• AWS Systems Manager CloudWatch 控制面板在 2026 年 4 月 30 日之后将不再可用。客户可以像现在一样继续使用 Amazon CloudWatch 控制台来查看、创建和管理其 Amazon CloudWatch 控制面板。有关更多信息,请参阅 [Amazon CloudWatch 控制面板文档](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch_Dashboards.html)。
# 使用 Amazon EventBridge 监控 Systems Manager 事件
Amazon EventBridge 是一种无服务器事件总线服务,使您能够将应用程序与来自多种来源的数据连接起来。EventBridge 可以从您自己的应用程序、软件即服务(SaaS)应用程序和 AWS 服务传输实时数据流,然后将该数据路由到诸如 AWS Lambda 之类的目标。您可以设置路由规则来确定发送数据的目的地,以便构建能够实时响应所有数据源的应用程序架构。借助 EventBridge,您可以构建松耦合和分布式的事件驱动型架构。
EventBridge 以前称为 Amazon CloudWatch Events。EventBridge 包含新的功能,让您能够从 SaaS 合作伙伴和您自己的应用程序接收事件。现有 CloudWatch Events 用户可以在新的 EventBridge 控制台和 CloudWatch Events 控制台中访问其现有的默认总线、规则和事件。EventBridge 使用相同的 CloudWatch Events API,因此您现有的所有 CloudWatch Events API 使用方式保持不变。
EventBridge 可以将来自数十种 AWS 服务的事件添加到您的规则中,并可将 20 多种 AWS 服务添加为目标。
EventBridge 提供对 AWS Systems Manager 事件和 Systems Manager 目标的支持。
**受支持的 Systems Manager 事件类型**
EventBridge 可以检测到多种类型的 Systems Manager 事件,其中包括:
+ 用于手动审批的即时节点访问请求状态更新。
+ 即时节点访问请求失败。
+ 维护时段结束。
+ 自动化工作流成功完成。Automation 是 AWS Systems Manager 中的一项工具。
+ 托管式节点不符合补丁合规性要求。
+ 正在更新参数值。
EventBridge 支持来自以下 AWS Systems Manager 工具的事件:
+ 即时节点访问(尽最大努力发出事件。)
+ 自动化(尽最大努力发出事件。)
+ Change Calendar(尽最大努力发出事件。)
+ 合规性
+ Inventory(尽最大努力发出事件。)
+ Maintenance Windows(尽最大努力发出事件。)
+ Parameter Store(尽最大努力发出事件。)
+ Run Command(尽最大努力发出事件。)
+ State Manager(尽最大努力发出事件。)
有关受支持的 Systems Manager 事件类型的完整详细信息,请参阅[引用:Amazon EventBridge 事件模式和 Systems Manager 类型](reference-eventbridge-events.md)和[适用于 Systems Manager 的 Amazon EventBridge 事件示例](monitoring-systems-manager-event-examples.md)。
**受支持的 Systems Manager 目标类型**
EventBridge 支持以下三项 Systems Manager 工具作为事件规则的目标:
+ 运行自动化工作流
+ 运行 Run Command 命令文档(尽最大努力发出事件。)
+ 创建 OpsCenter OpsItem
有关使用这些目标的建议方法,请参阅 [示例场景:Amazon EventBridge 规则中的 Systems Manager 目标](monitoring-systems-manager-targets.md)。
有关如何开始使用 EventBridge 并设置规则的更多信息,请参阅 *Amazon EventBridge 用户指南*中的 [Amazon EventBridge 入门](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-get-started.html)。有关使用 EventBridge 的完整信息,请参阅 [Amazon EventBridge 用户指南](https://docs.aws.amazon.com/eventbridge/latest/userguide/)**。
**Topics**
+ [为 Systems Manager 事件配置 EventBridge](monitoring-systems-manager-events.md)
+ [适用于 Systems Manager 的 Amazon EventBridge 事件示例](monitoring-systems-manager-event-examples.md)
+ [示例场景:Amazon EventBridge 规则中的 Systems Manager 目标](monitoring-systems-manager-targets.md)
# 为 Systems Manager 事件配置 EventBridge
当支持的 AWS Systems Manager 状态变更或其他情况发生时,您可以使用 Amazon EventBridge 执行目标事件。您可以创建一个规则,只要状态发生转换或者在转换到一个或多个所关注的目标状态时,就运行此规则。
以下过程提供了创建 EventBridge 规则的一般步骤,当 Systems Manager 发出指定事件时,此规则便会生效。有关本用户指南中解决特定场景的过程列表,请参阅本主题末尾的**更多信息**。
**注意**
当您的 AWS 账户 中的某个服务发出一个事件时,它始终会发送到您账户的默认事件总线。要编写一个规则来响应来自您账户中的 AWS 服务的事件,请将此规则与默认事件总线相关联。您可以在自定义事件总线上创建规则,以查找来自 AWS 服务的事件,但只有当您通过跨账户事件传输从其他账户收到此类事件时,此规则才会生效。有关更多信息,请参阅 *Amazon EventBridge 用户指南*中的[在 AWS 账户 之间发送和接收 Amazon EventBridge 事件](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-cross-account.html)。
**为 Systems Manager 事件配置 EventBridge**
1. 打开位于 [https://console.aws.amazon.com/events/](https://console.aws.amazon.com/events/) 的 Amazon EventBridge 控制台。
