本文為英文版的機器翻譯版本,如內容有任何歧義或不一致之處,概以英文版為準。
使用 記錄 AWS 成本管理 API 呼叫 AWS CloudTrail
AWS Cost Management 已與 整合 AWS CloudTrail,此服務提供使用者、角色或 AWS Cost Management AWS 服務 中 所採取動作的記錄。CloudTrail 會將 AWS 成本管理的 API 呼叫擷取為事件。擷取的呼叫包括來自 AWS Cost Management 主控台和應用程式的 API 呼叫。
如果您建立線索,則可以將 CloudTrail 事件持續交付至 Amazon S3 儲存貯體,包括 AWS 成本管理的事件。即使您未設定追蹤,依然可以透過 CloudTrail 主控台中的事件歷史記錄檢視最新事件。您可以使用 CloudTrail 所收集的資訊,判斷向 AWS Cost Management 提出的請求、提出請求的 IP 地址、提出請求的人員、提出請求的時間,以及其他詳細資訊。
若要進一步了解 CloudTrail,請參閱「AWS CloudTrail 使用者指南」。
AWS CloudTrail 中的成本管理資訊
當您建立帳戶 AWS 帳戶 時,您的 上會啟用 CloudTrail。當活動在 AWS 成本管理中發生時,該活動會與事件歷史記錄中的其他 AWS 服務 事件一起記錄在 CloudTrail 事件中。您可以在 中檢視、搜尋和下載最近的事件 AWS 帳戶。如需詳細資訊,請參閱《使用 CloudTrail 事件歷史記錄檢視事件》https://docs.aws.amazon.com/awscloudtrail/latest/userguide/view-cloudtrail-events.html。
若要持續記錄 中的事件 AWS 帳戶,包括 AWS 成本管理的事件,請建立追蹤。線索能讓 CloudTrail 將日誌檔案交付至 Amazon S3 儲存貯體。根據預設,當您在 CloudTrail 主控台中建立線索時,線索會套用至所有 AWS 區域。線索會記錄 AWS 分割區中所有區域的事件,並將日誌檔案交付至您指定的 Amazon S3 儲存貯體。此外,您可以設定其他 AWS 服務 來分析和處理 CloudTrail 日誌中收集的事件資料。
如需詳細資訊,請參閱 CloudTrail 使用者指南中的下列內容:
AWS CloudTrail 會記錄成本管理動作,並記錄在 AWS 帳單與成本管理 API 參考中。例如,對 GetDimensionValues、GetCostCategories 以及 GetCostandUsage 端點發出的呼叫會在 CloudTrail 日誌檔案中產生項目。
每一筆事件或日誌專案都會包含產生請求者的資訊。身分資訊可協助您判斷提出請求的身分是:
-
使用根或使用者角色登入資料。
-
使用某個角色的暫時安全憑證登入資料或聯合身分使用者。
-
由另一個 AWS 服務。
如需詳細資訊,請參閱 CloudTrail userIdentity 元素。
了解 AWS 成本管理日誌檔案項目
追蹤是一種組態,能讓事件以日誌檔案的形式交付到您指定的 Amazon S3 儲存貯體。一個事件為任何來源提出的單一請求,並包含請求動作、請求的日期和時間、請求參數等資訊。
CloudTrail 日誌檔案包含一個或多個日誌項目。CloudTrail 日誌檔案並非依公有 API 呼叫追蹤記錄的堆疊排序,因此不會以任何特定順序出現。
以下範例顯示 GetCostandUsage 端點的 CloudTrail 日誌項目。
{ "eventVersion":"1.08", "userIdentity":{ "accountId":"111122223333", "accessKeyId":"AIDACKCEVSQ6C2EXAMPLE" }, "eventTime":"2022-05-24T22:38:51Z", "eventSource":"ce.amazonaws.com", "eventName":"GetCostandUsage", "awsRegion":"us-east-1", "sourceIPAddress":"100.100.10.10", "requestParameters":{ "TimePeriod":{ "Start":"2022-01-01", "End":"2022-01-31" }, "Metrics":[ "UnblendedCost", "UsageQuantity" ], "Granularity":"MONTHLY", "GroupBy":[ { "Type":"DIMENSION", "Key":"SERVICE" } ] }, "responseElements":null, "requestID":"3295c994-063e-44ac-80fb-b40example9f", "eventID":"5923c499-063e-44ac-80fb-b40example9f", "readOnly":true, "eventType":"AwsApiCall", "managementEvent":true, "recipientAccountId":"1111-2222-3333", "eventCategory":"Management", "tlsDetails":{ "tlsVersion":"TLSv1.2", "clientProvidedHostHeader":"ce.us-east-1.amazonaws.com" } }
了解 Cost Optimization Hub 日誌檔案項目
追蹤是一種組態,能讓事件以日誌檔案的形式交付到您指定的 Amazon S3 儲存貯體。CloudTrail 日誌檔案包含一或多個日誌專案。一個事件為任何來源提出的單一請求,並包含請求動作、請求的日期和時間、請求參數等資訊。CloudTrail 日誌檔並非依公有 API 呼叫的堆疊追蹤排序,因此不會以任何特定順序出現。
