适用于 Amazon EBS 的 Amazon EventBridge 事件 - Amazon EBS
Amazon Web Services 文档中描述的 Amazon Web Services 服务或功能可能因区域而异。要查看适用于中国区域的差异,请参阅 中国的 Amazon Web Services 服务入门 (PDF)

适用于 Amazon EBS 的 Amazon EventBridge 事件

Amazon EBS 将事件发送到 Amazon EventBridge,用于在卷和快照上执行操作。使用 EventBridge,您可以创建规则以触发编程操作,从而响应这些事件。例如,您可以创建一个规则,在启用快照以快速恢复快照时向您的电子邮件发送通知。

EventBridge 中的事件表示为 JSON 对象。该事件独有的字段包含在 JSON 对象的“详细信息”部分。“事件”字段包含事件名称。“结果”字段包含触发事件的操作的已完成状态。有关更多信息,请参阅 Amazon EventBridge 用户指南中的 Amazon EventBridge 事件模式

有关更多信息,请参阅《Amazon EventBridge 用户指南》中的什么是 Amazon EventBridge?

EBS 卷事件

在发生以下卷事件时,Amazon EBS 会向 EventBridge 发送事件。

创建卷(createVolume)

当创建卷的操作完成后,系统会将 createVolume 事件发送至您的 Amazon 账户。不过,不会保存、记录或存档该事件。此事件的结果可能是 availablefailed。如果提供的 Amazon KMS key 无效,创建操作将失败,如以下示例所示。

事件数据

下面的列表是 EBS 为成功的 createVolume 事件发送的 JSON 对象示例。

{ "version": "0", "id": "01234567-0123-0123-0123-012345678901", "detail-type": "EBS Volume Notification", "source": "aws.ec2", "account": "012345678901", "time": "yyyy-mm-ddThh:mm:ssZ", "region": "us-east-1", "resources": [ "arn:aws:ec2:us-east-1:012345678901:volume/vol-01234567" ], "detail": { "result": "available", "cause": "", "event": "createVolume", "request-id": "01234567-0123-0123-0123-0123456789ab" } }

下面的列表是 EBS 在 createVolume 事件失败后发送的 JSON 对象的示例。失败原因是 KMS 密钥 被禁用。

{ "version": "0", "id": "01234567-0123-0123-0123-0123456789ab", "detail-type": "EBS Volume Notification", "source": "aws.ec2", "account": "012345678901", "time": "yyyy-mm-ddThh:mm:ssZ", "region": "sa-east-1", "resources": [ "arn:aws:ec2:sa-east-1:0123456789ab:volume/vol-01234567", ], "detail": { "event": "createVolume", "result": "failed", "cause": "arn:aws:kms:sa-east-1:0123456789ab:key/01234567-0123-0123-0123-0123456789ab is disabled.", "request-id": "01234567-0123-0123-0123-0123456789ab", } }

以下是 EBS 在 createVolume 事件失败后发送的 JSON 对象的示例。失败原因是 KMS 密钥 正等待导入。

{ "version": "0", "id": "01234567-0123-0123-0123-0123456789ab", "detail-type": "EBS Volume Notification", "source": "aws.ec2", "account": "012345678901", "time": "yyyy-mm-ddThh:mm:ssZ", "region": "sa-east-1", "resources": [ "arn:aws:ec2:sa-east-1:0123456789ab:volume/vol-01234567", ], "detail": { "event": "createVolume", "result": "failed", "cause": "arn:aws:kms:sa-east-1:0123456789ab:key/01234567-0123-0123-0123-0123456789ab is pending import.", "request-id": "01234567-0123-0123-0123-0123456789ab", } }

删除卷(deleteVolume)

当删除卷的操作完成后,系统会将 deleteVolume 事件发送至您的 Amazon 账户。不过,不会保存、记录或存档该事件。此事件具有 deleted 结果。如果删除操作未完成,绝不会发送此事件。