1. 在导航窗格中,选择**规则**。
1. 选择**创建规则**。
1. 为规则输入名称和描述。
规则不能与同一 AWS 区域中和同一事件总线上的另一条规则的名称相同。
1. 对于**事件总线**,请选择要与此规则关联的事件总线。如果您希望此规则响应来自您自己的 AWS 账户的匹配事件,请选择 **defaul**(默认)。当您账户中的某个 AWS 服务发出一个事件时,它始终会发送到您账户的默认事件总线。
1. 对于**规则类型**,选择**具有事件模式的规则**。
1. 选择**下一步**。
1. 对于**事件源**,选择**AWS 事件或 EventBridge 合作伙伴事件**。
1. 在 **Event pattern**(事件模式)部分,选择 **Event pattern form**(事件模式表单)。
1. 对于**事件源**,选择**AWS 服务**。
1. 对于 ** service**(AWS 服务),选择 **Systems Manager**。
1. 对于 **Event type (事件类型)**,执行以下操作之一:
+ 选择 **All Events (所有事件)**。
如果您选择 **All Events (所有事件)**,则 Systems Manager 发出的所有事件都将匹配此规则。请注意,此选项可能会导致许多事件目标操作。
+ 选择要用于此规则的 Systems Manager 事件类型。EventBridge 支持来自以下 AWS Systems Manager 工具的事件:
+ 自动化
+ Change Calendar
+ 合规性
+ Inventory(清单)
+ Maintenance Windows
+ Parameter Store
+ Run Command
+ State Manager
**注意**
对于 EventBridge 不支持的 Systems Manager 操作,您可以通过 CloudTrail 选择 AWS API 调用,以创建基于 API 调用的事件规则,此类调用由 CloudTrail 记录。有关示例,请参阅 [使用 Amazon EventBridge 监控会话活动(控制台)](session-manager-auditing.md#session-manager-auditing-eventbridge-events)。
1. (可选)要使规则更具体,请添加筛选条件值。例如,假设 您选择了**State Manager** 并希望将规则限定为某个关联所针对单个托管式实例的状态,则对于 **Specific type(s)**(特定类型),请选择 **EC2 State Manager Instance Association State Change**(EC2 State Manager 实例关联状态更改)。
有关受支持的详细类型的完整详细信息,请参阅 [引用:Amazon EventBridge 事件模式和 Systems Manager 类型](reference-eventbridge-events.md)。
某些详情类型还有其他受支持的选项,例如状态。可用选项取决于您选择的具体工具。
1. 选择**下一步**。
1. 对于**目标类型**,选择**AWS 服务**。
1. 对于 **Select a target**(选择一个目标),请选择一个目标,例如某个 Amazon SNS 主题或 AWS Lambda 函数。在收到与规则中定义的事件模式匹配的事件时将触发目标。
1. 对于许多目标类型,EventBridge 需要权限以便将事件发送到目标。在这些情况下,EventBridge 可以创建运行规则所需的 AWS Identity and Access Management (IAM) 角色:
+ 若要自动创建 IAM 角色,请选择 **Create a new role for this specific resource (为此特定资源创建新角色)**。
+ 要使用您之前创建的 IAM 角色,请选择 **Use existing role(使用现有角色)**。
1. (可选)选择 **Add another target**(添加其他目标),以为此规则添加其他目标。
1. 选择**下一步**。
1. (可选)为规则输入一个或多个标签。有关更多信息,请参阅《Amazon EventBridge 用户指南》**中的 [Amazon EventBridge 标签](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-tagging.html)。
1. 选择**下一步**。
1. 查看规则详细信息并选择**创建规则**。
**更多信息**
+ [创建使用运行手册(控制台)的 EventBridge 事件](running-automations-event-bridge.md#automation-cwe-target-console)
+ [使用输入变压器将数据传递到 Automation](automation-tutorial-eventbridge-input-transformers.md)
+ [使用 EventBridge 修复合规性问题](compliance-fixing.md)
+ [在 EventBridge 中查看清单删除操作](inventory-custom.md#delete-custom-inventory-cwe)
+ [配置 EventBridge 规则以创建 OpsItems](OpsCenter-automatically-create-OpsItems-2.md)
+ [为参数和参数策略配置 Eventbridge 规则](sysman-paramstore-cwe.md#cwe-parameter-changes)
# 适用于 Systems Manager 的 Amazon EventBridge 事件示例
以下是 AWS Systems Manager 支持的 EventBridge 事件的 JSON 格式示例。
**Topics**
+ [AWS Systems Manager自动化事件](#SSM-Automation-event-types)
+ [AWS Systems ManagerEventsChange Calendar](#SSM-Change-Management-event-types)
+ [AWS Systems ManagerEventsChange Manager](#SSM-Change-Manager-event-types)
+ [AWS Systems Manager 合规性事件](#SSM-Configuration-Compliance-event-types)
+ [AWS Systems ManagerEventsMaintenance Windows](#EC2_maintenance_windows_event_types)
