本文為英文版的機器翻譯版本,如內容有任何歧義或不一致之處,概以英文版為準。
一致性套件
符合性套件是 AWS Config 規則與修正動作的集合,可輕鬆部署為帳戶和區域中的單一實體,或在中的組織中部署。 AWS Organizations
您可以透過編寫包含 AWS Config 受管或自訂規則和修補動作之清單的 YAML 範本,來建立一致性套件。您也可以使用 AWS Systems Manager 文件 (SSM 文件),將一致性套件範本儲存在 SSM 文件名稱, AWS 並直接部署一致性套件。您可以使用 AWS Config 主控台或 AWS CLI來部署範本。若要快速開始使用並評估您的 AWS 環境,請使用其中一個範例一致性套件範本。您也可以根據《自訂一致性套件》,從頭開始建立一致性套件 YAML 檔案。
主題
區域支援
下列區域支援一致性套件。
| 區域名稱 | 區域 | 端點 | 通訊協定 |
|---|---|---|---|
| 美國東部 (俄亥俄) | us-east-2 | config.us-east-2.amazonaws.com | HTTPS |
| 美國東部 (維吉尼亞北部) | us-east-1 | config.us-east-1.amazonaws.com | HTTPS |
| 美國西部 (加利佛尼亞北部) | us-west-1 | config.us-west-1.amazonaws.com | HTTPS |
| 美國西部 (奧勒岡) | us-west-2 | config.us-west-2.amazonaws.com | HTTPS |
| 亞太區域 (香港) | ap-east-1 | config.ap-east-1.amazonaws.com | HTTPS |
| 亞太區域 (雅加達) | ap-southeast-3 | config.ap-southeast-3.amazonaws.com | HTTPS |
| 亞太區域 (墨爾本) | ap-southeast-4 | config.ap-southeast-4.amazonaws.com | HTTPS |
| 亞太區域 (孟買) | ap-south-1 | config.ap-south-1.amazonaws.com | HTTPS |
| 亞太區域 (首爾) | ap-northeast-2 | config.ap-northeast-2.amazonaws.com | HTTPS |
| 亞太區域 (新加坡) | ap-southeast-1 | config.ap-southeast-1.amazonaws.com | HTTPS |
| 亞太區域 (雪梨) | ap-southeast-2 | config.ap-southeast-2.amazonaws.com | HTTPS |
| 亞太區域 (東京) | ap-northeast-1 | config.ap-northeast-1.amazonaws.com | HTTPS |
| 加拿大 (中部) | ca-central-1 | config.ca-central-1.amazonaws.com | HTTPS |
| 歐洲 (法蘭克福) | eu-central-1 | config.eu-central-1.amazonaws.com | HTTPS |
| 歐洲 (愛爾蘭) | eu-west-1 | config.eu-west-1.amazonaws.com | HTTPS |
| 歐洲 (倫敦) | eu-west-2 | config.eu-west-2.amazonaws.com | HTTPS |
| 歐洲 (巴黎) | eu-west-3 | config.eu-west-3.amazonaws.com | HTTPS |
| 歐洲 (斯德哥爾摩) | eu-north-1 | config.eu-north-1.amazonaws.com | HTTPS |
| 中東 (巴林) | me-south-1 | config.me-south-1.amazonaws.com | HTTPS |
| 南美洲 (聖保羅) | sa-east-1 | config.sa-east-1.amazonaws.com | HTTPS |
| AWS GovCloud (美國東部) | us-gov-east-1 | config.us-gov-east-1.amazonaws.com | HTTPS |
| AWS GovCloud (美國西部) | us-gov-west-1 | config.us-gov-west-1.amazonaws.com | HTTPS |
下列區域支援跨組 AWS 織中的成員帳戶部署一致性套件。
| 區域名稱 | 區域 | 端點 | 通訊協定 |
|---|---|---|---|
| 美國東部 (俄亥俄) | us-east-2 | config.us-east-2.amazonaws.com | HTTPS |
| 美國東部 (維吉尼亞北部) | us-east-1 | config.us-east-1.amazonaws.com | HTTPS |
| 美國西部 (加利佛尼亞北部) | us-west-1 | config.us-west-1.amazonaws.com | HTTPS |
| 美國西部 (奧勒岡) | us-west-2 | config.us-west-2.amazonaws.com | HTTPS |
