Amazon がオーナーの AWS Systems Manager ランブック(オートメーションドキュメント)の一覧を取得したい
AWS Systems Manager ランブックことオートメーションドキュメントは 2021 年 3 月と比較すると 150 個ほど増えていました。今後も増えていく気がするので、確認の仕方をおさえておきましょう。現時点での一覧は最後尾に記載しています。
コンバンハ、千葉(幸)です。
AWS Systems Manager にはオートメーションという機能があり、専用の実行基盤から AWS リソースへアクションを実行できます。アクション実行のトリガーとして設定できるリソースは複数あります。
実行するアクションはランブック(オートメーションドキュメント)によって定義されており、ひとつ以上のステップからなる処理を自動化できます。
▲ AWS Systems Manager オートメーションのイメージ
AWS Systems Manager ランブックは自前で作成することもできますし、あらかじめ AWS によって用意されたもの(オーナーが Amazon であるもの)の使用もできます。
せっかくなのでどういったランブックが用意されているのか全容を確認したくなりますが、マネジメントコンソールからではなかなか道のりが厳しそうです。
▲ ランブックが・・ ランブックが多い・・!!
AWS ドキュメントでまとめられているものはない *1 では以下に一覧が記載されていますが、対応する AWS サービスごとにページが分かれているので全体を確認するのは少し手間取りそうです。
そうなると残された手段は……そうですね、AWS CLI ですね。サクッと一括で確認する手段をまとめてみました。
aws ssm list-documents コマンド実行例
ランブックのリスト化のために使用する AWS CLI コマンドは以下です。
AWS CloudShell などお好みの環境で実行してください。
「作成時刻」「ドキュメント名」「ターゲットタイプ」をテーブル形式で出力するコマンド例は以下です。
aws ssm list-documents --output table\
--filters Key=Owner,Values=Amazon Key=DocumentType,Values=Automation\
--query 'DocumentIdentifiers[*].{DocumentName:Name,TargetType:TargetType,CreatedDate:CreatedDate}'
出力イメージはこうです。(全量は後段で記します。)
[cloudshell-user@ip-10-0-4-42 ~]$ aws ssm list-documents --output table\
> --filters Key=Owner,Values=Amazon Key=DocumentType,Values=Automation\
> --query 'DocumentIdentifiers[*].{DocumentName:Name,TargetType:TargetType,CreatedDate:CreatedDate}'
---------------------------------------------------------------------------------------------------------------------------------------------------------------
| ListDocuments |
+----------------------------------+---------------------------------------------------------------------------+----------------------------------------------+
| CreatedDate | DocumentName | TargetType |
+----------------------------------+---------------------------------------------------------------------------+----------------------------------------------+
| 2018-02-15T03:01:33.741000+00:00| AWS-ASGEnterStandby | /AWS::EC2::Volume |
| 2018-02-15T03:01:38.172000+00:00| AWS-ASGExitStandby | /AWS::EC2::Volume |
| 2021-05-10T21:25:03.665000+00:00| AWS-AddOpsItemDedupStringToEventBridgeRule | None |
| 2018-02-16T23:10:58.629000+00:00| AWS-AttachEBSVolume | /AWS::EC2::Volume |
| 2018-02-15T03:01:40.397000+00:00| AWS-AttachIAMToInstance | /AWS::EC2::Instance |
| 2021-09-27T16:08:05.694000+00:00| AWS-BulkEditOpsItems | None |
| 2021-05-28T23:03:46.150000+00:00| AWS-BulkResolveOpsItems | None |
| 2021-04-29T17:32:02.227000+00:00| AWS-ChangeDDBRWCapacityMode | None |
| 2021-05-10T21:25:14.683000+00:00| AWS-CloseSecurityGroup | None |
| 2020-05-18T21:23:21.412000+00:00| AWS-ConfigureCloudTrailLogging | None |
| 2018-04-04T20:15:39.394000+00:00| AWS-ConfigureCloudWatchOnEC2Instance | /AWS::EC2::Instance |
| 2018-08-31T21:28:37.452000+00:00| AWS-ConfigureS3BucketLogging | /AWS::S3::Bucket |
| 2018-08-28T15:58:07.107000+00:00| AWS-ConfigureS3BucketVersioning | /AWS::S3::Bucket |
| 2018-03-14T23:58:00.271000+00:00| AWS-CopySnapshot | /AWS::EC2::Snapshot |
| 2021-06-16T17:12:03.952000+00:00| AWS-CreateDSManagementInstance | /AWS::EC2::Instance |
| 2018-07-30T21:03:44.614000+00:00| AWS-CreateDynamoDbBackup | None |
| 2021-05-10T21:25:29.141000+00:00| AWS-CreateEncryptedRdsSnapshot | /AWS::RDS::DBInstance |
........
「ドキュメント名」だけをテキスト形式で出力するコマンド例は以下です。
aws ssm list-documents --output text\ --filters Key=Owner,Values=Amazon Key=DocumentType,Values=Automation\ --query 'DocumentIdentifiers[].[Name]'
出力イメージはこうです。(これは全量は割愛します。)
[cloudshell-user@ip-10-0-4-42 ~]$ aws ssm list-documents --output text\ > --filters Key=Owner,Values=Amazon Key=DocumentType,Values=Automation\ > --query 'DocumentIdentifiers[].[Name]' AWS-ASGEnterStandby AWS-ASGExitStandby AWS-AddOpsItemDedupStringToEventBridgeRule AWS-AttachEBSVolume AWS-AttachIAMToInstance AWS-BulkEditOpsItems AWS-BulkResolveOpsItems AWS-ChangeDDBRWCapacityMode AWS-CloseSecurityGroup AWS-ConfigureCloudTrailLogging AWS-ConfigureCloudWatchOnEC2Instance AWS-ConfigureS3BucketLogging AWS-ConfigureS3BucketVersioning AWS-CopySnapshot AWS-CreateDSManagementInstance AWS-CreateDynamoDbBackup AWS-CreateEncryptedRdsSnapshot ...
ちなみに現時点(2022/6/4)でドキュメントは 328 個ありました。大量ですね。
[cloudshell-user@ip-10-0-4-42 ~]$ aws ssm list-documents --output text\ > --filters Key=Owner,Values=Amazon Key=DocumentType,Values=Automation\ > --query 'DocumentIdentifiers[].[Name]'\ > | wc -l 328
aws ssm list-documents を少し深堀り
こちらのコマンドで使用できるオプションや出力結果を確認します。
--filters オプション
--filltersオプションによりサーバーサイドのフィルタリングが可能です。フィルタリングは Key と Value の組み合わせで行います。
Key に指定できるのパラメータは以下です。今回は★を付与した Key でフィルタリングをしています。
Owner★NamePlatformTypesDocumentType★TargetType
--query オプション
--queryオプションによりクライアントサイドでのフィルタリングを行います。素の出力イメージが以下であり、ハイライト部のみを出力しています。
% aws ssm list-documents\
--filters Key=Owner,Values=Amazon Key=DocumentType,Values=Automation
{
"DocumentIdentifiers": [
{
"Name": "AWS-ASGEnterStandby",
"CreatedDate": "2018-02-15T12:01:33.741000+09:00",
"Owner": "Amazon",
"PlatformTypes": [
"Windows",
"Linux",
"MacOS"
],
"DocumentVersion": "1",
"DocumentType": "Automation",
"SchemaVersion": "0.3",
"DocumentFormat": "JSON",
"TargetType": "/AWS::EC2::Volume",
"Tags": []
},
...
