Amazon SQS 信息 CloudTrail 管理事件 CloudTrail 資料事件 CloudTrail 範例：Amazon 的 CloudTrail 管理事件 SQS 範例：Amazon 的 CloudTrail 資料事件 SQS

使用記錄 Amazon SQS API 呼叫 AWS CloudTrail

Amazon SQS 集成 AWS CloudTrail 記錄來自使用者、角色或 Amazon 的SQS呼叫 AWS 服務。 CloudTrail 擷取與 Amazon SQS 標準相關的API呼叫，並將其作為事件排入FIFO佇列，包括透過 Amazon SQS 主控台啟動的互動，以及透過程式設計方式呼叫 Amazon SQS APIs。

Amazon SQS 信息 CloudTrail

CloudTrail 默認情況下，當您創建 AWS 帳戶。當支持的 Amazon SQS 事件活動發生時，它會與其他 CloudTrail 事件一起記錄在事件中 AWS 服務事件，在事件歷史記錄中。您可以查看，搜索和下載最近的事件 AWS 帳戶。如需詳細資訊，請參閱檢視具有 CloudTrail 事件歷史記錄的事件 AWS CloudTrail 使用者指南。

呼SQSAPIs叫佇列管理操作 (例如) 的 Amazon AddPermission 會歸類為管理事件，並且 CloudTrail 預設會登入。Amazon SQS APIs 是在 Amazon SQS 佇列上執行的大量操作，例如歸類SendMessage為資料事件，並在您選擇加入之後記錄。 CloudTrail

使用 CloudTrail 收集的資訊，您可以識別 Amazon 的特定請求SQSAPI、請求者的 IP 地址或身分，以及請求的日期和時間。如果您設定 CloudTrail 追蹤，您可以透過選擇性交付至 Amazon CloudWatch 日誌，持續將 CloudTrail 事件傳遞到 Amazon S3 儲存貯體， AWS EventBridge。如果您未設定追蹤，則只能在主控台中檢視事件中管理事件的事件歷史記 CloudTrail 錄。如需詳細資訊，請參閱〈〉中的〈建立系統線概述〉 AWS CloudTrail 使用者指南。

管理事件 CloudTrail

Amazon 會將下列API動作SQS記錄為管理事件：

以下 Amazon SQS APIs 不支持 CloudTrail日誌記錄：

資料事件 CloudTrail

資料事件提供在資源上或在資源中執行的資源操作的相關資訊，例如在 Amazon SQS 佇列中傳送或接收 Amazon 訊SQS息。資料事件是預設 CloudTrail 不會記錄的大量活動。您可以使用啟用SQS佇列的資料事件API動作記錄 CloudTrail APIs。如需詳細資訊，請參閱中的記錄資料事件 AWS CloudTrail 使用者指南。

透過 CloudTrail，您可以使用進階事件選取器來決定要記錄和記錄哪些 Amazon SQS API 活動。若要記錄 Amazon 資SQS料事件，您必須包含資源類型AWS::SQS::Queue。設定此選項後，您可以藉由選取要記錄的特定資料事件 (例如使用 eventName 篩選條件追蹤 SendMessage 事件)，進一步調整記錄偏好設定。如需詳細資訊，請參閱《》中的 AdvancedEventSelector。AWS CloudTrail API參考。

