本文為英文版的機器翻譯版本,如內容有任何歧義或不一致之處,概以英文版為準。
# 使用 的安全湖範例 AWS CLI
下列程式碼範例示範如何使用 AWS Command Line Interface 搭配 Security Lake 來執行動作和實作常見案例。
*Actions* 是大型程式的程式碼摘錄,必須在內容中執行。雖然動作會告訴您如何呼叫個別服務函數,但您可以在其相關情境中查看內容中的動作。
每個範例均包含完整原始碼的連結,您可在連結中找到如何設定和執行內容中程式碼的相關指示。
**Topics**
+ [動作](#actions)
## 動作
### `create-aws-log-source`
以下程式碼範例顯示如何使用 `create-aws-log-source`。
**AWS CLI**
**新增原生支援的 Amazon Web Services 作為 Amazon Security Lake 來源**
下列 `create-aws-logsource` 範例會將 VPC 流程日誌新增為指定帳戶和區域中的 Security Lake 來源。
```
aws securitylake create-aws-log-source \
--sources '[{"regions": ["us-east-1"], "accounts": ["123456789012"], "sourceName": "SH_FINDINGS", "sourceVersion": "2.0"}]'
```
輸出:
```
{
"failed": [
"123456789012"
]
}
```
如需詳細資訊,請參閱《*Amazon Security Lake 使用者指南*》中的[新增 AWS 服務做為來源](https://docs.aws.amazon.com/security-lake/latest/userguide/internal-sources.html#add-internal-sources)。
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [CreateAwsLogSource](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/securitylake/create-aws-log-source.html)。
### `create-custom-log-source`
以下程式碼範例顯示如何使用 `create-custom-log-source`。
**AWS CLI**
**新增自訂來源作為 Amazon Security Lake 來源**
下列 `create-custom-logsource` 範例會將自訂來源新增為指定日誌提供者帳戶和指定區域中的 Security Lake 來源。
```
aws securitylake create-custom-log-source \
--source-name "VPC_FLOW" \
--event-classes '["DNS_ACTIVITY", "NETWORK_ACTIVITY"]' \
--configuration '{"crawlerConfiguration": {"roleArn": "arn:aws:glue:eu-west-2:123456789012:crawler/E1WG1ZNPRXT0D4"},"providerIdentity": {"principal": "029189416600","externalId": "123456789012"}}' --region "us-east-1"
```
輸出:
```
{
"customLogSource": {
"attributes": {
"crawlerArn": "arn:aws:glue:eu-west-2:123456789012:crawler/E1WG1ZNPRXT0D4",
"databaseArn": "arn:aws:glue:eu-west-2:123456789012:database/E1WG1ZNPRXT0D4",
"tableArn": "arn:aws:glue:eu-west-2:123456789012:table/E1WG1ZNPRXT0D4"
},
"provider": {
"location": "amzn-s3-demo-bucket--usw2-az1--x-s3",
"roleArn": "arn:aws:iam::123456789012:role/AmazonSecurityLake-Provider-testCustom2-eu-west-2"
},
"sourceName": "testCustom2"
"sourceVersion": "2.0"
}
}
```
如需詳細資訊,請參閱《Amazon Security Lake 使用者指南》**中的[新增自訂來源](https://docs.aws.amazon.com/security-lake/latest/userguide/custom-sources.html#adding-custom-sources)。
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [CreateCustomLogSource](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/securitylake/create-custom-log-source.html)。
### `create-data-lake-exception-subscription`
以下程式碼範例顯示如何使用 `create-data-lake-exception-subscription`。
**AWS CLI**
**傳送 Security Lake 例外狀況的通知**
下列 `create-data-lake-exception-subscription` 範例會透過簡訊傳遞,將 Security Lake 例外狀況的通知傳送至指定的帳戶。例外狀況訊息會保留指定的期間。
```
aws securitylake create-data-lake-exception-subscription \
--notification-endpoint "123456789012" \
--exception-time-to-live 30 \
--subscription-protocol "sms"
```
此命令不會產生輸出。
如需詳細資訊,請參閱《Amazon Security Lake 使用者指南》**中的[故障診斷 Amazon Security Lake](https://docs.aws.amazon.com/security-lake/latest/userguide/security-lake-troubleshoot.html#securitylake-data-lake-troubleshoot)。
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [CreateDataLakeExceptionSubscription](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/securitylake/create-data-lake-exception-subscription.html)。
### `create-data-lake-organization-configuration`
以下程式碼範例顯示如何使用 `create-data-lake-organization-configuration`。
**AWS CLI**
**在新的組織帳戶中設定 Security Lake**
下列 `create-data-lake-organization-configuration` 範例會啟用 Security Lake 和新組織帳戶中指定來源事件和日誌的集合。
```
aws securitylake create-data-lake-organization-configuration \
--auto-enable-new-account '[{"region":"us-east-1","sources":[{"sourceName":"SH_FINDINGS","sourceVersion": "1.0"}]}]'
```
此命令不會產生輸出。
如需詳細資訊,請參閱《*Amazon Security Lake 使用者指南*》中的[使用 AWS Organizations 管理多個帳戶](https://docs.aws.amazon.com/security-lake/latest/userguide/multi-account-management.html)。
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [CreateDataLakeOrganizationConfiguration](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/securitylake/create-data-lake-organization-configuration.html)。
### `create-data-lake`
以下程式碼範例顯示如何使用 `create-data-lake`。
**AWS CLI**
**範例 1:在多個區域中設定您的資料湖**
下列`create-data-lake`範例會在多個 AWS 區域中啟用 Amazon Security Lake,並設定您的資料湖。
```
aws securitylake create-data-lake \
--configurations '[{"encryptionConfiguration": {"kmsKeyId":"S3_MANAGED_KEY"},"region":"us-east-1","lifecycleConfiguration": {"expiration":{"days":365},"transitions":[{"days":60,"storageClass":"ONEZONE_IA"}]}}, {"encryptionConfiguration": {"kmsKeyId":"S3_MANAGED_KEY"},"region":"us-east-2","lifecycleConfiguration": {"expiration":{"days":365},"transitions":[{"days":60,"storageClass":"ONEZONE_IA"}]}}]' \