このコマンドで確認できる情報の全量がわかりました。
他の aws ssm コマンドでランブックの詳細を確認してみる
もう少し詳細を確認したい時に使えるコマンドがあるかな?と思いいくつか試してみました。以降のコマンドはすべて単一のドキュメントを指定して実行する必要があります。
aws ssm list-document-versions
指定したドキュメントのバージョンの内訳を確認できます。言ってみれば更新履歴が確認できますね。
% aws ssm list-document-versions --name AWSSupport-ResetAccess
{
"DocumentVersions": [
{
"Name": "AWSSupport-ResetAccess",
"DocumentVersion": "10",
"CreatedDate": "2018-09-22T08:27:34.648000+09:00",
"IsDefaultVersion": true,
"DocumentFormat": "JSON",
"Status": "Active"
},
{
"Name": "AWSSupport-ResetAccess",
"DocumentVersion": "9",
"CreatedDate": "2018-05-15T09:07:22.274000+09:00",
"IsDefaultVersion": false,
"DocumentFormat": "JSON",
"Status": "Active"
},
{
"Name": "AWSSupport-ResetAccess",
"DocumentVersion": "8",
"CreatedDate": "2018-05-11T08:07:47.966000+09:00",
"IsDefaultVersion": false,
"DocumentFormat": "JSON",
"Status": "Active"
},
...
aws ssm list-document-metadata-history
よくよく見てみるとこれは変更カレンダーの変更テンプレート用のコマンドだったようで、ランブックを指定して実行すると取り立てて情報は取得できませんでした。
% aws ssm list-document-metadata-history\
--name AWSSupport-ActivateWindowsWithAmazonLicense\
--metadata DocumentReviews
{
"Name": "AWSSupport-ActivateWindowsWithAmazonLicense",
"DocumentVersion": "7",
"Metadata": {
"ReviewerResponse": []
}
}
リファレンスのサンプルを見るに、変更テンプレートでは以下のように変更時刻やコメント、レビューステーテスが確認できるようです。
{
"Name": "MyChangeManagerTemplate",
"DocumentVersion": "1",
"Author": "arn:aws:iam::111222333444;:user/JohnDoe",
"Metadata": {
"ReviewerResponse": [
{
"CreateTime": "2021-07-30T11:58:28.025000-07:00",
"UpdatedTime": "2021-07-30T12:01:19.274000-07:00",
"ReviewStatus": "APPROVED",
"Comment": [
{
"Type": "COMMENT",
"Content": "I approve this template version"
}
],
"Reviewer": "arn:aws:iam::111222333444;:user/ShirleyRodriguez"
},
{
"CreateTime": "2021-07-30T11:58:28.025000-07:00",
"UpdatedTime": "2021-07-30T11:58:28.025000-07:00",
"ReviewStatus": "PENDING"
}
]
}
}
aws ssm get-document
ドキュメントのコンテンツを取得したいときに使うことになりそうです。
{
"Name": "AWS-RunShellScript",
"DocumentVersion": "1",
"Status": "Active",
"Content": "{\n \"schemaVersion\":\"1.2\",\n \"description\":\"Run a shell script or specify the commands to run.\",\n \"parameters\":{\n \"commands\":{\n \"type\":\"StringList\",\n \"description\":\"(Required) Specify a shell script or a command to run.\",\n \"minItems\":1,\n \"displayType\":\"textarea\"\n },\n \"workingDirectory\":{\n \"type\":\"String\",\n \"default\":\"\",\n \"description\":\"(Optional) The path to the working directory on your instance.\",\n \"maxChars\":4096\n },\n \"executionTimeout\":{\n \"type\":\"String\",\n \"default\":\"3600\",\n \"description\":\"(Optional) The time in seconds for a command to complete before it is considered to have failed. Default is 3600 (1 hour). Maximum is 172800 (48 hours).\",\n \"allowedPattern\":\"([1-9][0-9]{0,4})|(1[0-6][0-9]{4})|(17[0-1][0-9]{3})|(172[0-7][0-9]{2})|(172800)\"\n }\n },\n \"runtimeConfig\":{\n \"aws:runShellScript\":{\n \"properties\":[\n {\n \"id\":\"0.aws:runShellScript\",\n \"runCommand\":\"{{ commands }}\",\n \"workingDirectory\":\"{{ workingDirectory }}\",\n \"timeoutSeconds\":\"{{ executionTimeout }}\"\n }\n ]\n }\n }\n}\n",
"DocumentType": "Command",
"DocumentFormat": "JSON"
}
コンテンツを展開したいときは以下のようにjq -rを挟んであげるとよいでしょう。
% aws ssm get-document\
--name AWS-ASGEnterStandby\
--query 'Content'\
| jq -r
{
"schemaVersion": "0.3",
"assumeRole": "{{AutomationAssumeRole}}",
"description": "Change the Standby state of an EC2 instance in an autoscaling group",
"parameters": {
"InstanceId": {
"type": "String",
"description": "(Required) ID of EC2 Instance to change standby state for within ASG"
},
"LambdaRoleArn": {
"default": "",
"type": "String",
"description": "(Optional) The ARN of the role that allows Lambda created by Automation to perform the actions on your behalf. If not specified a transient role will be created to execute the Lambda function."
},
"AutomationAssumeRole": {
"default": "",
"type": "String",
"description": "(Optional) The ARN of the role that allows Automation to perform the actions on your behalf."