Amazon SQS 數據事件：

資料事件需支付額外的費用。如需詳細資訊，請參閱 AWS CloudTrail定價。

範例：Amazon 的 CloudTrail 管理事件 SQS

下列範例顯示支援的 CloudTrail 記錄項目APIs：

AddPermission

下列範例顯示AddPermissionAPI通話的 CloudTrail 記錄項目。


{
	  "Records": [
	    {
	      "eventVersion": "1.06",
	      "userIdentity": {
	        "type": "IAMUser",
	        "principalId": "AKIAI44QH8DHBEXAMPLE",
	        "arn": "arn:aws:iam::123456789012:user/Alice",
	        "accountId": "123456789012",
	        "accessKeyId": "AKIAIOSFODNN7EXAMPLE",
	        "userName": "Alice"
	      },
	      "eventTime": "2018-06-28T22:23:46Z",
	      "eventSource": "sqs.amazonaws.com",
	      "eventName": "AddPermission",
	      "awsRegion": "us-east-2",
	      "sourceIPAddress": "203.0.113.0",
	      "userAgent": "Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Firefox/24.0",
	      "requestParameters": {
	        "actions": [
	          "SendMessage"
	        ],
	        "AWSAccountIds": [
	          "123456789012"
	        ],
	        "label": "MyLabel",
	        "queueUrl": "https://sqs.us-east-2.amazon.com/123456789012/MyQueue"
	      },
	      "responseElements": null,
	      "requestID": "123abcde-f4gh-50ij-klmn-60o789012p30",
	      "eventID": "0987g654-32f1-09e8-d765-c4f3fb2109fa"
	    }
	  ]
	}

CreateQueue

下列範例顯示CreateQueueAPI通話的 CloudTrail 記錄項目。


{
	  "Records": [
	    {
	      "eventVersion": "1.06",
	      "userIdentity": {
	        "type": "IAMUser",
	        "principalId": "AKIAI44QH8DHBEXAMPLE",
	        "arn": "arn:aws:iam::123456789012:user/Alejandro",
	        "accountId": "123456789012",
	        "accessKeyId": "AKIAIOSFODNN7EXAMPLE",
	        "userName": "Alejandro"
	      },
	      "eventTime": "2018-06-28T22:23:46Z",
	      "eventSource": "sqs.amazonaws.com",
	      "eventName": "CreateQueue",
	      "awsRegion": "us-east-2",
	      "sourceIPAddress": "203.0.113.1",
	      "userAgent": "Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Firefox/24.0",
	      "requestParameters": {
	        "queueName": "MyQueue"
	      },
	      "responseElements": {
	        "queueUrl": "https://sqs.us-east-2.amazon.com/123456789012/MyQueue"
	      },
	      "requestID": "123abcde-f4gh-50ij-klmn-60o789012p30",
	      "eventID": "0987g654-32f1-09e8-d765-c4f3fb2109fa"
	    }
	  ]
	}

DeleteQueue

下列範例顯示DeleteQueueAPI通話的 CloudTrail 記錄項目。


{
	  "Records": [
	    {
	      "eventVersion": "1.06",
	      "userIdentity": {
	        "type": "IAMUser",
	        "principalId": "AKIAI44QH8DHBEXAMPLE",
	        "arn": "arn:aws:iam::123456789012:user/Carlos",
	        "accountId": "123456789012",
	        "accessKeyId": "AKIAIOSFODNN7EXAMPLE",
	        "userName": "Carlos"
	      },
	      "eventTime": "2018-06-28T22:23:46Z",
	      "eventSource": "sqs.amazonaws.com",
	      "eventName": "DeleteQueue",
	      "awsRegion": "us-east-2",
	      "sourceIPAddress": "203.0.113.2",
	      "userAgent": "Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Firefox/24.0",
	      "requestParameters": {
	        "queueUrl": "https://sqs.us-east-2.amazon.com/123456789012/MyQueue"
	      },
	      "responseElements": null,
	      "requestID": "123abcde-f4gh-50ij-klmn-60o789012p30",
	      "eventID": "0987g654-32f1-09e8-d765-c4f3fb2109fa"
	    }
	  ]
	}

