"resources": [
"arn:aws:codepipeline:us-east-1:123456789012:pipeline:myPipeline"
],
"detail": {
"pipeline": "myPipeline",
"version": "1",
"execution-id": "01234567-0123-0123-0123-012345678901",
"stage": "Prod",
"state": "STARTED"
}
}アクション実行の状態変更
このサンプルでは、2 つの region フィールドがあります。一番上のものは、ターゲットパイプラインのアクションが実行される AWS リージョンの名前です。この例では、us-east-1 です。detail セクションの region は、イベントが作成された AWS リージョンです。これは、パイプラインが作成されたリージョンと同じです。この例では、us-west-2 です。
{
"version": "0",
"id": "CWE-event-id",
"detail-type": "CodePipeline Action Execution State Change",
"source": "aws.codepipeline",
"account": "123456789012",
"time": "2017-04-22T03:31:47Z",
"region": "us-east-1",
"resources": [
"arn:aws:codepipeline:us-east-1:123456789012:pipeline:myPipeline"
],
"detail": {
"pipeline": "myPipeline",
"version": 1,
"execution-id": "01234567-0123-0123-0123-012345678901",
"stage": "Prod",
"action": "myAction",
"state": "STARTED",
"region":"us-west-2",
"type": {
"owner": "AWS",
"category": "Deploy",
"provider": "CodeDeploy",
"version": 1
}
}
}AWS Config イベント
AWS Config イベントの詳細については、『AWS Config Developer Guide』の「Amazon CloudWatch Events を使用した AWS Config イベントのモニタリング」を参照してください。
Amazon EBS イベント
Amazon EBS イベントの詳細については、『Linux インスタンス用 Amazon EC2 ユーザーガイド』の「Amazon EBS の Amazon CloudWatch Events」を参照してください。
Amazon EC2 Auto Scaling イベント
Auto Scaling イベントの詳細については、『Amazon EC2 Auto Scaling ユーザーガイド』の「Auto Scaling グループスケーリング時の CloudWatch イベントの取得」を参照してください。
Amazon EC2 スポットインスタンスの中断イベント
スポットインスタンスの中断イベントの詳細については、『Linux インスタンス用 Amazon EC2 ユーザーガイド』の「スポットインスタンスの中断の通知」を参照してください。
Amazon EC2 状態変更イベント
以下は、インスタンスの状態が変化した場合の Amazon EC2 インスタンスのイベントの例です。
EC2 インスタンスの状態変更通知
この例は、pending 状態のインスタンス用です。state の他の有効な値には、running、shutting-down、stopped、stopping、terminated があります。
{
"id":"7bf73129-1428-4cd3-a780-95db273d1602",
"detail-type":"EC2 Instance State-change Notification",
"source":"aws.ec2",
"account":"123456789012",
"time":"2015-11-11T21:29:54Z",
"region":"us-east-1",
"resources":[
"arn:aws:ec2:us-east-1:123456789012:instance/i-abcd1111"
],
"detail":{
"instance-id":"i-abcd1111",
"state":"pending"
}
}
Amazon Elastic Container Registry (Amazon ECR) イベント
Amazon ECR は、イメージアクションイベントを EventBridge に送信します。イベントは、イメージがプッシュ、スキャン、または削除されたときに送信されます。
Amazon ECS サンプルイベントについては、Amazon Elastic Container Registry ユーザーガイドの「Amazon ECR イベント」を参照してください。
Amazon Elastic Container Service (Amazon ECS) イベント
Amazon ECS から EventBridge に送信されるイベントには、コンテナインスタンスイベントとタスクイベントの 2 種類があります。コンテナインスタンスイベントが送信されるのは、タスクに EC2 起動タイプを使用している場合のみです。Fargate 起動タイプを使用しているタスクの場合、タスクの状態イベントのみ受信します。Amazon ECS は、コンテナインスタンスとタスクの状態を追跡します。いずれかのリソースが変更されると、イベントがトリガーされます。イベントは、コンテナインスタンス状態変更イベントまたはタスク状態変更イベントのいずれかに分類されます。
Amazon ECS サンプルイベントについては、Amazon Elastic Container Service Developer Guideの「Amazon ECS イベント」を参照してください。
AWS Elemental MediaConvert イベント
MediaConvert サンプルイベントについては、『AWS Elemental MediaConvert ユーザーガイド』の「CloudWatch イベント を使用して AWS Elemental MediaConvert ジョブをモニタリングする」を参照してください。
AWS Elemental MediaPackage イベント
MediaPackage サンプルイベントについては、『AWS Elemental MediaPackage ユーザーガイド』の「Amazon CloudWatch Events を使用した AWS Elemental MediaPackage のモニタリング」を参照してください。
AWS Elemental MediaStore イベント
MediaStore サンプルイベントについては、『AWS Elemental MediaStore ユーザーガイド』の「CloudWatch イベント を使用した AWS Elemental MediaStore の自動化」を参照してください。
Amazon EMR イベント
Amazon EMR によって報告されるイベントには、Source の値として aws.emr があり、CloudTrail によって報告される Amazon EMR API イベントには、Source の値として aws.elasticmapreduce があります。
以下は、Amazon EMR で報告されるイベントの例です。
Amazon EMR Auto Scaling のポリシー状態の変更
{
"version":"0",
"id":"2f8147ab-8c48-47c6-b0b6-3ee23ec8d300",
"detail-type":"EMR Auto Scaling Policy State Change",
"source":"aws.emr",
"account":"123456789012",
"time":"2016-12-16T20:42:44Z",
"region":"us-east-1",
"resources":[],
"detail":{
"resourceId":"ig-X2LBMHTGPCBU",
"clusterId":"j-1YONHTCP3YZKC",
"state":"PENDING",
"message":"AutoScaling policy modified by user request",
"scalingResourceType":"INSTANCE_GROUP"
}
}Amazon EMR クラスター状態の変更 – 開始中
{
"version": "0",
"id": "999cccaa-eaaa-0000-1111-123456789012",
"detail-type": "EMR Cluster State Change",
"source": "aws.emr",
"account": "123456789012",
"time": "2016-12-16T20:43:05Z",
"region": "us-east-1",
"resources": [],
"detail": {
"severity": "INFO",
"stateChangeReason": "{\"code\":\"\"}",
"name": "Development Cluster",
"clusterId": "j-123456789ABCD",
"state": "STARTING",
"message": "Amazon EMR cluster j-123456789ABCD (Development Cluster) was requested at 2016-12-16 20:42 UTC and is being created."
}
}Amazon EMR クラスター状態の変更 – 終了
{
"version": "0",
"id": "1234abb0-f87e-1234-b7b6-000000123456",
"detail-type": "EMR Cluster State Change",
"source": "aws.emr",
"account": "123456789012",
"time": "2016-12-16T21:00:23Z",
"region": "us-east-1",
"resources": [],
"detail": {
"severity": "INFO",
"stateChangeReason": "{\"code\":\"USER_REQUEST\",\"message\":\"Terminated by user request\"}",
"name": "Development Cluster",
"clusterId": "j-123456789ABCD",
"state": "TERMINATED",
"message": "Amazon EMR Cluster jj-123456789ABCD (Development Cluster) has terminated at 2016-12-16 21:00 UTC with a reason of USER_REQUEST."
}
}Amazon EMR インスタンスグループの状態の変更
{
"version": "0",
"id": "999cccaa-eaaa-0000-1111-123456789012",
"detail-type": "EMR Instance Group State Change",
"source": "aws.emr",
"account": "123456789012",
"time": "2016-12-16T20:57:47Z",
"region": "us-east-1",
"resources": [],
"detail": {
"market": "ON_DEMAND",
"severity": "INFO",
"requestedInstanceCount": "2",
"instanceType": "m3.xlarge",
"instanceGroupType": "CORE",
"instanceGroupId": "ig-ABCDEFGHIJKL",
"clusterId": "j-123456789ABCD",
"runningInstanceCount": "2",
"state": "RUNNING",
"message": "The resizing operation for instance group ig-ABCDEFGHIJKL in Amazon EMR cluster j-123456789ABCD (Development Cluster) is complete. It now has an instance count of 2. The resize started at 2016-12-16 20:57 UTC and took 0 minutes to complete."
}
}Amazon EMR ステップ状態の変更
{
"version": "0",
"id": "999cccaa-eaaa-0000-1111-123456789012",
"detail-type": "EMR Step Status Change",
"source": "aws.emr",
"account": "123456789012",
"time": "2016-12-16T20:53:09Z",
"region": "us-east-1",
"resources": [],
"detail": {
"severity": "ERROR",
"actionOnFailure": "CONTINUE",
"stepId": "s-ZYXWVUTSRQPON",
"name": "CustomJAR",
"clusterId": "j-123456789ABCD",
"state": "FAILED",
"message": "Step s-ZYXWVUTSRQPON (CustomJAR) in Amazon EMR cluster j-123456789ABCD (Development Cluster) failed at 2016-12-16 20:53 UTC."
