Trusted Advisor 使用 的範例 AWS CLI - AWS Command Line Interface

本文為英文版的機器翻譯版本,如內容有任何歧義或不一致之處,概以英文版為準。

Trusted Advisor 使用 的範例 AWS CLI

下列程式碼範例示範如何搭配 AWS Command Line Interface 使用 來執行動作和實作常見案例 Trusted Advisor。

Actions 是大型程式的程式碼摘錄,必須在內容中執行。雖然動作會示範如何呼叫個別服務函數,但您可以在相關案例中查看內容中的動作。

每個範例都包含完整原始程式碼的連結,您可以在其中找到如何在內容中設定和執行程式碼的指示。

主題

動作

下列程式碼範例示範如何使用 get-organization-recommendation

AWS CLI

若要取得組織建議

下列get-organization-recommendation範例透過其識別符取得組織建議。

aws trustedadvisor get-organization-recommendation \ --organization-recommendation-identifier arn:aws:trustedadvisor:::organization-recommendation/9534ec9b-bf3a-44e8-8213-2ed68b39d9d5

輸出:

{ "organizationRecommendation": { "arn": "arn:aws:trustedadvisor:::organization-recommendation/9534ec9b-bf3a-44e8-8213-2ed68b39d9d5", "name": "Lambda Runtime Deprecation Warning", "description": "One or more lambdas are using a deprecated runtime", "awsServices": [ "lambda" ], "checkArn": "arn:aws:trustedadvisor:::check/L4dfs2Q4C5", "id": "9534ec9b-bf3a-44e8-8213-2ed68b39d9d5", "lifecycleStage": "resolved", "pillars": [ "security" ], "resourcesAggregates": { "errorCount": 0, "okCount": 0, "warningCount": 0 }, "source": "ta_check", "status": "warning", "type": "priority" } }

如需詳細資訊,請參閱 Trusted Advisor 使用者指南APIAWS 中的 Trusted Advisor 入門。

下列程式碼範例示範如何使用 get-recommendation

AWS CLI

若要取得建議

下列get-recommendation範例透過其識別符取得建議。

aws trustedadvisor get-recommendation \ --recommendation-identifier arn:aws:trustedadvisor::000000000000:recommendation/55fa4d2e-bbb7-491a-833b-5773e9589578

輸出:

{ "recommendation": { "arn": "arn:aws:trustedadvisor::000000000000:recommendation/55fa4d2e-bbb7-491a-833b-5773e9589578", "name": "MFA Recommendation", "description": "Enable multi-factor authentication", "awsServices": [ "iam" ], "checkArn": "arn:aws:trustedadvisor:::check/7DAFEmoDos", "id": "55fa4d2e-bbb7-491a-833b-5773e9589578", "lastUpdatedAt": "2023-11-01T15:57:58.673Z", "pillarSpecificAggregates": { "costOptimizing": { "estimatedMonthlySavings": 0.0, "estimatedPercentMonthlySavings": 0.0 } }, "pillars": [ "security" ], "resourcesAggregates": { "errorCount": 1, "okCount": 0, "warningCount": 0 }, "source": "ta_check", "status": "error", "type": "standard" } }

如需詳細資訊,請參閱 Trusted Advisor 使用者指南APIAWS 中的 Trusted Advisor 入門。

下列程式碼範例示範如何使用 list-checks

AWS CLI

若要列出 Trusted Advisor 檢查

下列list-checks範例列出所有 Trusted Advisor 檢查。

aws trustedadvisor list-checks

輸出:

{ "checkSummaries": [ { "arn": "arn:aws:trustedadvisor:::check/1iG5NDGVre", "awsServices": [ "EC2" ], "description": "Checks security groups for rules that allow unrestricted access to a resource. Unrestricted access increases opportunities for malicious activity (hacking, denial-of-service attacks, loss of data)", "id": "1iG5NDGVre", "metadata": { "0": "Region", "1": "Security Group Name", "2": "Security Group ID", "3": "Protocol", "4": "Port", "5": "Status", "6": "IP Range" }, "name": "Security Groups - Unrestricted Access", "pillars": [ "security" ], "source": "ta_check" }, { "arn": "arn:aws:trustedadvisor:::check/1qazXsw23e", "awsServices": [ "RDS" ], "description": "Checks your usage of RDS and provides recommendations on purchase of Reserved Instances to help reduce costs incurred from using RDS On-Demand. AWS generates these recommendations by analyzing your On-Demand usage for the past 30 days. We then simulate every combination of reservations in the generated category of usage in order to identify the best number of each type of Reserved Instance to purchase to maximize your savings. This check covers recommendations based on partial upfront payment option with 1-year or 3-year commitment. This check is not available to accounts linked in Consolidated Billing. Recommendations are only available for the Paying Account.", "id": "1qazXsw23e", "metadata": { "0": "Region", "1": "Family", "2": "Instance Type", "3": "License Model", "4": "Database Edition", "5": "Database Engine", "6": "Deployment Option", "7": "Recommended number of Reserved Instances to purchase", "8": "Expected Average Reserved Instance Utilization", "9": "Estimated Savings with Recommendation (monthly)" "10": "Upfront Cost of Reserved Instances", "11": "Estimated cost of Reserved Instances (monthly)", "12": "Estimated On-Demand Cost Post Recommended Reserved Instance Purchase (monthly)", "13": "Estimated Break Even (months)", "14": "Lookback Period (days)", "15": "Term (years)" }, "name": "Amazon Relational Database Service (RDS) Reserved Instance Optimization", "pillars": [ "cost_optimizing" ], "source": "ta_check" }, { "arn": "arn:aws:trustedadvisor:::check/1qw23er45t", "awsServices": [ "Redshift" ], "description": "Checks your usage of Redshift and provides recommendations on purchase of Reserved Nodes to help reduce costs incurred from using Redshift On-Demand. AWS generates these recommendations by analyzing your On-Demand usage for the past 30 days. We then simulate every combination of reservations in the generated category of usage in order to identify the best number of each type of Reserved Nodes to purchase to maximize your savings. This check covers recommendations based on partial upfront payment option with 1-year or 3-year commitment. This check is not available to accounts linked in Consolidated Billing. Recommendations are only available for the Paying Account.", "id": "1qw23er45t", "metadata": { "0": "Region", "1": "Family", "2": "Node Type", "3": "Recommended number of Reserved Nodes to purchase", "4": "Expected Average Reserved Node Utilization", "5": "Estimated Savings with Recommendation (monthly)", "6": "Upfront Cost of Reserved Nodes", "7": "Estimated cost of Reserved Nodes (monthly)", "8": "Estimated On-Demand Cost Post Recommended Reserved Nodes Purchase (monthly)", "9": "Estimated Break Even (months)", "10": "Lookback Period (days)", "11": "Term (years)", }, "name": "Amazon Redshift Reserved Node Optimization", "pillars": [ "cost_optimizing" ], "source": "ta_check" }, ], "nextToken": "REDACTED" }

如需詳細資訊,請參閱 Trusted Advisor 使用者指南APIAWS 中的 Trusted Advisor 入門。

  • 如需API詳細資訊,請參閱 命令參考 ListChecks中的 。 AWS CLI

下列程式碼範例示範如何使用 list-organization-recommendation-accounts

AWS CLI

列出組織建議帳戶

下列list-organization-recommendation-accounts範例會依組織建議識別符列出組織建議的所有帳戶建議摘要。

aws trustedadvisor list-organization-recommendation-accounts \ --organization-recommendation-identifier arn:aws:trustedadvisor:::organization-recommendation/9534ec9b-bf3a-44e8-8213-2ed68b39d9d5

輸出:

{ "accountRecommendationLifecycleSummaries": [{ "accountId": "000000000000", "accountRecommendationArn": "arn:aws:trustedadvisor::000000000000:recommendation/9534ec9b-bf3a-44e8-8213-2ed68b39d9d5", "lifecycleStage": "resolved", "updateReason": "Resolved issue", "updateReasonCode": "valid_business_case", "lastUpdatedAt": "2023-01-17T18:25:44.552Z" }], "nextToken": "REDACTED" }

如需詳細資訊,請參閱 Trusted Advisor 使用者指南APIAWS 中的 Trusted Advisor 入門。

下列程式碼範例示範如何使用 list-organization-recommendation-resources

AWS CLI

列出組織建議資源

下列list-organization-recommendation-resources範例會依組織識別符列出組織建議的所有資源。

aws trustedadvisor list-organization-recommendation-resources \ --organization-recommendation-identifier arn:aws:trustedadvisor:::organization-recommendation/5a694939-2e54-45a2-ae72-730598fa89d0

輸出:

{ "organizationRecommendationResourceSummaries": [ { "arn": "arn:aws:trustedadvisor::000000000000:recommendation-resource/5a694939-2e54-45a2-ae72-730598fa89d0/bb38affc0ce0681d9a6cd13f30238ba03a8f63dfe7a379dc403c619119d86af", "awsResourceId": "database-1-instance-1", "id": "bb38affc0ce0681d9a6cd13f302383ba03a8f63dfe7a379dc403c619119d86af", "lastUpdatedAt": "2023-11-01T15:09:51.891Z", "metadata": { "0": "14", "1": "208.79999999999998", "2": "database-1-instance-1", "3": "db.r5.large", "4": "false", "5": "us-west-2", "6": "arn:aws:rds:us-west-2:000000000000:db:database-1-instance-1", "7": "1" }, "recommendationArn": "arn:aws:trustedadvisor:::organization-recommendation/5a694939-2e54-45a2-ae72-730598fa89d0", "regionCode": "us-west-2", "status": "warning" }, { "arn": "arn:aws:trustedadvisor::000000000000:recommendation-resource/5a694939-2e54-45a2-ae72-730598fa89d0/51fded4d7a3278818df9cfe344ff5762cec46c095a6763d1ba1ba53bd0e1b0e6", "awsResourceId": "database-1", "id": "51fded4d7a3278818df9cfe344ff5762cec46c095a6763d1ba1ba53bd0e1b0e6", "lastUpdatedAt": "2023-11-01T15:09:51.891Z", "metadata": { "0": "14", "1": "31.679999999999996", "2": "database-1", "3": "db.t3.small", "4": "false", "5": "us-west-2", "6": "arn:aws:rds:us-west-2:000000000000:db:database-1", "7": "20" }, "recommendationArn": "arn:aws:trustedadvisor:::organization-recommendation/5a694939-2e54-45a2-ae72-730598fa89d0", "regionCode": "us-west-2", "status": "warning" }, { "arn": "arn:aws:trustedadvisor::000000000000:recommendation-resource/5a694939-2e54-45a2-ae72-730598fa89d0/f4d01bd20f4cd5372062aafc8786c489e48f0ead7cdab121463bf9f89e40a36b", "awsResourceId": "database-2-instance-1-us-west-2a", "id": "f4d01bd20f4cd5372062aafc8786c489e48f0ead7cdab121463bf9f89e40a36b", "lastUpdatedAt": "2023-11-01T15:09:51.891Z", "metadata": { "0": "14", "1": "187.20000000000002", "2": "database-2-instance-1-us-west-2a", "3": "db.r6g.large", "4": "true", "5": "us-west-2", "6": "arn:aws:rds:us-west-2:000000000000:db:database-2-instance-1-us-west-2a", "7": "1" }, "recommendationArn": "arn:aws:trustedadvisor:::organization-recommendation/5a694939-2e54-45a2-ae72-730598fa89d0", "regionCode": "us-west-2", "status": "warning" }, ], "nextToken": "REDACTED" }

如需詳細資訊,請參閱 Trusted Advisor 使用者指南APIAWS 中的 Trusted Advisor 入門。

下列程式碼範例示範如何使用 list-organization-recommendations

AWS CLI

範例 1:列出組織建議

下列list-organization-recommendations範例列出所有組織建議,但不包含篩選條件。

aws trustedadvisor list-organization-recommendations

輸出:

{ "organizationRecommendationSummaries": [ { "arn": "arn:aws:trustedadvisor:::organization-recommendation/9534ec9b-bf3a-44e8-8213-2ed68b39d9d5", "name": "Lambda Runtime Deprecation Warning", "awsServices": [ "lambda" ], "checkArn": "arn:aws:trustedadvisor:::check/L4dfs2Q4C5", "id": "9534ec9b-bf3a-44e8-8213-2ed68b39d9d5", "lifecycleStage": "resolved", "pillars": [ "security" ], "resourcesAggregates": { "errorCount": 0, "okCount": 0, "warningCount": 0 }, "source": "ta_check", "status": "warning", "type": "priority" }, { "arn": "arn:aws:trustedadvisor:::organization-recommendation/4ecff4d4-1bc1-4c99-a5b8-0fff9ee500d6", "name": "Lambda Runtime Deprecation Warning", "awsServices": [ "lambda" ], "checkArn": "arn:aws:trustedadvisor:::check/L4dfs2Q4C5", "id": "4ecff4d4-1bc1-4c99-a5b8-0fff9ee500d6", "lifecycleStage": "resolved", "pillars": [ "security" ], "resourcesAggregates": { "errorCount": 0, "okCount": 0, "warningCount": 0 }, "source": "ta_check", "status": "warning", "type": "priority" }, ], "nextToken": "REDACTED" }

如需詳細資訊,請參閱 Trusted Advisor 使用者指南APIAWS 中的 Trusted Advisor 入門。

範例 2:使用篩選條件列出組織建議

下列list-organization-recommendations範例會篩選並傳回最多一個組織建議,這是「安全」支柱的一部分。

aws trustedadvisor list-organization-recommendations \ --pillar security \ --max-items 100

輸出:

{ "organizationRecommendationSummaries": [{ "arn": "arn:aws:trustedadvisor:::organization-recommendation/9534ec9b-bf3a-44e8-8213-2ed68b39d9d5", "name": "Lambda Runtime Deprecation Warning", "awsServices": [ "lambda" ], "checkArn": "arn:aws:trustedadvisor:::check/L4dfs2Q4C5", "id": "9534ec9b-bf3a-44e8-8213-2ed68b39d9d5", "lifecycleStage": "resolved", "pillars": [ "security" ], "resourcesAggregates": { "errorCount": 0, "okCount": 0, "warningCount": 0 }, "source": "ta_check", "status": "warning", "type": "priority" }], "nextToken": "REDACTED" }

如需詳細資訊,請參閱 Trusted Advisor 使用者指南APIAWS 中的 Trusted Advisor 入門。

範例 3:使用分頁權杖列出組織建議

下列list-organization-recommendations範例使用從上一個請求傳回的「nextToken」來擷取組織建議的下一頁。

aws trustedadvisor list-organization-recommendations \ --pillar security \ --max-items 100 \ --starting-token <next-token>

輸出:

{ "organizationRecommendationSummaries": [{ "arn": "arn:aws:trustedadvisor:::organization-recommendation/4ecff4d4-1bc1-4c99-a5b8-0fff9ee500d6", "name": "Lambda Runtime Deprecation Warning", "awsServices": [ "lambda" ], "checkArn": "arn:aws:trustedadvisor:::check/L4dfs2Q4C5", "id": "4ecff4d4-1bc1-4c99-a5b8-0fff9ee500d6", "lifecycleStage": "resolved", "pillars": [ "security" ], "resourcesAggregates": { "errorCount": 0, "okCount": 0, "warningCount": 0 }, "source": "ta_check", "status": "warning", "type": "priority" }] }

如需詳細資訊,請參閱 Trusted Advisor 使用者指南APIAWS 中的 Trusted Advisor 入門。

下列程式碼範例示範如何使用 list-recommendation-resources

AWS CLI

列出建議資源

下列list-recommendation-resources範例會依其識別碼列出建議的所有資源。

aws trustedadvisor list-recommendation-resources \ --recommendation-identifier arn:aws:trustedadvisor::000000000000:recommendation/55fa4d2e-bbb7-491a-833b-5773e9589578

輸出:

{ "recommendationResourceSummaries": [ { "arn": "arn:aws:trustedadvisor::000000000000:recommendation-resource/55fa4d2e-bbb7-491a-833b-5773e9589578/18959a1f1973cff8e706e9d9bde28bba36cd602a6b2cb86c8b61252835236010", "id": "18959a1f1973cff8e706e9d9bde28bba36cd602a6b2cb86c8b61252835236010", "awsResourceId": "webcms-dev-01", "lastUpdatedAt": "2023-11-01T15:09:51.891Z", "metadata": { "0": "14", "1": "123.12000000000002", "2": "webcms-dev-01", "3": "db.m6i.large", "4": "false", "5": "us-east-1", "6": "arn:aws:rds:us-east-1:000000000000:db:webcms-dev-01", "7": "20" }, "recommendationArn": "arn:aws:trustedadvisor::000000000000:recommendation/55fa4d2e-bbb7-491a-833b-5773e9589578", "regionCode": "us-east-1", "status": "warning" }, { "arn": "arn:aws:trustedadvisor::000000000000:recommendation-resource/55fa4d2e-bbb7-491a-833b-5773e9589578/e6367ff500ac90db8e4adeb4892e39ee9c36bbf812dcbce4b9e4fefcec9eb63e", "id": "e6367ff500ac90db8e4adeb4892e39ee9c36bbf812dcbce4b9e4fefcec9eb63e", "awsResourceId": "aws-dev-db-stack-instance-1", "lastUpdatedAt": "2023-11-01T15:09:51.891Z", "metadata": { "0": "14", "1": "29.52", "2": "aws-dev-db-stack-instance-1", "3": "db.t2.small", "4": "false", "5": "us-east-1", "6": "arn:aws:rds:us-east-1:000000000000:db:aws-dev-db-stack-instance-1", "7": "1" }, "recommendationArn": "arn:aws:trustedadvisor::000000000000:recommendation/55fa4d2e-bbb7-491a-833b-5773e9589578", "regionCode": "us-east-1", "status": "warning" }, { "arn": "arn:aws:trustedadvisor::000000000000:recommendation-resource/55fa4d2e-bbb7-491a-833b-5773e9589578/31aa78ba050a5015d2d38cca7f5f1ce88f70857c4e1c3ad03f8f9fd95dad7459", "id": "31aa78ba050a5015d2d38cca7f5f1ce88f70857c4e1c3ad03f8f9fd95dad7459", "awsResourceId": "aws-awesome-apps-stack-db", "lastUpdatedAt": "2023-11-01T15:09:51.891Z", "metadata": { "0": "14", "1": "114.48000000000002", "2": "aws-awesome-apps-stack-db", "3": "db.m6g.large", "4": "false", "5": "us-east-1", "6": "arn:aws:rds:us-east-1:000000000000:db:aws-awesome-apps-stack-db", "7": "100" }, "recommendationArn": "arn:aws:trustedadvisor::000000000000:recommendation/55fa4d2e-bbb7-491a-833b-5773e9589578", "regionCode": "us-east-1", "status": "warning" } ], "nextToken": "REDACTED" }

如需詳細資訊,請參閱 Trusted Advisor 使用者指南APIAWS 中的 Trusted Advisor 入門。

下列程式碼範例示範如何使用 list-recommendations

AWS CLI

範例 1:列出建議

下列list-recommendations範例列出所有建議,但不包含篩選條件。

aws trustedadvisor list-recommendations

輸出:

{ "recommendationSummaries": [ { "arn": "arn:aws:trustedadvisor::000000000000:recommendation/55fa4d2e-bbb7-491a-833b-5773e9589578", "name": "MFA Recommendation", "awsServices": [ "iam" ], "checkArn": "arn:aws:trustedadvisor:::check/7DAFEmoDos", "id": "55fa4d2e-bbb7-491a-833b-5773e9589578", "lastUpdatedAt": "2023-11-01T15:57:58.673Z", "pillarSpecificAggregates": { "costOptimizing": { "estimatedMonthlySavings": 0.0, "estimatedPercentMonthlySavings": 0.0 } }, "pillars": [ "security" ], "resourcesAggregates": { "errorCount": 1, "okCount": 0, "warningCount": 0 }, "source": "ta_check", "status": "error", "type": "standard" }, { "arn": "arn:aws:trustedadvisor::000000000000:recommendation/8b602b6f-452d-4cb2-8a9e-c7650955d9cd", "name": "RDS clusters quota warning", "awsServices": [ "rds" ], "checkArn": "arn:aws:trustedadvisor:::check/gjqMBn6pjz", "id": "8b602b6f-452d-4cb2-8a9e-c7650955d9cd", "lastUpdatedAt": "2023-11-01T15:58:17.397Z", "pillarSpecificAggregates": { "costOptimizing": { "estimatedMonthlySavings": 0.0, "estimatedPercentMonthlySavings": 0.0 } }, "pillars": [ "service_limits" ], "resourcesAggregates": { "errorCount": 0, "okCount": 3, "warningCount": 6 }, "source": "ta_check", "status": "warning", "type": "standard" } ], "nextToken": "REDACTED" }

如需詳細資訊,請參閱 Trusted Advisor 使用者指南APIAWS 中的 Trusted Advisor 入門。

範例 2:使用篩選條件列出建議

下列list-recommendations範例列出建議並包含篩選條件。

aws trustedadvisor list-recommendations \ --aws-service iam \ --max-items 100

輸出:

{ "recommendationSummaries": [{ "arn": "arn:aws:trustedadvisor::000000000000:recommendation/55fa4d2e-bbb7-491a-833b-5773e9589578", "name": "MFA Recommendation", "awsServices": [ "iam" ], "checkArn": "arn:aws:trustedadvisor:::check/7DAFEmoDos", "id": "55fa4d2e-bbb7-491a-833b-5773e9589578", "lastUpdatedAt": "2023-11-01T15:57:58.673Z", "pillarSpecificAggregates": { "costOptimizing": { "estimatedMonthlySavings": 0.0, "estimatedPercentMonthlySavings": 0.0 } }, "pillars": [ "security" ], "resourcesAggregates": { "errorCount": 1, "okCount": 0, "warningCount": 0 }, "source": "ta_check", "status": "error", "type": "standard" }], "nextToken": "REDACTED" }

如需詳細資訊,請參閱 Trusted Advisor 使用者指南APIAWS 中的 Trusted Advisor 入門。

範例 3:使用分頁權杖列出建議

下列list-recommendations範例使用從上一個請求傳回的「nextToken」來擷取篩選建議的下一頁。

aws trustedadvisor list-recommendations \ --aws-service rds \ --max-items 100 \ --starting-token <next-token>

輸出:

{ "recommendationSummaries": [{ "arn": "arn:aws:trustedadvisor::000000000000:recommendation/8b602b6f-452d-4cb2-8a9e-c7650955d9cd", "name": "RDS clusters quota warning", "awsServices": [ "rds" ], "checkArn": "arn:aws:trustedadvisor:::check/gjqMBn6pjz", "id": "8b602b6f-452d-4cb2-8a9e-c7650955d9cd", "lastUpdatedAt": "2023-11-01T15:58:17.397Z", "pillarSpecificAggregates": { "costOptimizing": { "estimatedMonthlySavings": 0.0, "estimatedPercentMonthlySavings": 0.0 } }, "pillars": [ "service_limits" ], "resourcesAggregates": { "errorCount": 0, "okCount": 3, "warningCount": 6 }, "source": "ta_check", "status": "warning", "type": "standard" }] }

如需詳細資訊,請參閱 Trusted Advisor 使用者指南APIAWS 中的 Trusted Advisor 入門。

下列程式碼範例示範如何使用 update-organization-recommendation-lifecycle

AWS CLI

更新組織建議生命週期

下列update-organization-recommendation-lifecycle範例會更新組織建議的生命週期,並依其識別符進行更新。

aws trustedadvisor update-organization-recommendation-lifecycle \ --organization-recommendation-identifier arn:aws:trustedadvisor:::organization-recommendation/96b5e5ca-7930-444c-90c6-06d386128100 \ --lifecycle-stage dismissed \ --update-reason-code not_applicable

此命令不會產生輸出。

如需詳細資訊,請參閱 Trusted Advisor 使用者指南APIAWS 中的 Trusted Advisor 入門。

下列程式碼範例示範如何使用 update-recommendation-lifecycle

AWS CLI

更新建議生命週期

下列update-recommendation-lifecycle範例會更新建議的生命週期,並以其識別碼顯示。

aws trustedadvisor update-recommendation-lifecycle \ --recommendation-identifier arn:aws:trustedadvisor::000000000000:recommendation/861c9c6e-f169-405a-8b59-537a8caccd7a \ --lifecycle-stage resolved \ --update-reason-code valid_business_case

此命令不會產生輸出。

如需詳細資訊,請參閱 Trusted Advisor 使用者指南APIAWS 中的 Trusted Advisor 入門。