本文属于机器翻译版本。若本译文内容与英语原文存在差异,则一律以英文原文为准。
Amazon EBS 会向亚马逊发送 EventBridge 针对卷和快照执行的操作的事件。借 EventBridge助,您可以建立触发编程操作以响应这些事件的规则。例如,您可以创建一个规则,在启用快照以快速恢复快照时向您的电子邮件发送通知。
中的 EventBridge 事件以 JSON 对象的形式表示。该事件独有的字段包含在 JSON 对象的“详细信息”部分。“事件”字段包含事件名称。“结果”字段包含触发事件的操作的已完成状态。有关更多信息,请参阅《亚马逊 EventBridge 用户指南》中的亚马逊 EventBridge 事件模式。
有关更多信息,请参阅什么是亚马逊 EventBridge? 在《亚马逊 EventBridge 用户指南》中。
EBS 卷事件
当发生以下卷事件 EventBridge 时,Amazon EBS 会向发送事件。
创建卷(createVolume)
创建卷的操作完成后,该createVolume事件就会发送到您的 AWS 账户。但是,它不会被保存、记录或存档。此事件的结果可能是 available 或 failed。如果提供的内容无效 AWS KMS key ,则创建将失败,如以下示例所示。
事件数据
下面的列表是 EBS 为成功的 createVolume 事件发送的 JSON 对象示例。
{
"version": "0",
"id": "01234567-0123-0123-0123-012345678901",
"detail-type": "EBS Volume Notification",
"source": "aws.ec2",
"account": "012345678901",
"time": "yyyy-mm-ddThh:mm:ssZ",
"region": "us-east-1",
"resources": [
"arn:aws:ec2:us-east-1:012345678901:volume/vol-01234567"
],
"detail": {
"result": "available",
"cause": "",
"event": "createVolume",
"request-id": "01234567-0123-0123-0123-0123456789ab"
}
}下面的列表是 EBS 在 createVolume 事件失败后发送的 JSON 对象的示例。失败原因是 KMS 密钥 被禁用。
{
"version": "0",
"id": "01234567-0123-0123-0123-0123456789ab",
"detail-type": "EBS Volume Notification",
"source": "aws.ec2",
"account": "012345678901",
"time": "yyyy-mm-ddThh:mm:ssZ",
"region": "sa-east-1",
"resources": [
"arn:aws:ec2:sa-east-1:0123456789ab:volume/vol-01234567",
],
"detail": {
"event": "createVolume",
"result": "failed",
"cause": "arn:aws:kms:sa-east-1:0123456789ab:key/01234567-0123-0123-0123-0123456789ab is disabled.",
"request-id": "01234567-0123-0123-0123-0123456789ab",
}
}以下是 EBS 在 createVolume 事件失败后发送的 JSON 对象的示例。失败原因是 KMS 密钥 正等待导入。
{
"version": "0",
"id": "01234567-0123-0123-0123-0123456789ab",
"detail-type": "EBS Volume Notification",
"source": "aws.ec2",
"account": "012345678901",
"time": "yyyy-mm-ddThh:mm:ssZ",
"region": "sa-east-1",
"resources": [
"arn:aws:ec2:sa-east-1:0123456789ab:volume/vol-01234567",
],
"detail": {
"event": "createVolume",
"result": "failed",
"cause": "arn:aws:kms:sa-east-1:0123456789ab:key/01234567-0123-0123-0123-0123456789ab is pending import.",
"request-id": "01234567-0123-0123-0123-0123456789ab",
}
}删除卷(deleteVolume)
删除卷的操作完成后,该deleteVolume事件就会发送到您的 AWS 账户。但是,它不会被保存、记录或存档。此事件具有 deleted 结果。如果删除操作未完成,绝不会发送此事件。
事件数据
下面的列表是 EBS 为成功的 deleteVolume 事件发送的 JSON 对象示例。
{
"version": "0",
"id": "01234567-0123-0123-0123-012345678901",
"detail-type": "EBS Volume Notification",
"source": "aws.ec2",
"account": "012345678901",
"time": "yyyy-mm-ddThh:mm:ssZ",
"region": "us-east-1",
"resources": [
"arn:aws:ec2:us-east-1:012345678901:volume/vol-01234567"
],
"detail": {
"result": "deleted",
