Last active
July 14, 2016 15:42
-
-
Save jobbin/852d278f4ea689526de2d8960f3d4485 to your computer and use it in GitHub Desktop.
[ AWSセキュリティ担当者必見] Config Rules 、Lambda、SNSによる中央集権型の管理統制について----<データ編> ref: http://qiita.com/jobbin/items/5e6bdb9ba5fff4bf0d5b
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"version": "1.0", | |
"invokingEvent": "{ | |
\"configurationItemDiff\":{}, | |
\"configurationItem\":{ | |
\"configurationItemVersion\":\"1.2\", | |
\"relatedEvents\":[\"a46a2a05-b61d-4e01-903c-c396001b6150\"], | |
\"relationships\":[], | |
\"configuration\":{}, | |
\"supplementaryConfiguration\":{}, | |
\"tags\":{}, | |
\"configurationItemCaptureTime\":\"2016-07-14T14:12:56.439Z\", | |
\"configurationStateId\":43, | |
\"awsAccountId\":\"**********\", | |
\"configurationItemStatus\":\"OK\", | |
\"resourceType\":\"AWS::CloudTrail::Trail\", | |
\"resourceId\":\"Cloud-Trail\", | |
\"resourceName\":null, | |
\"ARN\":\"arn:aws:cloudtrail:us-east-1:**********:trail/Cloud-Trail\", | |
\"awsRegion\":\"us-east-1\", | |
\"availabilityZone\":\"Regional\", | |
\"configurationStateMd5Hash\":\"86e1f7bf6caa764267a918a160086d79\", | |
\"resourceCreationTime\":null | |
}, | |
\"notificationCreationTime\":\"2016-07-14T14:12:56.553Z\", | |
\"messageType\":\"ConfigurationItemChangeNotification\", | |
\"recordVersion\":\"1.2\" | |
}", | |
"ruleParameters": "{\"executionRole\":\"arn:aws:iam::**********:role/config-rules-admin\"}", | |
"resultToken": "**********", | |
"eventLeftScope": false, | |
"executionRoleArn": "arn:aws:iam::**********:role/config-role", | |
"configRuleArn": "arn:aws:config:us-east-1:**********:config-rule/config-rule-asdspc", | |
"configRuleName": "CloudTrail-LogValidation-Enabled", | |
"configRuleId": "config-rule-asdspc", | |
"accountId": "**********" | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"expired": true, | |
"expireTime": null, | |
"masterCredentials": { | |
"expired": false, | |
"expireTime": null, | |
"accessKeyId": "ASI*****HVNBBA", | |
"sessionToken": "***************" | |
"envPrefix": "AWS" | |
}, | |
"params": { | |
"RoleArn": "arn:aws:iam::********:role/config-rules-admin", | |
"RoleSessionName": "temporary-credentials" | |
} | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"Evaluations": [ | |
{ | |
"ComplianceResourceType": "AWS::CloudTrail::Trail", | |
"ComplianceResourceId": "Cloud-Trail", | |
"ComplianceType": "NON_COMPLIANT / COMPLIANT", | |
"OrderingTimestamp": "2016-07-14T14:12:56.439Z" | |
} | |
], | |
"ResultToken": "**********" | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"awsAccountId": "", | |
"configRuleName": "", | |
"configRuleARN": "arn:aws:config:*********:config-rule/config-rule-asdspc", | |
"resourceType": "AWS::CloudTrail::Trail", | |
"resourceId": "Cloud-Trail", | |
"awsRegion": "us-east-1", | |
"newEvaluationResult": { | |
"evaluationResultIdentifier": { | |
"evaluationResultQualifier": { | |
"configRuleName": "CloudTrail-LogValidation-Enabled", | |
"resourceType": "AWS::CloudTrail::Trail", | |
"resourceId": "Cloud-Trail" | |
}, | |
"orderingTimestamp": "" | |
}, | |
"complianceType": "COMPLIANT / NON_COMPLIANT", | |
"resultRecordedTime": "2016-07-10T14:36:46.619Z", | |
"configRuleInvokedTime": "2016-07-10T14:36:44.212Z", | |
"annotation": null, | |
"resultToken": null | |
}, | |
"oldEvaluationResult": {}, | |
"notificationCreationTime": "2016-07-10T13:32:30.059Z", | |
"messageType": "ComplianceChangeNotification", | |
"recordVersion": "1.0" | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"configurationItemDiff": { | |
"changedProperties": { | |
"Configuration.LogFileValidationEnabled": { | |
"previousValue": false, | |
"updatedValue": true, | |
"changeType": "UPDATE" | |
} | |
}, | |
"changeType": "UPDATE" | |
}, | |
"configurationItem": { | |
"configurationItemVersion": "1.2", | |
"relatedEvents": [ | |
"0dfe96fa-3fdd-493d-a558-1247d3bc6495" | |
], | |
"relationships": [], | |
"configuration": { | |
"name": "Cloud-Trail", | |
"s3BucketName": "******", | |
"s3KeyPrefix": null, | |
"snsTopicName": null, | |
"includeGlobalServiceEvents": true, | |
"isMultiRegionTrail": true, | |
"homeRegion": "us-east-1", | |
"trailARN": "arn:aws:cloudtrail:us-east-1:*********:trail/Cloud-Trail", | |
"logFileValidationEnabled": true, | |
"cloudWatchLogsLogGroupArn": null, | |
"cloudWatchLogsRoleArn": null, | |
"kmsKeyId": null | |
}, | |
"supplementaryConfiguration": {}, | |
"tags": {}, | |
"configurationItemCaptureTime": "2016-07-10T10:36:46.701Z", | |
"configurationStateId": 20, | |
"awsAccountId": "*********", | |
"configurationItemStatus": "OK", | |
"resourceType": "AWS::CloudTrail::Trail", | |
"resourceId": "Cloud-Trail", | |
"resourceName": null, | |
"ARN": "arn:aws:cloudtrail:us-east-1:*********:trail/Cloud-Trail", | |
"awsRegion": "us-east-1", | |
"availabilityZone": "Regional", | |
"configurationStateMd5Hash": "fe86053064517dc0c824e900db241935", | |
"resourceCreationTime": null | |
}, | |
"notificationCreationTime": "2016-07-10T10:36:46.799Z", | |
"messageType": "ConfigurationItemChangeNotification", | |
"recordVersion": "1.2" | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"configSnapshotId": "", | |
"notificationCreationTime": "", | |
"messageType": "ConfigurationSnapshotDeliveryStarted", | |
"recordVersion": "" | |
} | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"configSnapshotId": "", | |
"s3ObjectKey": "", | |
"s3Bucket": "", | |
"notificationCreationTime": "", | |
"messageType": "ConfigurationSnapshotDeliveryCompleted", | |
"recordVersion": "" | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"s3ObjectKey": "", | |
"s3Bucket": "", | |
"notificationCreationTime": "", | |
"messageType": "ConfigurationHistoryDeliveryCompleted", | |
"recordVersion": "" | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment