適用於 Amazon CloudWatch Events 的 Amazon EBS - Amazon Elastic Compute Cloud

適用於 Amazon CloudWatch Events 的 Amazon EBS

Amazon EBS 會根據 Amazon CloudWatch Events 為各種不同的磁碟區、快照及加密狀態變更發出通知。使用 CloudWatch Events,您可以建立觸發程式設計動作的規則,以回應磁碟區、快照或加密金鑰狀態的變更。例如,當建立快照時,您可以觸發 AWS Lambda 函數,將完成的快照與另一個帳戶共享,或是將它複製到另一個區域以進行災難復原。

CloudWatch 中的事件以 JSON 物件表示。事件的獨特欄位會包含在 JSON 物件的 "detail" 區段中。"event" 欄位則包含事件名稱。"result" 欄位包含觸發事件之動作的完成狀態。如需詳細資訊,請參閱 Amazon CloudWatch Events 使用者指南中的 CloudWatch Events 中的事件模式

如需詳細資訊,請參閱 Amazon CloudWatch 使用者指南中的使用事件

EBS 磁碟區事件

當發生以下磁碟區事件時,Amazon EBS 會傳送事件至 CloudWatch Events。

建立磁碟區 (createVolume)

createVolume 事件會在建立磁碟區的動作完成時傳送到您的 AWS 帳戶。但不會儲存、記錄或存檔。此事件的結果可以是 availablefailed。若提供的 AWS KMS key 無效,建立便會失敗,如以下範例所示。

事件資料

下列清單為 EBS 針對成功的 createVolume 事件發出的 JSON 物件範例。

{ "version": "0", "id": "01234567-0123-0123-0123-012345678901", "detail-type": "EBS Volume Notification", "source": "aws.ec2", "account": "012345678901", "time": "yyyy-mm-ddThh:mm:ssZ", "region": "us-east-1", "resources": [ "arn:aws:ec2:us-east-1:012345678901:volume/vol-01234567" ], "detail": { "result": "available", "cause": "", "event": "createVolume", "request-id": "01234567-0123-0123-0123-0123456789ab" } }

下列清單為 EBS 針對失敗的 createVolume 事件發出的 JSON 物件範例。失敗原因為 KMS 金鑰 已停用。

{ "version": "0", "id": "01234567-0123-0123-0123-0123456789ab", "detail-type": "EBS Volume Notification", "source": "aws.ec2", "account": "012345678901", "time": "yyyy-mm-ddThh:mm:ssZ", "region": "sa-east-1", "resources": [ "arn:aws:ec2:sa-east-1:0123456789ab:volume/vol-01234567", ], "detail": { "event": "createVolume", "result": "failed", "cause": "arn:aws:kms:sa-east-1:0123456789ab:key/01234567-0123-0123-0123-0123456789ab is disabled.", "request-id": "01234567-0123-0123-0123-0123456789ab", } }

以下為 EBS 針對失敗的 createVolume 事件發出的 JSON 物件範例。失敗原因為 KMS 金鑰 正在等待匯入。

{ "version": "0", "id": "01234567-0123-0123-0123-0123456789ab", "detail-type": "EBS Volume Notification", "source": "aws.ec2", "account": "012345678901", "time": "yyyy-mm-ddThh:mm:ssZ", "region": "sa-east-1", "resources": [ "arn:aws:ec2:sa-east-1:0123456789ab:volume/vol-01234567", ], "detail": { "event": "createVolume", "result": "failed", "cause": "arn:aws:kms:sa-east-1:0123456789ab:key/01234567-0123-0123-0123-0123456789ab is pending import.", "request-id": "01234567-0123-0123-0123-0123456789ab", } }

刪除磁碟區 (deleteVolume)

deleteVolume 事件會在刪除磁碟區的動作完成時傳送到您的 AWS 帳戶。但不會儲存、記錄或存檔。此事件的結果為 deleted。若刪除未完成,便不會傳送該事件。

事件資料

下列清單為 EBS 針對成功的 deleteVolume 事件發出的 JSON 物件範例。

{ "version": "0", "id": "01234567-0123-0123-0123-012345678901", "detail-type": "EBS Volume Notification", "source": "aws.ec2", "account": "012345678901", "time": "yyyy-mm-ddThh:mm:ssZ", "region": "us-east-1", "resources": [ "arn:aws:ec2:us-east-1:012345678901:volume/vol-01234567" ], "detail": { "result": "deleted", "cause": "", "event": "deleteVolume", "request-id": "01234567-0123-0123-0123-0123456789ab" } }