事件数据

下面的列表是 EBS 为成功的 deleteVolume 事件发送的 JSON 对象示例。

{ "version": "0", "id": "01234567-0123-0123-0123-012345678901", "detail-type": "EBS Volume Notification", "source": "aws.ec2", "account": "012345678901", "time": "yyyy-mm-ddThh:mm:ssZ", "region": "us-east-1", "resources": [ "arn:aws:ec2:us-east-1:012345678901:volume/vol-01234567" ], "detail": { "result": "deleted", "cause": "", "event": "deleteVolume", "request-id": "01234567-0123-0123-0123-0123456789ab" } }

卷附加或重新附加(attachVolume、reattachVolume)

如果卷无法附加或重新附加到实例,系统会将 attachVolumereattachVolume 事件发送至您的 Amazon 账户。不过,不会保存、记录或存档该事件。如果您使用 KMS 密钥 加密 EBS 卷并且该 KMS 密钥 变为无效,则日后使用该 KMS 密钥 将卷附加或重新附加到实例时,EBS 会发送一个事件,如以下示例所示。

事件数据

下面的列表是 EBS 在 attachVolume 事件失败后发送的 JSON 对象的示例。失败原因是 KMS 密钥 处于待删除状态。

注意

在对服务器进行日常维护后,Amazon 可能会尝试重新附加卷。

{ "version": "0", "id": "01234567-0123-0123-0123-0123456789ab", "detail-type": "EBS Volume Notification", "source": "aws.ec2", "account": "012345678901", "time": "yyyy-mm-ddThh:mm:ssZ", "region": "us-east-1", "resources": [ "arn:aws:ec2:us-east-1:0123456789ab:volume/vol-01234567", "arn:aws:kms:us-east-1:0123456789ab:key/01234567-0123-0123-0123-0123456789ab" ], "detail": { "event": "attachVolume", "result": "failed", "cause": "arn:aws:kms:us-east-1:0123456789ab:key/01234567-0123-0123-0123-0123456789ab is pending deletion.", "request-id": "" } }

下面的列表是 EBS 在 reattachVolume 事件失败后发送的 JSON 对象的示例。失败原因是 KMS 密钥 处于待删除状态。

{ "version": "0", "id": "01234567-0123-0123-0123-0123456789ab", "detail-type": "EBS Volume Notification", "source": "aws.ec2", "account": "012345678901", "time": "yyyy-mm-ddThh:mm:ssZ", "region": "us-east-1", "resources": [ "arn:aws:ec2:us-east-1:0123456789ab:volume/vol-01234567", "arn:aws:kms:us-east-1:0123456789ab:key/01234567-0123-0123-0123-0123456789ab" ], "detail": { "event": "reattachVolume", "result": "failed", "cause": "arn:aws:kms:us-east-1:0123456789ab:key/01234567-0123-0123-0123-0123456789ab is pending deletion.", "request-id": "" } }

分离卷(detachVolume)

当卷与 Amazon EC2 实例分离时,detachVolume 事件就会发送到您的 Amazon 账户。

事件数据

以下是成功 detachVolume 事件的示例。

{ "version":"0", "id":"2ec37298-1234-e436-70fc-c96b1example", "detail-type":"AWS API Call via CloudTrail", "source":"aws.ec2", "account":"123456789012", "time":"2024-03-18T16:35:52Z", "region":"us-east-1", "resources":[], "detail": { "eventVersion":"1.09", "userIdentity": { "type":"IAMUser", "principalId":"AIDAJT12345SQ2EXAMPLE", "arn":"arn:aws:iam::123456789012:user/administrator", "accountId":"123456789012", "accessKeyId":"AKIAJ67890A6EXAMPLE", "userName":"administrator" }, "eventTime":"2024-03-18T16:35:52Z", "eventSource":"ec2.amazonaws.com", "eventName":"DetachVolume", "awsRegion":"us-east-1", "sourceIPAddress":"12.12.123.12", "userAgent":"aws-cli/2.7.12 Python/3.9.11 Windows/10 exe/AMD64 prompt/off command/ec2.detach-volume", "requestParameters": { "volumeId":"vol-072577c46bexample", "force":false }, "responseElements": { "requestId":"1234513a-6292-49ea-83f8-85e95example", "volumeId":"vol-072577c46bexample", "instanceId":"i-0217f7eb3dexample", "device":"/dev/sdb", "status":"detaching", "attachTime":1710776815000 }, "requestID":"1234513a-6292-49ea-83f8-85e95example", "eventID":"1234551d-a15a-43eb-9e69-c983aexample", "readOnly":false, "eventType":"AwsApiCall", "managementEvent":true, "recipientAccountId":"123456789012", "eventCategory":"Management", "tlsDetails": { "tlsVersion":"TLSv1.3", "cipherSuite":"TLS_AES_128_GCM_SHA256", "clientProvidedHostHeader":"ec2.us-east-1.amazonaws.com" } } }