+ [AWS Systems ManagerEventsParameter Store](#SSM-Parameter-Store-event-types)
+ [AWS Systems ManagerEventsOpsCenter](#SSM-OpsCenter-event-types)
+ [AWS Systems ManagerEventsRun Command](#SSM-Run-Command-event-types)
+ [AWS Systems ManagerEventsState Manager](#SSM-State-Manager-event-types)
## AWS Systems Manager自动化事件
**自动化步骤状态更改通知**
```
{
"version": "0",
"id": "eeca120b-a321-433e-9635-dab369006a6b",
"detail-type": "EC2 Automation Step Status-change Notification",
"source": "aws.ssm",
"account": "123456789012",
"time": "2024-11-29T19:43:35Z",
"region": "us-east-1",
"resources": ["arn:aws:ssm:us-east-2:123456789012:automation-execution/333ba70b-2333-48db-b17e-a5e69c6f4d1c",
"arn:aws:ssm:us-east-2:123456789012:automation-definition/runcommand1:1"],
"detail": {
"ExecutionId": "333ba70b-2333-48db-b17e-a5e69c6f4d1c",
"Definition": "runcommand1",
"DefinitionVersion": 1.0,
"Status": "Success",
"EndTime": "Nov 29, 2024 7:43:25 PM",
"StartTime": "Nov 29, 2024 7:43:23 PM",
"Time": 2630.0,
"StepName": "runFixedCmds",
"Action": "aws:runCommand"
}
}
```
**自动化执行状态更改通知**
```
{
"version": "0",
"id": "d290ece9-1088-4383-9df6-cd5b4ac42b99",
"detail-type": "EC2 Automation Execution Status-change Notification",
"source": "aws.ssm",
"account": "123456789012",
"time": "2024-11-29T19:43:35Z",
"region": "us-east-2",
"resources": ["arn:aws:ssm:us-east-2:123456789012:automation-execution/333ba70b-2333-48db-b17e-a5e69c6f4d1c",
"arn:aws:ssm:us-east-2:123456789012:automation-definition/runcommand1:1"],
"detail": {
"ExecutionId": "333ba70b-2333-48db-b17e-a5e69c6f4d1c",
"Definition": "runcommand1",
"DefinitionVersion": 1.0,
"Status": "Success",
"StartTime": "Nov 29, 2024 7:43:20 PM",
"EndTime": "Nov 29, 2024 7:43:26 PM",
"Time": 5753.0,
"ExecutedBy": "arn:aws:iam::123456789012:user/userName"
}
}
```
## AWS Systems ManagerEventsChange Calendar
使用本主题中的信息来规划和了解 AWS Systems Manager Change Calendar 的 EventBridge 事件的行为。
**注意**
目前不支持更改从其他 AWS 账户共享的日历的状态。
### Change Calendar 与 Amazon EventBridge 集成
AWS Systems Manager Change Calendar 与 Amazon EventBridge 集成,用于通知您日历状态的变化。请注意以下与底层调度架构相关的行为:
事件计时和可靠性
+ EventBridge 会尽力发送通知,调度容差最多 15 分钟。
+ 状态变更事件反映整体日历状态转换,而不是单个日历事件。
+ 当多个日历事件同时发生时,EventBridge 只会为每个实际日历状态变更生成一个事件。
+ EventBridge 仅在日历的整体状态转换(例如,从“关闭”变为“打开”)时触发事件,而不会针对未导致状态变更的单个日历事件触发事件。
+ 不会修改日历状态的咨询事件不会触发 EventBridge 通知。
事件修改和计时注意事项
+ 如果在日历事件预定开始或结束时间的 15 分钟内修改日历事件,EventBridge 可能会生成重复通知或错过通知。
+ 出现此行为的原因是调度系统可能没有足够的时间正确更新或取消之前安排的通知。
+ 对于重复事件,此行为通常仅影响修改后的第一次事件。
相邻和重叠事件
+ 当日历事件的安排间隔不超过 5 分钟时,状态转换事件可能会发生,也可能不会发生,具体取决于实际状态变更。
+ 即使没有发生实际状态变更,按特定顺序创建重叠事件也可能会生成额外 EventBridge 事件。
+ 为确保行为的可预测性,请避免在接近执行时间的位置创建或修改日历事件。
最佳实践
+ 设计 EventBridge 规则和下游自动化,以处理潜在的重复事件。
+ 在自动化工作流中实现幂等性,以防止重复通知导致的问题。
+ 创建或修改日历事件时,请留出充足的准备时间(至少 15 分钟)。
+ 使用特定的日历事件模式全面测试 EventBridge 集成。
**日历开放**
```
{
"version": "0",
"id": "47a3f03a-f30d-1011-ac9a-du3bdEXAMPLE",
"detail-type": "Calendar State Change",
"source": "aws.ssm",
"account": "123456789012",
"time": "2024-09-19T18:00:07Z",
"region": "us-east-2",
"resources": [
"arn:aws:ssm:us-east-2:123456789012:document/MyCalendar"
],
"detail": {
"state": "OPEN",