--meta-store-manager-role-arn "arn:aws:iam:us-east-1:123456789012:role/service-role/AmazonSecurityLakeMetaStoreManager"
```
輸出:
```
{
"dataLakes": [
{
"createStatus": "COMPLETED",
"dataLakeArn": "arn:aws:securitylake:us-east-1:522481757177:data-lake/default",
"encryptionConfiguration": {
"kmsKeyId": "S3_MANAGED_KEY"
},
"lifecycleConfiguration": {
"expiration": {
"days": 365
},
"transitions": [
{
"days": 60,
"storageClass": "ONEZONE_IA"
}
]
},
"region": "us-east-1",
"replicationConfiguration": {
"regions": [
"ap-northeast-3"
],
"roleArn": "arn:aws:securitylake:ap-northeast-3:522481757177:data-lake/default"
},
"s3BucketArn": "arn:aws:s3:::aws-security-data-lake-us-east-1-gnevt6s8z7bzby8oi3uiaysbr8v2ml",
"updateStatus": {
"exception": {},
"requestId": "f20a6450-d24a-4f87-a6be-1d4c075a59c2",
"status": "INITIALIZED"
}
},
{
"createStatus": "COMPLETED",
"dataLakeArn": "arn:aws:securitylake:us-east-2:522481757177:data-lake/default",
"encryptionConfiguration": {
"kmsKeyId": "S3_MANAGED_KEY"
},
"lifecycleConfiguration": {
"expiration": {
"days": 365
},
"transitions": [
{
"days": 60,
"storageClass": "ONEZONE_IA"
}
]
},
"region": "us-east-2",
"replicationConfiguration": {
"regions": [
"ap-northeast-3"
],
"roleArn": "arn:aws:securitylake:ap-northeast-3:522481757177:data-lake/default"
},
"s3BucketArn": "arn:aws:s3:::aws-security-data-lake-us-east-2-cehuifzl5rwmhm6m62h7zhvtseogr9",
"updateStatus": {
"exception": {},
"requestId": "f20a6450-d24a-4f87-a6be-1d4c075a59c2",
"status": "INITIALIZED"
}
}
]
}
```
如需詳細資訊,請參閱《Amazon Security Lake 使用者指南》**中的[開始使用 Amazon Security Lake](https://docs.aws.amazon.com/security-lake/latest/userguide/getting-started.html)。
**範例 2:在單一區域中設定您的資料湖**
下列`create-data-lake`範例會在單一區域中啟用 Amazon Security Lake, AWS 並設定您的資料湖。
```
aws securitylake create-data-lake \
--configurations '[{"encryptionConfiguration": {"kmsKeyId":"1234abcd-12ab-34cd-56ef-1234567890ab"},"region":"us-east-2","lifecycleConfiguration": {"expiration":{"days":500},"transitions":[{"days":30,"storageClass":"GLACIER"}]}}]' \
--meta-store-manager-role-arn "arn:aws:iam:us-east-1:123456789012:role/service-role/AmazonSecurityLakeMetaStoreManager"
```
輸出:
```
{
"dataLakes": [
{
"createStatus": "COMPLETED",
"dataLakeArn": "arn:aws:securitylake:us-east-2:522481757177:data-lake/default",
"encryptionConfiguration": {
"kmsKeyId": "1234abcd-12ab-34cd-56ef-1234567890ab"
},
"lifecycleConfiguration": {
"expiration": {
"days": 500
},
"transitions": [
{
"days": 30,
"storageClass": "GLACIER"
}
]
},
"region": "us-east-2",
"replicationConfiguration": {
"regions": [
"ap-northeast-3"
],
"roleArn": "arn:aws:securitylake:ap-northeast-3:522481757177:data-lake/default"
},
"s3BucketArn": "arn:aws:s3:::aws-security-data-lake-us-east-2-cehuifzl5rwmhm6m62h7zhvtseogr9",
"updateStatus": {
"exception": {},
"requestId": "77702a53-dcbf-493e-b8ef-518e362f3003",
"status": "INITIALIZED"
}
}
]
}
```
如需詳細資訊,請參閱《Amazon Security Lake 使用者指南》**中的[開始使用 Amazon Security Lake](https://docs.aws.amazon.com/security-lake/latest/userguide/getting-started.html)。
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [CreateDataLake](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/securitylake/create-data-lake.html)。
### `create-subscriber-notification`
以下程式碼範例顯示如何使用 `create-subscriber-notification`。
**AWS CLI**
**建立訂閱用戶通知**
下列 `create-subscriber-notification` 範例顯示如何指定訂閱用戶通知,以在將新資料寫入資料湖時建立通知。
```
aws securitylake create-subscriber-notification \
--subscriber-id "12345ab8-1a34-1c34-1bd4-12345ab9012" \
--configuration '{"httpsNotificationConfiguration": {"targetRoleArn":"arn:aws:iam::XXX:role/service-role/RoleName", "endpoint":"https://account-management.$3.$2.securitylake.aws.dev/v1/datalake"}}'
```
輸出:
```
{
"subscriberEndpoint": [
"https://account-management.$3.$2.securitylake.aws.dev/v1/datalake"
]
}
```
如需詳細資訊,請參閱《Amazon Security Lake 使用者指南》**中的[訂閱用戶管理](https://docs.aws.amazon.com/security-lake/latest/userguide/subscriber-management.html)。
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [CreateSubscriberNotification](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/securitylake/create-subscriber-notification.html)。
### `create-subscriber`
以下程式碼範例顯示如何使用 `create-subscriber`。
**AWS CLI**
**範例 1:建立具有資料存取權的訂閱用戶**
下列`create-subscriber`範例會在 Security Lake 中建立訂閱者,以存取目前 AWS 區域中的 AWS 來源指定訂閱者身分的資料。
```
aws securitylake create-subscriber \
--access-types "S3" \
--sources '[{"awsLogSource": {"sourceName": "VPC_FLOW","sourceVersion": "2.0"}}]' \
--subscriber-name 'opensearch-s3' \
--subscriber-identity '{"principal": "029189416600","externalId": "123456789012"}'
```
輸出:
```
{
"subscriber": {
"accessTypes": [
"S3"
],
"createdAt": "2024-07-17T19:08:26.787000+00:00",
"roleArn": "arn:aws:iam::773172568199:role/AmazonSecurityLake-896f218b-cfba-40be-a255-8b49a65d0407",
"s3BucketArn": "arn:aws:s3:::aws-security-data-lake-us-east-1-um632ufwpvxkyz0bc5hkb64atycnf3",
"sources": [
{
"awsLogSource": {
"sourceName": "VPC_FLOW",
"sourceVersion": "2.0"
}
}
],
"subscriberArn": "arn:aws:securitylake:us-east-1:773172568199:subscriber/896f218b-cfba-40be-a255-8b49a65d0407",
"subscriberId": "896f218b-cfba-40be-a255-8b49a65d0407",
"subscriberIdentity": {
"externalId": "123456789012",
"principal": "029189416600"
},
"subscriberName": "opensearch-s3",
"subscriberStatus": "ACTIVE",
"updatedAt": "2024-07-17T19:08:27.133000+00:00"
}
}
```
如需詳細資訊,請參閱《Amazon Security Lake 使用者指南》**中的[建立具有資料存取權的訂閱用戶](https://docs.aws.amazon.com/security-lake/latest/userguide/subscriber-data-access.html#create-subscriber-data-access)。
**範例 2:建立具有查詢存取權的訂閱用戶**
下列`create-subscriber`範例會在 Security Lake 中建立訂閱者,並在目前 AWS 區域中為指定的訂閱者身分提供查詢存取權。
```
aws securitylake create-subscriber \
--access-types "LAKEFORMATION" \
--sources '[{"awsLogSource": {"sourceName": "VPC_FLOW","sourceVersion": "2.0"}}]' \
--subscriber-name 'opensearch-s3' \
--subscriber-identity '{"principal": "029189416600","externalId": "123456789012"}'
```
輸出:
```
{
"subscriber": {
"accessTypes": [
"LAKEFORMATION"
],
"createdAt": "2024-07-18T01:05:55.853000+00:00",
"resourceShareArn": "arn:aws:ram:us-east-1:123456789012:resource-share/8c31da49-c224-4f1e-bb12-37ab756d6d8a",
"resourceShareName": "LakeFormation-V2-NAMENAMENA-123456789012",
"sources": [
{
"awsLogSource": {
"sourceName": "VPC_FLOW",
"sourceVersion": "2.0"
}
}
],
"subscriberArn": "arn:aws:securitylake:us-east-1:123456789012:subscriber/e762aabb-ce3d-4585-beab-63474597845d",
"subscriberId": "e762aabb-ce3d-4585-beab-63474597845d",
"subscriberIdentity": {
"externalId": "123456789012",
"principal": "029189416600"
},
"subscriberName": "opensearch-s3",
"subscriberStatus": "ACTIVE",
"updatedAt": "2024-07-18T01:05:58.393000+00:00"
}
}
```
如需詳細資訊,請參閱《Amazon Security Lake 使用者指南》**中的[建立具有查詢存取權的訂閱用戶](https://docs.aws.amazon.com/security-lake/latest/userguide/subscriber-query-access.html#create-query-subscriber-procedures)。
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [CreateSubscriber](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/securitylake/create-subscriber.html)。
### `delete-aws-log-source`
以下程式碼範例顯示如何使用 `delete-aws-log-source`。
**AWS CLI**
**移除原生支援 AWS 的服務。**
下列 `delete-aws-logsource` 範例會將 VPC 流程日誌刪除為指定帳戶和區域中的 Security Lake 來源。
```
aws securitylake delete-aws-log-source \
--sources '[{"regions": ["us-east-1"], "accounts": ["123456789012"], "sourceName": "SH_FINDINGS", "sourceVersion": "2.0"}]'
```
輸出:
```
{
"failed": [
"123456789012"
]
}
```
如需詳細資訊,請參閱《*Amazon Security Lake 使用者指南*》中的[移除 AWS 服務做為來源](https://docs.aws.amazon.com/security-lake/latest/userguide/internal-sources.html#remove-internal-sources)。
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [DeleteAwsLogSource](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/securitylake/delete-aws-log-source.html)。
### `delete-custom-log-source`
以下程式碼範例顯示如何使用 `delete-custom-log-source`。
**AWS CLI**
**移除自訂來源。**
下列 `delete-custom-logsource` 範例會刪除指定區域中指定日誌提供者帳戶中的自訂來源。
```
aws securitylake delete-custom-log-source \
--source-name "CustomSourceName"
```
此命令不會產生輸出。
如需詳細資訊,請參閱《Amazon Security Lake 使用者指南》**中的[刪除自訂來源](https://docs.aws.amazon.com/security-lake/latest/userguide/custom-sources.html#delete-custom-source)。
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [DeleteCustomLogSource](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/securitylake/delete-custom-log-source.html)。
### `delete-data-lake-organization-configuration`
以下程式碼範例顯示如何使用 `delete-data-lake-organization-configuration`。
**AWS CLI**
**停止成員帳戶中的自動來源集合**
下列`delete-data-lake-organization-configuration`範例會停止從加入組織的新成員帳戶自動收集 AWS Security Hub 問題清單。只有委派的 Security Lake 管理員才能執行此命令。它可防止新成員帳戶自動將資料提供給資料湖。
```
aws securitylake delete-data-lake-organization-configuration \
--auto-enable-new-account '[{"region":"us-east-1","sources":[{"sourceName":"SH_FINDINGS"}]}]'
```
此命令不會產生輸出。
如需詳細資訊,請參閱《*Amazon Security Lake 使用者指南*》中的[使用 AWS Organizations 管理多個帳戶](https://docs.aws.amazon.com/securityhub/latest/userguide/multi-account-management.html)。
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [DeleteDataLakeOrganizationConfiguration](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/securitylake/delete-data-lake-organization-configuration.html)。
### `delete-data-lake`
以下程式碼範例顯示如何使用 `delete-data-lake`。