RemovePermission

下列範例顯示RemovePermissionAPI通話的 CloudTrail 記錄項目。


{
	  "Records": [
	    {
	      "eventVersion": "1.06",
	      "userIdentity": {
	        "type": "IAMUser",
	        "principalId": "AKIAI44QH8DHBEXAMPLE",
	        "arn": "arn:aws:iam::123456789012:user/Jane",
	        "accountId": "123456789012",
	        "accessKeyId": "AKIAIOSFODNN7EXAMPLE",
	        "userName": "Jane"
	      },
	      "eventTime": "2018-06-28T22:23:46Z",
	      "eventSource": "sqs.amazonaws.com",
	      "eventName": "RemovePermission",
	      "awsRegion": "us-east-2",
	      "sourceIPAddress": "203.0.113.3",
	      "userAgent": "Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Firefox/24.0",
	      "requestParameters": {
	        "label": "label",
	        "queueUrl": "https://sqs.us-east-2.amazon.com/123456789012/MyQueue"
	      },
	      "responseElements": null,
	      "requestID": "123abcde-f4gh-50ij-klmn-60o789012p30",
	      "eventID": "0987g654-32f1-09e8-d765-c4f3fb2109fa"
	    }
	  ]
	}

SetQueueAttributes

下列範例顯示下列項目的 CloudTrail 記錄項目SetQueueAttributes：


{
	  "Records": [
	    {
	      "eventVersion": "1.06",
	      "userIdentity": {
	        "type": "IAMUser",
	        "principalId": "AKIAI44QH8DHBEXAMPLE",
	        "arn": "arn:aws:iam::123456789012:user/Maria",
	        "accountId": "123456789012",
	        "accessKeyId": "AKIAIOSFODNN7EXAMPLE",
	        "userName": "Maria"
	      },
	      "eventTime": "2018-06-28T22:23:46Z",
	      "eventSource": "sqs.amazonaws.com",
	      "eventName": "SetQueueAttributes",
	      "awsRegion": "us-east-2",
	      "sourceIPAddress": "203.0.113.4",
	      "userAgent": "Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Firefox/24.0",
	      "requestParameters": {
	        "attributes": {
	          "VisibilityTimeout": "100"
	        },
	        "queueUrl": "https://sqs.us-east-2.amazon.com/123456789012/MyQueue"
	      },
	      "responseElements": null,
	      "requestID": "123abcde-f4gh-50ij-klmn-60o789012p30",
	      "eventID": "0987g654-32f1-09e8-d765-c4f3fb2109fa"
	    }
	  ]
	}

範例：Amazon 的 CloudTrail 資料事件 SQS

以下是 Amazon SQS 資料事件特定事件的 CloudTrail 範例APIs：

SendMessage

下列範例顯示的 CloudTrail 資料事件SendMessage。



				{
  "eventVersion": "1.09",
  "userIdentity": {
    "type": "AssumedRole",
    "principalId": "EXAMPLE_PRINCIPAL_ID",
    "arn": "arn:aws:sts::123456789012:assumed-role/RoleToBeAssumed/SessionName",
    "accountId": "123456789012",
    "accessKeyId": "ACCESS_KEY_ID",
    "sessionContext": {
      "sessionIssuer": {
        "type": "Role",
        "principalId": "AKIAI44QH8DHBEXAMPLE",
        "arn": "arn:aws:sts::123456789012:assumed-role/RoleToBeAssumed",
        "accountId": "123456789012",
        "userName": "RoleToBeAssumed"
      },
      "attributes": {
        "creationDate": "2023-11-07T22:13:06Z",
        "mfaAuthenticated": "false"
      }
    }
  },
  "eventTime": "2023-11-07T23:59:11Z",
  "eventSource": "sqs.amazonaws.com",
  "eventName": "SendMessage",
  "awsRegion": "ap-southeast-4",
  "sourceIPAddress": "10.0.118.80",
  "userAgent": "aws-cli/1.29.16 md/Botocore#1.31.16 ua/2.0 os/linux#5.4.250-173.369.amzn2int.x86_64 md/arch#x86_64 lang/python#3.8.17 md/pyimpl#CPython cfg/retry-mode#legacy botocore/1.31.16",
  "requestParameters": {
    "queueUrl": "https://sqs.ap-southeast-4.amazonaws.com/123456789012/MyQueue",
    "messageBody": "HIDDEN_DUE_TO_SECURITY_REASONS",
    "messageDeduplicationId": "MsgDedupIdSdk1ae1958f2-bbe8-4442-83e7-4916e3b035aa",
    "messageGroupId": "MsgGroupIdSdk16"
  },
  "responseElements": {
    "mD5OfMessageBody": "9a4e3f7a614d9dd9f8722092dbda17a2",
    "mD5OfMessageSystemAttributes": "f88f0587f951b7f5551f18ae699c3a9d",
    "messageId": "93bb6e2d-1090-416c-81b0-31eb1faa8cd8",
    "sequenceNumber": "18881790870905840128"
  },
  "requestID": "c4584600-fe8a-5aa3-a5ba-1bc42f055fae",
  "eventID": "98c735d8-70e0-4644-9432-b6ced4d791b1",
  "readOnly": false,
  "resources": [
    {
      "accountId": "123456789012",
      "type": "AWS::SQS::Queue",
      "ARN": "arn:aws:sqs:ap-southeast-4:123456789012:MyQueue"
    }
  ],
  "eventType": "AwsApiCall",
  "managementEvent": false,
  "recipientAccountId": "123456789012",
  "eventCategory": "Data",
  "tlsDetails": {
    "tlsVersion": "TLSv1.2",
    "cipherSuite": "ECDHE-RSA-AES128-GCM-SHA256",
    "clientProvidedHostHeader": "sqs.ap-southeast-4.amazonaws.com"
  }

ReceiveMessage

下列範例顯示的 CloudTrail 資料事件ReceiveMessage。



				{
  "eventVersion": "1.09",
  "userIdentity": {
    "type": "AssumedRole",
    "principalId": "EXAMPLE_PRINCIPAL_ID",
    "arn": "arn:aws:sts::123456789012:assumed-role/RoleToBeAssumed/SessionName",
    "accountId": "123456789012",
    "accessKeyId": "ACCESS_KEY_ID",
    "sessionContext": {
      "sessionIssuer": {
        "type": "Role",
        "principalId": "AKIAI44QH8DHBEXAMPLE",
        "arn": "arn:aws:sts::123456789012:assumed-role/RoleToBeAssumed",
        "accountId": "123456789012",
        "userName": "RoleToBeAssumed"
      },
      "attributes": {
        "creationDate": "2023-11-07T22:13:06Z",
        "mfaAuthenticated": "false"
      }
    }
  },
  "eventTime": "2023-11-07T23:59:24Z",
  "eventSource": "sqs.amazonaws.com",
  "eventName": "ReceiveMessage",
  "awsRegion": "ap-southeast-4",
  "sourceIPAddress": "10.0.118.80",
  "userAgent": "aws-cli/1.29.16 md/Botocore#1.31.16 ua/2.0 os/linux#5.4.250-173.369.amzn2int.x86_64 md/arch#x86_64 lang/python#3.8.17 md/pyimpl#CPython cfg/retry-mode#legacy botocore/1.31.16",
  "requestParameters": {
    "queueUrl": "https://sqs.ap-southeast-4.amazonaws.com/123456789012/MyQueue",
    "maxNumberOfMessages": 10
  },
  "responseElements": null,
  "requestID": "8b4d4643-8f49-52cd-a6e8-1b875ed54b99",
  "eventID": "f3f23ab7-b0a4-4b71-afc0-141209c49206",
  "readOnly": true,
  "resources": [
    {
      "accountId": "123456789012",
      "type": "AWS::SQS::Queue",
      "ARN": "arn:aws:sqs:ap-southeast-4:123456789012:MyQueue"
    }
  ],
  "eventType": "AwsApiCall",
  "managementEvent": false,
  "recipientAccountId": "123456789012",
  "eventCategory": "Data",
  "tlsDetails": {
    "tlsVersion": "TLSv1.2",
    "cipherSuite": "ECDHE-RSA-AES128-GCM-SHA256",
    "clientProvidedHostHeader": "sqs.ap-southeast-4.amazonaws.com"
  }
}