| 亞太區域 (雅加達) | ap-southeast-3 | config.ap-southeast-3.amazonaws.com | HTTPS |
| 亞太區域 (墨爾本) | ap-southeast-4 | config.ap-southeast-4.amazonaws.com | HTTPS |
| 亞太區域 (孟買) | ap-south-1 | config.ap-south-1.amazonaws.com | HTTPS |
| 亞太區域 (首爾) | ap-northeast-2 | config.ap-northeast-2.amazonaws.com | HTTPS |
| 亞太區域 (新加坡) | ap-southeast-1 | config.ap-southeast-1.amazonaws.com | HTTPS |
| 亞太區域 (雪梨) | ap-southeast-2 | config.ap-southeast-2.amazonaws.com | HTTPS |
| 亞太區域 (東京) | ap-northeast-1 | config.ap-northeast-1.amazonaws.com | HTTPS |
| 加拿大 (中部) | ca-central-1 | config.ca-central-1.amazonaws.com | HTTPS |
| 歐洲 (法蘭克福) | eu-central-1 | config.eu-central-1.amazonaws.com | HTTPS |
| 歐洲 (愛爾蘭) | eu-west-1 | config.eu-west-1.amazonaws.com | HTTPS |
| 歐洲 (倫敦) | eu-west-2 | config.eu-west-2.amazonaws.com | HTTPS |
| 歐洲 (巴黎) | eu-west-3 | config.eu-west-3.amazonaws.com | HTTPS |
| 歐洲 (斯德哥爾摩) | eu-north-1 | config.eu-north-1.amazonaws.com | HTTPS |
| 南美洲 (聖保羅) | sa-east-1 | config.sa-east-1.amazonaws.com | HTTPS |
| AWS GovCloud (美國東部) | us-gov-east-1 | config.us-gov-east-1.amazonaws.com | HTTPS |
| AWS GovCloud (美國西部) | us-gov-west-1 | config.us-gov-west-1.amazonaws.com | HTTPS |
故障診斷
如果您在建立、更新和刪除一致性套件時收到錯誤指出一致性套件失敗,您可以檢查一致性套件的狀態。
aws configservice describe-conformance-pack-status --conformance-pack-name MyConformancePack1
您應該會看到類似下列的輸出。
"ConformancePackStatusDetails": [ { "ConformancePackName": "ConformancePackName", "ConformancePackId": "ConformancePackId", "ConformancePackArn": "ConformancePackArn", "ConformancePackState": "CREATE_FAILED", "StackArn": "CloudFormation stackArn", "ConformancePackStatusReason": "Failure Reason", "LastUpdateRequestedTime": 1573865201.619, "LastUpdateCompletedTime": 1573864244.653 } ]
如需失敗ConformancePackStatusReason的相關資訊,請檢查。
When the stackArn is present in the response (當回應中存在 stackArn 時)
如果錯誤訊息不清楚,或是失敗是由於內部錯誤造成,請移至 AWS CloudFormation 主控台並執行下列動作:
-
在輸出中搜尋 stackArn。
-
選擇 AWS CloudFormation 堆疊的 [事件] 索引標籤,並檢查失敗的事件。
狀態原因指出一致性套件失敗的原因。
When the stackArn is not present in the response (當回應中不存在 stackArn 時)
如果您在建立一致性套件時收到失敗,但狀態回應中不存在 stackArn,可能的原因是堆疊建立失敗,而 AWS CloudFormation 已回復且刪除堆疊。前往 AWS CloudFormation 主控台並搜尋處於「已刪除」狀態的堆疊。該處可能有提供失敗的堆疊。 AWS CloudFormation 堆疊包含一致性套件名稱。如果您找到失敗的堆疊,請選擇 AWS CloudFormation 堆疊的 [事件] 索引標籤,並檢查失敗的事件。
如果這些步驟都無效,而且失敗原因是內部服務錯誤,請再次嘗試操作或聯絡 AWS Config 支援人員。