**AWS CLI**
**停用您的資料湖**
下列`delete-data-lake`範例會停用指定區域中的資料湖 AWS 。在指定的區域中,來源不會再將資料提供至資料湖。對於使用 AWS Organizations 的 Security Lake 部署,只有組織的委派 Security Lake 管理員可以停用組織中帳戶的 Security Lake。
```
aws securitylake delete-data-lake \
--regions "ap-northeast-1" "eu-central-1"
```
此命令不會產生輸出。
如需詳細資訊,請參閱《Amazon Security Lake 使用者指南》**中的[停用 Amazon Security Lake](https://docs.aws.amazon.com/securityhub/latest/userguide/disable-security-lake.html)。
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [DeleteDataLake](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/securitylake/delete-data-lake.html)。
### `delete-subscriber-notification`
以下程式碼範例顯示如何使用 `delete-subscriber-notification`。
**AWS CLI**
**刪除訂閱用戶通知**
下列 `delete-subscriber-notification` 範例顯示如何刪除特定 Security Lake 訂閱用戶的訂閱用戶通知。
```
aws securitylake delete-subscriber-notification \
--subscriber-id "a1b2c3d4-5678-90ab-cdef-EXAMPLE11111"
```
此命令不會產生輸出。
如需詳細資訊,請參閱《Amazon Security Lake 使用者指南》**中的[訂閱用戶管理](https://docs.aws.amazon.com/security-lake/latest/userguide/subscriber-management.html)。
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [DeleteSubscriberNotification](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/securitylake/delete-subscriber-notification.html)。
### `delete-subscriber`
以下程式碼範例顯示如何使用 `delete-subscriber`。
**AWS CLI**
**刪除訂閱用戶**
下列 `delete-subscriber` 範例示範當您不再希望訂閱用戶從 Security Lake 取用資料時如何移除訂閱用戶。
```
aws securitylake delete-subscriber \
--subscriber-id "a1b2c3d4-5678-90ab-cdef-EXAMPLE11111"
```
此命令不會產生輸出。
如需詳細資訊,請參閱《Amazon Security Lake 使用者指南》**中的[訂閱用戶管理](https://docs.aws.amazon.com/security-lake/latest/userguide/subscriber-management.html)。
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [DeleteSubscriber](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/securitylake/delete-subscriber.html)。
### `get-data-lake-exception-subscription`
以下程式碼範例顯示如何使用 `get-data-lake-exception-subscription`。
**AWS CLI**
**取得例外狀況訂閱的詳細資訊**
下列 `get-data-lake-exception-subscription` 範例提供 Security Lake 例外狀況訂閱的詳細資訊。在此範例中,指定 AWS 帳戶的使用者會透過簡訊傳遞收到錯誤通知。例外狀況訊息會在帳戶中保留指定的期間。例外狀況訂閱會透過請求者的偏好通訊協定,通知 Security Lake 使用者發生錯誤。
```
aws securitylake get-data-lake-exception-subscription
```
輸出:
```
{
"exceptionTimeToLive": 30,
"notificationEndpoint": "123456789012",
"subscriptionProtocol": "sms"
}
```
如需詳細資訊,請參閱《Amazon Security Lake 使用者指南》**中的[故障診斷資料湖狀態](https://docs.aws.amazon.com/securityhub/latest/userguide/security-lake-troubleshoot.html#securitylake-data-lake-troubleshoot)。
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [GetDataLakeExceptionSubscription](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/securitylake/get-data-lake-exception-subscription.html)。
### `get-data-lake-organization-configuration`
以下程式碼範例顯示如何使用 `get-data-lake-organization-configuration`。
**AWS CLI**
**取得新組織帳戶組態的詳細資訊**
下列 `get-data-lake-organization-configuration` 範例會擷取新組織帳戶在加入 Amazon Security Lake 後將傳送之來源日誌的詳細資訊。
```
aws securitylake get-data-lake-organization-configuration
```
輸出:
```
{
"autoEnableNewAccount": [
{
"region": "us-east-1",
"sources": [
{
"sourceName": "VPC_FLOW",
"sourceVersion": "1.0"
},
{
"sourceName": "ROUTE53",
"sourceVersion": "1.0"
},
{
"sourceName": "SH_FINDINGS",
"sourceVersion": "1.0"
}
]
}
]
}
```
如需詳細資訊,請參閱《*Amazon Security Lake 使用者指南*》中的[使用 AWS Organizations 管理多個帳戶](https://docs.aws.amazon.com/security-lake/latest/userguide/multi-account-management.html)。
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [GetDataLakeOrganizationConfiguration](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/securitylake/get-data-lake-organization-configuration.html)。
### `get-data-lake-sources`
以下程式碼範例顯示如何使用 `get-data-lake-sources`。
**AWS CLI**
**取得日誌收集的狀態**
下列`get-data-lake-sources`範例會取得目前 AWS 區域中指定帳戶的日誌集合快照。帳戶已啟用 Amazon Security Lake。
```
aws securitylake get-data-lake-sources \
--accounts "123456789012"
```
輸出:
```
{
"dataLakeSources": [
{
"account": "123456789012",
"sourceName": "SH_FINDINGS",
"sourceStatuses": [
{
"resource": "vpc-1234567890abcdef0",
"status": "COLLECTING"
}
]
},
{
"account": "123456789012",
"sourceName": "VPC_FLOW",
"sourceStatuses": [
{
"resource": "vpc-1234567890abcdef0",
"status": "NOT_COLLECTING"
}
]
},
{
"account": "123456789012",
"sourceName": "LAMBDA_EXECUTION",
"sourceStatuses": [
{
"resource": "vpc-1234567890abcdef0",
"status": "COLLECTING"
}
]
},
{
"account": "123456789012",
"sourceName": "ROUTE53",
"sourceStatuses": [
{
"resource": "vpc-1234567890abcdef0",
"status": "COLLECTING"
}
]
},
{
"account": "123456789012",
"sourceName": "CLOUD_TRAIL_MGMT",
"sourceStatuses": [
{
"resource": "vpc-1234567890abcdef0",
"status": "COLLECTING"
}
]
}
],
"dataLakeArn": null
}
```
如需詳細資訊,請參閱《*Amazon Security Lake 使用者指南*》中的[從 AWS 服務收集資料](https://docs.aws.amazon.com/security-lake/latest/userguide/internal-sources.html)。