}
}Amazon GameLift イベント
以下は、Amazon GameLift のイベントの例です。詳細については、『Amazon GameLift 開発者ガイド』の「FlexMatch イベントリリファレンス」を参照してください。
マッチメーキング検索
{
"version": "0",
"id": "cc3d3ebe-1d90-48f8-b268-c96655b8f013",
"detail-type": "GameLift Matchmaking Event",
"source": "aws.gamelift",
"account": "123456789012",
"time": "2017-08-08T21:15:36.421Z",
"region": "us-west-2",
"resources": [
"arn:aws:gamelift:us-west-2:123456789012:matchmakingconfiguration/SampleConfiguration"
],
"detail": {
"tickets": [
{
"ticketId": "ticket-1",
"startTime": "2017-08-08T21:15:35.676Z",
"players": [
{
"playerId": "player-1"
}
]
}
],
"estimatedWaitMillis": "NOT_AVAILABLE",
"type": "MatchmakingSearching",
"gameSessionInfo": {
"players": [
{
"playerId": "player-1"
}
]
}
}
}作成されたマッチング候補
{
"version": "0",
"id": "fce8633f-aea3-45bc-aeba-99d639cad2d4",
"detail-type": "GameLift Matchmaking Event",
"source": "aws.gamelift",
"account": "123456789012",
"time": "2017-08-08T21:17:41.178Z",
"region": "us-west-2",
"resources": [
"arn:aws:gamelift:us-west-2:123456789012:matchmakingconfiguration/SampleConfiguration"
],
"detail": {
"tickets": [
{
"ticketId": "ticket-1",
"startTime": "2017-08-08T21:15:35.676Z",
"players": [
{
"playerId": "player-1",
"team": "red"
}
]
},
{
"ticketId": "ticket-2",
"startTime": "2017-08-08T21:17:40.657Z",
"players": [
{
"playerId": "player-2",
"team": "blue"
}
]
}
],
"acceptanceTimeout": 600,
"ruleEvaluationMetrics": [
{
"ruleName": "EvenSkill",
"passedCount": 3,
"failedCount": 0
},
{
"ruleName": "EvenTeams",
"passedCount": 3,
"failedCount": 0
},
{
"ruleName": "FastConnection",
"passedCount": 3,
"failedCount": 0
},
{
"ruleName": "NoobSegregation",
"passedCount": 3,
"failedCount": 0
}
],
"acceptanceRequired": true,
"type": "PotentialMatchCreated",
"gameSessionInfo": {
"players": [
{
"playerId": "player-1",
"team": "red"
},
{
"playerId": "player-2",
"team": "blue"
}
]
},
"matchId": "3faf26ac-f06e-43e5-8d86-08feff26f692"
}
}一致の受け入れ
{
"version": "0",
"id": "b3f76d66-c8e5-416a-aa4c-aa1278153edc",
"detail-type": "GameLift Matchmaking Event",
"source": "aws.gamelift",
"account": "123456789012",
"time": "2017-08-09T20:04:42.660Z",
"region": "us-west-2",
"resources": [
"arn:aws:gamelift:us-west-2:123456789012:matchmakingconfiguration/SampleConfiguration"
],
"detail": {
"tickets": [
{
"ticketId": "ticket-1",
"startTime": "2017-08-09T20:01:35.305Z",
"players": [
{
"playerId": "player-1",
"team": "red"
}
]
},
{
"ticketId": "ticket-2",
"startTime": "2017-08-09T20:04:16.637Z",
"players": [
{
"playerId": "player-2",
"team": "blue",
"accepted": false
}
]
}
],
"type": "AcceptMatch",
"gameSessionInfo": {
"players": [
{
"playerId": "player-1",
"team": "red"
},
{
"playerId": "player-2",
"team": "blue",
"accepted": false
}
]
},
"matchId": "848b5f1f-0460-488e-8631-2960934d13e5"
}
}マッチの受け入れ完了
{
"version": "0",
"id": "b1990d3d-f737-4d6c-b150-af5ace8c35d3",
"detail-type": "GameLift Matchmaking Event",
"source": "aws.gamelift",
"account": "123456789012",
"time": "2017-08-08T20:43:14.621Z",
"region": "us-west-2",
"resources": [
"arn:aws:gamelift:us-west-2:123456789012:matchmakingconfiguration/SampleConfiguration"
],
"detail": {
"tickets": [
{
"ticketId": "ticket-1",
"startTime": "2017-08-08T20:30:40.972Z",
"players": [
{
"playerId": "player-1",
"team": "red"
}
]
},
{
"ticketId": "ticket-2",
"startTime": "2017-08-08T20:33:14.111Z",
"players": [
{
"playerId": "player-2",
"team": "blue"
}
]
}
],
"acceptance": "TimedOut",
"type": "AcceptMatchCompleted",
"gameSessionInfo": {
"players": [
{
"playerId": "player-1",
"team": "red"
},
{
"playerId": "player-2",
"team": "blue"
}
]
},
"matchId": "a0d9bd24-4695-4f12-876f-ea6386dd6dce"
}
}マッチメーキングの成功
{
"version": "0",
"id": "5ccb6523-0566-412d-b63c-1569e00d023d",
"detail-type": "GameLift Matchmaking Event",
"source": "aws.gamelift",
"account": "123456789012",
"time": "2017-08-09T19:59:09.159Z",
"region": "us-west-2",
"resources": [
"arn:aws:gamelift:us-west-2:123456789012:matchmakingconfiguration/SampleConfiguration"
],
"detail": {
"tickets": [
{
"ticketId": "ticket-1",
"startTime": "2017-08-09T19:58:59.277Z",
"players": [
{
"playerId": "player-1",
"playerSessionId": "psess-6e7c13cf-10d6-4756-a53f-db7de782ed67",
"team": "red"
}
]
},
{
"ticketId": "ticket-2",
"startTime": "2017-08-09T19:59:08.663Z",
"players": [
{
"playerId": "player-2",
"playerSessionId": "psess-786b342f-9c94-44eb-bb9e-c1de46c472ce",
"team": "blue"
}
]
}
],
"type": "MatchmakingSucceeded",
"gameSessionInfo": {
"gameSessionArn": "arn:aws:gamelift:us-west-2:123456789012:gamesession/836cf48d-bcb0-4a2c-bec1-9c456541352a",
"ipAddress": "192.168.1.1",
"port": 10777,
"players": [
{
"playerId": "player-1",
"playerSessionId": "psess-6e7c13cf-10d6-4756-a53f-db7de782ed67",
"team": "red"
},
{
"playerId": "player-2",
"playerSessionId": "psess-786b342f-9c94-44eb-bb9e-c1de46c472ce",
"team": "blue"
}
]
},
"matchId": "c0ec1a54-7fec-4b55-8583-76d67adb7754"
}
}マッチメーキングのタイムアウト
{
"version": "0",
"id": "fe528a7d-46ad-4bdc-96cb-b094b5f6bf56",
"detail-type": "GameLift Matchmaking Event",
"source": "aws.gamelift",
"account": "123456789012",
"time": "2017-08-09T20:11:35.598Z",
"region": "us-west-2",
"resources": [
"arn:aws:gamelift:us-west-2:123456789012:matchmakingconfiguration/SampleConfiguration"
],
"detail": {
"reason": "TimedOut",
"tickets": [
{
"ticketId": "ticket-1",
"startTime": "2017-08-09T20:01:35.305Z",
"players": [
{
"playerId": "player-1",
"team": "red"
}
]
}
],
"ruleEvaluationMetrics": [
{
"ruleName": "EvenSkill",
"passedCount": 3,
"failedCount": 0
},
{
"ruleName": "EvenTeams",
"passedCount": 3,
"failedCount": 0
},
{
"ruleName": "FastConnection",
"passedCount": 3,
"failedCount": 0
},
{
"ruleName": "NoobSegregation",
"passedCount": 3,
"failedCount": 0
}
],
"type": "MatchmakingTimedOut",
"message": "Removed from matchmaking due to timing out.",
"gameSessionInfo": {
"players": [
{
"playerId": "player-1",
"team": "red"
}
]
}
}
}マッチメーキングのキャンセル
{
"version": "0",
"id": "8d6f84da-5e15-4741-8d5c-5ac99091c27f",
"detail-type": "GameLift Matchmaking Event",
"source": "aws.gamelift",
"account": "123456789012",
"time": "2017-08-09T20:00:07.843Z",
"region": "us-west-2",
"resources": [
"arn:aws:gamelift:us-west-2:123456789012:matchmakingconfiguration/SampleConfiguration"
],
"detail": {
"reason": "Cancelled",
"tickets": [
{
"ticketId": "ticket-1",
"startTime": "2017-08-09T19:59:26.118Z",
"players": [
{
"playerId": "player-1"
}
]
}
],
"ruleEvaluationMetrics": [
{
"ruleName": "EvenSkill",
"passedCount": 0,
"failedCount": 0
},
{
"ruleName": "EvenTeams",
"passedCount": 0,
"failedCount": 0
},
{
"ruleName": "FastConnection",
"passedCount": 0,
"failedCount": 0
},
{
"ruleName": "NoobSegregation",
"passedCount": 0,
"failedCount": 0
}
],
"type": "MatchmakingCancelled",
"message": "Cancelled by request.",
"gameSessionInfo": {
"players": [
{
"playerId": "player-1"
}
]
}
}
}マッチメーキングの失敗
{
"version": "0",
"id": "025b55a4-41ac-4cf4-89d1-f2b3c6fd8f9d",
"detail-type": "GameLift Matchmaking Event",
"source": "aws.gamelift",
"account": "123456789012",
"time": "2017-08-16T18:41:09.970Z",
"region": "us-west-2",
"resources": [
"arn:aws:gamelift:us-west-2:123456789012:matchmakingconfiguration/SampleConfiguration"
],
"detail": {
"tickets": [
{
"ticketId": "ticket-1",
"startTime": "2017-08-16T18:41:02.631Z",
"players": [
{
"playerId": "player-1",
"team": "red"
}
]
}
],
"customEventData": "foo",
"type": "MatchmakingFailed",
"reason": "UNEXPECTED_ERROR",
"message": "An unexpected error was encountered during match placing.",
"gameSessionInfo": {
"players": [
{
"playerId": "player-1",
"team": "red"
}
]
},
"matchId": "3ea83c13-218b-43a3-936e-135cc570cba7"
}
}AWS Glue イベント
AWS Glue イベントの形式は次のとおりです。
ジョブ実行に成功
{
"version":"0",
"id":"abcdef00-1234-5678-9abc-def012345678",
"detail-type":"Glue Job State Change",
"source":"aws.glue",
"account":"123456789012",
"time":"2017-09-07T18:57:21Z",
"region":"us-west-2",
"resources":[],
"detail":{
"jobName":"MyJob",
"severity":"INFO",
"state":"SUCCEEDED",
"jobRunId":"jr_abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789",
"message":"Job run succeeded"
}
}ジョブ実行に失敗
{
"version":"0",
"id":"abcdef01-1234-5678-9abc-def012345678",
"detail-type":"Glue Job State Change",
"source":"aws.glue",
"account":"123456789012",
"time":"2017-09-07T06:02:03Z",
"region":"us-west-2",
"resources":[],
"detail":{
"jobName":"MyJob",
"severity":"ERROR",
"state":"FAILED",
"jobRunId":"jr_0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef",
"message":"JobName:MyJob and JobRunId:jr_0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef failed to execute with exception Role arn:aws:iam::123456789012:role/Glue_Role should be given assume role permissions for Glue Service."
