ablog

不器用で落着きのない技術者のメモ

RDSのパラメータグループ作成してパラメータを変更時の CloudTrail イベント

AWS

RDS MySQL でパラメータグループ作成時のイベントは CreateDBParameterGroup、パラメータ変更時のイベントは ModifyDBParameterGroup。発生するイベントは Aurora でも同じ。

  • パラメータグループ作成
    • パラメータグループファミリー: mysql5.7
    • グループ名: mysql
    • 説明: mysql
{
    "eventVersion": "1.05",
    "userIdentity": {
        "type": "AssumedRole",
        "principalId": "...",
        "arn": "arn:aws:sts::1234567890123:assumed-role/AdminRole/...",
        "accountId": "1234567890123",
        "accessKeyId": "...",
        "sessionContext": {
            "attributes": {
                "mfaAuthenticated": "false",
                "creationDate": "2019-05-13T12:54:13Z"
            },
            "sessionIssuer": {
                "type": "Role",
                "principalId": "...",
                "arn": "arn:aws:iam::1234567890123:role/AdminRole",
                "accountId": "1234567890123",
                "userName": "AdminRole"
            }
        }
    },
    "eventTime": "2019-05-13T13:00:44Z",
    "eventSource": "rds.amazonaws.com",
    "eventName": "CreateDBParameterGroup",
    "awsRegion": "ap-northeast-1",
    "sourceIPAddress": "**.*.*.***",
    "userAgent": "console.amazonaws.com",
    "requestParameters": {
        "dBParameterGroupFamily": "mysql5.7", ★
        "description": "mysql", ★
        "dBParameterGroupName": "mysql" ★
    },
    "responseElements": {
        "dBParameterGroupName": "mysql",
        "dBParameterGroupArn": "arn:aws:rds:ap-northeast-1:1234567890123:pg:mysql",
        "description": "mysql",
        "dBParameterGroupFamily": "mysql5.7"
    },
    "requestID": "42a8934a-f16f-4aaf-a2a1-c6dabc13d1a0",
    "eventID": "567c91e1-c511-4d50-8de4-33f333fa4086",
    "eventType": "AwsApiCall",
    "recipientAccountId": "1234567890123"
}
  • パラメータ変更
    • autocommit を 0 に設定
{
    "eventVersion": "1.05",
    "userIdentity": {
        "type": "AssumedRole",
        "principalId": "...",
        "arn": "arn:aws:sts::1234567890123:assumed-role/AdminRole/...",
        "accountId": "1234567890123",
        "accessKeyId": "...",
        "sessionContext": {
            "attributes": {
                "mfaAuthenticated": "false",
                "creationDate": "2019-05-13T12:54:13Z"
            },
            "sessionIssuer": {
                "type": "Role",
                "principalId": "...",
                "arn": "arn:aws:iam::1234567890123:role/AdminRole",
                "accountId": "1234567890123",
                "userName": "AdminRole"
            }
        }
    },
    "eventTime": "2019-05-13T13:02:06Z",
    "eventSource": "rds.amazonaws.com",
    "eventName": "ModifyDBParameterGroup",
    "awsRegion": "ap-northeast-1",
    "sourceIPAddress": "**.*.*.***",
    "userAgent": "console.amazonaws.com",
    "requestParameters": {
        "parameters": [
            {
                "isModifiable": false,
                "applyMethod": "immediate",
                "parameterName": "autocommit", ★
                "parameterValue": "0" ★
            }
        ],
        "dBParameterGroupName": "mysql"
    },
    "responseElements": {
        "dBParameterGroupName": "mysql"
    },
    "requestID": "238defbb-2b6c-4956-a6b1-1ccd49d0fd2e",
    "eventID": "cb24eb61-a760-4d9f-9e20-019848c4a168",
    "eventType": "AwsApiCall",
    "recipientAccountId": "1234567890123"
}