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [GetDataLakeSources](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/securitylake/get-data-lake-sources.html)。
### `get-subscriber`
以下程式碼範例顯示如何使用 `get-subscriber`。
**AWS CLI**
**擷取訂閱資訊**
下列`get-subscriber`範例會擷取指定 Security Lake 訂閱者的訂閱資訊。
```
aws securitylake get-subscriber \
--subscriber-id a1b2c3d4-5678-90ab-cdef-EXAMPLE11111
```
輸出:
```
{
"subscriber": {
"accessTypes": [
"LAKEFORMATION"
],
"createdAt": "2024-04-19T15:19:44.421803+00:00",
"resourceShareArn": "arn:aws:ram:eu-west-2:123456789012:resource-share/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111",
"resourceShareName": "LakeFormation-V3-TKJGBHCKTZ-123456789012",
"sources": [
{
"awsLogSource": {
"sourceName": "LAMBDA_EXECUTION",
"sourceVersion": "1.0"
}
},
{
"awsLogSource": {
"sourceName": "EKS_AUDIT",
"sourceVersion": "2.0"
}
},
{
"awsLogSource": {
"sourceName": "ROUTE53",
"sourceVersion": "1.0"
}
},
{
"awsLogSource": {
"sourceName": "SH_FINDINGS",
"sourceVersion": "1.0"
}
},
{
"awsLogSource": {
"sourceName": "VPC_FLOW",
"sourceVersion": "1.0"
}
},
{
"customLogSource": {
"attributes": {
"crawlerArn": "arn:aws:glue:eu-west-2:123456789012:crawler/testCustom2",
"databaseArn": "arn:aws:glue:eu-west-2:123456789012:database/amazon_security_lake_glue_db_eu_west_2",
"tableArn": "arn:aws:glue:eu-west-2:123456789012:table/amazon_security_lake_table_eu_west_2_ext_testcustom2"
},
"provider": {
"location": "s3://aws-security-data-lake-eu-west-2-8ugsus4ztnsfpjbldwbgf4vge98av9/ext/testCustom2/",
"roleArn": "arn:aws:iam::123456789012:role/AmazonSecurityLake-Provider-testCustom2-eu-west-2"
},
"sourceName": "testCustom2"
}
},
{
"customLogSource": {
"attributes": {
"crawlerArn": "arn:aws:glue:eu-west-2:123456789012:crawler/TestCustom",
"databaseArn": "arn:aws:glue:eu-west-2:123456789012:database/amazon_security_lake_glue_db_eu_west_2",
"tableArn": "arn:aws:glue:eu-west-2:123456789012:table/amazon_security_lake_table_eu_west_2_ext_testcustom"
},
"provider": {
"location": "s3://aws-security-data-lake-eu-west-2-8ugsus4ztnsfpjbldwbgf4vge98av9/ext/TestCustom/",
"roleArn": "arn:aws:iam::123456789012:role/AmazonSecurityLake-Provider-TestCustom-eu-west-2"
},
"sourceName": "TestCustom"
}
}
],
"subscriberArn": "arn:aws:securitylake:eu-west-2:123456789012:subscriber/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111",
"subscriberId": "a1b2c3d4-5678-90ab-cdef-EXAMPLE11111",
"subscriberIdentity": {
"externalId": "123456789012",
"principal": "123456789012"
},
"subscriberName": "test",
"subscriberStatus": "ACTIVE",
"updatedAt": "2024-04-19T15:19:55.230588+00:00"
}
}
```
如需詳細資訊,請參閱《Amazon Security Lake 使用者指南》**中的[訂閱用戶管理](https://docs.aws.amazon.com/security-lake/latest/userguide/subscriber-management.html)。
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [GetSubscriber](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/securitylake/get-subscriber.html)。
### `list-data-lake-exceptions`
以下程式碼範例顯示如何使用 `list-data-lake-exceptions`。
**AWS CLI**
**列出影響資料湖的問題**
下列`list-data-lake-exceptions`範例列出過去 14 天內影響指定 AWS 區域中資料湖的問題。
```
aws securitylake list-data-lake-exceptions \
--regions "us-east-1" "eu-west-3"
```
輸出:
```
{
"exceptions": [
{
"exception": "The account does not have the required role permissions. Update your role permissions to use the new data source version.",
"region": "us-east-1",
"timestamp": "2024-02-29T12:24:15.641725+00:00"
},
{
"exception": "The account does not have the required role permissions. Update your role permissions to use the new data source version.",
"region": "eu-west-3",
"timestamp": "2024-02-29T12:24:15.641725+00:00"
}
]
}
```
如需詳細資訊,請參閱《Amazon Security Lake 使用者指南》**中的[故障診斷 Amazon Security Lake](https://docs.aws.amazon.com/security-lake/latest/userguide/security-lake-troubleshoot.html#securitylake-data-lake-troubleshoot)。
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [ListDataLakeExceptions](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/securitylake/list-data-lake-exceptions.html)。
### `list-data-lakes`
以下程式碼範例顯示如何使用 `list-data-lakes`。
**AWS CLI**
**列出 Security Lake 組態物件**
下列`list-data-lakes`範例列出指定 AWS 區域的 Amazon Security Lake 組態物件。您可以使用此命令來判斷指定的一或數個區域中是否已啟用 Security Lake。
```
aws securitylake list-data-lakes \
--regions "us-east-1"
```
輸出:
```
{
"dataLakes": [
{
"createStatus": "COMPLETED",
"dataLakeArn": "arn:aws:securitylake:us-east-1:123456789012:data-lake/default",
"encryptionConfiguration": {
"kmsKeyId": "S3_MANAGED_KEY"
},
"lifecycleConfiguration": {
"expiration": {
"days": 365
},
"transitions": [
{
"days": 60,
"storageClass": "ONEZONE_IA"
}
]
},