}
}Timeout
{
"version":"0",
"id":"abcdef00-1234-5678-9abc-def012345678",
"detail-type":"Glue Job State Change",
"source":"aws.glue",
"account":"123456789012",
"time":"2017-11-20T20:22:06Z",
"region":"us-east-1",
"resources":[],
"detail":{
"jobName":"MyJob",
"severity":"WARN",
"state":"TIMEOUT",
"jobRunId":"jr_abc0123456789abcdef0123456789abcdef0123456789abcdef0123456789def",
"message":"Job run timed out"
}
}ジョブ実行の停止
{
"version":"0",
"id":"abcdef00-1234-5678-9abc-def012345678",
"detail-type":"Glue Job State Change",
"source":"aws.glue",
"account":"123456789012",
"time":"2017-11-20T20:22:06Z",
"region":"us-east-1",
"resources":[],
"detail":{
"jobName":"MyJob",
"severity":"INFO",
"state":"STOPPED",
"jobRunId":"jr_abc0123456789abcdef0123456789abcdef0123456789abcdef0123456789def",
"message":"Job run stopped"
}
}クローラ開始
{
"version":"0",
"id":"05efe8a2-c309-6884-a41b-3508bcdc9695",
"detail-type":"Glue Crawler State Change",
"source":"aws.glue",
"account":"561226563745",
"time":"2017-11-11T01:09:46Z",
"region":"us-east-1",
"resources":[
],
"detail":{
"accountId":"561226563745",
"crawlerName":"S3toS3AcceptanceTestCrawlera470bd94-9e00-4518-8942-e80c8431c322",
"startTime":"2017-11-11T01:09:46Z",
"state":"Started",
"message":"Crawler Started"
}
}クローラ成功
{
"version":"0",
"id":"3d675db5-59b9-6388-b8e8-e0a9b6d567a9",
"detail-type":"Glue Crawler State Change",
"source":"aws.glue",
"account":"561226563745",
"time":"2017-11-11T01:25:00Z",
"region":"us-east-1",
"resources":[
],
"detail":{
"tablesCreated":"0",
"warningMessage":"N/A",
"partitionsUpdated":"0",
"tablesUpdated":"0",
"message":"Crawler Succeeded",
"partitionsDeleted":"0",
"accountId":"561226563745",
"runningTime (sec)":"7",
"tablesDeleted":"0",
"crawlerName":"SchedulerTestCrawler51fb3a8b-1015-49f0-a969-ca126680b94b",
"completionDate":"2017-11-11T01:25:00Z",
"state":"Succeeded",
"partitionsCreated":"0",
"cloudWatchLogLink":"https://console.aws.amazon.com/cloudwatch/home?region=us-east-1#logEventViewer:group=/aws-glue/crawlers;stream=SchedulerTestCrawler51fb3a8b-1015-49f0-a969-ca126680b94b"
}
}クローラ失敗
{
"version":"0",
"id":"f7965b59-470f-2e06-bb89-a8cebaabefac",
"detail-type":"Glue Crawler State Change",
"source":"aws.glue",
"account":"782104008917",
"time":"2017-10-20T05:10:08Z",
"region":"us-east-1",
"resources":[
],
"detail":{
"crawlerName":"test-crawler-notification",
"errorMessage":"Internal Service Exception",
"accountId":"1234",
"cloudWatchLogLink":"https://console.aws.amazon.com/cloudwatch/home?region=us-east-1#logEventViewer:group=/aws-glue/crawlers;stream=test-crawler-notification",
"state":"Failed",
"message":"Crawler Failed"
}
}ジョブ実行は開始中状態
{
"version":"0",
"id":"66fbc5e1-aac3-5e85-63d0-856ec669a050",
"detail-type":"Glue Job Run Status",
"source":"aws.glue",
"account":"123456789012",
"time":"2018-04-24T20:57:34Z",
"region":"us-east-1",
"resources":[],
"detail":{
"jobName":"MyJob",
"severity":"INFO",
"notificationCondition":{
"NotifyDelayAfter":1.0
},
"state":"STARTING",
"jobRunId":"jr_6aa58e7a3aa44e2e4c7db2c50e2f7396cb57901729e4b702dcb2cfbbeb3f7a86",
"message":"Job is in STARTING state",
"startedOn":"2018-04-24T20:55:47.941Z"
}
}ジョブ実行は実行中状態
{
"version":"0",
"id":"66fbc5e1-aac3-5e85-63d0-856ec669a050",
"detail-type":"Glue Job Run Status",
"source":"aws.glue",
"account":"123456789012",
"time":"2018-04-24T20:57:34Z",
"region":"us-east-1",
"resources":[],
"detail":{
"jobName":"MyJob",
"severity":"INFO",
"notificationCondition":{
"NotifyDelayAfter":1.0
},
"state":"RUNNING",
"jobRunId":"jr_6aa58e7a3aa44e2e4c7db2c50e2f7396cb57901729e4b702dcb2cfbbeb3f7a86",
"message":"Job is in RUNNING state",
"startedOn":"2018-04-24T20:55:47.941Z"
}
}ジョブ実行は停止中状態
{
"version":"0",
"id":"66fbc5e1-aac3-5e85-63d0-856ec669a050",
"detail-type":"Glue Job Run Status",
"source":"aws.glue",
"account":"123456789012",
"time":"2018-04-24T20:57:34Z",
"region":"us-east-1",
"resources":[],
"detail":{
"jobName":"MyJob",
"severity":"INFO",
"notificationCondition":{
"NotifyDelayAfter":1.0
},
"state":"STOPPING",
"jobRunId":"jr_6aa58e7a3aa44e2e4c7db2c50e2f7396cb57901729e4b702dcb2cfbbeb3f7a86",
"message":"Job is in STOPPING state",
"startedOn":"2018-04-24T20:55:47.941Z"
}
}AWS Glueデータカタログのテーブルの状態変更
{
"version": "0",
"id": "2617428d-715f-edef-70b8-d210da0317a0",
"detail-type": "Glue Data Catalog Table State Change",
"source": "aws.glue",
"account": "123456789012",
"time": "2019-01-16T18:16:01Z",
"region": "eu-west-1",
"resources": [
"arn:aws:glue:eu-west-1:123456789012:table/d1/t1"
],
"detail": {
"databaseName": "d1",
"changedPartitions": [
"[C.pdf, dir3]",
"[D.doc, dir4]"
],
"typeOfChange": "BatchCreatePartition",
"tableName": "t1"
}
}AWS Glueデータカタログのデータベースの状態変更
次の例で、typeofChange は CreateTable です。このフィールドで可能なその他の値は、CreateDatabase と UpdateTable です。
{
"version": "0",
"id": "60e7ddc2-a588-5328-220a-21c060f6c3f4",
"detail-type": "Glue Data Catalog Database State Change",
"source": "aws.glue",
"account": "123456789012",
"time": "2019-01-16T18:08:48Z",
"region": "eu-west-1",
"resources": [
"arn:aws:glue:eu-west-1:123456789012:table/d1/t1"
],
"detail": {
"databaseName": "d1",
"typeOfChange": "CreateTable",
"changedTables": [
"t1"
]
}
}AWS IoT Greengrass イベント
AWS IoT Greengrass イベントの詳細については、AWS IoT Greengrass 開発者ガイド の「デプロイ通知の取得」を参照してください。
AWS Ground Station イベント
AWS Ground Station イベントの例については、「CloudWatch イベント による AWS Ground Station の自動化」 (AWS Ground Station ユーザーガイド) を参照してください。
Amazon GuardDuty イベント
Amazon GuardDuty サンプルイベントの詳細については、『Amazon GuardDuty ユーザーガイド』の「Amazon CloudWatch Events で Amazon GuardDuty をモニタリングする」を参照してください。
AWS Health イベント
AWS Personal Health Dashboard (AWS Health) イベントの形式です。詳細については、『AWS Health のユーザーガイド』の「Amazon CloudWatch Events を使用した AWS Health イベントの管理」を参照してください。
AWS Health イベントの形式
{
"version": "0",
"id": "7bf73129-1428-4cd3-a780-95db273d1602",
"detail-type": "AWS Health Event",
"source": "aws.health",
"account": "123456789012",
"time": "2016-06-05T06:27:57Z",
"region": "region",
"resources": [],
"detail": {
"eventArn": "arn:aws:health:region::event/id",
"service": "service",
"eventTypeCode": "AWS_service_code",
"eventTypeCategory": "category",
"startTime": "Sun, 05 Jun 2016 05:01:10 GMT",
"endTime": "Sun, 05 Jun 2016 05:30:57 GMT",
"eventDescription": [{
"language": "lang-code",
"latestDescription": "description"
}]
...
}
}- eventTypeCategory
-
イベントのカテゴリコード指定できる値は、
issue、accountNotification、およびscheduledChangeです。 - eventTypeCode
-
イベントタイプの一意の識別子。例には、
AWS_EC2_INSTANCE_NETWORK_MAINTENANCE_SCHEDULEDやAWS_EC2_INSTANCE_REBOOT_MAINTENANCE_SCHEDULEDが含まれます。MAINTENANCE_SCHEDULEDを含むイベントは、通常、startTimeの約 2 週間前にプッシュアウトされます。 - id
-
イベントの一意の識別子。
- サービス
-
イベントに影響を受ける AWS サービス。
EC2、S3、REDSHIFT、RDSなどが該当します。
Elastic Load BalancingAPI の問題
{
"version": "0",
"id": "121345678-1234-1234-1234-123456789012",
"detail-type": "AWS Health Event",
"source": "aws.health",
"account": "123456789012",
"time": "2016-06-05T06:27:57Z",
"region": "ap-southeast-2",
"resources": [],
"detail": {
"eventArn": "arn:aws:health:ap-southeast-2::event/AWS_ELASTICLOADBALANCING_API_ISSUE_90353408594353980",
"service": "ELASTICLOADBALANCING",
"eventTypeCode": "AWS_ELASTICLOADBALANCING_API_ISSUE",
"eventTypeCategory": "issue",
"startTime": "Sat, 11 Jun 2016 05:01:10 GMT",
"endTime": "Sat, 11 Jun 2016 05:30:57 GMT",
"eventDescription": [{
"language": "en_US",
"latestDescription": "A description of the event will be provided here"
}
}Amazon EC2インスタンスストアドライブのパフォーマンス低下
{
"version": "0",
"id": "121345678-1234-1234-1234-123456789012",
"detail-type": "AWS Health Event",
"source": "aws.health",
"account": "123456789012",
"time": "2016-06-05T06:27:57Z",
"region": "us-west-2",
"resources": [
"i-abcd1111"
],
"detail": {
"eventArn": "arn:aws:health:us-west-2::event/AWS_EC2_INSTANCE_STORE_DRIVE_PERFORMANCE_DEGRADED_90353408594353980",
"service": "EC2",
"eventTypeCode": "AWS_EC2_INSTANCE_STORE_DRIVE_PERFORMANCE_DEGRADED",
"eventTypeCategory": "issue",
"startTime": "Sat, 05 Jun 2016 15:10:09 GMT",
"eventDescription": [{
"language": "en_US",
"latestDescription": "A description of the event will be provided here"
}],
"affectedEntities": [{
"entityValue": "i-abcd1111",
"tags": {
"stage": "prod",
"app": "my-app"
}
}AWS KMS イベント
以下は、AWS Key Management Service (AWS KMS) イベントの例です。詳細については、『AWS Key Management Service Developer Guide』の「AWS KMS イベント」を参照してください。
KMS CMK ローテーション
AWS KMS は、CMK のキーデータを自動的にローテーションしました。
{
"version": "0",
"id": "6a7e8feb-b491-4cf7-a9f1-bf3703467718",
"detail-type": "KMS CMK Rotation",
"source": "aws.kms",
"account": "111122223333",
"time": "2016-08-25T21:05:33Z",
"region": "us-west-2",
"resources": [
"arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab"
],
"detail": {
"key-id": "1234abcd-12ab-34cd-56ef-1234567890ab"
}
}KMS でインポートされたキーマテリアルの有効期限
AWS KMS は、CMK の期限切れキーマテリアルを削除しました。
{
"version": "0",
"id": "9da9af57-9253-4406-87cb-7cc400e43465",
"detail-type": "KMS Imported Key Material Expiration",
"source": "aws.kms",
"account": "111122223333",
"time": "2016-08-22T20:12:19Z",
"region": "us-west-2",
"resources": [
"arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab"
],
"detail": {
"key-id": "1234abcd-12ab-34cd-56ef-1234567890ab"
}
}KMS CMK 削除
AWS KMS は、スケジュールされた CMK を完全に削除しました。
{
"version": "0",
"id": "e9ce3425-7d22-412a-a699-e7a5fc3fbc9a",
"detail-type": "KMS CMK Deletion",
"source": "aws.kms",
"account": "111122223333",
"time": "2016-08-19T03:23:45Z",
"region": "us-west-2",
"resources": [
"arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab"
],
"detail": {
"key-id": "1234abcd-12ab-34cd-56ef-1234567890ab"
}
}Amazon Macie イベント
以下は、Amazon Macie のイベントの例です。
アラートの作成
{
"version": "0",
"id": "CWE-event-id",
"detail-type": "Macie Alert",
"source": "aws.macie",
"account": "123456789012",
"time": "2017-04-24T22:28:49Z",
"region": "us-east-1",
"resources": [
"arn:aws:macie:us-east-1:123456789012:trigger/trigger_id/alert/alert_id",
"arn:aws:macie:us-east-1:123456789012:trigger/trigger_id"
],
"detail": {
"notification-type": "ALERT_CREATED",
"name": "Scanning bucket policies",
"tags": [
"Custom_Alert",
"Insider"
],
"url": "https://lb00.us-east-1.macie.aws.amazon.com/111122223333/posts/alert_id",
"alert-arn": "arn:aws:macie:us-east-1:123456789012:trigger/trigger_id/alert/alert_id",
"risk-score": 80,
"trigger": {
"rule-arn": "arn:aws:macie:us-east-1:123456789012:trigger/trigger_id",
"alert-type": "basic",
"created-at": "2017-01-02 19:54:00.644000",
"description": "Alerting on failed enumeration of large number of bucket policies",
"risk": 8
},
"created-at": "2017-04-18T00:21:12.059000",
"actor": "555566667777:assumed-role:superawesome:aroaidpldc7nsesfnheji",
"summary": {
"Description": "Alerting on failed enumeration of large number of bucket policies",
"IP": {
"34.199.185.34": 121,
"34.205.153.2": 2,
"72.21.196.70": 2
},
"Time Range": [
{
"count": 125,
"start": "2017-04-24T20:23:49Z",
"end": "2017-04-24T20:25:54Z"
}
],
"Source ARN": "arn:aws:sts::123456789012:assumed-role/RoleName",
"Record Count": 1,
"Location": {
"us-east-1": 125
},
"Event Count": 125,
"Events": {
"GetBucketLocation": {
"count": 48,
"ISP": {
"Amazon": 48
}
},
"ListRoles": {
"count": 2,
"ISP": {
"Amazon": 2
}
},
"GetBucketPolicy": {
"count": 37,
"ISP": {
"Amazon": 37
},
"Error Code": {
"NoSuchBucketPolicy": 22
}
},
"GetBucketAcl": {
"count": 37,
"ISP": {
"Amazon": 37
}
},
"ListBuckets": {
"count": 1,
"ISP": {
"Amazon": 1
}
}
},
"recipientAccountId": {
"123456789012": 125
}
}
}
}
{
"version": "0",
"id": "CWE-event-id",
"detail-type": "Macie Alert",
"source": "aws.macie",
"account": "123456789012",
"time": "2017-04-18T18:15:41Z",
"region": "us-east-1",
"resources": [
"arn:aws:macie:us-east-1:123456789012:trigger/trigger_id/alert/alert_id",
"arn:aws:macie:us-east-1:123456789012:trigger/trigger_id"
],
"detail": {
"notification-type": "ALERT_CREATED",
"name": "Bucket is writable by all authenticated users",
"tags": [
"Custom_Alert",
"Audit"
],
"url": "https://lb00.us-east-1.macie.aws.amazon.com/111122223333/posts/alert_id",
"alert-arn": "arn:aws:macie:us-east-1:123456789012:trigger/trigger_id/alert/alert_id",
"risk-score": 70,
"trigger": {
"rule-arn": "arn:aws:macie:us-east-1:123456789012:trigger/trigger_id",
"alert-type": "basic",
"created-at": "2017-04-08 00:21:30.749000",
"description": "Bucket is writable by all authenticated users",
"risk": 7
},
"created-at": "2017-04-18T18:16:17.046454",
"actor": "444455556666",
"summary": {
"Description": "Bucket is writable by all authenticated users",
"Bucket": {
"secret-bucket-name": 1
},
"Record Count": 1,
"ACL": {
"secret-bucket-name": [
{
"Owner": {
"DisplayName": "bucket_owner",
"ID": "089d2842f4b392f5c5c61f073bd2e4a37b3bb2e62659318c6960e8981648a17e"
},
"Grants": [
{
"Grantee": {
"Type": "Group",
"URI": "http://acs.amazonaws.com/groups/global/AuthenticatedUsers"
},
"Permission": "WRITE"
}
]
}
]
},
"Event Count": 1,
"Timestamps": {
"2017-01-10T22:48:06.784937": 1
}
}
}
}アラートの更新
{
"version": "0",
"id": "CWE-event-id",
"detail-type": "Macie Alert",
"source": "aws.macie",
"account": "123456789012",
"time": "2017-04-18T17:47:48Z",
"region": "us-east-1",
"resources": [
"arn:aws:macie:us-east-1:123456789012:trigger/trigger_id/alert/alert_id",
"arn:aws:macie:us-east-1:123456789012:trigger/trigger_id"
],
"detail": {
"notification-type": "ALERT_UPDATED",
"name": "Public bucket contains high risk object",
"tags": [
"Custom_Alert",
"Audit"
],
"url": "https://lb00.us-east-1.macie.aws.amazon.com/111122223333/posts/alert_id",