下列範例顯示 CloudTrail 日誌項目,示範 Cost Optimization Hub 的 API 動作和例外狀況。
範例
例外狀況
API 動作
調節例外
下列範例顯示限流例外狀況的日誌項目。
{ "eventVersion": "1.09", "userIdentity": { "type": "AssumedRole", "principalId": "EXAMPLEAIZ5FYRFP3POCC:john-doe", "arn": "arn:aws:sts::111122223333:assumed-role/Admin/john-doe", "accountId": "111122223333", "accessKeyId": "AKIAIOSFODNN7EXAMPLE", "sessionContext": { "sessionIssuer": { "type": "Role", "principalId": "EXAMPLEAIZ5FYRFP3POCC", "arn": "arn:aws:iam::111122223333:role/Admin", "accountId": "111122223333", "john-doe": "Admin" }, "attributes": { "creationDate": "2023-10-14T00:48:50Z", "mfaAuthenticated": "false" } } }, "eventTime": "2023-10-14T01:16:45Z", "eventSource": "cost-optimization-hub.amazonaws.com", "eventName": "ListEnrollmentStatuses", "awsRegion": "us-east-1", "sourceIPAddress": "192.0.2.0", "userAgent": "PostmanRuntime/7.28.3", "errorCode": "ThrottlingException", "requestParameters": null, "responseElements": null, "requestID": "cc04aa10-7417-4c46-b1eb-EXAMPLE1df2b", "eventID": "754a3aad-1b54-456a-ac1f-EXAMPLE0e9c3", "readOnly": true, "eventType": "AwsApiCall", "managementEvent": true, "recipientAccountId": "111122223333", "eventCategory": "Management", "tlsDetails": { "clientProvidedHostHeader": "localhost:8080" } }
拒絕存取例外狀況
下列範例顯示AccessDenied例外狀況的日誌項目。
{ "eventVersion": "1.09", "userIdentity": { "type": "AssumedRole", "principalId": "EXAMPLEAIZ5FTKD2BZKUK:john-doe", "arn": "arn:aws:sts::111122223333:assumed-role/ReadOnly/john-doe", "accountId": "111122223333", "accessKeyId": "AKIAIOSFODNN7EXAMPLE", "sessionContext": { "sessionIssuer": { "type": "Role", "principalId": "EXAMPLEAIZ5FTKD2BZKUK", "arn": "arn:aws:iam::111122223333:role/ReadOnly", "accountId": "111122223333", "john-doe": "ReadOnly" }, "attributes": { "creationDate": "2023-10-16T19:08:36Z", "mfaAuthenticated": "false" } } }, "eventTime": "2023-10-16T19:11:04Z", "eventSource": "cost-optimization-hub.amazonaws.com", "eventName": "ListEnrollmentStatuses", "awsRegion": "us-east-1", "sourceIPAddress": "192.0.2.0", "userAgent": "PostmanRuntime/7.28.3", "errorCode": "AccessDenied", "errorMessage": "User: arn:aws:sts::111122223333:assumed-role/ReadOnly/john-doe is not authorized to perform: cost-optimization-hub:ListEnrollmentStatuses on resource: * because no identity-based policy allows the cost-optimization-hub:ListEnrollmentStatuses action", "requestParameters": null, "responseElements": null, "requestID": "1e02d84a-b04a-4b71-8615-EXAMPLEdcda7", "eventID": "71c86695-d4ec-4caa-a106-EXAMPLEe0d94", "readOnly": true, "eventType": "AwsApiCall", "managementEvent": true, "recipientAccountId": "111122223333", "eventCategory": "Management", "tlsDetails": { "clientProvidedHostHeader": "localhost:8080" } }