}
},
"mainSteps": [
{
"action": "aws:createStack",
"inputs": {
"StackName": "asg-state-change-lambda-cfn-stack-{{automation:EXECUTION_ID}}",
"Parameters": [
{
"ParameterValue": "asg-state-change-lambda-{{automation:EXECUTION_ID}}",
"ParameterKey": "FunctionName"
},
{
"ParameterValue": "{{LambdaRoleArn}}",
"ParameterKey": "LambdaRoleArn"
}
],
"Capabilities": [
"CAPABILITY_IAM"
],
"TemplateBody": "AWSTemplateFormatVersion: '2010-09-09'\nConditions:\n IsVerbose:\n Fn::Equals:\n - {Ref: Verbose}\n - 'true'\n IsVerboseAndLambdaRoleNotSpecified:\n Fn::And:\n - {Condition: LambdaAssumeRoleNotSpecified}\n - {Condition: IsVerbose}\n LambdaAssumeRoleNotSpecified:\n Fn::Or:\n - Fn::Equals:\n - {Ref: LambdaRoleArn}\n - ''\n - Fn::Equals:\n - {Ref: LambdaRoleArn}\n - undefined\nDescription: Automation stack for ASG Change Standby state documents\nParameters:\n FunctionName: {Description: What to name the deployed lambda function, Type: String}\n LambdaRoleArn: {Default: '', Description: 'Assume role used by the lambda function.\n If not specified this template will create a temporary role to be used by the\n lambda created in this template.\n\n ', Type: String}\n Verbose:\n AllowedValues: ['true', 'false']\n Default: 'true'\n Description: 'Verbose setting\n\n '\n Type: String\nResources:\n ChangeASGStateLambda:\n Properties:\n Code: {ZipFile: \"import logging\\n\\nimport boto3\\n\\n\\ndef handler(event, context):\\n\\\n \\t\\\"\\\"\\\"\\n\\tChanges the state of an instance in an autoscaling group. The\\\n \\ IAM role running this lambda requires the following\\n\\tpermissions:\\n\\t\\\n {\\n\\t \\\"Effect\\\": \\\"Allow\\\",\\n\\t \\\"Action\\\": [\\n\\t\\t\\\"autoscaling:EnterStandby\\\"\\\n ,\\n\\t\\t\\\"autoscaling:ExitStandby\\\",\\n\\t\\t\\\"autoscaling:DescribeAutoScalingInstances\\n\\\n \\t ],\\n\\t \\\"Resource\\\": \\\"*\\\"\\n\\t}\\n\\t:param event: Defined fields:\\n\\t\\\n \\t{\\n\\t\\t \\\"State\\\": \\\"EnterStandby|ExitStandby\\\",\\n\\t\\t \\\"InstanceId\\\"\\\n : \\\"i-1234567890\\\",\\n\\t\\t \\\"ASGName\\\": \\\"MyASGName\\\",\\n\\t\\t \\\"ShouldDecrement\\\"\\\n : true|false\\n\\t\\t}\\n\\tThe ShouldDecrement field is only used for EnterStandby\\\n \\ and ignored otherwise\\n\\t\\\"\\\"\\\"\\n\\tas_client = boto3.client('autoscaling')\\n\\\n \\t# The state to transition to. Options are EnterStandby and ExitStandby\\n\\\n \\tstate = event.get('State')\\n\\tinstance_id = event.get('InstanceId')\\n\\t\\\n decrement = event.get('ShouldDecrement', False)\\n\\n\\tassert state in {'EnterStandby',\\\n \\ 'ExitStandby'}, 'Invalid state provided'\\n\\tassert instance_id is not\\\n \\ None, 'InstanceId must be specified'\\n\\n\\tinstances = as_client.describe_auto_scaling_instances(InstanceIds=[instance_id])\\n\\\n \\tif len(instances.get(\\\"AutoScalingInstances\\\", [])) > 0:\\n\\t\\tasg_name\\\n \\ = instances[\\\"AutoScalingInstances\\\"][0][\\\"AutoScalingGroupName\\\"]\\n\\t\\\n \\tif state == 'EnterStandby':\\n\\t\\t\\tprint(\\\"Enter Standby: {instance_id} {asg_name}\\\")\\n\\t\\t\\tas_client.enter_standby(InstanceIds=[instance_id],\\n\\t\\\n \\t\\t\\t\\t\\t\\t\\t\\tAutoScalingGroupName=asg_name,\\n\\t\\t\\t\\t\\t\\t\\t\\t\\tShouldDecrementDesiredCapacity=decrement)\\n\\\n \\t\\telse:\\n\\t\\t\\tprint(\\\"Exit Standby: {instance_id} {asg_name}\\\")\\n\\\n \\t\\t\\tas_client.exit_standby(InstanceIds=[instance_id], AutoScalingGroupName=asg_name)\\n\"}\n FunctionName: {Ref: FunctionName}\n Handler: index.handler\n Role:\n Fn::If:\n - LambdaAssumeRoleNotSpecified\n - Fn::GetAtt: [LambdaRole, Arn]\n - {Ref: LambdaRoleArn}\n Runtime: python3.7\n Type: AWS::Lambda::Function\n LambdaLogPolicy:\n Condition: IsVerboseAndLambdaRoleNotSpecified\n Properties:\n PolicyDocument:\n Statement:\n Action: ['log:CreateLogStream', 'log:PutLogEvents', 'log:CreateLogGroup']\n Effect: Allow\n Resource: {'Fn::Sub': 'arn:${AWS::Partition}:logs:${AWS::Region}:${AWS::AccountId}:*'}\n Version: '2012-10-17'\n PolicyName: lambda-log-access\n Roles:\n - {Ref: LambdaRole}\n Type: AWS::IAM::Policy\n LambdaRole:\n Condition: LambdaAssumeRoleNotSpecified\n Properties:\n AssumeRolePolicyDocument:\n Statement:\n - Action: ['sts:AssumeRole']\n Effect: Allow\n Principal:\n Service: [lambda.amazonaws.com]\n Version: '2012-10-17'\n Path: /\n Policies:\n - PolicyDocument:\n Statement:\n Action: ['autoscaling:EnterStandby', 'autoscaling:ExitStandby', 'autoscaling:DescribeAutoScalingInstances']\n Effect: Allow\n Resource: '*'\n Version: '2012-10-17'\n PolicyName: asg-access\n Type: AWS::IAM::Role\n"
},
"maxAttempts": 1,
"name": "deployChangeStateLambda",
"onFailure": "Abort"
},
{
"action": "aws:invokeLambdaFunction",
"inputs": {
"FunctionName": "asg-state-change-lambda-{{automation:EXECUTION_ID}}",
"Payload": "{\"InstanceId\": \"{{InstanceId}}\", \"State\": \"EnterStandby\", \"ShouldDecrement\": true}"
},
"maxAttempts": 1,
"name": "changeState",
"onFailure": "Abort"
},
{
"action": "aws:deleteStack",
"inputs": {
"StackName": "asg-state-change-lambda-cfn-stack-{{automation:EXECUTION_ID}}"
},
"maxAttempts": 1,
"name": "deleteChangeStateLambda",
"onFailure": "Abort"
}
]
}
ランブックのカテゴリって何?