磁碟區連接或重新連接 (attachVolume、reattachVolume)

attachVolumereattachVolume 事件會在磁碟區連接或重新連接到執行個體失敗時傳送到您的 AWS 帳戶。但不會儲存、記錄或存檔。若您使用 KMS 金鑰 加密 EBS 磁碟區但 KMS 金鑰 卻失效,EBS 便會在稍後使用該 KMS 金鑰 來連接或重新連接到執行個體時發出此事件,如以下範例所示。

事件資料

下列清單為 EBS 針對失敗的 attachVolume 事件發出的 JSON 物件範例。失敗原因為 KMS 金鑰 正在等待刪除。

注意

AWS 可能會在經常性的伺服器維護後嘗試重新連接磁碟區。

{ "version": "0", "id": "01234567-0123-0123-0123-0123456789ab", "detail-type": "EBS Volume Notification", "source": "aws.ec2", "account": "012345678901", "time": "yyyy-mm-ddThh:mm:ssZ", "region": "us-east-1", "resources": [ "arn:aws:ec2:us-east-1:0123456789ab:volume/vol-01234567", "arn:aws:kms:us-east-1:0123456789ab:key/01234567-0123-0123-0123-0123456789ab" ], "detail": { "event": "attachVolume", "result": "failed", "cause": "arn:aws:kms:us-east-1:0123456789ab:key/01234567-0123-0123-0123-0123456789ab is pending deletion.", "request-id": "" } }

下列清單為 EBS 針對失敗的 reattachVolume 事件發出的 JSON 物件範例。失敗原因為 KMS 金鑰 正在等待刪除。

{ "version": "0", "id": "01234567-0123-0123-0123-0123456789ab", "detail-type": "EBS Volume Notification", "source": "aws.ec2", "account": "012345678901", "time": "yyyy-mm-ddThh:mm:ssZ", "region": "us-east-1", "resources": [ "arn:aws:ec2:us-east-1:0123456789ab:volume/vol-01234567", "arn:aws:kms:us-east-1:0123456789ab:key/01234567-0123-0123-0123-0123456789ab" ], "detail": { "event": "reattachVolume", "result": "failed", "cause": "arn:aws:kms:us-east-1:0123456789ab:key/01234567-0123-0123-0123-0123456789ab is pending deletion.", "request-id": "" } }

EBS 快照事件

當發生以下磁碟區事件時,Amazon EBS 會傳送事件至 CloudWatch Events。

建立快照 (createSnapshot)

createSnapshot 事件會在建立快照的動作完成時傳送到您的 AWS 帳戶。但不會儲存、記錄或存檔。此事件的結果可以是 succeededfailed

事件資料

下列清單為 EBS 針對成功的 createSnapshot 事件發出的 JSON 物件範例。在 detail 區段中,source 欄位包含來源磁碟區的 ARN。startTimeendTime 欄位則表示開始建立快照和完成建立的時間。

{ "version": "0", "id": "01234567-0123-0123-0123-012345678901", "detail-type": "EBS Snapshot Notification", "source": "aws.ec2", "account": "012345678901", "time": "yyyy-mm-ddThh:mm:ssZ", "region": "us-east-1", "resources": [ "arn:aws:ec2:us-west-2::snapshot/snap-01234567" ], "detail": { "event": "createSnapshot", "result": "succeeded", "cause": "", "request-id": "", "snapshot_id": "arn:aws:ec2:us-west-2::snapshot/snap-01234567", "source": "arn:aws:ec2:us-west-2::volume/vol-01234567", "startTime": "yyyy-mm-ddThh:mm:ssZ", "endTime": "yyyy-mm-ddThh:mm:ssZ" } }

建立快照 (createSnapshots)

createSnapshots 事件會在建立多磁碟區快照的動作完成時傳送到您的 AWS 帳戶。此事件的結果可以是 succeededfailed

事件資料

下列清單為 EBS 針對成功的 createSnapshots 事件發出的 JSON 物件範例。在 detail 區段中,source 欄位包含多磁碟區快照集的來源磁碟區的 ARN。startTimeendTime 欄位則表示開始建立快照和完成建立的時間。

{ "version": "0", "id": "01234567-0123-0123-0123-012345678901", "detail-type": "EBS Multi-Volume Snapshots Completion Status", "source": "aws.ec2", "account": "012345678901", "time": "yyyy-mm-ddThh:mm:ssZ", "region": "us-east-1", "resources": [ "arn:aws:ec2::us-east-1:snapshot/snap-01234567", "arn:aws:ec2::us-east-1:snapshot/snap-012345678" ], "detail": { "event": "createSnapshots", "result": "succeeded", "cause": "", "request-id": "", "startTime": "yyyy-mm-ddThh:mm:ssZ", "endTime": "yyyy-mm-ddThh:mm:ssZ", "snapshots": [ { "snapshot_id": "arn:aws:ec2::us-east-1:snapshot/snap-01234567", "source": "arn:aws:ec2::us-east-1:volume/vol-01234567", "status": "completed" }, { "snapshot_id": "arn:aws:ec2::us-east-1:snapshot/snap-012345678", "source": "arn:aws:ec2::us-east-1:volume/vol-012345678", "status": "completed" } ] } }

下列清單為 EBS 針對失敗的 createSnapshots 事件發出的 JSON 物件範例。失敗原因是多磁碟區快照集的一或多個快照無法完成。snapshot_id 的值是失敗快照的 ARN。startTimeendTime 代表建立快照動作何時開始和結束。

{ "version": "0", "id": "01234567-0123-0123-0123-012345678901", "detail-type": "EBS Multi-Volume Snapshots Completion Status", "source": "aws.ec2", "account": "012345678901", "time": "yyyy-mm-ddThh:mm:ssZ", "region": "us-east-1", "resources": [ "arn:aws:ec2::us-east-1:snapshot/snap-01234567", "arn:aws:ec2::us-east-1:snapshot/snap-012345678" ], "detail": { "event": "createSnapshots", "result": "failed", "cause": "Snapshot snap-01234567 is in status error", "request-id": "", "startTime": "yyyy-mm-ddThh:mm:ssZ", "endTime": "yyyy-mm-ddThh:mm:ssZ", "snapshots": [ { "snapshot_id": "arn:aws:ec2::us-east-1:snapshot/snap-01234567", "source": "arn:aws:ec2::us-east-1:volume/vol-01234567", "status": "error" }, { "snapshot_id": "arn:aws:ec2::us-east-1:snapshot/snap-012345678", "source": "arn:aws:ec2::us-east-1:volume/vol-012345678", "status": "error" } ] } }

複製快照 (copySnapshot)

copySnapshot 事件會在複製快照的動作完成時傳送到您的 AWS 帳戶。但不會儲存、記錄或存檔。此事件的結果可以是 succeededfailed

事件資料

下列清單為 EBS 在成功的 copySnapshot 事件之後發出的 JSON 物件範例。snapshot_id 的值為新建立之快照的 ARN。在 detail 區段中,source 的值是來源快照的 ARN。startTimeendTime 代表複製快照動作時開始和結束的時間。

{ "version": "0", "id": "01234567-0123-0123-0123-012345678901", "detail-type": "EBS Snapshot Notification", "source": "aws.ec2", "account": "123456789012", "time": "yyyy-mm-ddThh:mm:ssZ", "region": "us-east-1", "resources": [ "arn:aws:ec2:us-west-2::snapshot/snap-01234567" ], "detail": { "event": "copySnapshot", "result": "succeeded", "cause": "", "request-id": "", "snapshot_id": "arn:aws:ec2:us-west-2::snapshot/snap-01234567", "source": "arn:aws:ec2:eu-west-1::snapshot/snap-76543210", "startTime": "yyyy-mm-ddThh:mm:ssZ", "endTime": "yyyy-mm-ddThh:mm:ssZ", "Incremental": "True" } }

下列清單為 EBS 針對失敗的 copySnapshot 事件發出的 JSON 物件範例。導致此失敗的原因為來源快照 ID 無效。snapshot_id 的值為失敗快照的 ARN。在 detail 區段中,source 的值是來源快照的 ARN。startTimeendTime 代表複製快照動作時開始和結束的時間。