ListEnrollmentStatus
下列範例顯示 ListEnrollmentStatus API 動作的日誌項目。
{ "eventVersion": "1.09", "userIdentity": { "type": "AssumedRole", "principalId": "EXAMPLEAIZ5FYRFP3POCC:john-doe", "arn": "arn:aws:sts::111122223333:assumed-role/Admin/john-doe", "accountId": "111122223333", "accessKeyId": "AKIAIOSFODNN7EXAMPLE", "sessionContext": { "sessionIssuer": { "type": "Role", "principalId": "EXAMPLEAIZ5FYRFP3POCC", "arn": "arn:aws:iam::111122223333:role/Admin", "accountId": "111122223333", "john-doe": "Admin" }, "attributes": { "creationDate": "2023-10-14T00:48:50Z", "mfaAuthenticated": "false" } } }, "eventTime": "2023-10-14T01:16:43Z", "eventSource": "cost-optimization-hub.amazonaws.com", "eventName": "ListEnrollmentStatuses", "awsRegion": "us-east-1", "sourceIPAddress": "192.0.2.0", "userAgent": "PostmanRuntime/7.28.3", "requestParameters": { "includeOrganizationInfo": false }, "responseElements": null, "requestID": "cba87aa3-4678-41b8-a840-EXAMPLEaf3b8", "eventID": "57f04d0e-61f7-4c0f-805c-EXAMPLEbbbf5", "readOnly": true, "eventType": "AwsApiCall", "managementEvent": true, "recipientAccountId": "111122223333", "eventCategory": "Management", "tlsDetails": { "clientProvidedHostHeader": "localhost:8080" } }
ListRecommendations
下列範例顯示 ListRecommendations API 動作的日誌項目。
{ "eventVersion": "1.09", "userIdentity": { "type": "AssumedRole", "principalId": "EXAMPLEAIZ5FYRFP3POCC:john-doe", "arn": "arn:aws:sts::111122223333:assumed-role/Admin/john-doe", "accountId": "111122223333", "accessKeyId": "AKIAI44QH8DHBEXAMPLE", "sessionContext": { "sessionIssuer": { "type": "Role", "principalId": "EXAMPLEAIZ5FYRFP3POCC", "arn": "arn:aws:iam::111122223333:role/Admin", "accountId": "111122223333", "john-doe": "Admin" }, "attributes": { "creationDate": "2023-10-16T23:47:55Z", "mfaAuthenticated": "false" } } }, "eventTime": "2023-10-17T00:45:29Z", "eventSource": "cost-optimization-hub.amazonaws.com", "eventName": "ListRecommendations", "awsRegion": "us-east-1", "sourceIPAddress": "192.0.2.0", "userAgent": "PostmanRuntime/7.28.3", "requestParameters": { "filter": { "resourceIdentifiers": [ "arn:aws:ecs:us-east-1:111122223333:service/EXAMPLEAccountsIntegrationService-EcsCluster-ClusterEB0386A7-7fsvP2MMmxZ5/EXAMPLEAccountsIntegrationService-EcsService-Service9571FDD8-Dqm4mPMLstDn" ] }, "includeAllRecommendations": false }, "responseElements": null, "requestID": "a5b2df72-2cfd-4628-8a72-EXAMPLE7560a", "eventID": "a73bef13-6af7-4c11-a708-EXAMPLE6af5c", "readOnly": true, "eventType": "AwsApiCall", "managementEvent": true, "recipientAccountId": "111122223333", "eventCategory": "Management", "tlsDetails": { "clientProvidedHostHeader": "cost-optimization-hub.us-east-1.amazonaws.com" } }