"atTime": "2024-09-19T18:00:07Z",
"nextTransitionTime": "2024-10-11T18:00:07Z"
}
}
```
**日历关闭**
```
{
"version": "0",
"id": "f30df03a-1011-ac9a-47a3-f761eEXAMPLE",
"detail-type": "Calendar State Change",
"source": "aws.ssm",
"account": "123456789012",
"time": "2024-09-17T21:40:02Z",
"region": "us-east-2",
"resources": [
"arn:aws:ssm:us-east-2:123456789012:document/MyCalendar"
],
"detail": {
"state": "CLOSED",
"atTime": "2024-08-17T21:40:00Z",
"nextTransitionTime": "2024-09-19T18:00:07Z"
}
}
```
## AWS Systems ManagerEventsChange Manager
**更改请求状态更新通知 – 示例 1**
```
{
"version": "0",
"id": "feab80c1-a8ff-c721-b8b1-96ce70939696",
"detail-type": "Change Request Status Update",
"source": "aws.ssm",
"account": "123456789012",
"time": "2024-10-24T10:51:52Z",
"region": "us-east-1",
"resources": [
"arn:aws:ssm:us-west-2:123456789012:opsitem/oi-12345abcdef",
"arn:aws:ssm:us-west-2:123456789012:document/MyRunbook1"
],
"detail": {
"change-request-id": "d0585556-80f6-4522-8dad-dada6d45b67d",
"change-request-title": "A change request title",
"ops-item-id": "oi-12345abcdef",
"ops-item-created-by": "arn:aws:iam::123456789012:user/JohnDoe",
"ops-item-created-time": "2024-10-24T10:50:33.180334Z",
"ops-item-modified-by": "arn:aws:iam::123456789012:user/JohnDoe",
"ops-item-modified-time": "2024-10-24T10:50:33.180340Z",
"ops-item-status": "InProgress",
"change-template-document-name": "MyChangeTemplate",
"runbook-document-arn": "arn:aws:ssm:us-west-2:123456789012:document/MyRunbook1",
"runbook-document-version": "1",
"auto-approve": true,
"approvers": [
"arn:aws:iam::123456789012:user/JaneDoe"
]
}
}
```
**更改请求状态更新通知 – 示例 2**
```
{
"version": "0",
"id": "25ce6b03-2e4e-1a2b-2a8f-6c9de8d278d2",
"detail-type": "Change Request Status Update",
"source": "aws.ssm",
"account": "123456789012",
"time": "2024-10-24T10:51:52Z",
"region": "us-east-1",
"resources": [
"arn:aws:ssm:us-west-2:123456789012:opsitem/oi-abcdef12345",
"arn:aws:ssm:us-west-2:123456789012:document/MyRunbook1"
],
"detail": {
"change-request-id": "d0585556-80f6-4522-8dad-dada6d45b67d",
"change-request-title": "A change request title",
"ops-item-id": "oi-abcdef12345",
"ops-item-created-by": "arn:aws:iam::123456789012:user/JohnDoe",
"ops-item-created-time": "2024-10-24T10:50:33.180334Z",
"ops-item-modified-by": "arn:aws:iam::123456789012:user/JohnDoe",
"ops-item-modified-time": "2024-10-24T10:50:33.997163Z",
"ops-item-status": "Rejected",
"change-template-document-name": "MyChangeTemplate",
"runbook-document-arn": "arn:aws:ssm:us-west-2:123456789012:document/MyRunbook1",
"runbook-document-version": "1",
"auto-approve": true,
"approvers": [
"arn:aws:iam::123456789012:user/JaneDoe"
]
}
}
```
## AWS Systems Manager 合规性事件
以下是 AWS Systems Manager 合规性事件的示例。
**关联合规**
```
{
"version": "0",
"id": "01234567-0123-0123-0123-012345678901",
"detail-type": "Configuration Compliance State Change",
"source": "aws.ssm",
"account": "123456789012",
"time": "2024-07-17T19:03:26Z",
"region": "us-east-2",
"resources": [
"arn:aws:ssm:us-east-2:123456789012:managed-instance/i-01234567890abcdef"