EBS 卷修改事件

当修改卷时,Amazon EBS 会向 EventBridge 发送 modifyVolume 事件。不过,不会保存、记录或存档该事件。

{ "version": "0", "id": "01234567-0123-0123-0123-012345678901", "detail-type": "EBS Volume Notification", "source": "aws.ec2", "account": "012345678901", "time": "yyyy-mm-ddThh:mm:ssZ", "region": "us-east-1", "resources": [ "arn:aws:ec2:us-east-1:012345678901:volume/vol-03a55cf56513fa1b6" ], "detail": { "result": "optimizing", "cause": "", "event": "modifyVolume", "request-id": "01234567-0123-0123-0123-0123456789ab" } }

EBS 快照事件

在发生以下卷事件时,Amazon EBS 会向 EventBridge 发送事件。

创建单个快照(createSnapshot)

当创建快照的操作完成后,系统会将 createSnapshot 事件发送至您的 Amazon 账户。不过,不会保存、记录或存档该事件。此事件的结果可能是 succeededfailed

事件数据

下面的列表是 EBS 为成功的 createSnapshot 事件发送的 JSON 对象示例。在 detail 部分,source 字段包含源卷的 ARN。startTimeendTime 字段表示快照的创建何时开始以及何时完成。

{ "version": "0", "id": "01234567-0123-0123-0123-012345678901", "detail-type": "EBS Snapshot Notification", "source": "aws.ec2", "account": "012345678901", "time": "yyyy-mm-ddThh:mm:ssZ", "region": "us-east-1", "resources": [ "arn:aws:ec2::us-west-2:snapshot/snap-01234567" ], "detail": { "event": "createSnapshot", "result": "succeeded", "cause": "", "request-id": "", "snapshot_id": "arn:aws:ec2::us-west-2:snapshot/snap-01234567", "source": "arn:aws:ec2::us-west-2:volume/vol-01234567", "startTime": "yyyy-mm-ddThh:mm:ssZ", "endTime": "yyyy-mm-ddThh:mm:ssZ" } }

创建多个快照(createSnapshots)

当创建多卷快照的操作完成后,系统会将 createSnapshots 事件发送至您的 Amazon 账户。此事件的结果可能是 succeededfailed

事件数据

下面的列表是 EBS 为成功的 createSnapshots 事件发送的 JSON 对象示例。在 detail 部分中,source 字段包含多卷快照集的源卷的 ARN。startTimeendTime 字段表示快照的创建何时开始以及何时完成。

{ "version": "0", "id": "01234567-0123-0123-0123-012345678901", "detail-type": "EBS Multi-Volume Snapshots Completion Status", "source": "aws.ec2", "account": "012345678901", "time": "yyyy-mm-ddThh:mm:ssZ", "region": "us-east-1", "resources": [ "arn:aws:ec2::us-east-1:snapshot/snap-01234567", "arn:aws:ec2::us-east-1:snapshot/snap-012345678" ], "detail": { "event": "createSnapshots", "result": "succeeded", "cause": "", "request-id": "", "startTime": "yyyy-mm-ddThh:mm:ssZ", "endTime": "yyyy-mm-ddThh:mm:ssZ", "snapshots": [ { "snapshot_id": "arn:aws:ec2::us-east-1:snapshot/snap-01234567", "source": "arn:aws:ec2::us-east-1:volume/vol-01234567", "status": "completed" }, { "snapshot_id": "arn:aws:ec2::us-east-1:snapshot/snap-012345678", "source": "arn:aws:ec2::us-east-1:volume/vol-012345678", "status": "completed" } ] } }

下面的列表是 EBS 在 createSnapshots 事件失败后发送的 JSON 对象的示例。失败的原因是多卷快照集的一个或多个快照未能完成。snapshot_id 的值是失败的快照的 ARN。startTimeendTime 表示创建快照操作开始和结束的时间。

{ "version": "0", "id": "01234567-0123-0123-0123-012345678901", "detail-type": "EBS Multi-Volume Snapshots Completion Status", "source": "aws.ec2", "account": "012345678901", "time": "yyyy-mm-ddThh:mm:ssZ", "region": "us-east-1", "resources": [ "arn:aws:ec2::us-east-1:snapshot/snap-01234567", "arn:aws:ec2::us-east-1:snapshot/snap-012345678" ], "detail": { "event": "createSnapshots", "result": "failed", "cause": "Snapshot snap-01234567 is in status error", "request-id": "", "startTime": "yyyy-mm-ddThh:mm:ssZ", "endTime": "yyyy-mm-ddThh:mm:ssZ", "snapshots": [ { "snapshot_id": "arn:aws:ec2::us-east-1:snapshot/snap-01234567", "source": "arn:aws:ec2::us-east-1:volume/vol-01234567", "status": "error" }, { "snapshot_id": "arn:aws:ec2::us-east-1:snapshot/snap-012345678", "source": "arn:aws:ec2::us-east-1:volume/vol-012345678", "status": "error" } ] } }

复制快照(copySnapshot)

当复制快照的操作完成后,系统会将 copySnapshot 事件发送至您的 Amazon 账户。不过,不会保存、记录或存档该事件。此事件的结果可能是 succeededfailed

如果您要跨区域复制快照,则事件将在目标区域中发出。

事件数据

下面的列表是 EBS 在 copySnapshot 事件成功后发送的 JSON 对象的示例。snapshot_id 的值为新创建快照的 ARN。在 detail 部分,source 的值是源快照的 ARN。startTimeendTime 表示 copy-snapshot 操作的开始和结束时间。incremental 指示快照是否为增量快照(true),或者完整快照(false)。

{ "version": "0", "id": "01234567-0123-0123-0123-012345678901", "detail-type": "EBS Snapshot Notification", "source": "aws.ec2", "account": "123456789012", "time": "yyyy-mm-ddThh:mm:ssZ", "region": "us-east-1", "resources": [ "arn:aws:ec2::us-west-2:snapshot/snap-01234567" ], "detail": { "event": "copySnapshot", "result": "succeeded", "cause": "", "request-id": "", "snapshot_id": "arn:aws:ec2::us-west-2:snapshot/snap-01234567", "source": "arn:aws:ec2::eu-west-1:snapshot/snap-76543210", "startTime": "yyyy-mm-ddThh:mm:ssZ", "endTime": "yyyy-mm-ddThh:mm:ssZ", "incremental": "true" } }

下面的列表是 EBS 在 copySnapshot 事件失败后发送的 JSON 对象的示例。失败原因是源快照 ID 无效。snapshot_id 的值为失败快照的 ARN。在 detail 部分中,source 的值为源快照的 ARN。startTimeendTime 表示 copy-snapshot 操作何时开始以及何时结束。

{ "version": "0", "id": "01234567-0123-0123-0123-012345678901", "detail-type": "EBS Snapshot Notification", "source": "aws.ec2", "account": "123456789012", "time": "yyyy-mm-ddThh:mm:ssZ", "region": "us-east-1", "resources": [ "arn:aws:ec2::us-west-2:snapshot/snap-01234567" ], "detail": { "event": "copySnapshot", "result": "failed", "cause": "Source snapshot ID is not valid", "request-id": "", "snapshot_id": "arn:aws:ec2::us-west-2:snapshot/snap-01234567", "source": "arn:aws:ec2::eu-west-1:snapshot/snap-76543210", "startTime": "yyyy-mm-ddThh:mm:ssZ", "endTime": "yyyy-mm-ddThh:mm:ssZ" } }