"alert-arn": "arn:aws:macie:us-east-1:123456789012:trigger/trigger_id/alert/alert_id",
"risk-score": 100,
"trigger": {
"rule-arn": "arn:aws:macie:us-east-1:123456789012:trigger/trigger_id",
"alert-type": "basic",
"created-at": "2017-04-08 00:23:39.138000",
"description": "Public bucket contains high risk object",
"risk": 10
},
"created-at": "2017-04-08T00:36:26.270000",
"actor": "public_bucket",
"summary": {
"Description": "Public bucket contains high risk object",
"Object": {
"public_bucket/secret_key.txt": 1,
"public_bucket/financial_summary.txt": 1
},
"Record Count": 2,
"Themes": {
"Secret Markings": 1,
"Corporate Proposals": 1,
"Confidential Markings": 1
},
"Event Count": 2,
"DLP risk": {
"7": 2
},
"Owner": {
"bucket_owner": 2
},
"Timestamps": {
"2017-04-03T16:12:53+00:00": 2
}
}
}
}{
"version": "0",
"id": "CWE-event-id",
"detail-type": "Macie Alert",
"source": "aws.macie",
"account": "123456789012",
"time": "2017-04-22T03:31:47Z",
"region": "us-east-1",
"resources": [
"arn:aws:macie:us-east-1:123456789012:trigger/macie/alert/alert_id",
"arn:aws:macie:us-east-1:123456789012:trigger/macie"
],
"detail": {
"notification-type": "ALERT_UPDATED",
"name": "Lists the instance profiles that have the specified associated IAM role, Lists the names of the inline policies that are embedded in the specified IAM role",
"tags": [
"Predictive",
"Behavioral_Anomaly"
],
"url": "https://lb00.us-east-1.macie.aws.amazon.com/111122223333/posts/alert_id",
"alert-arn": "arn:aws:macie:us-east-1:123456789012:trigger/macie/alert/alert_id",
"risk-score": 20,
"created-at": "2017-04-22T03:08:35.256000",
"actor": "123456789012:assumed-role:rolename",
"trigger": {
"alert-type": "predictive",
"features": {
"distinctEventName": {
"name": "distinctEventName",
"description": "Event Names executed during a user session",
"narrative": "A sudden increase in event names utilized by a user can be an indicator of a change in user behavior or account risk",
"risk": 3
},
"ListInstanceProfilesForRole": {
"name": "ListInstanceProfilesForRole",
"description": "Lists the instance profiles that have the specified associated IAM role",
"narrative": "Information collection activity suggesting the start of a reconnaissance or exfiltration campaign",
"anomalous": true,
"multiplier": 8.420560747663552,
"excession_times": [
"2017-04-21T18:00:00Z"
],
"risk": 1
},
"ListRolePolicies": {
"name": "ListRolePolicies",
"description": "Lists the names of the inline policies that are embedded in the specified IAM role",
"narrative": "Information collection activity suggesting the start of a reconnaisance or exfiltration campaign",
"anomalous": true,
"multiplier": 12.017441860465116,
"excession_times": [
"2017-04-21T18:00:00Z"
],
"risk": 2
}
}
}
}
}AWS マネジメントコンソール サインインイベント
AWS マネジメントコンソール サインインイベントは、CloudWatch イベント によって検出できます。リージョナルサインインイベントの詳細については、「リージョン別サインインインイベントのログ記録」を参照してください。
以下は、コンソールサインインイベントの例です。
{
"id": "6f87d04b-9f74-4f04-a780-7acf4b0a9b38",
"detail-type": "AWS Console Sign In via CloudTrail",
"source": "aws.signin",
"account": "123456789012",
"time": "2016-01-05T18:21:27Z",
"region": "us-east-1",
"resources": [],
"detail": {
"eventVersion": "1.02",
"userIdentity": {
"type": "Root",
"principalId": "123456789012",
"arn": "arn:aws:iam::123456789012:root",
"accountId": "123456789012"
},
"eventTime": "2016-01-05T18:21:27Z",
"eventSource": "signin.amazonaws.com",
"eventName": "ConsoleLogin",
"awsRegion": "us-east-1",
"sourceIPAddress": "0.0.0.0",
"userAgent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.106 Safari/537.36",
"requestParameters": null,
"responseElements": {
"ConsoleLogin": "Success"
},
"additionalEventData": {
"LoginTo": "https://console.aws.amazon.com/console/home?state=hashArgs%23&isauthcode=true",
"MobileVersion": "No",
"MFAUsed": "No" },
"eventID": "324731c0-64b3-4421-b552-dfc3c27df4f6",
"eventType": "AwsConsoleSignIn"
}
}AWS OpsWorks スタックイベント
以下は、AWS OpsWorks のスタックイベントの例です。
AWS OpsWorks スタックインスタンス状態の変更
AWS OpsWorks スタックインスタンス状態の変更を示します。インスタンスの状態は次のようになります。
-
booting -
connection_lost -
online -
pending -
rebooting -
requested -
running_setup -
setup_failed -
shutting_down -
start_failed -
stopping -
stop_failed -
stopped -
terminating -
terminated
{
"version": "0",
"id": "dc5fa8df-48f1-2108-b1b9-1fe5ebcf2296",
"detail-type": "OpsWorks Instance State Change",
"source": "aws.opsworks",
"account": "123456789012",
"time": "2018-01-25T11:12:23Z",
"region": "us-east-1",
"resources": [
"arn:aws:opsworks:us-east-1:123456789012:instance/a648d98f-fdd8-4323-952a-a50z3e4z500z"
],
"detail": {
"initiated_by": "user",
"hostname": "testing1",
"stack-id": "acd3df16-e859-4598-8414-377b12a902da",
"layer-ids": [
"d1a0cb7f-c7e9-4a63-811c-976f0267b2c8"
],
"instance-id": "a648d98f-fdd8-4323-952a-a50z3e4z500z",
"ec2-instance-id": "i-08b1c2b67aa292276",
"status": "requested"
}
}initiated_by フィールドは、インスタンスが requested、terminating あるいは stopping 状態にある場合にのみ、値を表示します。initiated_by フィールドには次のいずれかの値が含まれます。
-
user- ユーザーが API または AWS マネジメントコンソール を使用して、インスタンス状態の変更をリクエストしました。 -
auto-scaling- AWS OpsWorks スタック自動スケーリング機能によって、インスタンス状態の変更が開始されました。 -
auto-healing- AWS OpsWorks スタック自動ヒーリング機能によって、インスタンス状態の変更が開始されました。
AWS OpsWorks スタックコマンド状態の変更
AWS OpsWorks スタックコマンド状態に変更が生じました。コマンド状態は次のようになります。
-
expired- コマンドタイムアウト。 -
failed- 一般的なコマンドエラーが発生しました。 -
skipped- AWS OpsWorks スタックと Amazon EC2 でインスタンスが異なる状態にあるため、コマンドはスキップされました。 -
successful- コマンドは成功しました。 -
superseded- すでに適用された設定変更を適用しようと試みたため、コマンドはスキップされました。
{
"version": "0",
"id": "96c778b6-a40e-c8c1-aafc-c9852a3a7b52",
"detail-type": "OpsWorks Command State Change",
"source": "aws.opsworks",
"account": "123456789012",
"time": "2018-01-26T08:54:40Z",
"region": "us-east-1",
"resources": [
"arn:aws:opsworks:us-east-1:123456789012:instance/a648d98f-fdd8-4323-952a-a50a3e4e500f"
],
"detail": {
"command-id": "acc9f4f3-a3ec-4fab-b70f-c7d04e71e3ec",
"instance-id": "a648d98f-fdd8-4323-952a-a50a3e4e500f",
"type": "setup",
"status": "successful"
}
}AWS OpsWorks スタックデプロイ状態の変更
AWS OpsWorks スタックデプロイ状態に変更が生じました。デプロイ状態は次のようになります。
-
running -
successful -
failed
{
"version": "0",
"id": "b8230afa-60c7-f43f-b632-841c1cfb22ff",
"detail-type": "OpsWorks Deployment State Change",
"source": "aws.opsworks",
"account": "123456789012",
"time": "2018-01-25T11:15:48Z",
"region": "us-east-1",
"resources": [
"arn:aws:opsworks:us-east-1:123456789012:instance/a648d98f-fdd8-4323-952a-a50a3e4e500f"
],
"detail": {
"duration": 16,
"stack-id": "acd3df16-e859-4598-8414-377b12a902da",
"instance-ids": [
"a648d98f-fdd8-4323-952a-a50a3e4e500f"
],
"deployment-id": "606419dc-418e-489c-8531-bff9770fc346",
"command": "configure",
"status": "successful"
}
}duration フィールドは、デプロイが終了したときにのみ秒数で時間を表示します。
AWS OpsWorks のスタックアラート
AWS OpsWorks スタックサービスエラーが発生しました。
{
"version": "0",
"id": "f99faa6f-0e27-e398-95bb-8f190806d275",
"detail-type": "OpsWorks Alert",
"source": "aws.opsworks",
"account": "123456789012",
"time": "2018-01-20T16:51:29Z",
"region": "us-east-1",
"resources": [],
"detail": {
"stack-id": "2f48f2be-ac7d-4dd5-80bb-88375f94db7b",
"instance-id": "986efb74-69e8-4c6d-878e-5b77c054cbb0",
"type": "InstanceStop",
"message": "The shutdown of the instance timed out. Please try stopping it again."