],
"detail": {
"last-runtime": "2024-01-01T10:10:10Z",
"compliance-status": "compliant",
"resource-type": "managed-instance",
"resource-id": "i-01234567890abcdef",
"compliance-type": "Association"
}
}
```
**关联不合规**
```
{
"version": "0",
"id": "01234567-0123-0123-0123-012345678901",
"detail-type": "Configuration Compliance State Change",
"source": "aws.ssm",
"account": "123456789012",
"time": "2024-07-17T19:02:31Z",
"region": "us-east-2",
"resources": [
"arn:aws:ssm:us-east-2:123456789012:managed-instance/i-01234567890abcdef"
],
"detail": {
"last-runtime": "2024-01-01T10:10:10Z",
"compliance-status": "non_compliant",
"resource-type": "managed-instance",
"resource-id": "i-01234567890abcdef",
"compliance-type": "Association"
}
}
```
**补丁合规**
```
{
"version": "0",
"id": "01234567-0123-0123-0123-012345678901",
"detail-type": "Configuration Compliance State Change",
"source": "aws.123456789012",
"account": "123456789012",
"time": "2024-07-17T19:03:26Z",
"region": "us-east-2",
"resources": [
"arn:aws:ssm:us-east-2:123456789012:managed-instance/i-01234567890abcdef"
],
"detail": {
"resource-type": "managed-instance",
"resource-id": "i-01234567890abcdef",
"compliance-status": "compliant",
"compliance-type": "Patch",
"patch-baseline-id": "PB789",
"severity": "critical"
}
}
```
**补丁不合规**
```
{
"version": "0",
"id": "01234567-0123-0123-0123-012345678901",
"detail-type": "Configuration Compliance State Change",
"source": "aws.ssm",
"account": "123456789012",
"time": "2024-07-17T19:02:31Z",
"region": "us-east-2",
"resources": [
"arn:aws:ssm:us-east-2:123456789012:managed-instance/i-01234567890abcdef"
],
"detail": {
"resource-type": "managed-instance",
"resource-id": "i-01234567890abcdef",
"compliance-status": "non_compliant",
"compliance-type": "Patch",
"patch-baseline-id": "PB789",
"severity": "critical"
}
}
```
## AWS Systems ManagerEventsMaintenance Windows
以下是 Systems Manager Maintenance Windows 事件的示例。
**注册目标**
有效状态值包括 `REGISTERED` 和 `DEREGISTERED`。
```
{
"version":"0",
"id":"01234567-0123-0123-0123-0123456789ab",
"detail-type":"Maintenance Window Target Registration Notification",
"source":"aws.ssm",
"account":"123456789012",
"time":"2024-11-16T00:58:37Z",
"region":"us-east-2",
"resources":[
"arn:aws:ssm:us-east-2:123456789012:maintenancewindow/mw-0ed7251d3fcf6e0c2",
"arn:aws:ssm:us-east-2:123456789012:windowtarget/e7265f13-3cc5-4f2f-97a9-7d3ca86c32a6"
],
"detail":{
"window-target-id":"e7265f13-3cc5-4f2f-97a9-7d3ca86c32a6",
"window-id":"mw-0ed7251d3fcf6e0c2",
"status":"REGISTERED"
}
}
```
**时段执行类型**
有效状态值如下所示:
+ `CANCELLED`
+ `CANCELLING`
+ `FAILED`
+ `IN_PROGRESS`
+ `PENDING`
+ `SKIPPED_OVERLAPPING`
+ `SUCCESS TIMED_OUT`
```
{
"version":"0",
"id":"01234567-0123-0123-0123-0123456789ab",
"detail-type":"Maintenance Window Execution State-change Notification",
"source":"aws.ssm",
"account":"123456789012",
"time":"2025-06-02T14:52:18Z",
"region":"us-east-2",
"resources":[
"arn:aws:ssm:us-east-2:123456789012:maintenancewindow/mw-0c50858d01EXAMPLE"
],
"detail":{
"start-time":"2025-06-02T14:48:28.039273Z",