ListRecommendationSummaries
下列範例顯示 ListRecommendationSummaries API 動作的日誌項目。
{ "eventVersion": "1.09", "userIdentity": { "type": "AssumedRole", "principalId": "EXAMPLEAIZ5FYRFP3POCC:john-doe", "arn": "arn:aws:sts::111122223333:assumed-role/Admin/john-doe", "accountId": "111122223333", "accessKeyId": "AKIAI44QH8DHBEXAMPLE", "sessionContext": { "sessionIssuer": { "type": "Role", "principalId": "EXAMPLEAIZ5FYRFP3POCC", "arn": "arn:aws:iam::111122223333:role/Admin", "accountId": "111122223333", "userName": "Admin" }, "attributes": { "creationDate": "2023-10-16T23:47:55Z", "mfaAuthenticated": "false" } } }, "eventTime": "2023-10-17T00:46:16Z", "eventSource": "cost-optimization-hub.amazonaws.com", "eventName": "ListRecommendationSummaries", "awsRegion": "us-east-1", "sourceIPAddress": "192.0.2.0", "userAgent": "PostmanRuntime/7.28.3", "requestParameters": { "groupBy": "ResourceType" }, "responseElements": null, "requestID": "ab54e6ad-72fe-48fe-82e9-EXAMPLEa6d1e", "eventID": "9288d9fa-939d-4e5f-a49a-EXAMPLEeb14b", "readOnly": true, "eventType": "AwsApiCall", "managementEvent": true, "recipientAccountId": "111122223333", "eventCategory": "Management", "tlsDetails": { "clientProvidedHostHeader": "cost-optimization-hub.us-east-1.amazonaws.com" } }
GetRecommendation
下列範例顯示 GetRecommendation API 動作的日誌項目。
{ "eventVersion": "1.09", "userIdentity": { "type": "AssumedRole", "principalId": "EXAMPLEAIZ5FYRFP3POCC:john-doe", "arn": "arn:aws:sts::111122223333:assumed-role/Admin/john-doe", "accountId": "111122223333", "accessKeyId": "AKIAI44QH8DHBEXAMPLE", "sessionContext": { "sessionIssuer": { "type": "Role", "principalId": "EXAMPLEAIZ5FYRFP3POCC", "arn": "arn:aws:iam::111122223333:role/Admin", "accountId": "111122223333", "john-doe": "Admin" }, "attributes": { "creationDate": "2023-10-16T23:47:55Z", "mfaAuthenticated": "false" } } }, "eventTime": "2023-10-17T00:47:48Z", "eventSource": "cost-optimization-hub.amazonaws.com", "eventName": "GetRecommendation", "awsRegion": "us-east-1", "sourceIPAddress": "192.0.2.0", "userAgent": "PostmanRuntime/7.28.3", "requestParameters": { "recommendationId": "EXAMPLEwMzEwODU5XzQyNTFhNGE4LWZkZDItNDUyZi1hMjY4LWRkOTFkOTA1MTc1MA==" }, "responseElements": null, "requestID": "e289a76a-182c-4bc9-8093-EXAMPLEbed0e", "eventID": "f1ed7ee6-871c-41fd-bb27-EXAMPLE24b64", "readOnly": true, "eventType": "AwsApiCall", "managementEvent": true, "recipientAccountId": "111122223333", "eventCategory": "Management", "tlsDetails": { "clientProvidedHostHeader": "cost-optimization-hub.us-east-1.amazonaws.com" } }