}
}SageMaker イベント
以下は、SageMaker のイベントの例です。
SageMakerトレーニングジョブの状態変更
SageMaker トレーニングジョブのステータスの変更を示します。
TrainingJobStatus の値が Failed の場合、イベントには FailureReason フィールドが含まれ、トレーニングジョブが失敗した理由の説明を提供します。
{
"version": "0",
"id": "844e2571-85d4-695f-b930-0153b71dcb42",
"detail-type": "SageMaker Training Job State Change",
"source": "aws.sagemaker",
"account": "123456789012",
"time": "2018-10-06T12:26:13Z",
"region": "us-east-1",
"resources": [
"arn:aws:sagemaker:us-east-1:123456789012:training-job/kmeans-1"
],
"detail": {
"TrainingJobName": "89c96cc8-dded-4739-afcc-6f1dc936701d",
"TrainingJobArn": "arn:aws:sagemaker:us-east-1:123456789012:training-job/kmeans-1",
"TrainingJobStatus": "Completed",
"SecondaryStatus": "Completed",
"HyperParameters": {
"Hyper": "Parameters"
},
"AlgorithmSpecification": {
"TrainingImage": "TrainingImage",
"TrainingInputMode": "TrainingInputMode"
},
"RoleArn": "a little teapot, some little teapot",
"InputDataConfig": [
{
"ChannelName": "Train",
"DataSource": {
"S3DataSource": {
"S3DataType": "S3DataType",
"S3Uri": "S3Uri",
"S3DataDistributionType": "S3DataDistributionType"
}
},
"ContentType": "ContentType",
"CompressionType": "CompressionType",
"RecordWrapperType": "RecordWrapperType"
}
],
"OutputDataConfig": {
"KmsKeyId": "KmsKeyId",
"S3OutputPath": "S3OutputPath"
},
"ResourceConfig": {
"InstanceType": "InstanceType",
"InstanceCount": 3,
"VolumeSizeInGB": 20,
"VolumeKmsKeyId": "VolumeKmsKeyId"
},
"VpcConfig": {
},
"StoppingCondition": {
"MaxRuntimeInSeconds": 60
},
"CreationTime": "2018-10-06T12:26:13Z",
"TrainingStartTime": "2018-10-06T12:26:13Z",
"TrainingEndTime": "2018-10-06T12:26:13Z",
"LastModifiedTime": "2018-10-06T12:26:13Z",
"SecondaryStatusTransitions": [
],
"Tags": {
}
}
}SageMakerハイパーパラメータ調整ジョブの状態変更
SageMaker ハイパーパラメータ調整ジョブのステータスの変更を示します。
{
"version": "0",
"id": "844e2571-85d4-695f-b930-0153b71dcb42",
"detail-type": "SageMaker HyperParameter Tuning Job State Change",
"source": "aws.sagemaker",
"account": "123456789012",
"time": "2018-10-06T12:26:13Z",
"region": "us-east-1",
"resources": [
"arn:aws:sagemaker:us-east-1:123456789012:tuningJob/x"
],
"detail": {
"HyperParameterTuningJobName": "016bffd3-6d71-4d3a-9710-0a332b2759fc",
"HyperParameterTuningJobArn": "arn:aws:sagemaker:us-east-1:123456789012:tuningJob/x",
"TrainingJobDefinition": {
"StaticHyperParameters": {},
"AlgorithmSpecification": {
"TrainingImage": "trainingImageName",
"TrainingInputMode": "inputModeFile",
"MetricDefinitions": [
{
"Name": "metricName",
"Regex": "regex"
}
]
},
"RoleArn": "roleArn",
"InputDataConfig": [
{
"ChannelName": "channelName",
"DataSource": {
"S3DataSource": {
"S3DataType": "s3DataType",
"S3Uri": "s3Uri",
"S3DataDistributionType": "s3DistributionType"
}
},
"ContentType": "contentType",
"CompressionType": "gz",
"RecordWrapperType": "RecordWrapper"
}
],
"VpcConfig": {
"SecurityGroupIds": [
"securityGroupIds"
],
"Subnets": [
"subnets"
]
},
"OutputDataConfig": {
"KmsKeyId": "kmsKeyId",
"S3OutputPath": "s3OutputPath"
},
"ResourceConfig": {
"InstanceType": "instanceType",
"InstanceCount": 10,
"VolumeSizeInGB": 500,
"VolumeKmsKeyId": "volumeKeyId"
},
"StoppingCondition": {
"MaxRuntimeInSeconds": 3600
}
},
"HyperParameterTuningJobStatus": "status",
"CreationTime": "2018-10-06T12:26:13Z",
"LastModifiedTime": "2018-10-06T12:26:13Z",
"TrainingJobStatusCounters": {
"Completed": 1,
"InProgress": 0,
"RetryableError": 0,
"NonRetryableError": 0,
"Stopped": 0
},
"ObjectiveStatusCounters": {
"Succeeded": 1,
"Pending": 0,
"Failed": 0
},
"Tags": {}
}
}SageMaker 変換ジョブの状態変更
SageMaker バッチ変換ジョブの状態の変更を示します。
TransformJobStatus の値が Failed の場合、イベントには FailureReason フィールドが含まれ、トレーニングジョブが失敗した理由の説明を提供します。
{
"version": "0",
"id": "844e2571-85d4-695f-b930-0153b71dcb42",
"detail-type": "SageMaker Transform Job State Change",
"source": "aws.sagemaker",
"account": "123456789012",
"time": "2018-10-06T12:26:13Z",
"region": "us-east-1",
"resources": [
"arn:aws:sagemaker:us-east-1:123456789012:transform-job/myjob"
],
"detail": {
"TransformJobName": "4b52bd8f-e034-4345-818d-884bdd7c9724",
"TransformJobArn": "arn:aws:sagemaker:us-east-1:123456789012:transform-job/myjob",
"TransformJobStatus": "Completed",
"ModelName": "ModelName",
"MaxConcurrentTransforms": 5,
"MaxPayloadInMB": 10,
"BatchStrategy": "Strategy",
"Environment": {
"environment1": "environment2"
},
"TransformInput": {
"DataSource": {
"S3DataSource": {
"S3DataType": "s3DataType",
"S3Uri": "s3Uri"
}
},
"ContentType": "content type",
"CompressionType": "compression type",
"SplitType": "split type"
},
"TransformOutput": {
"S3OutputPath": "s3Uri",
"Accept": "accept",
"AssembleWith": "assemblyType",
"KmsKeyId": "kmsKeyId"
},
"TransformResources": {
"InstanceType": "instanceType",
"InstanceCount": 3
},
"CreationTime": "2018-10-06T12:26:13Z",
"TransformStartTime": "2018-10-06T12:26:13Z",
"TransformEndTime": "2018-10-06T12:26:13Z",
"Tags": {
}
}
}AWS Security Hub イベント
セキュリティハブ サンプルイベントの詳細については、AWS Security Hub ユーザーガイドの「Amazon CloudWatch Events で AWS Security Hub をモニタリングする」を参照してください。
AWS Server Migration Service イベント
以下は、AWS Server Migration Service のイベントの例です。
[Deleted replication job notification] (レプリケーションジョブ通知の削除)
{
"version": "0",
"id": "5630992d-92cd-439f-f2a8-92c8212aee24",
"detail-type": "Server Migration Job State Change",
"source": "aws.sms",
"account": "123456789012",
"time": "2018-02-07T22:30:11Z",
"region": "us-west-1",
"resources": [
"arn:aws:sms:us-west-1:123456789012:sms-job-21a64348"
],
"detail": {
"state": "Deleted",
"replication-run-id": "N/A",
"replication-job-id": "sms-job-21a64348",
"version": "1.0"
}
}[Completed replication job notification] (レプリケーションジョブ通知の完了)
{
"version": "0",
"id": "3f9c59cc-f941-522a-be6d-f08e44ff1715",
"detail-type": "Server Migration Job State Change",
"source": "aws.sms",
"account": "123456789012",
"time": "2018-02-07T22:54:00Z",
"region": "us-west-1",
"resources": [
"arn:aws:sms:us-west-1:123456789012:sms-job-2ea64347",
"arn:aws:sms:us-west-1:123456789012:sms-job-2ea64347/sms-run-e1a64388"
],
"detail": {
"state": "Completed",
"replication-run-id": "sms-run-e1a64388",
"replication-job-id": "sms-job-2ea64347",
"ami-id": "ami-746d6314",
"version": "1.0"
}
}AWS Systems Manager イベント
以下は、AWS Systems Manager のイベントの例です。詳細については、『Linux インスタンス用 Amazon EC2 ユーザーガイド』の「Run Command のコマンド実行ステータスの変更をログに記録する」を参照してください。
Run Command ステータス変更の通知
{
"version": "0",
"id": "51c0891d-0e34-45b1-83d6-95db273d1602",
"detail-type": "EC2 Command Status-change Notification",
"source": "aws.ssm",
"account": "123456789012",
"time": "2016-07-10T21:51:32Z",
"region": "us-east-1",
"resources": ["arn:aws:ec2:us-east-1:123456789012:instance/i-abcd1111"],
"detail": {
"command-id": "e8d3c0e4-71f7-4491-898f-c9b35bee5f3b",
"document-name": "AWS-RunPowerShellScript",
"expire-after": "2016-07-14T22:01:30.049Z",
"parameters": {
"executionTimeout": ["3600"],
"commands": ["date"]
},
"requested-date-time": "2016-07-10T21:51:30.049Z",
"status": "Success"
}
}Run Command 呼び出しステータス変更の通知
{
"version": "0",
"id": "4780e1b8-f56b-4de5-95f2-95db273d1602",
"detail-type": "EC2 Command Invocation Status-change Notification",
"source": "aws.ssm",
"account": "123456789012",
"time": "2016-07-10T21:51:32Z",
"region": "us-east-1",
"resources": ["arn:aws:ec2:us-east-1:123456789012:instance/i-abcd1111"],
"detail": {
"command-id": "e8d3c0e4-71f7-4491-898f-c9b35bee5f3b",
"document-name": "AWS-RunPowerShellScript",
"instance-id": "i-9bb89e2b",
"requested-date-time": "2016-07-10T21:51:30.049Z",
"status": "Success"
}
}Automation ステップステータス変更の通知
{
"version": "0",
"id": "eeca120b-a321-433e-9635-dab369006a6b",
"detail-type": "EC2 Automation Step Status-change Notification",