共享快照(shareSnapshot)

在其他账户与您的 shareSnapshot 账户共享快照时,系统会将 Amazon 事件发送至您的该账户。不过,不会保存、记录或存档该事件。结果始终是 succeeded

事件数据

下面是 EBS 在 shareSnapshot 事件完成后发送的 JSON 对象的示例。在 detail 部分中,source 的值是与您共享快照的用户的 Amazon 账号。startTimeendTime 表示 share-snapshot 操作何时开始以及何时结束。仅在与其他用户共享私有快照时,系统才会发送 shareSnapshot 事件。共享公有快照不会触发该事件。

{ "version": "0", "id": "01234567-01234-0123-0123-012345678901", "detail-type": "EBS Snapshot Notification", "source": "aws.ec2", "account": "012345678901", "time": "yyyy-mm-ddThh:mm:ssZ", "region": "us-east-1", "resources": [ "arn:aws:ec2::us-west-2:snapshot/snap-01234567" ], "detail": { "event": "shareSnapshot", "result": "succeeded", "cause": "", "request-id": "", "snapshot_id": "arn:aws:ec2::us-west-2:snapshot/snap-01234567", "source": 012345678901, "startTime": "yyyy-mm-ddThh:mm:ssZ", "endTime": "yyyy-mm-ddThh:mm:ssZ" } }

EBS 快照归档事件

Amazon EBS 发出与快照归档操作相关的事件。

EBS 快速快照还原事件

在快照的快速快照还原状态发生变化时,Amazon EBS 向 EventBridge 发送事件。尽最大努力发出事件。

以下是此事件的示例数据。

{ "version": "0", "id": "01234567-0123-0123-0123-012345678901", "detail-type": "EBS Fast Snapshot Restore State-change Notification", "source": "aws.ec2", "account": "123456789012", "time": "yyyy-mm-ddThh:mm:ssZ", "region": "us-east-1", "resources": [ "arn:aws:ec2:us-east-1::snapshot/snap-03a55cf56513fa1b6" ], "detail": { "snapshot-id": "snap-1234567890abcdef0", "state": "optimizing", "zone": "us-east-1a", "message": "Client.UserInitiated - Lifecycle state transition", } }

可能的 state 值为 enablingoptimizingenableddisablingdisabled

message 的可能值如下所示:

Client.InvalidSnapshot.InvalidState - The requested snapshot transitioned to an invalid state (Error)

启用快速快照还原的请求失败,并且状态转换为 disablingdisabled。无法为该快照启用快速快照还原。

Client.UserInitiated

状态成功转换为 enablingdisabling

Client.UserInitiated - Lifecycle state transition

状态成功转换为 optimizingenableddisabled

Server.InsufficientCapacity - There was insufficient capacity available to satisfy the request

由于容量不足而导致启用快速快照还原的请求失败,并且状态转换为 disablingdisabled。等待,然后重试。

Server.InternalError - An internal error caused the operation to fail

由于内部错误而导致启用快速快照还原的请求失败,并且状态转换为 disablingdisabled。等待,然后重试。

Client.InvalidSnapshot.InvalidState - The requested snapshot was deleted or access permissions were revoked

快照的快速快照还原状态已转换为 disablingdisabled,因为快照已被快照所有者删除或取消共享。无法为已删除或不再与您共享的快照启用快速快照还原。

使用 Amazon Lambda 处理 EventBridge 事件

您可以使用 Amazon EBS 和 Amazon EventBridge 自动执行数据备份工作流。这需要您创建 IAM policy、用于处理事件的 Amazon Lambda 函数,以及与传入事件匹配并能将传入事件路由到 Lambda 函数的 EventBridge 规则。

以下过程使用 createSnapshot 事件自动将已完成的快照复制到其他区域,以用于灾难恢复。

将已完成的快照复制到其他区域
  1. 创建 IAM policy(例如以下示例中显示的策略),以便提供使用 CopySnapshot 操作和写入 EventBridge 日志所需的权限。将策略分配给要处理 EventBridge 事件的用户。

    { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "logs:CreateLogGroup", "logs:CreateLogStream", "logs:PutLogEvents" ], "Resource": "arn:aws:logs:*:*:*" }, { "Effect": "Allow", "Action": [ "ec2:CopySnapshot" ], "Resource": "*" } ] }
  2. 在 Lambda 中定义一个可在 EventBridge 控制台中使用的函数。在 Amazon EBS 发送匹配的 createSnapshot 事件时(表示快照已完成),EventBridge 会调用下方在 Node.js 中编写的示例 Lambda 函数。该函数被调用后,它会将快照从 us-east-2 复制到 us-east-1

    // Sample Lambda function to copy an EBS snapshot to a different Region var AWS = require('aws-sdk'); var ec2 = new AWS.EC2(); // define variables var destinationRegion = 'us-east-1'; var sourceRegion = 'us-east-2'; console.log ('Loading function'); //main function exports.handler = (event, context, callback) => { // Get the EBS snapshot ID from the event details var snapshotArn = event.detail.snapshot_id.split('/'); const snapshotId = snapshotArn[1]; const description = `Snapshot copy from ${snapshotId} in ${sourceRegion}.`; console.log ("snapshotId:", snapshotId); // Load EC2 class and update the configuration to use destination Region to initiate the snapshot. AWS.config.update({region: destinationRegion}); var ec2 = new AWS.EC2(); // Prepare variables for ec2.modifySnapshotAttribute call const copySnapshotParams = { Description: description, DestinationRegion: destinationRegion, SourceRegion: sourceRegion, SourceSnapshotId: snapshotId }; // Execute the copy snapshot and log any errors ec2.copySnapshot(copySnapshotParams, (err, data) => { if (err) { const errorMessage = `Error copying snapshot ${snapshotId} to Region ${destinationRegion}.`; console.log(errorMessage); console.log(err); callback(errorMessage); } else { const successMessage = `Successfully started copy of snapshot ${snapshotId} to Region ${destinationRegion}.`; console.log(successMessage); console.log(data); callback(null, successMessage); } }); };

    为确保您的 Lambda 函数在 EventBridge 控制台中可用,请在将发生 EventBridge 事件的区域中创建该函数。有关更多信息,请参见Amazon Lambda 开发人员指南

  3. 访问 https://console.aws.amazon.com/events/,打开 Amazon EventBridge 控制台。

  4. 在导航窗格中,选择规则,然后选择创建规则

  5. 对于 Step 1: Define rule detail(步骤 1:定义规则详细信息),请执行以下操作:

    1. Name(名称)和 Description(描述)输入值。

    2. 对于 Event bus(事件总线),保持 default(默认)。

    3. 确保 Enable the rule on the selected event bus(在选定的事件总线上启用该规则)已开启。

    4. 对于 Event type(事件类型),选择 Rule with an event pattern(具有事件模式的规则)。

    5. 选择下一步

  6. 对于 Step 2: Build event pattern(步骤 2:构建事件模式),执行以下操作:

    1. 对于事件源,选择 Amazon 事件或 EventBridge 合作伙伴事件

    2. 事件模式部分,对于事件源,请确保选择 Amazon 服务,对于 Amazon 服务,选择 EC2

    3. 对于事件类型,选择 EBS 快照通知,选择特定事件,然后选择 createSnapshot

    4. 选择特定结果,然后选择已成功

    5. 选择下一步

  7. 对于 Step 3: Select targets(步骤 3:选择目标),请执行以下操作:

    1. 对于目标类型,选择Amazon 服务

    2. 对于 Select target(选择目标),选择 Lambda function(Lambda 函数),对于 Function(函数),选择之前创建的函数。

    3. 选择 Next(下一步)。

  8. 对于 Step 4: Configure tags(步骤 4:配置标签),如果需要,为规则指定标签,然后选择 Next(下一步)。

  9. 对于 Step 5: Review and create(步骤 5:查看并创建),查看规则,然后选择 Create rule(创建规则)。

现在,您的规则应该会显示在规则选项卡中。在所示的示例中,当您下次复制快照时,EBS 应该会发送您所配置的事件。