本文属于机器翻译版本。若本译文内容与英语原文存在差异,则一律以英文原文为准。
示例查询
注意
高级查询支持所支持的资源类型的子集 Amazon Config。有关那些支持的资源类型列表,请参阅支持的高级查询资源类型
用于列出具有 AMI ID ami-12345 的所有 EC2 实例的查询
SELECT resourceId, resourceType, configuration.instanceType, configuration.placement.tenancy, configuration.imageId, availabilityZone WHERE resourceType = 'AWS::EC2::Instance' AND configuration.imageId = 'ami-12345'
结果
{ "QueryInfo": { "SelectFields": [ { "Name": "resourceId" }, { "Name": "resourceType" }, { "Name": "configuration.instanceType" }, { "Name": "configuration.placement.tenancy" }, { "Name": "configuration.imageId" }, { "Name": "availabilityZone" } ] }, "Results": [ "{\"resourceId\":\"resourceid\",\"configuration\":{\"imageId\":\"ami-12345\",\"instanceType\":\"t2.micro\",\"placement\":{\"tenancy\":\"default\"}},\"availabilityZone\":\"us-west-2c\",\"resourceType\":\"AWS::EC2::Instance\"}", "{\"resourceId\":\"resourceid\",\"configuration\":{\"imageId\":\"ami-12345\",\"instanceType\":\"t2.micro\",\"placement\":{\"tenancy\":\"default\"}},\"availabilityZone\":\"us-west-2a\",\"resourceType\":\"AWS::EC2::Instance\"}", "{\"resourceId\":\"resourceid\",\"configuration\":{\"imageId\":\"ami-12345\",\"instanceType\":\"t2.micro\",\"placement\":{\"tenancy\":\"default\"}},\"availabilityZone\":\"us-west-2c\",\"resourceType\":\"AWS::EC2::Instance\"}", "{\"resourceId\":\"resourceid\",\"configuration\":{\"imageId\":\"ami-12345\",\"instanceType\":\"t1.micro\",\"placement\":{\"tenancy\":\"default\"}},\"availabilityZone\":\"us-west-2a\",\"resourceType\":\"AWS::EC2::Instance\"}", "{\"resourceId\":\"resourceid\",\"configuration\":{\"imageId\":\"ami-12345\",\"instanceType\":\"t2.micro\",\"placement\":{\"tenancy\":\"default\"}},\"availabilityZone\":\"us-west-2c\",\"resourceType\":\"AWS::EC2::Instance\"}", "{\"resourceId\":\"resourceid\",\"configuration\":{\"imageId\":\"ami-12345\",\"instanceType\":\"t2.micro\",\"placement\":{\"tenancy\":\"default\"}},\"availabilityZone\":\"us-west-2c\",\"resourceType\":\"AWS::EC2::Instance\"}", "{\"resourceId\":\"resourceid\",\"configuration\":{\"imageId\":\"ami-12345\",\"instanceType\":\"t2.micro\",\"placement\":{\"tenancy\":\"default\"}},\"availabilityZone\":\"us-west-2c\",\"resourceType\":\"AWS::EC2::Instance\"}" ] }
查询按 Amazon Config 规则合规性状态分组的资源数量
SELECT configuration.complianceType, COUNT(*) WHERE resourceType = 'AWS::Config::ResourceCompliance' GROUP BY configuration.complianceType
结果
{ "QueryInfo": { "SelectFields": [ { "Name": "configuration.complianceType" }, { "Name": "COUNT(*)" } ] }, "Results": [ "{\"COUNT(*)\":163,\"configuration\":{\"complianceType\":\"NON_COMPLIANT\"}}", "{\"COUNT(*)\":2,\"configuration\":{\"complianceType\":\"COMPLIANT\"}}" ] }
查询 Amazon 一致性包的合规状态
SELECT resourceId, resourceName, resourceType, configuration.complianceType WHERE resourceType = 'AWS::Config::ConformancePackCompliance'
结果