マネジメントコンソールからランブックを確認する際、カテゴリという区分が確認できます。
ドキュメントの詳細画面では以下から参照できます。
ここまで見てきた AWS CLI コマンドではこの「カテゴリー」に関する情報は取得できませんでした。どうやら 12 個のカテゴリーがあるようですが、その内訳をパッと確認する術が思いつきません。
しょうがないので、マネジメントコンソールから手作業で確認しました。328 個あるランブックからあたりをつけて頑張って開いて確認しました。疲れました。
確認できたカテゴリーは以下です。カテゴリーが設定されていないランブックも多々ありました。また、ランブックによっては複数のカテゴリーが設定されているものもありました。
| カテゴリー名 | カテゴリーに属するランブック例 |
|---|---|
| AMI management | AWS-UpdateWindowsAmi |
| Application Management | AWS-ConfigureDocker |
| AWS Documentation | AWSDocs-Configure-SSL-TLS-AL2 |
| Configuration Management | AWS-ApplyAnsiblePlaybooks |
| Disaster recovery and backup | AWS-CopySnapshot |
| Instance management | AWS-ASGEnterStandby |
| Patch Management | AWS-ConfigureKernelLivePatching |
| Patching | AWS-PatchAsgInstance |
| Remediation | AWSConfigRemediation-CancelKeyDeletion |
| Resource management | AWS-ConfigureS3BucketLogging |
| Security | AWS-DisablePublicAccessForSecurityGroup |
| Self service support workflows | AWSSupport-ActivateWindowsWithAmazonLicense |
ランブックのプレフィックスとカテゴリー名の関係は?
ランブックはいくつか共通したプレフィックスを持つものがあります。プレフィックスとカテゴリーの関係性はどうなっているのか?をまとめてみると以下のようになりました。
| # | プレフィックス名 | 付与されているカテゴリー名 |
|---|---|---|
| 1 | AWSConfigRemediation- | Remediation |
| 2 | AWSDocs- | AWS Documentation |
| 3 | AWSPremiumSupport- | カテゴリーなし |
| 4 | AWSResilienceHub- | カテゴリーなし |
| 5 | AWSSQLServer- | カテゴリーなし |
| 6 | AWSSupport- | Self service support workflows |
観測範囲では#2~#6は上記にまとめた通りになっていますが、#1は「カテゴリーなし」になっているものもいくつか確認できました。
おまけ:サードパーティがオーナーの AWS Systems Manager ドキュメントは?
オートメーションドキュメントに限らず、オーナーがThirdPartyである AWS Systems Manager ドキュメントを確認してみました。
% aws ssm list-documents --output table\
--filters Key=Owner,Values=ThirdParty\
--query 'DocumentIdentifiers[].{DocumentName:Name,DocumentType:DocumentType}'
----------------------------------------------------------
| ListDocuments |
+---------------------------------------+----------------+
| DocumentName | DocumentType |
+---------------------------------------+----------------+
| AlertLogic-MDR | Package |
| DynatraceOneAgent | Package |
| TrendMicro-CloudOne-WorkloadSecurity | Package |
+---------------------------------------+----------------+
パッケージタイプのドキュメントが 3 つあるだけでした。もう少し増えてくると楽しそうですね。
2022 年 6 月時点の AWS Systems Manager ランブック一覧と共にお別れ
AWS Systems Manager ランブック(オートメーションドキュメント)の一覧を確認してみました。
以前に似たアプローチで Amazon が所有する AWS Systems Manager ドキュメントの一覧を確認したことがあるのですが、今回はランブックにフォーカスをあてて書いてみました。
どんなことができるのかな〜と気になる方の参考になれば幸いです。現時点での一覧を後段に記載しますので、興味がある方はご参照ください。
以上、 チバユキ (@batchicchi) がお送りしました。
AWS Systems Manager ランブック一覧
% aws ssm list-documents --output table\
--filters Key=Owner,Values=Amazon Key=DocumentType,Values=Automation\
--query 'DocumentIdentifiers[*].{DocumentName:Name,TargetType:TargetType,CreatedDate:CreatedDate}'
---------------------------------------------------------------------------------------------------------------------------------------------------------------
| ListDocuments |
+----------------------------------+---------------------------------------------------------------------------+----------------------------------------------+
| CreatedDate | DocumentName | TargetType |
+----------------------------------+---------------------------------------------------------------------------+----------------------------------------------+
| 2018-02-15T12:01:33.741000+09:00| AWS-ASGEnterStandby | /AWS::EC2::Volume |
| 2018-02-15T12:01:38.172000+09:00| AWS-ASGExitStandby | /AWS::EC2::Volume |
| 2021-05-11T06:25:03.665000+09:00| AWS-AddOpsItemDedupStringToEventBridgeRule | None |
| 2018-02-17T08:10:58.629000+09:00| AWS-AttachEBSVolume | /AWS::EC2::Volume |
| 2018-02-15T12:01:40.397000+09:00| AWS-AttachIAMToInstance | /AWS::EC2::Instance |
| 2021-09-28T01:08:05.694000+09:00| AWS-BulkEditOpsItems | None |
| 2021-05-29T08:03:46.150000+09:00| AWS-BulkResolveOpsItems | None |
| 2021-04-30T02:32:02.227000+09:00| AWS-ChangeDDBRWCapacityMode | None |
| 2021-05-11T06:25:14.683000+09:00| AWS-CloseSecurityGroup | None |
| 2020-05-19T06:23:21.412000+09:00| AWS-ConfigureCloudTrailLogging | None |
| 2018-04-05T05:15:39.394000+09:00| AWS-ConfigureCloudWatchOnEC2Instance | /AWS::EC2::Instance |
| 2018-09-01T06:28:37.452000+09:00| AWS-ConfigureS3BucketLogging | /AWS::S3::Bucket |
| 2018-08-29T00:58:07.107000+09:00| AWS-ConfigureS3BucketVersioning | /AWS::S3::Bucket |
| 2018-03-15T08:58:00.271000+09:00| AWS-CopySnapshot | /AWS::EC2::Snapshot |
| 2021-06-17T02:12:03.952000+09:00| AWS-CreateDSManagementInstance | /AWS::EC2::Instance |
| 2018-07-31T06:03:44.614000+09:00| AWS-CreateDynamoDbBackup | None |
| 2021-05-11T06:25:29.141000+09:00| AWS-CreateEncryptedRdsSnapshot | /AWS::RDS::DBInstance |
| 2018-08-14T06:03:47.324000+09:00| AWS-CreateImage | /AWS::EC2::Instance |
| 2019-01-15T07:05:03.526000+09:00| AWS-CreateJiraIssue | None |
| 2018-03-23T08:31:18.609000+09:00| AWS-CreateManagedLinuxInstance | /AWS::EC2::Instance |