"cause": "",
"event": "deleteVolume",
"request-id": "01234567-0123-0123-0123-0123456789ab"
}
}卷附加或重新附加(attachVolume、reattachVolume)
如果卷无法附加或重新附加到实例,系统会将 attachVolume 或 reattachVolume 事件发送至您的 AWS 账户。但是,它不会被保存、记录或存档。如果您使用 KMS 密钥 加密 EBS 卷并且该 KMS 密钥 变为无效,则日后使用该 KMS 密钥 将卷附加或重新附加到实例时,EBS 会发送一个事件,如以下示例所示。
事件数据
下面的列表是 EBS 在 attachVolume 事件失败后发送的 JSON 对象的示例。失败原因是 KMS 密钥 处于待删除状态。
注意
AWS 服务器例行维护后,可能会尝试重新连接到卷。
{
"version": "0",
"id": "01234567-0123-0123-0123-0123456789ab",
"detail-type": "EBS Volume Notification",
"source": "aws.ec2",
"account": "012345678901",
"time": "yyyy-mm-ddThh:mm:ssZ",
"region": "us-east-1",
"resources": [
"arn:aws:ec2:us-east-1:0123456789ab:volume/vol-01234567",
"arn:aws:kms:us-east-1:0123456789ab:key/01234567-0123-0123-0123-0123456789ab"
],
"detail": {
"event": "attachVolume",
"result": "failed",
"cause": "arn:aws:kms:us-east-1:0123456789ab:key/01234567-0123-0123-0123-0123456789ab is pending deletion.",
"request-id": ""
}
}下面的列表是 EBS 在 reattachVolume 事件失败后发送的 JSON 对象的示例。失败原因是 KMS 密钥 处于待删除状态。
{
"version": "0",
"id": "01234567-0123-0123-0123-0123456789ab",
"detail-type": "EBS Volume Notification",
"source": "aws.ec2",
"account": "012345678901",
"time": "yyyy-mm-ddThh:mm:ssZ",
"region": "us-east-1",
"resources": [
"arn:aws:ec2:us-east-1:0123456789ab:volume/vol-01234567",
"arn:aws:kms:us-east-1:0123456789ab:key/01234567-0123-0123-0123-0123456789ab"
],
"detail": {
"event": "reattachVolume",
"result": "failed",
"cause": "arn:aws:kms:us-east-1:0123456789ab:key/01234567-0123-0123-0123-0123456789ab is pending deletion.",
"request-id": ""
}
}分离卷(detachVolume)
当卷与 Amazon EC2 实例分离时,该detachVolume事件将发送到您的 AWS 账户。
事件数据
以下是成功 detachVolume 事件的示例。
{
"version":"0",
"id":"2ec37298-1234-e436-70fc-c96b1example",
"detail-type":"AWS API Call via CloudTrail",
"source":"aws.ec2",
"account":"123456789012",
"time":"2024-03-18T16:35:52Z",
"region":"us-east-1",
"resources":[],
"detail":
{
"eventVersion":"1.09",
"userIdentity":
{
"type":"IAMUser",
"principalId":"AIDAJT12345SQ2EXAMPLE",
"arn":"arn:aws:iam::123456789012:user/administrator",
"accountId":"123456789012",
"accessKeyId":"AKIAJ67890A6EXAMPLE",
"userName":"administrator"
},
"eventTime":"2024-03-18T16:35:52Z",
"eventSource":"ec2.amazonaws.com",
"eventName":"DetachVolume",
"awsRegion":"us-east-1",
"sourceIPAddress":"12.12.123.12",
"userAgent":"aws-cli/2.7.12 Python/3.9.11 Windows/10 exe/AMD64 prompt/off command/ec2.detach-volume",
"requestParameters":
{
"volumeId":"vol-072577c46bexample",
"force":false
},
"responseElements":
{
"requestId":"1234513a-6292-49ea-83f8-85e95example",
"volumeId":"vol-072577c46bexample",
"instanceId":"i-0217f7eb3dexample",
"device":"/dev/sdb",
