本文属于机器翻译版本。若本译文内容与英语原文存在差异,则一律以英文原文为准。
多账户多区域数据聚合
聚合器是一种 AWS Config 资源类型,用于从以下内容收集 AWS Config 配置和合规性数据:
-
多个账户和多个区域。
-
单个账户和多个区域。
-
该组织中的一个组织AWS Organizations以及该组织中所有已AWS Config启用的账户。
使用聚合器查看在 AWS Config 中记录的资源配置和合规性数据。下图显示了聚合器如何从多个账户和地区收集AWS Config数据。
注意
聚合器提供聚合器有权查看的源账户和区域的只读视图。聚合器不提供对来源账户或区域的变更访问权限。例如,这意味着您无法通过聚合器部署规则,也无法通过聚合器从源账户或区域提取快照文件。
有关概念的更多信息,请参阅“概念”主题中的多账户多区域数据聚合部分。
要从源账户和区域收集您的 AWS Config 数据,请从以下操作开始:
-
添加聚合器以从多个账户和区域聚合 AWS Config 配置和合规性数据。
-
授权聚合器账户收集 AWS Config 配置和合规性数据。
注意
聚合器有两种类型:个人账户聚合器和组织聚合器
对于个人账户聚合器,任何包含的来源账户区域(包括外部账户区域或组织成员账户区域)都需要获得授权。
对于Organizations 聚合器,组织成员账户区域不需要授权,因为授权已与组织服务集成。
-
在聚合视图中监控规则和账户的合规性数据。
区域支持
目前,多账户多区域数据聚合在以下区域中受支持:
| 区域名称 | 区域 | 端点 | 协议 |
|---|---|---|---|
| US East (Ohio) | us-east-2 | config.us-east-2.amazonaws.com | HTTPS |
| 美国东部(弗吉尼亚州北部) | us-east-1 | config.us-east-1.amazonaws.com | HTTPS |
| 美国西部(北加利福尼亚) | us-west-1 | config.us-west-1.amazonaws.com | HTTPS |
| 美国西部(俄勒冈州) | us-west-2 | config.us-west-2.amazonaws.com | HTTPS |
| 非洲(开普敦) | af-south-1 | config.af-south-1.amazonaws.com | HTTPS |
| 亚太地区(香港) | ap-east-1 | config.ap-east-1.amazonaws.com | HTTPS |
| 亚太地区(海得拉巴) | ap-south-2 | config.ap-south-2.amazonaws.com | HTTPS |
| 亚太地区(雅加达) | ap-southeast-3 | config.ap-southeast-3.amazonaws.com | HTTPS |
| 亚太地区(孟买) | ap-south-1 | config.ap-south-1.amazonaws.com | HTTPS |
| 亚太地区(大阪) | ap-northeast-3 | config.ap-northeast-3.amazonaws.com | HTTPS |
| 亚太地区(首尔) | ap-northeast-2 | config.ap-northeast-2.amazonaws.com | HTTPS |
| 亚太地区(新加坡) | ap-southeast-1 | config.ap-southeast-1.amazonaws.com | HTTPS |
| Asia Pacific (Sydney) | ap-southeast-2 | config.ap-southeast-2.amazonaws.com | HTTPS |
| 亚太地区(东京) | ap-northeast-1 | config.ap-northeast-1.amazonaws.com | HTTPS |
| Canada (Central) | ca-central-1 | config.ca-central-1.amazonaws.com | HTTPS |
| 欧洲(西班牙) | eu-south-2 | config.eu-south-2.amazonaws.com | HTTPS |
| 欧洲(斯德哥尔摩) | eu-north-1 | config.eu-north-1.amazonaws.com | HTTPS |
| 欧洲(法兰克福) | eu-central-1 | config.eu-central-1.amazonaws.com | HTTPS |
| Europe (Ireland) | eu-west-1 | config.eu-west-1.amazonaws.com | HTTPS |
| 欧洲(伦敦) | eu-west-2 | config.eu-west-2.amazonaws.com | HTTPS |
| 欧洲(米兰) | eu-south-1 | config.eu-south-1.amazonaws.com | HTTPS |
| 欧洲(巴黎) | eu-west-3 | config.eu-west-3.amazonaws.com | HTTPS |
| 欧洲(苏黎世) | eu-central-2 | config.eu-central-2.amazonaws.com | HTTPS |
| 中东(巴林) | me-south-1 | config.me-south-1.amazonaws.com | HTTPS |
| 中东(阿联酋) | me-central-1 | config.me-central-1.amazonaws.com | HTTPS |
| South America (São Paulo) | sa-east-1 | config.sa-east-1.amazonaws.com | HTTPS |
| AWS GovCloud (美国东部) | us-gov-east-1 | 配置。 us-gov-east-1.amazonaws.com | HTTPS |
| AWS GovCloud (美国西部) | us-gov-west-1 | 配置。 us-gov-west-1.amazonaws.com | HTTPS |
了解更多