DeleteMessageBatch

下列範例顯示的 CloudTrail 資料事件DeleteMessageBatch。



				{
  "eventVersion": "1.09",
  "userIdentity": {
    "type": "AssumedRole",
    "principalId": "EXAMPLE_PRINCIPAL_ID",
    "arn": "arn:aws:sts::123456789012:assumed-role/RoleToBeAssumed/SessionName",
    "accountId": "123456789012",
    "accessKeyId": "ACCESS_KEY_ID",
    "sessionContext": {
      "sessionIssuer": {
        "type": "Role",
        "principalId": "AKIAI44QH8DHBEXAMPLE",
        "arn": "arn:aws:sts::123456789012:assumed-role/RoleToBeAssumed",
        "accountId": "123456789012",
        "userName": "RoleToBeAssumed"
      },
      "attributes": {
        "creationDate": "2023-11-07T22:13:06Z",
        "mfaAuthenticated": "false"
      }
    }
  },
  "eventTime": "2023-11-07T23:59:24Z",
  "eventSource": "sqs.amazonaws.com",
  "eventName": "DeleteMessageBatch",
  "awsRegion": "ap-southeast-4",
  "sourceIPAddress": "10.0.118.80",
  "userAgent": "aws-cli/1.29.16 md/Botocore#1.31.16 ua/2.0 os/linux#5.4.250-173.369.amzn2int.x86_64 md/arch#x86_64 lang/python#3.8.17 md/pyimpl#CPython cfg/retry-mode#legacy botocore/1.31.16",
  "requestParameters": {
    "queueUrl": "https://sqs.ap-southeast-4.amazonaws.com/123456789012/MyQueue",
    "entries": [
      {
        "id": "0",
        "receiptHandle": "AQEBefxM1O4zyZGF87DehbRbmri91w2W7mMdD0GrBjQa8e/hpb4RbXHPZ9tLBVleECbChQIE5NtaDuoZhZPOkTy0eN46EyRR4jXDzE3AlkbPlX1mA9f2fUuTrXx8aeCoCA3I3woNg3fXXAoo5ctLgci0Z/hlLS94tjAZqV2krc4BaC2pYgjyHWcW019HwIV8T/bjNMIeZoQwOM5V+o9vHPfewz5QGr5SKpDo7uE7Umyk5n5CJZvcn1efp/mrwtaCIb9M7cCQUYcZm2ZmZDnIO9XpGTAi3m2dQ0M83pnNh0nvDfpkHpoa+hX1TrUmxCupCWHJwA8HFJ1O/CCJsodMNFthLBA9S57dkBZCsw41G8jAmgQ0MkvZ0UL5mg0OFQQd1Yrw0zvthjCgiwdzn0yXoMzxIZMBxkY14E4nVVZ7N5XEMtMmgxsI1XF/h8oRk2C7gByzg2kYJ0LnUvLJFT8DQE28JZppEC9klvrdR/BWiPT7asc="
      }
    ]
  },
  "responseElements": {
    "successful": [
      {
        "id": "0"
      }
    ],
    "failed": []
  },
  "requestID": "fe423091-5642-5ba5-9256-6d5587de52f1",
  "eventID": "88c8020d-d769-4985-8ecb-ee0b59acc418",
  "readOnly": false,
  "resources": [
    {
      "accountId": "123456789012",
      "type": "AWS::SQS::Queue",
      "ARN": "arn:aws:sqs:ap-southeast-4:123456789012:MyQueue"
    }
  ],
  "eventType": "AwsApiCall",
  "managementEvent": false,
  "recipientAccountId": "123456789012",
  "eventCategory": "Data",
  "tlsDetails": {
    "tlsVersion": "TLSv1.2",
    "cipherSuite": "ECDHE-RSA-AES128-GCM-SHA256",
    "clientProvidedHostHeader": "sqs.ap-southeast-4.amazonaws.com"
  }
}