"region": "us-east-1",
"replicationConfiguration": {
"regions": [
"ap-northeast-3"
],
"roleArn": "arn:aws:securitylake:ap-northeast-3:123456789012:data-lake/default"
},
"s3BucketArn": "arn:aws:s3:::aws-security-data-lake-us-east-1-1234567890abcdef0",
"updateStatus": {
"exception": {
"code": "software.amazon.awssdk.services.s3.model.S3Exception",
"reason": ""
},
"requestId": "a1b2c3d4-5678-90ab-cdef-EXAMPLE11111",
"status": "FAILED"
}
}
]
}
```
如需詳細資訊,請參閱《Amazon Security Lake 使用者指南》**中的[檢查區域狀態](https://docs.aws.amazon.com/security-lake/latest/userguide/manage-regions.html#check-region-status)。
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [ListDataLakes](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/securitylake/list-data-lakes.html)。
### `list-log-sources`
以下程式碼範例顯示如何使用 `list-log-sources`。
**AWS CLI**
**擷取 Amazon Security Lake 日誌來源**
下列 `list-log-sources` 範例會列出指定帳戶中的 Amazon Security Lake 日誌來源。
```
aws securitylake list-log-sources \
--accounts "123456789012"
```
輸出:
```
{
"account": "123456789012",
"region": "xy-region-1",
"sources": [
{
"awsLogSource": {
"sourceName": "VPC_FLOW",
"sourceVersion": "2.0"
}
},
{
"awsLogSource": {
"sourceName": "SH_FINDINGS",
"sourceVersion": "2.0"
}
}
]
}
```
如需詳細資訊,請參閱《Amazon Security Lake 使用者指南》**中的[來源管理](https://docs.aws.amazon.com/security-lake/latest/userguide/source-management.html)。
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [ListLogSources](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/securitylake/list-log-sources.html)。
### `list-subscribers`
以下程式碼範例顯示如何使用 `list-subscribers`。
**AWS CLI**
**擷取 Amazon Security Lake 訂閱用戶**
下列 `list-subscribers` 範例會列出特定帳戶中的所有 Amazon Security Lake 訂閱用戶。
```
aws securitylake list-subscribers
```
輸出:
```
{
"subscribers": [
{
"accessTypes": [
"S3"
],
"createdAt": "2024-06-04T15:02:28.921000+00:00",
"roleArn": "arn:aws:iam::123456789012:role/AmazonSecurityLake-E1WG1ZNPRXT0D4",
"s3BucketArn": "amzn-s3-demo-bucket--usw2-az1--x-s3",
"sources": [
{
"awsLogSource": {
"sourceName": "CLOUD_TRAIL_MGMT",
"sourceVersion": "2.0"
}
},
{
"awsLogSource": {
"sourceName": "LAMBDA_EXECUTION",
"sourceVersion": "1.0"
}
},
{
"customLogSource": {
"attributes": {
"crawlerArn": "arn:aws:glue:eu-west-2:123456789012:crawler/E1WG1ZNPRXT0D4",
"databaseArn": "arn:aws:glue:eu-west-2:123456789012:database/E1WG1ZNPRXT0D4",
"tableArn": "arn:aws:glue:eu-west-2:123456789012:table/E1WG1ZNPRXT0D4"
},
"provider": {
"location": "amzn-s3-demo-bucket--usw2-az1--x-s3",
"roleArn": "arn:aws:iam::123456789012:role/AmazonSecurityLake-E1WG1ZNPRXT0D4"
},
"sourceName": "testCustom2"
}
}
],
"subscriberArn": "arn:aws:securitylake:eu-west-2:123456789012:subscriber/E1WG1ZNPRXT0D4",
"subscriberEndpoint": "arn:aws:sqs:eu-west-2:123456789012:AmazonSecurityLake-a1b2c3d4-5678-90ab-cdef-EXAMPLE11111-Main-Queue",
"subscriberId": "a1b2c3d4-5678-90ab-cdef-EXAMPLE11111",
"subscriberIdentity": {
"externalId": "ext123456789012",
"principal": "123456789012"
},
"subscriberName": "Test",
"subscriberStatus": "ACTIVE",
"updatedAt": "2024-06-04T15:02:35.617000+00:00"
}
]
}
```
如需詳細資訊,請參閱《Amazon Security Lake 使用者指南》**中的[訂閱用戶管理](https://docs.aws.amazon.com/security-lake/latest/userguide/subscriber-management.html)。
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [ListSubscribers](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/securitylake/list-subscribers.html)。
### `list-tags-for-resource`
以下程式碼範例顯示如何使用 `list-tags-for-resource`。
**AWS CLI**
**管理現有資源的標籤**
下列 `list-tags-for-resource` 範例會列出指定 Amazon Security Lake 訂閱用戶的標籤。在此範例中,擁有者標籤索引鍵沒有相關聯的標籤值。您也可以使用此操作來列出其他現有 Security Lake 資源的標籤。
```
aws securitylake list-tags-for-resource \
--resource-arn "arn:aws:securitylake:us-east-1:123456789012:subscriber/1234abcd-12ab-34cd-56ef-1234567890ab"
```
輸出:
```
{
"tags": [
{
"key": "Environment",
"value": "Cloud"
},
{
"key": "CostCenter",
"value": "12345"
},
{
"key": "Owner",
"value": ""
}
]
}
```
如需詳細資訊,請參閱《Amazon Security Lake 使用者指南》**中的[標記 Amazon Security Lake 資源](https://docs.aws.amazon.com/security-lake/latest/userguide/tagging-resources.html#tags-retrieve)。
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [ListTagsForResource](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/securitylake/list-tags-for-resource.html)。
### `register-data-lake-delegated-administrator`
以下程式碼範例顯示如何使用 `register-data-lake-delegated-administrator`。
**AWS CLI**
**指定委派管理員**
下列`register-data-lake-delegated-administrator`範例會將指定的 AWS 帳戶指定為委派的 Amazon Security Lake 管理員。
```
aws securitylake register-data-lake-delegated-administrator \
--account-id 123456789012
```
此命令不會產生輸出。