"end-time":"2025-06-02T14:52:18.083773Z",
"window-id":"mw-0ed7251d3fcf6e0c2",
"window-execution-id":"14bea65d-5ccc-462d-a2f3-e99c8EXAMPLE",
"status":"SUCCESS"
}
}
```
**任务执行类型**
有效状态值包括 `IN_PROGRESS`、`SUCCESS`、`FAILED` 和 `TIMED_OUT`。
```
{
"version":"0",
"id":"01234567-0123-0123-0123-0123456789ab",
"detail-type":"Maintenance Window Task Execution State-change Notification",
"source":"aws.ssm",
"account":"123456789012",
"time":"2025-06-02T14:52:18Z",
"region":"us-east-2",
"resources":[
"arn:aws:ssm:us-east-2:123456789012:maintenancewindow/mw-0c50858d01EXAMPLE"
],
"detail":{
"start-time":"2025-06-02T14:48:28.039273Z",
"task-execution-id":"6417e808-7f35-4d1a-843f-123456789012",
"end-time":"2025-06-02T14:52:18.083773Z",
"window-id":"mw-0ed7251d3fcf6e0c2",
"window-execution-id":"14bea65d-5ccc-462d-a2f3-e99c8EXAMPLE",
"status":"SUCCESS"
}
}
```
**已处理的任务目标**
有效状态值包括 `IN_PROGRESS`、`SUCCESS`、`FAILED` 和 `TIMED_OUT`。
```
{
"version":"0",
"id":"01234567-0123-0123-0123-0123456789ab",
"detail-type":"Maintenance Window Task Target Invocation State-change Notification",
"source":"aws.ssm",
"account":"123456789012",
"time":"2025-06-02T14:52:18Z",
"region":"us-east-2",
"resources":[
"arn:aws:ssm:us-east-2:123456789012:maintenancewindow/mw-123456789012345678"
],
"detail":{
"start-time":"2025-06-02T14:48:28.039273Z",
"end-time":"2025-06-02T14:52:18.083773Z",
"window-id":"mw-0ed7251d3fcf6e0c2",
"window-execution-id":"791b72e0-f0da-4021-8b35-f95dfEXAMPLE",
"task-execution-id":"c9b05aba-197f-4d8d-be34-e73fbEXAMPLE",
"window-target-id":"e32eecb2-646c-4f4b-8ed1-205fbEXAMPLE",
"status":"SUCCESS",
"owner-information":"Owner"
}
}
```
**时段状态更改**
有效状态值包括 `ENABLED` 和 `DISABLED`。
```
{
"version":"0",
"id":"01234567-0123-0123-0123-0123456789ab",
"detail-type":"Maintenance Window State-change Notification",
"source":"aws.ssm",
"account":"123456789012",
"time":"2024-11-16T00:58:37Z",
"region":"us-east-2",
"resources":[
"arn:aws:ssm:us-east-2:123456789012:maintenancewindow/mw-0c50858d01EXAMPLE"
],
"detail":{
"window-id":"mw-0c50858d01EXAMPLE",
"status":"DISABLED"
}
}
```
## AWS Systems ManagerEventsParameter Store
以下是 Systems Manager Parameter Store 事件的示例。
**创建参数**
```
{
"version": "0",
"id": "6a7e4feb-b491-4cf7-a9f1-bf3703497718",
"detail-type": "Parameter Store Change",
"source": "aws.ssm",
"account": "123456789012",
"time": "2024-05-22T16:43:48Z",
"region": "us-east-2",
"resources": [
"arn:aws:ssm:us-east-2:123456789012:parameter/MyExampleParameter"
],
"detail": {
"operation": "Create",
"name": "MyExampleParameter",
"type": "String",
"description": "Sample Parameter"
}
}
```
**更新参数**
```
{
"version": "0",
"id": "9547ef2d-3b7e-4057-b6cb-5fdf09ee7c8f",
"detail-type": "Parameter Store Change",
"source": "aws.ssm",
"account": "123456789012",
"time": "2024-05-22T16:44:48Z",
"region": "us-east-2",
"resources": [
"arn:aws:ssm:us-east-2:123456789012:parameter/MyExampleParameter"
],
"detail": {
"operation": "Update",
"name": "MyExampleParameter",
"type": "String",
"description": "Sample Parameter"
}
}
```
**删除参数**
```
{
"version": "0",