UpdateEnrollmentStatus
下列範例顯示 UpdateEnrollmentStatus API 動作的日誌項目。
{ "eventVersion": "1.09", "userIdentity": { "type": "AssumedRole", "principalId": "EXAMPLEAIZ5FYRFP3POCC:john-doe", "arn": "arn:aws:sts::111122223333:assumed-role/Admin/john-doe", "accountId": "111122223333", "accessKeyId": "AKIAI44QH8DHBEXAMPLE", "sessionContext": { "sessionIssuer": { "type": "Role", "principalId": "EXAMPLEAIZ5FYRFP3POCC", "arn": "arn:aws:iam::111122223333:role/Admin", "accountId": "111122223333", "john-doe": "Admin" }, "attributes": { "creationDate": "2023-10-16T19:11:30Z", "mfaAuthenticated": "false" } } }, "eventTime": "2023-10-16T19:12:35Z", "eventSource": "cost-optimization-hub.amazonaws.com", "eventName": "UpdateEnrollmentStatus", "awsRegion": "us-east-1", "sourceIPAddress": "192.0.2.0", "userAgent": "PostmanRuntime/7.28.3", "requestParameters": { "status": "Inactive" }, "responseElements": { "status": "Inactive" }, "requestID": "6bf0c8a3-af53-4c4e-8f50-EXAMPLE477f0", "eventID": "d2bfa850-ef3d-4317-8ac4-EXAMPLEc16b1", "readOnly": false, "eventType": "AwsApiCall", "managementEvent": true, "recipientAccountId": "111122223333", "eventCategory": "Management", "tlsDetails": { "clientProvidedHostHeader": "localhost:8080" } }
UpdatePreferences
下列範例顯示 UpdatePreferences API 動作的日誌項目。
{ "eventVersion": "1.09", "userIdentity": { "type": "AssumedRole", "principalId": "EXAMPLEAIZ5FYRFP3POCC:john-doe", "arn": "arn:aws:sts::111122223333:assumed-role/Admin/john-doe", "accountId": "111122223333", "accessKeyId": "AKIAI44QH8DHBEXAMPLE", "sessionContext": { "sessionIssuer": { "type": "Role", "principalId": "EXAMPLEAIZ5FYRFP3POCC", "arn": "arn:aws:iam::111122223333:role/Admin", "accountId": "111122223333", "john-doe": "Admin" }, "attributes": { "creationDate": "2023-10-16T19:11:30Z", "mfaAuthenticated": "false" } } }, "eventTime": "2023-10-16T19:16:00Z", "eventSource": "cost-optimization-hub.amazonaws.com", "eventName": "UpdatePreferences", "awsRegion": "us-east-1", "sourceIPAddress": "192.0.2.0", "userAgent": "PostmanRuntime/7.28.3", "requestParameters": { "costMetricsType": "AfterDiscounts" }, "responseElements": { "costMetricsType": "AfterDiscounts", "memberAccountDiscountVisibility": "None" }, "requestID": "01e56ca3-47af-45f0-85aa-EXAMPLE30b42", "eventID": "7350ff23-35f5-4760-98b2-EXAMPLE61f13", "readOnly": false, "eventType": "AwsApiCall", "managementEvent": true, "recipientAccountId": "111122223333", "eventCategory": "Management", "tlsDetails": { "clientProvidedHostHeader": "localhost:8080" } }