"status":"detaching",
"attachTime":1710776815000
},
"requestID":"1234513a-6292-49ea-83f8-85e95example",
"eventID":"1234551d-a15a-43eb-9e69-c983aexample",
"readOnly":false,
"eventType":"AwsApiCall",
"managementEvent":true,
"recipientAccountId":"123456789012",
"eventCategory":"Management",
"tlsDetails":
{
"tlsVersion":"TLSv1.3",
"cipherSuite":"TLS_AES_128_GCM_SHA256",
"clientProvidedHostHeader":"ec2.us-east-1.amazonaws.com"
}
}
}EBS 卷修改事件
修改卷 EventBridge 时,Amazon EBS 会向发送modifyVolume事件。但是,它不会被保存、记录或存档。
{
"version": "0",
"id": "01234567-0123-0123-0123-012345678901",
"detail-type": "EBS Volume Notification",
"source": "aws.ec2",
"account": "012345678901",
"time": "yyyy-mm-ddThh:mm:ssZ",
"region": "us-east-1",
"resources": [
"arn:aws:ec2:us-east-1:012345678901:volume/vol-03a55cf56513fa1b6"
],
"detail": {
"result": "optimizing",
"cause": "",
"event": "modifyVolume",
"request-id": "01234567-0123-0123-0123-0123456789ab"
}
}EBS 快照事件
当发生以下卷事件 EventBridge 时,Amazon EBS 会向发送事件。
创建单个快照(createSnapshot)
创建快照的操作完成后,该createSnapshot事件就会发送到您的 AWS 账户。但是,它不会被保存、记录或存档。此事件的结果可能是 succeeded 或 failed。
事件数据
下面的列表是 EBS 为成功的 createSnapshot 事件发送的 JSON 对象示例。在 detail 部分,source 字段包含源卷的 ARN。startTime 和 endTime 字段表示快照的创建何时开始以及何时完成。
{
"version": "0",
"id": "01234567-0123-0123-0123-012345678901",
"detail-type": "EBS Snapshot Notification",
"source": "aws.ec2",
"account": "012345678901",
"time": "yyyy-mm-ddThh:mm:ssZ",
"region": "us-east-1",
"resources": [
"arn:aws:ec2::us-west-2:snapshot/snap-01234567"
],
"detail": {
"event": "createSnapshot",
"result": "succeeded",
"cause": "",
"request-id": "",
"snapshot_id": "arn:aws:ec2::us-west-2:snapshot/snap-01234567",
"source": "arn:aws:ec2::us-west-2:volume/vol-01234567",
"startTime": "yyyy-mm-ddThh:mm:ssZ",
"endTime": "yyyy-mm-ddThh:mm:ssZ" }
}创建多个快照(createSnapshots)
创建多卷快照的操作完成后,该createSnapshots事件就会发送到您的 AWS 账户。此事件的结果可能是 succeeded 或 failed。
事件数据
下面的列表是 EBS 为成功的 createSnapshots 事件发送的 JSON 对象示例。在该detail部分中,该source字段包含多卷快照集的源卷。 ARNs startTime 和 endTime 字段表示快照的创建何时开始以及何时完成。
{
"version": "0",
"id": "01234567-0123-0123-0123-012345678901",
"detail-type": "EBS Multi-Volume Snapshots Completion Status",
"source": "aws.ec2",
"account": "012345678901",
"time": "yyyy-mm-ddThh:mm:ssZ",
"region": "us-east-1",
"resources": [
"arn:aws:ec2::us-east-1:snapshot/snap-01234567",
"arn:aws:ec2::us-east-1:snapshot/snap-012345678"
],
"detail": {
"event": "createSnapshots",
"result": "succeeded",
"cause": "",
"request-id": "",
"startTime": "yyyy-mm-ddThh:mm:ssZ",
"endTime": "yyyy-mm-ddThh:mm:ssZ",
"snapshots": [
{
"snapshot_id": "arn:aws:ec2::us-east-1:snapshot/snap-01234567",
"source": "arn:aws:ec2::us-east-1:volume/vol-01234567",
"status": "completed"
},
{
"snapshot_id": "arn:aws:ec2::us-east-1:snapshot/snap-012345678",
"source": "arn:aws:ec2::us-east-1:volume/vol-012345678",
"status": "completed"
}
]
}
}下面的列表是 EBS 在 createSnapshots 事件失败后发送的 JSON 对象的示例。失败的原因是多卷快照集的一个或多个快照未能完成。的值snapshot_id是失败快照 ARNs 的值。 startTime并endTime表示创建快照操作的开始和结束时间。
{
"version": "0",
"id": "01234567-0123-0123-0123-012345678901",
"detail-type": "EBS Multi-Volume Snapshots Completion Status",
"source": "aws.ec2",
"account": "012345678901",
"time": "yyyy-mm-ddThh:mm:ssZ",
"region": "us-east-1",
"resources": [
"arn:aws:ec2::us-east-1:snapshot/snap-01234567",
"arn:aws:ec2::us-east-1:snapshot/snap-012345678"
],
"detail": {
"event": "createSnapshots",
"result": "failed",
"cause": "Snapshot snap-01234567 is in status error",
"request-id": "",
"startTime": "yyyy-mm-ddThh:mm:ssZ",
"endTime": "yyyy-mm-ddThh:mm:ssZ",
"snapshots": [
{
"snapshot_id": "arn:aws:ec2::us-east-1:snapshot/snap-01234567",
"source": "arn:aws:ec2::us-east-1:volume/vol-01234567",
"status": "error"
},
{
"snapshot_id": "arn:aws:ec2::us-east-1:snapshot/snap-012345678",
"source": "arn:aws:ec2::us-east-1:volume/vol-012345678",
"status": "error"
}
]
}
}
复制快照(copySnapshot)
复制快照的操作完成后,该copySnapshot事件就会发送到您的 AWS 账户。但是,它不会被保存、记录或存档。此事件的结果可能是 succeeded 或 failed。
在detail部分中,source是源快照的 ARN,snapshot_id也是快照副本的 ARN。 startTime并endTime指明复制操作何时开始和结束。 incremental表示快照副本是增量快照 (true) 还是完整快照 (false)。 transferType表示快照复制操作是标准复制操作还是基于时间的复制操作。有关更多信息,请参阅 Amazon EBS 快照的基于时间的副本。
如果您要跨区域复制快照,则事件将在目标区域中发出。
场景 1:标准快照复制操作完成
以下是标准快照复制操作成功完成时向您的账户发送的事件示例。请注意,transferType 为 standard 。
{
"version": "0",
"id": "01234567-0123-0123-0123-012345678901",
"detail-type": "EBS Snapshot Notification",
"source": "aws.ec2",
"account": "123456789012",
"time": "yyyy-mm-ddThh:mm:ssZ",
"region": "us-east-1",
"resources": [
"arn:aws:ec2::us-west-2:snapshot/snap-01234567"
],
"detail": {
"event": "copySnapshot",
"result": "succeeded",
"cause": "",
"request-id": "",
"snapshot_id": "arn:aws:ec2::us-west-2:snapshot/snap-01234567",
"source": "arn:aws:ec2::eu-west-1:snapshot/snap-76543210",
"startTime": "yyyy-mm-ddThh:mm:ssZ",
"endTime": "yyyy-mm-ddThh:mm:ssZ",
"incremental": "true",
"transferType": "standard"
}
}场景 2:基于时间的快照复制操作在完成持续时间内完成
以下是基于时间的快照复制操作在其完成持续时间内完成时向您的账户发送的事件示例。请注意,这transferType表明这是一项基于时间的快照复制操作。time-based completionDurationStartTime表示完成持续时间何时开始。
{
"version": "0",
"id": "01234567-0123-0123-0123-012345678901",
"detail-type": "EBS Snapshot Notification",
"source": "aws.ec2",
"account": "123456789012",
"time": "yyyy-mm-ddThh:mm:ssZ",
"region": "us-east-1",
"resources": [
"arn:aws:ec2::us-west-2:snapshot/snap-01234567"