"id": "80e9b391-6a9b-413c-839a-453b528053af",
"detail-type": "Parameter Store Change",
"source": "aws.ssm",
"account": "123456789012",
"time": "2024-05-22T16:45:48Z",
"region": "us-east-2",
"resources": [
"arn:aws:ssm:us-east-2:123456789012:parameter/MyExampleParameter"
],
"detail": {
"operation": "Delete",
"name": "MyExampleParameter",
"type": "String",
"description": "Sample Parameter"
}
}
```
## AWS Systems ManagerEventsOpsCenter
**OpsCenter OpsItem 创建通知**
```
{
"version": "0",
"id": "aae66adc-7aac-f0c0-7854-7691e8c079b8",
"detail-type": "OpsItem Create",
"source": "aws.ssm",
"account": "123456789012",
"time": "2024-10-19T02:48:11Z",
"region": "us-east-1",
"resources": [
"arn:aws:ssm:us-west-2:123456789012:opsitem/oi-123456abcdef"
],
"detail": {
"created-by": "arn:aws:iam::123456789012:user/JohnDoe",
"created-time": "2024-10-19T02:46:53.629361Z",
"source": "aws.ssm",
"status": "Open",
"ops-item-id": "oi-123456abcdef",
"title": "An issue title",
"ops-item-type": "/aws/issue",
"description": "A long description may appear here"
}
}
```
**OpsCenter OpsItem 更新通知**
```
{
"version": "0",
"id": "2fb5b168-b725-41dd-a890-29311200089c",
"detail-type": "OpsItem Update",
"source": "aws.ssm",
"account": "123456789012",
"time": "2024-10-19T02:48:11Z",
"region": "us-east-1",
"resources": [
"arn:aws:ssm:us-west-2:123456789012:opsitem/oi-123456abcdef"
],
"detail": {
"created-by": "arn:aws:iam::123456789012:user/JohnDoe",
"created-time": "2024-10-19T02:46:54.049271Z",
"modified-by": "arn:aws:iam::123456789012:user/JohnDoe",
"modified-time": "2024-10-19T02:46:54.337354Z",
"source": "aws.ssm",
"status": "Open",
"ops-item-id": "oi-123456abcdef",
"title": "An issue title",
"ops-item-type": "/aws/issue",
"description": "A long description may appear here"
}
}
```
## AWS Systems ManagerEventsRun Command
**Run Command 状态更改通知**
```
{
"version": "0",
"id": "51c0891d-0e34-45b1-83d6-95db273d1602",
"detail-type": "EC2 Command Status-change Notification",
"source": "aws.ssm",
"account": "123456789012",
"time": "2024-07-10T21:51:32Z",
"region": "us-east-2",
"resources": ["arn:aws:ec2:us-east-2:123456789012:instance/i-02573cafcfEXAMPLE"],
"detail": {
"command-id": "e8d3c0e4-71f7-4491-898f-c9b35bee5f3b",
"document-name": "AWS-RunPowerShellScript",
"expire-after": "2024-07-14T22:01:30.049Z",
"parameters": {
"executionTimeout": ["3600"],
"commands": ["date"]
},
"requested-date-time": "2024-07-10T21:51:30.049Z",
"status": "Success"
}
}
```
**Run Command 调用状态更改通知**
```
{
"version": "0",
"id": "4780e1b8-f56b-4de5-95f2-95dbEXAMPLE",
"detail-type": "EC2 Command Invocation Status-change Notification",
"source": "aws.ssm",
"account": "123456789012",
"time": "2024-07-10T21:51:32Z",
"region": "us-east-2",
"resources": ["arn:aws:ec2:us-east-2:123456789012:instance/i-02573cafcfEXAMPLE"],
"detail": {
"command-id": "e8d3c0e4-71f7-4491-898f-c9b35bee5f3b",
"document-name": "AWS-RunPowerShellScript",
"instance-id": "i-02573cafcfEXAMPLE",
"requested-date-time": "2024-07-10T21:51:30.049Z",
"status": "Success"
}
}
```
## AWS Systems ManagerEventsState Manager
**State Manager 关联状态更改**
```