"source": "aws.ssm",
"account": "123456789012",
"time": "2016-11-29T19:43:35Z",
"region": "us-east-1",
"resources": ["arn:aws:ssm:us-east-1:123456789012:automation-execution/333ba70b-2333-48db-b17e-a5e69c6f4d1c",
"arn:aws:ssm:us-east-1:123456789012:automation-definition/runcommand1:1"],
"detail": {
"ExecutionId": "333ba70b-2333-48db-b17e-a5e69c6f4d1c",
"Definition": "runcommand1",
"DefinitionVersion": 1.0,
"Status": "Success",
"EndTime": "Nov 29, 2016 7:43:25 PM",
"StartTime": "Nov 29, 2016 7:43:23 PM",
"Time": 2630.0,
"StepName": "runFixedCmds",
"Action": "aws:runCommand"
}
}Automation 実行ステータス変更の通知
{
"version": "0",
"id": "d290ece9-1088-4383-9df6-cd5b4ac42b99",
"detail-type": "EC2 Automation Execution Status-change Notification",
"source": "aws.ssm",
"account": "123456789012",
"time": "2016-11-29T19:43:35Z",
"region": "us-east-1",
"resources": ["arn:aws:ssm:us-east-1:123456789012:automation-execution/333ba70b-2333-48db-b17e-a5e69c6f4d1c",
"arn:aws:ssm:us-east-1:123456789012:automation-definition/runcommand1:1"],
"detail": {
"ExecutionId": "333ba70b-2333-48db-b17e-a5e69c6f4d1c",
"Definition": "runcommand1",
"DefinitionVersion": 1.0,
"Status": "Success",
"StartTime": "Nov 29, 2016 7:43:20 PM",
"EndTime": "Nov 29, 2016 7:43:26 PM",
"Time": 5753.0,
"ExecutedBy": "arn:aws:iam::123456789012:user/userName"
}
}ステートマネージャーの関連付け状態の変更
{
"version":"0",
"id":"db839caf-6f6c-40af-9a48-25b2ae2b7774",
"detail-type":"EC2 State Manager Association State Change",
"source":"aws.ssm",
"account":"123456789012",
"time":"2017-05-16T23:01:10Z",
"region":"us-west-1",
"resources":[
"arn:aws:ssm:us-west-1::document/AWS-RunPowerShellScript"
],
"detail":{
"association-id":"6e37940a-23ba-4ab0-9b96-5d0a1a05464f",
"document-name":"AWS-RunPowerShellScript",
"association-version":"1",
"document-version":"Optional.empty",
"targets":"[{\"key\":\"InstanceIds\",\"values\":[\"i-12345678\"]}]",
"creation-date":"2017-02-13T17:22:54.458Z",
"last-successful-execution-date":"2017-05-16T23:00:01Z",
"last-execution-date":"2017-05-16T23:00:01Z",
"last-updated-date":"2017-02-13T17:22:54.458Z",
"status":"Success",
"association-status-aggregated-count":"{\"Success\":1}",
"schedule-expression":"cron(0 */30 * * * ? *)",
"association-cwe-version":"1.0"
}
}ステートマネージャーインスタンスの関連付け状態の変更
{
"version":"0",
"id":"6a7e8feb-b491-4cf7-a9f1-bf3703467718",
"detail-type":"EC2 State Manager Instance Association State Change",
"source":"aws.ssm",
"account":"123456789012",
"time":"2017-02-23T15:23:48Z",
"region":"us-east-1",
"resources":[
"arn:aws:ec2:us-east-1:123456789012:instance/i-12345678",
"arn:aws:ssm:us-east-1:123456789012:document/my-custom-document"
],
"detail":{
"association-id":"34fcb7e0-9a14-4984-9989-0e04e3f60bd8",
"instance-id":"i-12345678",
"document-name":"my-custom-document",
"document-version":"1",
"targets":"[{\"key\":\"instanceids\",\"values\":[\"i-12345678\"]}]",
"creation-date":"2017-02-23T15:23:48Z",
"last-successful-execution-date":"2017-02-23T16:23:48Z",
"last-execution-date":"2017-02-23T16:23:48Z",
"status":"Success",
"detailed-status":"",
"error-code":"testErrorCode",
"execution-summary":"testExecutionSummary",
"output-url":"sampleurl",
"instance-association-cwe-version":"1"
}
}AWS Systems Manager 設定コンプライアンスイベント
以下は、Amazon EC2 Systems Manager (SSM) の設定コンプライアンスのイベントの例です。
関連付けの準拠
{
"version": "0",
"id": "01234567-0123-0123-0123-012345678901",
"detail-type": "Configuration Compliance State Change",
"source": "aws.ssm",
"account": "123456789012",
"time": "2017-07-17T19:03:26Z",
"region": "us-west-1",
"resources": [
"arn:aws:ssm:us-west-1:461348341421:managed-instance/i-01234567890abcdef"
],
"detail": {
"last-runtime": "2017-01-01T10:10:10Z",
"compliance-status": "compliant",
"resource-type": "managed-instance",
"resource-id": "i-01234567890abcdef",
"compliance-type": "Association"
}
}関連付けの非準拠
{
"version": "0",
"id": "01234567-0123-0123-0123-012345678901",
"detail-type": "Configuration Compliance State Change",
"source": "aws.ssm",
"account": "123456789012",
"time": "2017-07-17T19:02:31Z",
"region": "us-west-1",
"resources": [
"arn:aws:ssm:us-west-1:461348341421:managed-instance/i-01234567890abcdef"
],
"detail": {
"last-runtime": "2017-01-01T10:10:10Z",
"compliance-status": "non_compliant",
"resource-type": "managed-instance",
"resource-id": "i-01234567890abcdef",
"compliance-type": "Association"
}
} パッチの準拠
{
"version": "0",
"id": "01234567-0123-0123-0123-012345678901",
"detail-type": "Configuration Compliance State Change",
"source": "aws.ssm",
"account": "123456789012",
"time": "2017-07-17T19:03:26Z",
"region": "us-west-1",
"resources": [
"arn:aws:ssm:us-west-1:461348341421:managed-instance/i-01234567890abcdef"
],
"detail": {
"resource-type": "managed-instance",
"resource-id": "i-01234567890abcdef",
"compliance-status": "compliant",
"compliance-type": "Patch",
"patch-baseline-id": "PB789",
"severity": "critical"
}
}パッチの非準拠
{
"version": "0",
"id": "01234567-0123-0123-0123-012345678901",
"detail-type": "Configuration Compliance State Change",
"source": "aws.ssm",
"account": "123456789012",
"time": "2017-07-17T19:02:31Z",
"region": "us-west-1",
"resources": [
"arn:aws:ssm:us-west-1:461348341421:managed-instance/i-01234567890abcdef"
],
"detail": {
"resource-type": "managed-instance",
"resource-id": "i-01234567890abcdef",
"compliance-status": "non_compliant",
"compliance-type": "Patch",
"patch-baseline-id": "PB789",
"severity": "critical"
}
}AWS Systems Manager メンテナンスウィンドウのイベント
以下は、Systems Manager メンテナンスウィンドウのイベントの例です。
ターゲットの登録
ステータスは、DEREGISTERED に設定することもできます。
{
"version":"0",
"id":"01234567-0123-0123-0123-0123456789ab",
"detail-type":"Maintenance Window Target Registration Notification",
"source":"aws.ssm",
"account":"012345678901",
"time":"2016-11-16T00:58:37Z",
"region":"us-east-1",
"resources":[
"arn:aws:ssm:us-west-2:001312665065:maintenancewindow/mw-0ed7251d3fcf6e0c2",
"arn:aws:ssm:us-west-2:001312665065:windowtarget/e7265f13-3cc5-4f2f-97a9-7d3ca86c32a6"
],
"detail":{
"window-target-id":"e7265f13-3cc5-4f2f-97a9-7d3ca86c32a6",
"window-id":"mw-0ed7251d3fcf6e0c2",
"status":"REGISTERED"
}
}ウィンドウの実行タイプ
ステータスには、他にも PENDING、IN_PROGRESS、SUCCESS、FAILED、TIMED_OUT、SKIPPED_OVERLAPPING などがあります。
{
"version":"0",
"id":"01234567-0123-0123-0123-0123456789ab",
"detail-type":"Maintenance Window Execution State-change Notification",
"source":"aws.ssm",
"account":"012345678901",
"time":"2016-11-16T01:00:57Z",
"region":"us-east-1",
"resources":[
"arn:aws:ssm:us-west-2:0123456789ab:maintenancewindow/mw-123456789012345678"
],
"detail":{
"start-time":"2016-11-16T01:00:56.427Z",
"end-time":"2016-11-16T01:00:57.070Z",
"window-id":"mw-0ed7251d3fcf6e0c2",
"window-execution-id":"b60fb56e-776c-4e5c-84ee-123456789012",
"status":"TIMED_OUT"
}
}タスクの実行タイプ
ステータスには、他にも IN_PROGRESS、SUCCESS、FAILED、TIMED_OUT などがあります。
{
"version":"0",
"id":"01234567-0123-0123-0123-0123456789ab",
"detail-type":"Maintenance Window Task Execution State-change Notification",
"source":"aws.ssm",
"account":"012345678901",
"time":"2016-11-16T01:00:56Z",
"region":"us-east-1",
"resources":[
"arn:aws:ssm:us-west-2:0123456789ab:maintenancewindow/mw-123456789012345678"
],
"detail":{
"start-time":"2016-11-16T01:00:56.759Z",
"task-execution-id":"6417e808-7f35-4d1a-843f-123456789012",
"end-time":"2016-11-16T01:00:56.847Z",
"window-id":"mw-0ed7251d3fcf6e0c2",
"window-execution-id":"b60fb56e-776c-4e5c-84ee-123456789012",
"status":"TIMED_OUT"
}
}処理されるタスクのターゲット
ステータスには、他にも IN_PROGRESS、SUCCESS、FAILED、TIMED_OUT などがあります。
{
"version":"0",
"id":"01234567-0123-0123-0123-0123456789ab",
"detail-type":"Maintenance Window Task Target Invocation State-change Notification",
"source":"aws.ssm",