| 2018-03-23T08:37:20.824000+09:00| AWS-CreateManagedLinuxInstanceWithApproval | /AWS::EC2::Instance |
| 2018-03-23T06:35:48.613000+09:00| AWS-CreateManagedWindowsInstance | /AWS::EC2::Instance |
| 2018-03-23T08:13:07.931000+09:00| AWS-CreateManagedWindowsInstanceWithApproval | /AWS::EC2::Instance |
| 2019-11-12T03:39:19.141000+09:00| AWS-CreateRdsSnapshot | /AWS::RDS::DBInstance |
| 2019-11-12T04:09:09.081000+09:00| AWS-CreateServiceNowIncident | None |
| 2018-02-15T12:02:00.575000+09:00| AWS-CreateSnapshot | /AWS::EC2::Volume |
| 2017-11-21T15:51:49.263000+09:00| AWS-DeleteCloudFormationStack | /AWS::CloudFormation::Stack |
| 2017-11-21T15:51:52.018000+09:00| AWS-DeleteCloudFormationStackWithApproval | /AWS::CloudFormation::Stack |
| 2018-07-31T06:03:46.597000+09:00| AWS-DeleteDynamoDbBackup | None |
| 2018-07-31T06:03:47.587000+09:00| AWS-DeleteDynamoDbTableBackups | None |
| 2020-12-13T09:50:24.001000+09:00| AWS-DeleteEKSCluster | None |
| 2018-08-14T06:03:51.321000+09:00| AWS-DeleteEbsVolumeSnapshots | /AWS::EC2::Volume |
| 2021-05-04T06:24:59.856000+09:00| AWS-DeleteIAMInlinePolicy | None |
| 2018-08-14T06:03:52.276000+09:00| AWS-DeleteImage | None |
| 2018-02-15T12:02:15.704000+09:00| AWS-DeleteSnapshot | /AWS::EC2::Snapshot |
| 2018-02-15T12:02:03.060000+09:00| AWS-DetachEBSVolume | /AWS::EC2::Volume |
| 2021-05-11T06:25:56.101000+09:00| AWS-DisableEventBridgeRule | None |
| 2021-05-04T06:25:09.893000+09:00| AWS-DisableIncomingSSHOnPort22 | None |
| 2019-01-15T07:05:10.065000+09:00| AWS-DisablePublicAccessForSecurityGroup | /AWS::EC2::SecurityGroup |
| 2018-08-29T00:58:08.703000+09:00| AWS-DisableS3BucketPublicReadWrite | /AWS::S3::Bucket |
| 2021-04-30T02:32:51.207000+09:00| AWS-EnableCLBAccessLogs | None |
| 2021-05-11T06:26:07.150000+09:00| AWS-EnableCWAlarm | None |
| 2018-12-11T07:05:08.465000+09:00| AWS-EnableCloudTrail | None |
| 2021-05-11T06:26:15.150000+09:00| AWS-EnableCloudTrailCloudWatchLogs | None |
| 2021-05-29T08:05:24.593000+09:00| AWS-EnableCloudTrailKmsEncryption | None |
| 2021-05-29T08:05:31.575000+09:00| AWS-EnableCloudTrailLogFileValidation | None |
| 2020-12-08T00:50:36.635000+09:00| AWS-EnableExplorer | None |
| 2018-09-11T06:03:18.738000+09:00| AWS-EnableS3BucketEncryption | /AWS::S3::Bucket |
| 2021-05-29T08:05:39.576000+09:00| AWS-EnableVPCFlowLogs | None |
| 2019-11-12T04:10:03.248000+09:00| AWS-ExportOpsDataToS3 | None |
| 2021-03-23T04:55:12.055000+09:00| AWS-ExportPatchReportToS3 | None |
| 2020-12-13T04:56:06.999000+09:00| AWS-HelloWorld | None |
| 2021-04-14T06:45:45.354000+09:00| AWS-InstallAmazonECSAgent | None |
| 2021-05-29T08:05:49.586000+09:00| AWS-ModifyDynamoDBProvisionedCapacity | None |
| 2018-07-31T06:03:48.598000+09:00| AWS-PatchAsgInstance | /AWS::EC2::Instance |
| 2018-08-14T06:03:54.381000+09:00| AWS-PatchInstanceWithRollback | /AWS::EC2::Instance |
| 2019-02-19T07:04:17.245000+09:00| AWS-PublishSNSNotification | /AWS::SNS::Topic |
| 2018-06-15T06:31:17.027000+09:00| AWS-RebootRdsInstance | /AWS::RDS::DBInstance |
| 2018-12-18T07:04:32.251000+09:00| AWS-ReleaseElasticIP | /AWS::EC2::EIP |
| 2018-02-15T12:01:43.174000+09:00| AWS-ResizeInstance | /AWS::EC2::Instance |
| 2017-11-21T09:19:02.970000+09:00| AWS-RestartEC2Instance | /AWS::EC2::Instance |
| 2017-11-21T09:19:05.113000+09:00| AWS-RestartEC2InstanceWithApproval | /AWS::EC2::Instance |
| 2021-05-11T06:26:35.187000+09:00| AWS-RestrictIncomingTraffic | None |
| 2019-11-15T06:11:26.670000+09:00| AWS-RunCfnLint | None |
| 2019-11-12T04:10:54.365000+09:00| AWS-RunPacker | None |
| 2021-05-29T08:06:34.625000+09:00| AWS-SetRequiredTags | None |
| 2018-07-20T06:40:53.676000+09:00| AWS-SetupInventory | /AWS::EC2::Instance |
| 2018-07-20T06:40:54.560000+09:00| AWS-SetupManagedInstance | /AWS::EC2::Instance |
| 2018-07-20T06:40:52.843000+09:00| AWS-SetupManagedRoleOnEc2Instance | /AWS::EC2::Instance |
| 2017-11-21T09:19:07.286000+09:00| AWS-StartEC2Instance | /AWS::EC2::Instance |
| 2017-11-21T09:19:09.626000+09:00| AWS-StartEC2InstanceWithApproval | /AWS::EC2::Instance |
| 2018-06-15T06:31:17.689000+09:00| AWS-StartRdsInstance | /AWS::RDS::DBInstance |
| 2021-04-30T02:33:30.190000+09:00| AWS-StartStopAuroraCluster | None |
| 2017-11-21T09:18:36.190000+09:00| AWS-StopEC2Instance | /AWS::EC2::Instance |
| 2017-11-21T09:18:56.709000+09:00| AWS-StopEC2InstanceWithApproval | /AWS::EC2::Instance |
| 2018-06-15T06:31:18.351000+09:00| AWS-StopRdsInstance | /AWS::RDS::DBInstance |
| 2017-11-21T09:18:58.723000+09:00| AWS-TerminateEC2Instance | /AWS::EC2::Instance |
| 2017-11-21T09:19:00.913000+09:00| AWS-TerminateEC2InstanceWithApproval | /AWS::EC2::Instance |
| 2021-04-14T06:46:08.361000+09:00| AWS-UpdateAmazonECSAgent | None |
| 2017-11-21T15:51:54.706000+09:00| AWS-UpdateCloudFormationStack | /AWS::CloudFormation::Stack |
| 2017-11-21T15:51:46.261000+09:00| AWS-UpdateCloudFormationStackWithApproval | /AWS::CloudFormation::Stack |
| 2020-12-13T09:50:56.015000+09:00| AWS-UpdateEKSManagedNodegroupVersion | None |
| 2017-05-25T08:31:45.647000+09:00| AWS-UpdateLinuxAmi | None |
| 2017-09-09T12:42:00.697000+09:00| AWS-UpdateWindowsAmi | None |
| 2021-03-05T01:06:41.220000+09:00| AWSConfigRemediation-CancelKeyDeletion | /AWS::KMS::Key |
| 2020-12-29T01:08:48.957000+09:00| AWSConfigRemediation-ConfigureCodeBuildProjectWithKMSCMK | /AWS::CodeBuild::Project |
| 2020-10-13T00:04:25.419000+09:00| AWSConfigRemediation-ConfigureLambdaFunctionXRayTracing | /AWS::Lambda::Function |
| 2020-11-18T01:04:54.784000+09:00| AWSConfigRemediation-ConfigureS3BucketPublicAccessBlock | /AWS::S3::Bucket |
| 2020-10-13T00:04:32.362000+09:00| AWSConfigRemediation-ConfigureS3PublicAccessBlock | None |
| 2021-03-04T01:08:23.022000+09:00| AWSConfigRemediation-CreateCloudTrailMultiRegionTrail | /AWS::CloudTrail::Trail |
| 2020-10-13T00:04:39.396000+09:00| AWSConfigRemediation-CreateGuardDutyDetector | None |
| 2020-12-23T01:05:39.291000+09:00| AWSConfigRemediation-DeleteAPIGatewayStage | /AWS::ApiGateway::Stage |
| 2020-12-15T01:08:26.970000+09:00| AWSConfigRemediation-DeleteAccessKeysFromCodeBuildProject | /AWS::CodeBuild::Project |
| 2020-10-30T02:33:08.873000+09:00| AWSConfigRemediation-DeleteDefaultVPCRoutes | /AWS::EC2::RouteTable |
| 2020-11-18T01:05:04.742000+09:00| AWSConfigRemediation-DeleteDynamoDbTable | /AWS::DynamoDB::Table |
| 2020-10-30T02:33:15.900000+09:00| AWSConfigRemediation-DeleteEgressOnlyInternetGateway | /AWS::EC2::EgressOnlyInternetGateway |
| 2021-03-05T01:07:05.675000+09:00| AWSConfigRemediation-DeleteElasticsearchDomain | /AWS::Elasticsearch::Domain |
| 2020-12-23T01:05:50.280000+09:00| AWSConfigRemediation-DeleteIAMRole | /AWS::IAM:Role |
| 2021-04-13T00:08:41.764000+09:00| AWSConfigRemediation-DeleteIAMUser | /AWS::IAM::User |
| 2020-12-22T01:04:13.283000+09:00| AWSConfigRemediation-DeleteLambdaFunction | /AWS::Lambda::Function |
| 2022-05-27T00:18:03.127000+09:00| AWSConfigRemediation-DeleteOpenSearchDomain | /AWS::OpenSearch::Domain |
| 2021-01-05T01:08:32.492000+09:00| AWSConfigRemediation-DeleteRDSCluster | /AWS::RDS::DBCluster |
| 2021-03-13T01:11:07.355000+09:00| AWSConfigRemediation-DeleteRDSClusterSnapshot | /AWS::RDS::DBClusterSnapshot |
| 2021-04-16T00:11:23.149000+09:00| AWSConfigRemediation-DeleteRDSInstance | /AWS::RDS::DBInstance |
| 2020-12-15T01:08:36.998000+09:00| AWSConfigRemediation-DeleteRDSInstanceSnapshot | /AWS::RDS::DBInstance |
| 2020-11-18T01:05:12.746000+09:00| AWSConfigRemediation-DeleteRedshiftCluster | /AWS::Redshift::Cluster |
| 2021-03-30T00:12:54.267000+09:00| AWSConfigRemediation-DeleteSecret | /AWS::SecretsManager::Secret |
| 2020-12-15T01:08:44.984000+09:00| AWSConfigRemediation-DeleteUnusedEBSVolume | /AWS::EC2::Volume |
| 2020-12-15T01:08:51.937000+09:00| AWSConfigRemediation-DeleteUnusedENI | /AWS::EC2::NetworkInterface |
| 2020-08-25T06:18:16.663000+09:00| AWSConfigRemediation-DeleteUnusedIAMGroup | /AWS::IAM::Group |
| 2021-03-27T00:06:49.844000+09:00| AWSConfigRemediation-DeleteUnusedIAMPolicy | /AWS::IAM::Policy |
| 2020-10-13T00:04:47.383000+09:00| AWSConfigRemediation-DeleteUnusedSecurityGroup | /AWS::EC2::SecurityGroup |
| 2020-10-21T02:26:02.315000+09:00| AWSConfigRemediation-DeleteUnusedVPCNetworkACL | /AWS::EC2::NetworkAcl |
| 2021-04-15T00:08:28.592000+09:00| AWSConfigRemediation-DeleteVPCFlowLog | /AWS::EC2::FlowLog |
| 2021-03-20T00:09:44.276000+09:00| AWSConfigRemediation-DetachAndDeleteInternetGateway | /AWS::EC2::InternetGateway |
| 2021-03-13T01:11:21.156000+09:00| AWSConfigRemediation-DetachAndDeleteVirtualPrivateGateway | /AWS::EC2::VPNGateway |
| 2020-12-15T01:09:01.947000+09:00| AWSConfigRemediation-DetachIAMPolicy | /AWS::IAM::Policy |
| 2021-03-19T00:09:18.263000+09:00| AWSConfigRemediation-DisablePublicAccessToRDSInstance | /AWS::RDS::DBInstance |
| 2021-03-19T00:09:25.280000+09:00| AWSConfigRemediation-DisablePublicAccessToRedshiftCluster | /AWS::Redshift::Cluster |
| 2020-12-15T01:09:08.990000+09:00| AWSConfigRemediation-DisableSubnetAutoAssignPublicIP | /AWS::EC2::Subnet |
| 2021-03-17T00:08:49.615000+09:00| AWSConfigRemediation-DropInvalidHeadersForALB | /AWS::ElasticLoadBalancingV2::LoadBalancer |
| 2020-12-23T01:06:07.235000+09:00| AWSConfigRemediation-EnableAPIGatewayTracing | /AWS::ApiGateway::Stage |
| 2020-10-30T02:33:25.879000+09:00| AWSConfigRemediation-EnableAccountAccessAnalyzer | /AWS::AccessAnalyzer::Analyzer |
| 2021-03-31T00:05:23.971000+09:00| AWSConfigRemediation-EnableAutoScalingGroupELBHealthCheck | /AWS::AutoScaling::AutoScalingGroup |
| 2021-04-27T00:14:34.110000+09:00| AWSConfigRemediation-EnableBeanstalkEnvironmentNotifications | /AWS::ElasticBeanstalk::Environment |
| 2021-02-02T01:09:18.828000+09:00| AWSConfigRemediation-EnableCLBCrossZoneLoadBalancing | /AWS::ElasticLoadBalancing::LoadBalancer |
| 2021-03-17T00:08:59.562000+09:00| AWSConfigRemediation-EnableCWLoggingForSessionManager | /AWS::SSM::Document |
| 2021-04-06T00:08:30.865000+09:00| AWSConfigRemediation-EnableCloudFrontAccessLogs | /AWS::CloudFront::Distribution |
| 2021-03-16T00:09:52.944000+09:00| AWSConfigRemediation-EnableCloudFrontDefaultRootObject | /AWS::CloudFront::Distribution |
| 2020-12-22T01:04:30.250000+09:00| AWSConfigRemediation-EnableCloudFrontOriginAccessIdentity | /AWS::CloudFront::Distribution |
| 2020-12-29T01:09:18.902000+09:00| AWSConfigRemediation-EnableCloudFrontOriginFailover | /AWS::CloudFront::Distribution |
| 2021-02-02T01:09:27.753000+09:00| AWSConfigRemediation-EnableCloudFrontViewerPolicyHTTPS | /AWS::CloudFront::Distribution |
| 2021-04-27T00:14:48.022000+09:00| AWSConfigRemediation-EnableCloudTrailEncryptionWithKMS | /AWS::CloudTrail::Trail |
| 2021-04-03T00:12:29.228000+09:00| AWSConfigRemediation-EnableCloudTrailLogFileValidation | /AWS::CloudTrail::Trail |
| 2021-01-05T01:08:52.485000+09:00| AWSConfigRemediation-EnableCopyTagsToSnapshotOnRDSCluster | /AWS::RDS::DBCluster |
| 2020-12-15T01:09:16.937000+09:00| AWSConfigRemediation-EnableCopyTagsToSnapshotOnRDSDBInstance | /AWS::RDS::Instance |
| 2021-02-02T01:09:36.790000+09:00| AWSConfigRemediation-EnableELBDeletionProtection | /AWS::ElasticLoadBalancingV2::LoadBalancer |
| 2020-10-13T00:04:54.417000+09:00| AWSConfigRemediation-EnableEbsEncryptionByDefault | /AWS::::Account |
| 2020-12-30T01:09:52.248000+09:00| AWSConfigRemediation-EnableElasticBeanstalkEnvironmentLogStreaming | /AWS::ElasticBeanstalk::Environment |
| 2020-10-13T00:05:01.366000+09:00| AWSConfigRemediation-EnableEncryptionOnDynamoDbTable | /AWS::DynamoDB::Table |
| 2020-08-11T06:27:54.155000+09:00| AWSConfigRemediation-EnableEnhancedMonitoringOnRDSInstance | /AWS::RDS::DBInstance |
| 2020-11-18T01:05:25.734000+09:00| AWSConfigRemediation-EnableKeyRotation | /AWS::KMS::Key |
| 2021-03-04T01:09:00.890000+09:00| AWSConfigRemediation-EnableLoggingForALBAndCLB | /AWS::ElasticLoadBalancing::LoadBalancer |
| 2020-12-30T01:10:01.268000+09:00| AWSConfigRemediation-EnableMinorVersionUpgradeOnRDSDBInstance | /AWS::RDS::DBInstance |
| 2020-10-13T00:05:08.386000+09:00| AWSConfigRemediation-EnableMultiAZOnRDSInstance | /AWS::RDS::DBInstance |
| 2020-12-15T01:09:27.938000+09:00| AWSConfigRemediation-EnableNLBCrossZoneLoadBalancing | /AWS::ElasticLoadBalancingV2::LoadBalancer |
| 2020-10-30T02:33:35.856000+09:00| AWSConfigRemediation-EnablePITRForDynamoDbTable | /AWS::DynamoDB::Table |
| 2020-12-15T01:09:36.005000+09:00| AWSConfigRemediation-EnablePerformanceInsightsOnRDSInstance | /AWS::RDS::DBInstance |
| 2020-12-29T01:09:33.931000+09:00| AWSConfigRemediation-EnableRDSClusterDeletionProtection | /AWS::RDS::DBCluster |
| 2021-01-05T01:09:10.550000+09:00| AWSConfigRemediation-EnableRDSInstanceBackup | /AWS::RDS::DBInstance |
| 2020-10-21T02:26:12.296000+09:00| AWSConfigRemediation-EnableRDSInstanceDeletionProtection | /AWS::RDS::DBInstance |
| 2021-01-05T01:09:18.420000+09:00| AWSConfigRemediation-EnableRedshiftClusterAuditLogging | /AWS::Redshift::Cluster |
| 2020-12-23T01:06:25.339000+09:00| AWSConfigRemediation-EnableRedshiftClusterAutomatedSnapshot | /AWS::Redshift::Cluster |
| 2020-11-10T01:10:40.882000+09:00| AWSConfigRemediation-EnableRedshiftClusterEncryption | /AWS::Redshift::Cluster |
| 2020-12-30T01:10:16.290000+09:00| AWSConfigRemediation-EnableRedshiftClusterEnhancedVPCRouting | /AWS::Redshift::Cluster |
| 2020-12-15T01:09:44.989000+09:00| AWSConfigRemediation-EnableSecurityHub | /AWS::SecurityHub::Hub |
| 2020-12-15T01:09:51.938000+09:00| AWSConfigRemediation-EnableSystemsManagerSessionManagerAuditLogsToS3 | /AWS::SSM::Document |
| 2021-04-24T00:09:00.587000+09:00| AWSConfigRemediation-EnableVPCFlowLogsToCloudWatch | /AWS::EC2::FlowLog |
| 2021-04-24T00:09:07.427000+09:00| AWSConfigRemediation-EnableVPCFlowLogsToS3Bucket | /AWS::EC2::FlowLog |
| 2020-12-15T01:09:58.948000+09:00| AWSConfigRemediation-EnableWAFClassicRegionalLogging | /AWS::WAFRegional::WebACL |
| 2020-12-15T01:10:05.951000+09:00| AWSConfigRemediation-EncryptLambdaEnvironmentVariablesWithCMK | /AWS::Lambda::Function |
| 2020-12-15T01:10:12.943000+09:00| AWSConfigRemediation-EncryptSNSTopic | /AWS::SNS::Topic |
| 2020-11-18T01:05:36.763000+09:00| AWSConfigRemediation-EnforceEC2InstanceIMDSv2 | /AWS::EC2::Instance |
| 2022-05-26T00:20:10.220000+09:00| AWSConfigRemediation-EnforceHTTPSOnOpenSearchDomain | /AWS::OpenSearch::Domain |
| 2020-12-15T01:10:20.968000+09:00| AWSConfigRemediation-EnforceHttpsOnEsDomain | /AWS::Elasticsearch::Domain |
| 2020-12-29T01:09:50.912000+09:00| AWSConfigRemediation-EnforceSSLOnlyConnectionsToRedshiftCluster | /AWS::Redshift::Cluster |
| 2021-04-27T00:15:26.045000+09:00| AWSConfigRemediation-ModifyEBSVolumeType | /AWS::EC2::Volume |