{ "version": "0", "id": "01234567-0123-0123-0123-012345678901", "detail-type": "EBS Snapshot Notification", "source": "aws.ec2", "account": "123456789012", "time": "yyyy-mm-ddThh:mm:ssZ", "region": "us-east-1", "resources": [ "arn:aws:ec2:us-west-2::snapshot/snap-01234567" ], "detail": { "event": "copySnapshot", "result": "failed", "cause": "Source snapshot ID is not valid", "request-id": "", "snapshot_id": "arn:aws:ec2:us-west-2::snapshot/snap-01234567", "source": "arn:aws:ec2:eu-west-1::snapshot/snap-76543210", "startTime": "yyyy-mm-ddThh:mm:ssZ", "endTime": "yyyy-mm-ddThh:mm:ssZ" } }

共用快照 (shareSnapshot)

shareSnapshot 事件會在另一個帳戶與您的帳戶共享快照時傳送到您的 AWS 帳戶。但不會儲存、記錄或存檔。結果一律為 succeeded

事件資料

以下為 EBS 在完成的 shareSnapshot 事件之後發出的 JSON 物件範例。在 detail 區段中,source 值是與您共享快照之使用者的 AWS 帳戶號碼。startTimeendTime 分別代表共享快照動作的開始時開和結束時間。shareSnapshot 事件只會在與另一個使用者共享私有快照時發出。共享公有快照不會觸發事件。

{ "version": "0", "id": "01234567-01234-0123-0123-012345678901", "detail-type": "EBS Snapshot Notification", "source": "aws.ec2", "account": "012345678901", "time": "yyyy-mm-ddThh:mm:ssZ", "region": "us-east-1", "resources": [ "arn:aws:ec2:us-west-2::snapshot/snap-01234567" ], "detail": { "event": "shareSnapshot", "result": "succeeded", "cause": "", "request-id": "", "snapshot_id": "arn:aws:ec2:us-west-2::snapshot/snap-01234567", "source": 012345678901, "startTime": "yyyy-mm-ddThh:mm:ssZ", "endTime": "yyyy-mm-ddThh:mm:ssZ" } }

EBS 磁碟區修改事件

當修改磁碟區時,Amazon EBS 會傳送 modifyVolume 事件至 CloudWatch Events。但不會儲存、記錄或存檔。

{ "version": "0", "id": "01234567-0123-0123-0123-012345678901", "detail-type": "EBS Volume Notification", "source": "aws.ec2", "account": "012345678901", "time": "yyyy-mm-ddThh:mm:ssZ", "region": "us-east-1", "resources": [ "arn:aws:ec2:us-east-1:012345678901:volume/vol-03a55cf56513fa1b6" ], "detail": { "result": "optimizing", "cause": "", "event": "modifyVolume", "request-id": "01234567-0123-0123-0123-0123456789ab" } }

EBS 快速快照還原事件

當快照的快速快照還原狀態變更時,Amazon EBS 會傳送事件至 CloudWatch Events。盡可能發出事件。

以下是此事件的範例資料。

{ "version": "0", "id": "01234567-0123-0123-0123-012345678901", "detail-type": "EBS Fast Snapshot Restore State-change Notification", "source": "aws.ec2", "account": "123456789012", "time": "yyyy-mm-ddThh:mm:ssZ", "region": "us-east-1", "resources": [ "arn:aws:ec2:us-east-1::snapshot/snap-03a55cf56513fa1b6" ], "detail": { "snapshot-id": "snap-1234567890abcdef0", "state": "optimizing", "zone": "us-east-1a", "message": "Client.UserInitiated - Lifecycle state transition", } }

state 的可能值為 enablingoptimizingenableddisablingdisabled

message 可能的值如下:

Client.InvalidSnapshot.InvalidState - The requested snapshot transitioned to an invalid state (Error)

啟用快速快照還原的請求已失敗,並且狀態轉換成 disablingdisabled。無法為此快照啟用快速快照還原。

Client.UserInitiated

狀態已成功轉換成 enablingdisabling

Client.UserInitiated - Lifecycle state transition

狀態已成功轉換成 optimizingenableddisabled

Server.InsufficientCapacity - There was insufficient capacity available to satisfy the request

由於不足夠的容量,啟用快速快照還原的請求已失敗,並且狀態轉換成 disablingdisabled。等候然後再試一次。

Server.InternalError - An internal error caused the operation to fail

由於內部錯誤,啟用快速快照還原的請求已失敗,並且狀態轉換成 disablingdisabled。等候然後再試一次。

Client.InvalidSnapshot.InvalidState - The requested snapshot was deleted or access permissions were revoked