了解 AWS 定價計算工具 日誌檔案項目
線索是一種組態,可讓您將事件做為日誌檔案交付至您指定的 Amazon S3 儲存貯體,包括事件 AWS 定價計算工具。即使您未設定追蹤,依然可以透過 CloudTrail 主控台中的事件歷史記錄檢視最新事件。您可以使用 CloudTrail 所收集的資訊來判斷提出的請求 AWS 定價計算工具、提出請求的 IP 地址、提出請求的人員、提出請求的時間,以及其他詳細資訊。
AWS 定價計算工具 CloudTrail 事件
本節顯示與定價計算器相關的 CloudTrail 事件完整清單。
注意
下列事件的事件來源為 bcm-pricing-calculator.amazonaws.com。
| 事件名稱 | 定義 |
|---|---|
|
|
變動操作。允許客戶建立工作負載預估。 |
|
|
變動操作。允許客戶更新工作負載預估中繼資料。 |
|
|
變動操作。允許客戶刪除工作負載預估。 |
|
|
非變動操作。允許客戶取得工作負載預估的詳細資訊。 |
|
|
非變動操作。允許客戶列出其帳戶中的所有工作負載預估。 |
|
|
非變動操作。允許客戶列出工作負載預估中的所有用量行。 |
|
|
變動操作。允許客戶在其工作負載預估中建立用量行。 |
|
|
變動操作。允許客戶在其工作負載預估中修改現有的用量行。 |
|
|
變動操作。允許客戶在其工作負載預估中刪除新增的用量行。 |
|
|
變動操作。允許客戶建立帳單案例。 |
|
|
變動操作。允許客戶取得帳單案例的詳細資訊。 |
|
|
變動操作。允許客戶更新帳單案例的中繼資料。 |
|
|
變動操作。允許客戶刪除帳單案例。 |
|
|
非變動操作。允許客戶列出其帳戶中的所有帳單案例。 |
|
|
變動操作。允許客戶在其帳單案例中建立用量行。 |
|
|
變動操作。允許客戶在其帳單案例中修改現有的用量行。 |
|
|
變動操作。允許客戶在其帳單案例中刪除現有的用量行。 |
|
|
非變動操作。允許客戶列出帳單案例中的所有用量行。 |
|
|
變動操作。允許客戶在其帳單案例中建立承諾的模型。 |
|
|
變動操作。允許客戶在其帳單案例中修改模型化承諾行。 |
|
|
變動操作。允許客戶在其帳單案例中刪除模型化承諾行。 |
|
|
非變動操作。允許客戶列出帳單案例中的所有模型化承諾。 |
|
|
變動操作。允許客戶從帳單案例建立新的帳單預估。 |
|
|
變動操作。允許客戶取得帳單預估的詳細資訊。 |
|
|
變動操作。允許客戶更新帳單預估的中繼資料。 |
|
|
變動操作。允許客戶刪除帳單預估。 |
|
|
非變動操作。允許客戶列出其帳戶中的所有帳單預估。 |
|
|
非變動操作。允許客戶列出成功完成帳單估算的所有結果行。 |
|
|
非變動操作。允許客戶列出成功完成帳單預估的所有承諾。 |
|
|
非變動操作。允許客戶列出在帳單案例中建立模型的所有承諾,這些承諾有助於建立帳單預估。 |
|
|
非變動操作。允許客戶取得付款人或獨立帳戶設定的費率偏好設定 |
|
|
變動操作。允許客戶設定用於工作負載預估的速率偏好設定。這是僅付款人或獨立帳戶的 API 操作。 |
|
|
變動操作。允許客戶標記定價計算器資源。 |
|
|
變動操作。允許客戶取消標記定價計算器資源。 |
|
|
非變動操作。允許客戶列出連接到定價計算器資源的所有標籤。 |
CreateWorkloadEstimate
下列範例顯示使用 CreateWorkloadEstimate API 動作的 CloudTrail 日誌項目。
{ "eventVersion": "1.08", "userIdentity": { "accountId": "111122223333", "accessKeyId": "AKIAI44QH8DHBEXAMPLE" }, "eventTime": "2024-11-11T02:09:08Z", "eventSource": "bcm-pricing-calculator.amazonaws.com", "eventName": "CreateWorkloadEstimate", "awsRegion": "us-east-1", "sourceIPAddress": "100.100.10.10", "requestParameters": { "name": "example-estimate-name", "resourceTags": [], "rateType": "BEFORE_DISCOUNTS" }, "responseElements": { "costCurrency": "USD", "costSummary": { "cost": 0, "costStatus": "VALID", "currency": "USD" }, "createdAt": 1731290948.299, "expiresAt": 1765418948.299, "id": "15cf39cc-ce14-4943-9dcb-35ccec39ae21", "name": "example-estimate-name", "rateDescription": "BEFORE_DISCOUNTS|2024-11-11T02:09:08.299974018Z", "rateTimestamp": 1731290948.299, "rateType": "BEFORE_DISCOUNTS", "status": "READY", "totalCost": 0 }, "eventID": "22bb9d97-6f0c-4482-830d-cde1c9ea00be", "readOnly": false, "eventType": "AwsApiCall", "managementEvent": true, "recipientAccountId": "111122223333", "eventCategory": "Management" }