],
"detail": {
"event": "copySnapshot",
"result": "succeeded",
"cause": "",
"request-id": "",
"startTime": "yyyy-mm-ddThh:mm:ssZ",
"endTime": "yyyy-mm-ddThh:mm:ssZ",
"snapshot_id": "arn:aws:ec2::us-west-2:snapshot/snap-01234567",
"source": "arn:aws:ec2::eu-west-1:snapshot/snap-76543210",
"incremental": "true",
"completionDurationStartTime":"2024-11-16T06:27:33.816Z",
"transferType": "time-based"
}
}场景 3:基于时间的快照复制操作已完成,但错过了请求的完成持续时间
当基于时间的快照复制操作完成但未能达到请求的完成持续时间时, CloudWatch 会向您的账户发送两个事件。以下是这些事件的示例。
-
即使复制操作仍在进行中,第一个事件也会在错过完成时长后立即发送到您的账户。对于此事件,
detail-type是EBS Copy Snapshot Missed Completion Duration,并missedCompletionDurationCause提供了原因。{ "version":"0", "id":"fd90eb95-0938-e02c-cf55-b81363b8ac12", "detail-type":"EBS Copy Snapshot Missed Completion Duration", "source":"aws.ec2", "account":"123456789012", "time":"2024-11-19T18:17:08Z", "region":"us-east-1", "resources": ["arn:aws:ec2:us-east-1:123456789012:snapshot/snap-01234567890abcedf"], "detail":{ "event":"copySnapshot", "missedCompletionDurationCause":"Snapshot copy was not able to meet the specified completion duration because your snapshot copy operation throughput quota was exceeded.", "snapshot_id":"arn:aws:ec2:us-east-1:123456789012:snapshot/snap-01234567890abcedf", "source":"arn:aws:ec2:us-east-1:123456789012:snapshot/snap-00987654321fedcba", "startTime": "Sun Nov 24 22:32:55 UTC 2024", "transferType": "time-based" } } -
只有在快照完成后,第二个事件才会发送到您的账户。该事件包括
missedCompletionDurationCause,这提供了原因。{ "version": "0", "id": "01234567-0123-0123-0123-012345678901", "detail-type": "EBS Snapshot Notification", "source": "aws.ec2", "account": "123456789012", "time": "yyyy-mm-ddThh:mm:ssZ", "region": "us-east-1", "resources": [ "arn:aws:ec2::us-west-2:snapshot/snap-01234567" ], "detail": { "event": "copySnapshot", "result": "succeeded", "cause": "", "request-id": "", "startTime": "yyyy-mm-ddThh:mm:ssZ", "endTime": "yyyy-mm-ddThh:mm:ssZ", "snapshot_id": "arn:aws:ec2::us-west-2:snapshot/snap-01234567", "source": "arn:aws:ec2::eu-west-1:snapshot/snap-76543210", "incremental": "true", "completionDurationStartTime":"2024-11-16T06:27:33.816Z", "missedCompletionDurationCause":"Snapshot copy was not able to meet the specified completion duration because your snapshot copy operation throughput quota was exceeded.", "transferType": "time-based" } }
场景 4:快照复制操作失败
以下是快照复制操作失败时向您的账户发送的事件示例。请注意failed,result这表示操作失败。
{
"version": "0",
"id": "01234567-0123-0123-0123-012345678901",
"detail-type": "EBS Snapshot Notification",
"source": "aws.ec2",
"account": "123456789012",
"time": "yyyy-mm-ddThh:mm:ssZ",
"region": "us-east-1",
"resources": [
"arn:aws:ec2::us-west-2:snapshot/snap-01234567"
],
"detail": {
"event": "copySnapshot",
"result": "failed",
"cause": "Source snapshot ID is not valid",
"request-id": "",
"snapshot_id": "arn:aws:ec2::us-west-2:snapshot/snap-01234567",
"source": "arn:aws:ec2::eu-west-1:snapshot/snap-76543210",
"startTime": "yyyy-mm-ddThh:mm:ssZ",
"endTime": "yyyy-mm-ddThh:mm:ssZ"
}
}共享快照(shareSnapshot)
当另一个 AWS 账户与其共享快照时,该shareSnapshot事件就会发送到您的账户。但是,它不会被保存、记录或存档。结果始终是 succeeded。
事件数据
下面是 EBS 在 shareSnapshot 事件完成后发送的 JSON 对象的示例。在该detail部分中,的值source是与您共享快照的用户的 AWS 账号。 startTime并endTime表示共享快照操作的开始和结束时间。仅在与其他用户共享私有快照时,系统才会发送 shareSnapshot 事件。共享公有快照不会触发该事件。
{
"version": "0",
"id": "01234567-01234-0123-0123-012345678901",
"detail-type": "EBS Snapshot Notification",
"source": "aws.ec2",
"account": "012345678901",
"time": "yyyy-mm-ddThh:mm:ssZ",
"region": "us-east-1",
"resources": [
"arn:aws:ec2::us-west-2:snapshot/snap-01234567"
],
"detail": {
"event": "shareSnapshot",
"result": "succeeded",
"cause": "",
"request-id": "",
"snapshot_id": "arn:aws:ec2::us-west-2:snapshot/snap-01234567",
"source": 012345678901,
"startTime": "yyyy-mm-ddThh:mm:ssZ",
"endTime": "yyyy-mm-ddThh:mm:ssZ"
}
}EBS 快照归档事件
Amazon EBS 发出与快照归档操作相关的事件。有关更多信息,请参阅 使用 CloudWatch 事件监控 Amazon EBS 快照存档。
EBS 快速快照还原事件
当快照的快速还原状态发生变化 EventBridge 时,Amazon EBS 会向发送事件。尽最大努力发出事件。
以下是此事件的示例数据。
{
"version": "0",
"id": "01234567-0123-0123-0123-012345678901",
"detail-type": "EBS Fast Snapshot Restore State-change Notification",
"source": "aws.ec2",
"account": "123456789012",
"time": "yyyy-mm-ddThh:mm:ssZ",
"region": "us-east-1",
"resources": [
"arn:aws:ec2:us-east-1::snapshot/snap-03a55cf56513fa1b6"
],
"detail": {
"snapshot-id": "snap-1234567890abcdef0",
"state": "optimizing",
"zone": "us-east-1a",
"message": "Client.UserInitiated - Lifecycle state transition",
}
}可能的 state 值为 enabling、optimizing、enabled、disabling 和 disabled。
message 的可能值如下所示:
Client.InvalidSnapshot.InvalidState - The requested snapshot transitioned to an invalid state (Error)-
启用快速快照还原的请求失败,并且状态转换为
disabling或disabled。无法为该快照启用快速快照还原。 Client.UserInitiated-
状态成功转换为
enabling或disabling。 Client.UserInitiated - Lifecycle state transition-
状态成功转换为
optimizing、enabled或disabled。 Server.InsufficientCapacity - There was insufficient capacity available to satisfy the request-
由于容量不足而导致启用快速快照还原的请求失败,并且状态转换为
disabling或disabled。等待,然后重试。 Server.InternalError - An internal error caused the operation to fail-
由于内部错误而导致启用快速快照还原的请求失败,并且状态转换为
disabling或disabled。等待,然后重试。 Client.InvalidSnapshot.InvalidState - The requested snapshot was deleted or access permissions were revoked-
快照的快速快照还原状态已转换为
disabling或disabled,因为快照已被快照所有者删除或取消共享。无法为已删除或不再与您共享的快照启用快速快照还原。