ChangeMessageVisibilityBatch

下列範例顯示的 CloudTrail 資料事件ChangeMessageVisibilityBatch。



				{
  "eventVersion": "1.09",
  "userIdentity": {
    "type": "AssumedRole",
    "principalId": "EXAMPLE_PRINCIPAL_ID",
    "arn": "arn:aws:sts::123456789012:assumed-role/RoleToBeAssumed/SessionName",
    "accountId": "123456789012",
    "accessKeyId": "ACCESS_KEY_ID",
    "sessionContext": {
      "sessionIssuer": {
        "type": "Role",
        "principalId": "AKIAI44QH8DHBEXAMPLE",
        "arn": "arn:aws:sts::123456789012:assumed-role/RoleToBeAssumed",
        "accountId": "123456789012",
        "userName": "RoleToBeAssumed"
      },
      "attributes": {
        "creationDate": "2023-11-07T22:13:06Z",
        "mfaAuthenticated": "false"
      }
    }
  },
  "eventTime": "2023-11-07T23:59:01Z",
  "eventSource": "sqs.amazonaws.com",
  "eventName": "ChangeMessageVisibilityBatch",
  "awsRegion": "ap-southeast-4",
  "sourceIPAddress": "10.0.118.80",
  "userAgent": "aws-cli/1.29.16 md/Botocore#1.31.16 ua/2.0 os/linux#5.4.250-173.369.amzn2int.x86_64 md/arch#x86_64 lang/python#3.8.17 md/pyimpl#CPython cfg/retry-mode#legacy botocore/1.31.16",
  "requestParameters": {
    "visibilityTimeout": 0,
    "entries": [
      {
        "id": "0",
        "receiptHandle": "AQEB2M5cVYg5gslhWME6537hdjcaPnOYPA5M0W460TTb0DzPle631yPWm8qxd4O1hDj/B4ntTMnsgBTa95t14tNx7Vn96jKJ5rIoZ7iI8TRmkT1caKodKIPs8w9yndZq50c2FPQxtyH+2L3UHf/abV3szqVWXOLZR4PwX8zZkWVQGNCNnY2q2lGCG586F8QwvrOFYoXNwB8ymd1t77e1PDPknq1Io3JFuzkEsndkkETy4fV1QqVCSTR1izaTKF44f/l5PHX17nXxaC+DURVlMPXOuSFACGmWqAoyk50HKwGOjLQgpySL/TcnQXClvFq8kNXGwyVzJsbwHpOHxI7oce69vaD6DaWFP75d3hx+PJeG9pauQCKzVP3skt3Hw/zDC7YfKcALD3aCwMmeNDwT3w0BUG6XZdG5lYhtFtTQYV7YuS3i/Jh3HShGbtm07JKOEFiPkxv2+XNaAX3gFEpbng6zamTanfyMXCJIiglAEqiyWHQ=",
        "visibilityTimeout": 2271
      }
    ],
    "queueUrl": "https://sqs.ap-southeast-4.amazonaws.com/123456789012/MyQueue"
  },
  "responseElements": {
    "successful": [
      {
        "id": "0"
      }
    ]
  },
  "requestID": "d49ab65f-9dc7-54b8-875c-eb9b4c42988b",
  "eventID": "ca16c8c2-c4ba-4eb5-a54c-e650a10266d4",
  "readOnly": false,
  "resources": [
    {
      "accountId": "123456789012",
      "type": "AWS::SQS::Queue",
      "ARN": "arn:aws:sqs:ap-southeast-4:123456789012:MyQueue"
    }
  ],
  "eventType": "AwsApiCall",
  "managementEvent": false,
  "recipientAccountId": "123456789012",
  "eventCategory": "Data",
  "tlsDetails": {
    "tlsVersion": "TLSv1.2",
    "cipherSuite": "ECDHE-RSA-AES128-GCM-SHA256",
    "clientProvidedHostHeader": "sqs.ap-southeast-4.amazonaws.com"
  }
}

您的瀏覽器已停用或無法使用 Javascript。

您必須啟用 Javascript，才能使用 AWS 文件。請參閱您的瀏覽器說明頁以取得說明。

文件慣用形式

日誌記錄和監控

監視佇列使用 CloudWatch