{
"version":"0",
"id":"db839caf-6f6c-40af-9a48-25b2ae2b7774",
"detail-type":"EC2 State Manager Association State Change",
"source":"aws.ssm",
"account":"123456789012",
"time":"2024-05-16T23:01:10Z",
"region":"us-east-2",
"resources":[
"arn:aws:ssm:us-east-2::document/AWS-RunPowerShellScript"
],
"detail":{
"association-id":"6e37940a-23ba-4ab0-9b96-5d0a1a05464f",
"document-name":"AWS-RunPowerShellScript",
"association-version":"1",
"document-version":"Optional.empty",
"targets":"[{\"key\":\"InstanceIds\",\"values\":[\"i-12345678\"]}]",
"creation-date":"2024-02-13T17:22:54.458Z",
"last-successful-execution-date":"2024-05-16T23:00:01Z",
"last-execution-date":"2024-05-16T23:00:01Z",
"last-updated-date":"2024-02-13T17:22:54.458Z",
"status":"Success",
"association-status-aggregated-count":"{\"Success\":1}",
"schedule-expression":"cron(0 */30 * * * ? *)",
"association-cwe-version":"1.0"
}
}
```
**State Manager 实例关联状态更改**
```
{
"version":"0",
"id":"6a7e8feb-b491-4cf7-a9f1-bf3703467718",
"detail-type":"EC2 State Manager Instance Association State Change",
"source":"aws.ssm",
"account":"123456789012",
"time":"2024-02-23T15:23:48Z",
"region":"us-east-2",
"resources":[
"arn:aws:ec2:us-east-2:123456789012:instance/i-12345678",
"arn:aws:ssm:us-east-2:123456789012:document/my-custom-document"
],
"detail":{
"association-id":"34fcb7e0-9a14-4984-9989-0e04e3f60bd8",
"instance-id":"i-02573cafcfEXAMPLE",
"document-name":"my-custom-document",
"document-version":"1",
"targets":"[{\"key\":\"instanceids\",\"values\":[\"i-02573cafcfEXAMPLE\"]}]",
"creation-date":"2024-02-23T15:23:48Z",
"last-successful-execution-date":"2024-02-23T16:23:48Z",
"last-execution-date":"2024-02-23T16:23:48Z",
"status":"Success",
"detailed-status":"",
"error-code":"testErrorCode",
"execution-summary":"testExecutionSummary",
"output-url":"sampleurl",
"instance-association-cwe-version":"1"
}
}
```
# 示例场景:Amazon EventBridge 规则中的 Systems Manager 目标
在 Amazon EventBridge 规则中指定要调用的目标时,您可以从 20 多种目标类型中进行选择,并向每个规则添加最多 5 个目标。
在各种目标中,您可以选择 Automation、OpsCenter 和 Run Command(都是 AWS Systems Manager 中的工具)作为 EventBridge 事件发生时的目标操作。
以下是将这些工具用作 EventBridge 规则目标的几个示例。
**自动化示例**
您可以配置 EventBridge 规则,以便在发生以下事件时启动自动化工作流:
+ 当 Amazon CloudWatch 告警报告托管式节点的状态检查失败时 (`StatusCheckFailed_Instance=1`),请运行节点上的 `AWSSupport-ExecuteEC2Rescue` 自动化运行手册。
+ 当 `EC2 Instance State-change Notification`事件发生时,因为新的 Amazon Elastic Compute Cloud (Amazon EC2) 实例正在运行,请运行实例上的 `AWS-AttachEBSVolume` 自动化运行手册。
+ 当 Amazon Elastic Block Store (Amazon EBS) 卷创建并可用时,请运行卷上的 `AWS-CreateSnapshot`自动化运行手册。
**OpsCenter 示例**
您可以配置一个 EventBridge 规则,以便在发生以下事件时创建新的 OpsItem:
+ 发生 Amazon DynamoDB 节流事件,或者 Amazon EBS 卷性能下降。
+ Amazon EC2 Auto Scaling 组未能启动节点,或者 Systems Manager 自动化工作流失败。
+ EC2 实例的状态从`Running`变为`Stopped`。
**Run Command 示例**
您可以配置 EventBridge 规则,以便在发生以下事件时在 Run Command 中运行 Systems Manager 命令文档:
+ 当 Auto Scaling 组即将结束时,Run Command 脚本可以在节点结束之前捕获节点中的日志文件。
+ 当在 Auto Scaling 组中创建新节点时,Run Command 目标操作可以打开 Web 服务器角色或者在节点上安装软件。
+ 当发现托管式节点不合规时,Run Command 目标操作可以运行 `AWS-RunPatchBaseline` 文档,以更新节点上的补丁。