快照的快速快照還原狀態已轉換為 disablingdisabled,因為快照擁有者已將快照刪除或取消共享。您無法針對已刪除或不再與您共享的快照啟用快速快照還原。

使用 AWS Lambda 處理 CloudWatch 事件

您可以使用 Amazon EBS 和 CloudWatch Events 自動化您的資料備份工作流程。這需要您建立 IAM 政策、處理事件的 AWS Lambda 函數,以及比對傳入事件並將其路由至 Lambda 函數的 Amazon CloudWatch Events 規則。

下列程序使用 createSnapshot 事件自動將完成的快照複製到另一個區域,做為災難復原用途。

將完成的快照複製到另一個區域

  1. 建立 IAM 政策 (如下列範例所示),以提供執行 CopySnapshot 動作和寫入 CloudWatch Events 日誌的許可。將政策指派給處理 CloudWatch 事件的 IAM 使用者。

    { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "logs:CreateLogGroup", "logs:CreateLogStream", "logs:PutLogEvents" ], "Resource": "arn:aws:logs:*:*:*" }, { "Effect": "Allow", "Action": [ "ec2:CopySnapshot" ], "Resource": "*" } ] }
  2. 在 Lambda 中定義可從 CloudWatch 主控台使用的函數。以下範例 Lambda 函數以 Node.js 撰寫,並會在 Amazon EBS 發出符合的 createSnapshot 事件時由 CloudWatch 呼叫 (表示快照已完成)。當呼叫時,函數會將快照從 us-east-2 複製到 us-east-1

    // Sample Lambda function to copy an EBS snapshot to a different Region var AWS = require('aws-sdk'); var ec2 = new AWS.EC2(); // define variables var destinationRegion = 'us-east-1'; var sourceRegion = 'us-east-2'; console.log ('Loading function'); //main function exports.handler = (event, context, callback) => { // Get the EBS snapshot ID from the CloudWatch event details var snapshotArn = event.detail.snapshot_id.split('/'); const snapshotId = snapshotArn[1]; const description = `Snapshot copy from ${snapshotId} in ${sourceRegion}.`; console.log ("snapshotId:", snapshotId); // Load EC2 class and update the configuration to use destination Region to initiate the snapshot. AWS.config.update({region: destinationRegion}); var ec2 = new AWS.EC2(); // Prepare variables for ec2.modifySnapshotAttribute call const copySnapshotParams = { Description: description, DestinationRegion: destinationRegion, SourceRegion: sourceRegion, SourceSnapshotId: snapshotId }; // Execute the copy snapshot and log any errors ec2.copySnapshot(copySnapshotParams, (err, data) => { if (err) { const errorMessage = `Error copying snapshot ${snapshotId} to Region ${destinationRegion}.`; console.log(errorMessage); console.log(err); callback(errorMessage); } else { const successMessage = `Successfully started copy of snapshot ${snapshotId} to Region ${destinationRegion}.`; console.log(successMessage); console.log(data); callback(null, successMessage); } }); };

    為確保您能夠從 CloudWatch 主控台使用 Lambda 函數,請在 CloudWatch 事件發生的區域內建立該函數。如需詳細資訊,請參閱 AWS Lambda 開發人員指南

  3. 透過 https://console.aws.amazon.com/cloudwatch/ 開啟 CloudWatch 主控台。

  4. 選擇 Events (事件)Create rule (建立規則)Select event source (選取事件來源),以及 Amazon EBS Snapshots (快照)

  5. 針對 Specific Event(s) (特定事件),選擇 createSnapshot,並針對 Specific Result(s) (特定結果),選擇 succeeded

  6. 針對 Rule target (規則目標),尋找並選擇您先前建立的範例函數。

  7. 選擇 Target (目標)Add Target (新增目標)

  8. 針對 Lambda function (Lambda 函數),選取您先前建立的 Lambda 函數,然後選擇 Configure details (設定詳細資訊)

  9. Configure rule details (設定規則詳細資訊) 頁面上,針對 Name (名稱)Description (描述) 輸入值。選取 State (狀態) 核取方塊以啟用函數 (將其設定為 Enabled (啟用))。

  10. 選擇 Create rule (建立規則)。

您的規則現在應該會出現在 Rules (規則) 標籤上。在上述範例中,EBS 應該會在您下次複製快照時發出所設定的事件。