"account":"012345678901",
"time":"2016-11-16T01:00:57Z",
"region":"us-east-1",
"resources":[
"arn:aws:ssm:us-west-2:0123456789ab:maintenancewindow/mw-123456789012345678"
],
"detail":{
"start-time":"2016-11-16T01:00:56.427Z",
"end-time":"2016-11-16T01:00:57.070Z",
"window-id":"mw-0ed7251d3fcf6e0c2",
"window-execution-id":"b60fb56e-776c-4e5c-84ee-123456789012",
"task-execution-id":"6417e808-7f35-4d1a-843f-123456789012",
"window-target-id":"e7265f13-3cc5-4f2f-97a9-123456789012",
"status":"TIMED_OUT",
"owner-information":"Owner"
}
}ウィンドウの状態の変更
ステータスは、ENABLED または DISABLED です。
{
"version":"0",
"id":"01234567-0123-0123-0123-0123456789ab",
"detail-type":"Maintenance Window State-change Notification",
"source":"aws.ssm",
"account":"012345678901",
"time":"2016-11-16T00:58:37Z",
"region":"us-east-1",
"resources":[
"arn:aws:ssm:us-west-2:0123456789ab:maintenancewindow/mw-123456789012345678"
],
"detail":{
"window-id":"mw-123456789012",
"status":"DISABLED"
}
}AWS Systems Manager パラメータストアのイベント
以下は、Amazon EC2 Systems Manager (SSM) のパラメータストアのイベントの例です。
パラメータの作成
{
"version": "0",
"id": "6a7e4feb-b491-4cf7-a9f1-bf3703497718",
"detail-type": "Parameter Store Change",
"source": "aws.ssm",
"account": "123456789012",
"time": "2017-05-22T16:43:48Z",
"region": "us-east-1",
"resources": [
"arn:aws:ssm:us-east-1:123456789012:parameter/foo"
],
"detail": {
"operation": "Create",
"name": "foo",
"type": "String",
"description": "Sample Parameter"
}
}パラメータの更新
{
"version": "0",
"id": "9547ef2d-3b7e-4057-b6cb-5fdf09ee7c8f",
"detail-type": "Parameter Store Change",
"source": "aws.ssm",
"account": "123456789012",
"time": "2017-05-22T16:44:48Z",
"region": "us-east-1",
"resources": [
"arn:aws:ssm:us-east-1:123456789012:parameter/foo"
],
"detail": {
"operation": "Update",
"name": "foo",
"type": "String",
"description": "Sample Parameter"
}
}パラメータの削除
{
"version": "0",
"id": "80e9b391-6a9b-413c-839a-453b528053af",
"detail-type": "Parameter Store Change",
"source": "aws.ssm",
"account": "123456789012",
"time": "2017-05-22T16:45:48Z",
"region": "us-east-1",
"resources": [
"arn:aws:ssm:us-east-1:123456789012:parameter/foo"
],
"detail": {
"operation": "Delete",
"name": "foo",
"type": "String",
"description": "Sample Parameter"
}
}AWS Step Functions イベント
Step Functions のサンプルイベントについては、AWS Step Functions 開発者ガイドの「Step Functions イベントの例」を参照してください。
AWS リソースのタグ変更イベント
タグイベントの例を次に示します。
{
"version": "0",
"id": "ffd8a6fe-32f8-ef66-c85c-111111111111",
"detail-type": "Tag Change on Resource",
"source": "aws.tag",
"account": "123456789012",
"time": "2018-09-18T20:41:06Z",
"region": "us-east-1",
"resources": [
"arn:aws:ec2:us-east-1:123456789012:instance/i-0000000aaaaaaaaaa"
],
"detail": {
"changed-tag-keys": [
"key2",
"key3"
],
"service": "ec2",
"resource-type": "instance",
"version": 5,
"tags": {
"key4": "value4",
"key1": "value1",
"key2": "value2"
}
}
}AWS Trusted Advisor イベント
以下は、AWS Trusted Advisor のイベントの例です。詳細については、『AWS サポート User Guide』の「Amazon CloudWatch Events を使用した Trusted Advisor のチェック結果のモニタリング」を参照してください。
低稼働率の Amazon EC2 インスタンス
{
"version": "0",
"id": "1234abcd-ab12-123a-123a-1234567890ab",
"detail-type": "Trusted Advisor Check Item Refresh Notification",
"source": "aws.trustedadvisor",
"account": "123456789012",
"time": "2018-01-12T20:07:49Z",
"region": "us-east-2",
"resources": [],
"detail": {
"check-name": "Low Utilization Amazon EC2 Instances",
"check-item-detail": {
"Day 1": "0.1% 0.00MB",
"Day 2": "0.1% 0.00MB",
"Day 3": "0.1% 0.00MB",
"Region/AZ": "ca-central-1a",
"Estimated Monthly Savings": "$9.22",
"14-Day Average CPU Utilization": "0.1%",
"Day 14": "0.1% 0.00MB",
"Day 13": "0.1% 0.00MB",
"Day 12": "0.1% 0.00MB",
"Day 11": "0.1% 0.00MB",
"Day 10": "0.1% 0.00MB",
"14-Day Average Network I/O": "0.00MB",
"Number of Days Low Utilization": "14 days",
"Instance Type": "t2.micro",
"Instance ID": "i-01234567890abcdef",
"Day 8": "0.1% 0.00MB",
"Instance Name": null,
"Day 9": "0.1% 0.00MB",
"Day 4": "0.1% 0.00MB",
"Day 5": "0.1% 0.00MB",
"Day 6": "0.1% 0.00MB",
"Day 7": "0.1% 0.00MB"
},
"status": "WARN",
"resource_id": "arn:aws:ec2:ca-central-1:123456789012:instance/i-01234567890abcdef",
"uuid": "aa12345f-55c7-498e-b7ac-123456789012"
}
}ロードバランサーの最適化
{
"version": "0",
"id": "1234abcd-ab12-123a-123a-1234567890ab",
"detail-type": "Trusted Advisor Check Item Refresh Notification",
"source": "aws.trustedadvisor",
"account": "123456789012",
"time": "2018-01-12T20:07:03Z",
"region": "us-east-2",
"resources": [],
"detail": {
"check-name": "Load Balancer Optimization ",
"check-item-detail": {
"Instances in Zone a": "1",
"Status": "Yellow",
"Instances in Zone b": "0",
"# of Zones": "2",
"Region": "eu-central-1",
"Load Balancer Name": "my-load-balance",
"Instances in Zone e": null,
"Instances in Zone c": null,
"Reason": "Single AZ",
"Instances in Zone d": null
},
"status": "WARN",
"resource_id": "arn:aws:elasticloadbalancing:eu-central-1:123456789012:loadbalancer/my-load-balancer",
"uuid": "aa12345f-55c7-498e-b7ac-123456789012"
}
}公開されたアクセスキー
{
"version": "0",
"id": "1234abcd-ab12-123a-123a-1234567890ab",
"detail-type": "Trusted Advisor Check Item Refresh Notification",
"source": "aws.trustedadvisor",
"account": "123456789012",
"time": "2018-01-12T19:38:24Z",
"region": "us-east-1",
"resources": [],
"detail": {
"check-name": "Exposed Access Keys",
"check-item-detail": {
"Case ID": "12345678-1234-1234-abcd-1234567890ab",
"Usage (USD per Day)": "0",
"User Name (IAM or Root)": "my-username",
"Deadline": "1440453299248",
"Access Key ID": "AKIAIOSFODNN7EXAMPLE",
"Time Updated": "1440021299248",
"Fraud Type": "Exposed",
"Location": "www.example.com"
},
"status": "ERROR",
"resource_id": "",
"uuid": "aa12345f-55c7-498e-b7ac-123456789012"
}
}
Amazon WorkSpaces イベント
Amazon WorkSpaces イベントの詳細については、Amazon WorkSpaces Administration Guideで「CloudWatch イベント を使用して WorkSpaces をモニタリングする」を参照してください。
CloudTrail 経由で配信されたイベント
イベントを出力せず、このページのリストに含まれていないサービスで EventBridge を使用することもできます。AWS CloudTrail は、AWS API コールなどのイベントを自動的に記録するサービスです。CloudTrail によってキャプチャされた情報でトリガーする EventBridge ルールを作成することができます。CloudTrail の詳細については、「AWS CloudTrail とは」を参照してください。CloudTrail を使用する EventBridge ルールの作成の詳細については、「AWS CloudTrail を使用して AWS API コールでトリガーする EventBridge ルールの作成」を参照してください。
CloudTrail 経由で送信されたイベントはすべて、detail-type の値が AWS API Call via CloudTrail になっています。
AWS で発生した内容は、サービス自体と CloudTrail の両方で EventBridge にレポートできますが、その方法は異なります。たとえば、インスタンスを起動または終了する Amazon EC2 API コールでは、CloudTrail を通じて EventBridge で使用できるイベントが生成されます。ただし、Amazon EC2 インスタンスの状態が変更されると (例: 「実行中」から「終了中」)、EventBridge イベント自体が生成されます。
CloudTrail より送信されるイベントの例を以下に示します。イベントは、バケットを作成するために Amazon S3 への AWS API コールを行うことによって生成されました。
{
"version": "0",
"id": "36eb8523-97d0-4518-b33d-ee3579ff19f0",
"detail-type": "AWS API Call via CloudTrail",
"source": "aws.s3",
"account": "123456789012",
"time": "2016-02-20T01:09:13Z",
"region": "us-east-1",
"resources": [],
"detail": {
"eventVersion": "1.03",
"userIdentity": {
"type": "Root",
"principalId": "123456789012",
"arn": "arn:aws:iam::123456789012:root",
"accountId": "123456789012",
"sessionContext": {
"attributes": {
"mfaAuthenticated": "false",
"creationDate": "2016-02-20T01:05:59Z"
}
}
},
"eventTime": "2016-02-20T01:09:13Z",
"eventSource": "s3.amazonaws.com",
"eventName": "CreateBucket",
"awsRegion": "us-east-1",
"sourceIPAddress": "100.100.100.100",
"userAgent": "[S3Console/0.4]",
"requestParameters": {
"bucketName": "bucket-test-iad"
},
"responseElements": null,
"requestID": "9D767BCC3B4E7487",
"eventID": "24ba271e-d595-4e66-a7fd-9c16cbf8abae",
"eventType": "AwsApiCall"
}
}256 KB よりも大きい AWS API 呼び出しイベントはサポートされていません。ルールのトリガーとして使用できる API コールの詳細については、「CloudTrail イベント履歴でサポートされるサービス」を参照してください。