如需詳細資訊,請參閱《*Amazon Security Lake 使用者指南*》中的[使用 AWS Organizations 管理多個帳戶](https://docs.aws.amazon.com/security-lake/latest/userguide/multi-account-management.html)。
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [RegisterDataLakeDelegatedAdministrator](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/securitylake/register-data-lake-delegated-administrator.html)。
### `tag-resource`
以下程式碼範例顯示如何使用 `tag-resource`。
**AWS CLI**
**將標籤新增到現有資源**
下列 `tag-resource` 範例會將標籤新增至現有的訂閱用戶資源。若要建立新的資源並新增一或多個標籤,請勿使用此操作。反之,請針對您要建立的資源類型使用適當的建立操作。
```
aws securitylake tag-resource \
--resource-arn "arn:aws:securitylake:us-east-1:123456789012:subscriber/1234abcd-12ab-34cd-56ef-1234567890ab" \
--tags key=Environment,value=Cloud
```
此命令不會產生輸出。
如需詳細資訊,請參閱《Amazon Security Lake 使用者指南》**中的[標記 Amazon Security Lake 資源](https://docs.aws.amazon.com/security-lake/latest/userguide/tagging-resources.html#tags-retrieve)。
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [TagResource](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/securitylake/tag-resource.html)。
### `untag-resource`
以下程式碼範例顯示如何使用 `untag-resource`。
**AWS CLI**
**從現有資源移除標籤**
下列 `untag-resource` 範例會從現有的訂閱用戶資源移除指定的標籤。
```
aws securitylake untag-resource \
--resource-arn "arn:aws:securitylake:us-east-1:123456789012:subscriber/1234abcd-12ab-34cd-56ef-1234567890ab" \
--tags Environment Owner
```
此命令不會產生輸出。
如需詳細資訊,請參閱《Amazon Security Lake 使用者指南》**中的[標記 Amazon Security Lake 資源](https://docs.aws.amazon.com/security-lake/latest/userguide/tagging-resources.html#tags-retrieve)。
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [UntagResource](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/securitylake/untag-resource.html)。
### `update-data-lake-exception-subscription`
以下程式碼範例顯示如何使用 `update-data-lake-exception-subscription`。
**AWS CLI**
**更新 Security Lake 例外狀況的通知訂閱**
下列 `update-data-lake-exception-subscription` 範例會更新通知訂閱,以通知使用者 Security Lake 例外狀況。
```
aws securitylake update-data-lake-exception-subscription \
--notification-endpoint "123456789012" \
--exception-time-to-live 30 \
--subscription-protocol "email"
```
此命令不會產生輸出。
如需詳細資訊,請參閱《Amazon Security Lake 使用者指南》**中的[故障診斷 Amazon Security Lake](https://docs.aws.amazon.com/security-lake/latest/userguide/security-lake-troubleshoot.html#securitylake-data-lake-troubleshoot)。
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [UpdateDataLakeExceptionSubscription](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/securitylake/update-data-lake-exception-subscription.html)。
### `update-data-lake`
以下程式碼範例顯示如何使用 `update-data-lake`。
**AWS CLI**
**範例 1:更新資料湖設定**
下列 `update-data-lake` 範例會更新 Amazon Security Lake 資料湖的設定。您可以使用此操作來指定資料加密、儲存和彙總區域設定。
```
aws securitylake update-data-lake \
--configurations '[{"encryptionConfiguration": {"kmsKeyId":"S3_MANAGED_KEY"},"region":"us-east-1","lifecycleConfiguration": {"expiration":{"days":365},"transitions":[{"days":60,"storageClass":"ONEZONE_IA"}]}}, {"encryptionConfiguration": {"kmsKeyId":"S3_MANAGED_KEY"},"region":"us-east-2","lifecycleConfiguration": {"expiration":{"days":365},"transitions":[{"days":60,"storageClass":"ONEZONE_IA"}]}}]' \
--meta-store-manager-role-arn "arn:aws:iam:us-east-1:123456789012:role/service-role/AmazonSecurityLakeMetaStoreManager"
```
輸出:
```
{
"dataLakes": [
{
"createStatus": "COMPLETED",
"dataLakeArn": "arn:aws:securitylake:us-east-1:522481757177:data-lake/default",
"encryptionConfiguration": {
"kmsKeyId": "S3_MANAGED_KEY"
},
"lifecycleConfiguration": {
"expiration": {
"days": 365
},
"transitions": [
{
"days": 60,
"storageClass": "ONEZONE_IA"
}
]
},
"region": "us-east-1",
"replicationConfiguration": {
"regions": [
"ap-northeast-3"
],
"roleArn": "arn:aws:securitylake:ap-northeast-3:522481757177:data-lake/default"
},
"s3BucketArn": "arn:aws:s3:::aws-security-data-lake-us-east-1-gnevt6s8z7bzby8oi3uiaysbr8v2ml",
"updateStatus": {
"exception": {},
"requestId": "f20a6450-d24a-4f87-a6be-1d4c075a59c2",
"status": "INITIALIZED"
}
},
{
"createStatus": "COMPLETED",
"dataLakeArn": "arn:aws:securitylake:us-east-2:522481757177:data-lake/default",
"encryptionConfiguration": {
"kmsKeyId": "S3_MANAGED_KEY"
},
"lifecycleConfiguration": {
"expiration": {
"days": 365
},
"transitions": [
{
"days": 60,
"storageClass": "ONEZONE_IA"
}
]
},
"region": "us-east-2",
"replicationConfiguration": {
"regions": [
"ap-northeast-3"
],
"roleArn": "arn:aws:securitylake:ap-northeast-3:522481757177:data-lake/default"
},
"s3BucketArn": "arn:aws:s3:::aws-security-data-lake-us-east-2-cehuifzl5rwmhm6m62h7zhvtseogr9",
"updateStatus": {
"exception": {},
"requestId": "f20a6450-d24a-4f87-a6be-1d4c075a59c2",
"status": "INITIALIZED"
}
}
]
}
```