{ "QueryInfo": { "SelectFields": [ { "Name": "resourceId" }, { "Name": "resourceName" }, { "Name": "resourceType" }, { "Name": "configuration.complianceType" } ] }, "Results": [ "{\"resourceId\":\"conformance-pack-conformance-pack-ID\",\"configuration\":{\"complianceType\":\"COMPLIANT\"},\"resourceName\":\"MyConformancePack1\",\"resourceType\":\"AWS::Config::ConformancePackCompliance\"}", "{\"resourceId\":\"conformance-pack-conformance-pack-ID\",\"configuration\":{\"complianceType\":\"NON_COMPLIANT\"},\"resourceName\":\"MyConformancePack2\",\"resourceType\":\"AWS::Config::ConformancePackCompliance\"}", "{\"resourceId\":\"conformance-pack-conformance-pack-ID\",\"configuration\":{\"complianceType\":\"NON_COMPLIANT\"},\"resourceName\":\"MyConformancePack3\",\"resourceType\":\"AWS::Config::ConformancePackCompliance\"}" ] }
查询以获取按账户 ID 分组的 Amazon 资源数量
aws configservice select-aggregate-resource-config --expression "SELECT COUNT(*), accountId group by accountId" --configuration-aggregator-name my-aggregator
结果
{ "Results": [ "{\"COUNT(*)\":2407,\"accountId\":\"accountId\"}", "{\"COUNT(*)\":726,\"accountId\":\"accountId\"}" ], "QueryInfo": { "SelectFields": [ { "Name": "COUNT(*)" }, { "Name": "accountId" } ] } }
查询以列出所有未使用的 EC2 卷
SELECT resourceId, accountId, awsRegion, resourceType, configuration.volumeType, configuration.size, resourceCreationTime, tags, configuration.encrypted, configuration.availabilityZone, configuration.state.value WHERE resourceType = 'AWS::EC2::Volume' AND configuration.state.value = 'available'
结果
{ "Results": [ "{\"accountId\":\"accountId\",\"resourceId\":\"vol-0174de9c962f6581c\",\"awsRegion\":\"us-west-2\",\"configuration\":{\"volumeType\":\"gp2\",\"encrypted\":false,\"size\":100.0,\"state\":{\"value\":\"available\"},\"availabilityZone\":\"us-west-2a\"},\"resourceCreationTime\":\"2020-02-21T07:39:43.771Z\",\"tags\":[],\"resourceType\":\"AWS::EC2::Volume\"}", "{\"accountId\":\"accountId\",\"resourceId\":\"vol-0cbeb652a74af2f8f\",\"awsRegion\":\"us-east-1\",\"configuration\":{\"volumeType\":\"gp2\",\"encrypted\":false,\"size\":100.0,\"state\":{\"value\":\"available\"},\"availabilityZone\":\"us-east-1a\"},\"resourceCreationTime\":\"2020-02-21T07:28:40.639Z\",\"tags\":[],\"resourceType\":\"AWS::EC2::Volume\"}" "{\"accountId\":\"accountId\",\"resourceId\":\"vol-0a49952d528ec8ba2\",\"awsRegion\":\"ap-south-1\",\"configuration\":{\"volumeType\":\"gp2\",\"encrypted\":false,\"size\":100.0,\"state\":{\"value\":\"available\"},\"availabilityZone\":\"ap-south-1a\"},\"resourceCreationTime\":\"2020-02-21T07:39:31.800Z\",\"tags\":[],\"resourceType\":\"AWS::EC2::Volume\"}", ], "QueryInfo": { "SelectFields": [ { "Name": "resourceId" }, { "Name": "accountId" }, { "Name": "awsRegion" }, { "Name": "resourceType" }, { "Name": "configuration.volumeType" }, { "Name": "configuration.size" }, { "Name": "resourceCreationTime" }, { "Name": "tags" }, { "Name": "configuration.encrypted" }, { "Name": "configuration.availabilityZone" }, { "Name": "configuration.state.value" } ] } }