如需詳細資訊,請參閱《Amazon Security Lake 使用者指南》**中的[開始使用 Amazon Security Lake](https://docs.aws.amazon.com/security-lake/latest/userguide/getting-started.html)。
**範例 2:在單一區域中設定您的資料湖**
下列`create-data-lake`範例會在單一區域中啟用 Amazon Security Lake, AWS 並設定您的資料湖。
```
aws securitylake create-data-lake \
--configurations '[{"encryptionConfiguration": {"kmsKeyId":"1234abcd-12ab-34cd-56ef-1234567890ab"},"region":"us-east-2","lifecycleConfiguration": {"expiration":{"days":500},"transitions":[{"days":30,"storageClass":"GLACIER"}]}}]' \
--meta-store-manager-role-arn "arn:aws:iam:us-east-1:123456789012:role/service-role/AmazonSecurityLakeMetaStoreManager"
```
輸出:
```
{
"dataLakes": [
{
"createStatus": "COMPLETED",
"dataLakeArn": "arn:aws:securitylake:us-east-2:522481757177:data-lake/default",
"encryptionConfiguration": {
"kmsKeyId": "1234abcd-12ab-34cd-56ef-1234567890ab"
},
"lifecycleConfiguration": {
"expiration": {
"days": 500
},
"transitions": [
{
"days": 30,
"storageClass": "GLACIER"
}
]
},
"region": "us-east-2",
"replicationConfiguration": {
"regions": [
"ap-northeast-3"
],
"roleArn": "arn:aws:securitylake:ap-northeast-3:522481757177:data-lake/default"
},
"s3BucketArn": "arn:aws:s3:::aws-security-data-lake-us-east-2-cehuifzl5rwmhm6m62h7zhvtseogr9",
"updateStatus": {
"exception": {},
"requestId": "77702a53-dcbf-493e-b8ef-518e362f3003",
"status": "INITIALIZED"
}
}
]
}
```
如需詳細資訊,請參閱《Amazon Security Lake 使用者指南》**中的[開始使用 Amazon Security Lake](https://docs.aws.amazon.com/security-lake/latest/userguide/getting-started.html)。
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [UpdateDataLake](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/securitylake/update-data-lake.html)。
### `update-subscriber-notification`
以下程式碼範例顯示如何使用 `update-subscriber-notification`。
**AWS CLI**
**更新訂閱用戶通知**
下列 `update-subscriber-notification` 範例顯示如何更新訂閱用戶的通知方法。
```
aws securitylake update-subscriber-notification \
--subscriber-id "12345ab8-1a34-1c34-1bd4-12345ab9012" \
--configuration '{"httpsNotificationConfiguration": {"targetRoleArn":"arn:aws:iam::XXX:role/service-role/RoleName", "endpoint":"https://account-management.$3.$2.securitylake.aws.dev/v1/datalake"}}'
```
輸出:
```
{
"subscriberEndpoint": [
"https://account-management.$3.$2.securitylake.aws.dev/v1/datalake"
]
}
```
如需詳細資訊,請參閱《Amazon Security Lake 使用者指南》**中的[訂閱用戶管理](https://docs.aws.amazon.com/security-lake/latest/userguide/subscriber-management.html)。
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [UpdateSubscriberNotification](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/securitylake/update-subscriber-notification.html)。
### `update-subscriber`
以下程式碼範例顯示如何使用 `update-subscriber`。
**AWS CLI**
**更新 Amazon Security Lake 訂閱用戶。**
下列 `update-subscriber` 範例會更新特定 Security Lake 訂閱用戶的 Security Lake 資料存取來源。
```
aws securitylake update-subscriber \
--subscriber-id a1b2c3d4-5678-90ab-cdef-EXAMPLE11111
```
輸出:
```
{
"subscriber": {
"accessTypes": [
"LAKEFORMATION"
],
"createdAt": "2024-04-19T15:19:44.421803+00:00",
"resourceShareArn": "arn:aws:ram:eu-west-2:123456789012:resource-share/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111",
"resourceShareName": "LakeFormation-V3-TKJGBHCKTZ-123456789012",
"sources": [
{
"awsLogSource": {
"sourceName": "LAMBDA_EXECUTION",
"sourceVersion": "1.0"
}
},
{
"awsLogSource": {
"sourceName": "EKS_AUDIT",
"sourceVersion": "2.0"
}
},
{
"awsLogSource": {
"sourceName": "ROUTE53",
"sourceVersion": "1.0"
}
},
{
"awsLogSource": {
"sourceName": "SH_FINDINGS",
"sourceVersion": "1.0"
}
},
{
"awsLogSource": {
"sourceName": "VPC_FLOW",
"sourceVersion": "1.0"
}
},
{
"customLogSource": {
"attributes": {
"crawlerArn": "arn:aws:glue:eu-west-2:123456789012:crawler/E1WG1ZNPRXT0D4",
"databaseArn": "arn:aws:glue:eu-west-2:123456789012:database/E1WG1ZNPRXT0D4",
"tableArn": "arn:aws:glue:eu-west-2:123456789012:table/E1WG1ZNPRXT0D4"
},
"provider": {
"location": "amzn-s3-demo-bucket--usw2-az1--x-s3",
"roleArn": "arn:aws:iam::123456789012:role/AmazonSecurityLake-E1WG1ZNPRXT0D4"
},
"sourceName": "testCustom2"
}
}
],
"subscriberArn": "arn:aws:securitylake:eu-west-2:123456789012:subscriber/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111",
"subscriberId": "a1b2c3d4-5678-90ab-cdef-EXAMPLE11111",
"subscriberIdentity": {
"externalId": "123456789012",
"principal": "123456789012"
},
"subscriberName": "test",
"subscriberStatus": "ACTIVE",
"updatedAt": "2024-07-18T20:47:37.098000+00:00"
}
}
```
如需詳細資訊,請參閱《Amazon Security Lake 使用者指南》**中的[訂閱用戶管理](https://docs.aws.amazon.com/security-lake/latest/userguide/subscriber-management.html)。
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [UpdateSubscriber](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/securitylake/update-subscriber.html)。