| 2020-12-15T01:10:27.997000+09:00| AWSConfigRemediation-ModifyRDSInstancePortNumber | /AWS::RDS::DBInstance |
| 2020-12-31T01:07:13.652000+09:00| AWSConfigRemediation-ModifyRedshiftClusterMaintenanceSettings | /AWS::Redshift::Cluster |
| 2021-02-05T01:09:35.875000+09:00| AWSConfigRemediation-ModifyRedshiftClusterNodeType | /AWS::Redshift::Cluster |
| 2020-12-15T01:10:34.993000+09:00| AWSConfigRemediation-MoveLambdaToVPC | /AWS::Lambda::Function |
| 2021-04-16T00:12:31.098000+09:00| AWSConfigRemediation-RemovePrincipalStarFromS3BucketPolicy | /AWS::S3::Bucket |
| 2021-04-23T00:11:37.254000+09:00| AWSConfigRemediation-RemoveUnrestrictedSourceIngressRules | /AWS::EC2::SecurityGroup |
| 2021-04-24T00:09:27.431000+09:00| AWSConfigRemediation-RemoveUserPolicies | /AWS::IAM::User |
| 2020-12-15T01:10:42.971000+09:00| AWSConfigRemediation-RemoveVPCDefaultSecurityGroupRules | /AWS::EC2::SecurityGroup |
| 2021-03-18T00:12:51.871000+09:00| AWSConfigRemediation-ReplaceIAMInlinePolicy | /AWS::IAM::Policy |
| 2021-03-27T00:07:48.855000+09:00| AWSConfigRemediation-RestrictBucketSSLRequestsOnly | /AWS::S3::Bucket |
| 2020-12-23T01:06:44.262000+09:00| AWSConfigRemediation-RevokeUnusedIAMUserCredentials | /AWS::Lambda::Function |
| 2021-02-02T01:10:13.800000+09:00| AWSConfigRemediation-RotateSecret | /AWS::SecretsManager::Secret |
| 2020-12-15T01:10:49.951000+09:00| AWSConfigRemediation-SetIAMPasswordPolicy | /AWS::::Account |
| 2021-03-06T01:10:24.674000+09:00| AWSConfigRemediation-UpdateAPIGatewayMethodCaching | /AWS::ApiGateway::Stage |
| 2021-02-05T01:09:48.843000+09:00| AWSConfigRemediation-UpdateElasticsearchDomainSecurityGroups | /AWS::Elasticsearch::Domain |
| 2022-05-27T00:20:54.118000+09:00| AWSConfigRemediation-UpdateOpenSearchDomainSecurityGroups | /AWS::OpenSearch::Domain |
| 2021-02-03T01:07:52.705000+09:00| AWSConfigRemediation-UpdateXRayKMSKey | /AWS::XRay::EncryptionConfig |
| 2020-12-31T05:37:53.266000+09:00| AWSDocs-ClassicLoadBalancerSSMDocument | None |
| 2020-12-31T05:38:04.855000+09:00| AWSDocs-Configure-SSL-TLS-AL | None |
| 2020-12-31T05:38:15.457000+09:00| AWSDocs-Configure-SSL-TLS-AL2 | None |
| 2019-11-19T09:50:56.908000+09:00| AWSDocs-HostingAWordPressBlog-AL | None |
| 2019-11-19T09:51:04.327000+09:00| AWSDocs-HostingAWordPressBlog-AL2 | None |
| 2021-07-16T17:29:35.257000+09:00| AWSDocs-IncreaseAppAvailability | None |
| 2019-11-19T09:51:11.738000+09:00| AWSDocs-InstallALAMPServer-AL | None |
| 2019-11-19T09:51:18.819000+09:00| AWSDocs-InstallALAMPServer-AL2 | None |
| 2020-12-31T05:38:36.356000+09:00| AWSDocs-LambdaWithS3SSMDocument | None |
| 2020-12-31T05:38:46.757000+09:00| AWSDocs-S3StaticWebsite | None |
| 2020-12-31T05:38:57.255000+09:00| AWSDocs-S3StaticWebsiteCustomDomain | None |
| 2020-12-31T05:39:07.771000+09:00| AWSDocs-ScaleLoadBalanced | None |
| 2018-11-21T09:50:00.153000+09:00| AWSEC2-CloneInstanceAndUpgradeSQLServer | None |
| 2018-11-21T09:49:30.954000+09:00| AWSEC2-CloneInstanceAndUpgradeWindows | None |
| 2020-03-10T01:01:16.558000+09:00| AWSEC2-CloneInstanceAndUpgradeWindows2019 | None |
| 2022-05-26T03:03:35.099000+09:00| AWSEC2-PatchLoadBalancerInstance | None |
| 2019-04-05T07:37:24.698000+09:00| AWSEC2-SQLServerDBRestore | None |
| 2021-03-04T20:31:52.024000+09:00| AWSIncidents-CriticalIncidentRunbookTemplate | None |
| 2021-09-03T21:24:15.439000+09:00| AWSPremiumSupport-ChangeInstanceTypeIntelToAMD | /AWS::EC2::Instance |
| 2021-10-14T23:15:31.534000+09:00| AWSPremiumSupport-CollectAWSGlueMetadata | None |
| 2021-04-30T00:02:25.023000+09:00| AWSPremiumSupport-DiagnoseDiskUsageOnLinux | / |
| 2021-04-30T00:02:26.787000+09:00| AWSPremiumSupport-DiagnoseDiskUsageOnWindows | / |
| 2021-04-30T00:02:25.219000+09:00| AWSPremiumSupport-ExtendVolumesOnLinux | / |
| 2021-04-30T00:02:27.479000+09:00| AWSPremiumSupport-ExtendVolumesOnWindows | / |
| 2021-04-30T00:02:25.560000+09:00| AWSPremiumSupport-TroubleshootEC2DiskUsage | / |
| 2021-08-16T18:04:34.043000+09:00| AWSPremiumSupport-TroubleshootEKSCluster | None |
| 2021-11-05T03:19:07.310000+09:00| AWSResilienceHub-BacktrackRdsSOP_2020-04-01 | None |
| 2021-11-06T08:11:00.742000+09:00| AWSResilienceHub-BlockSQSDeleteMessageTest_2021-03-09 | None |
| 2021-11-06T07:35:27.697000+09:00| AWSResilienceHub-BreakEFSSecurityGroupTest_2020-09-21 | None |
| 2021-11-06T07:36:33.266000+09:00| AWSResilienceHub-BreakLambdaSecurityGroupTest_2020-09-21 | None |
| 2021-11-06T07:46:07.863000+09:00| AWSResilienceHub-BreakSQSQueuePolicyTest_2020-11-27 | None |
| 2021-11-06T07:35:27.689000+09:00| AWSResilienceHub-ChangeEFSProvisionedThroughputSOP_2020-10-26 | None |
| 2021-11-06T07:49:33.614000+09:00| AWSResilienceHub-ChangeHttpWsApiGwThrottlingSettingsSOP_2020-10-26 | None |
| 2021-11-06T07:51:27.440000+09:00| AWSResilienceHub-ChangeLambdaConcurrencyLimitSOP_2020-10-26 | None |
| 2021-11-06T07:59:09.516000+09:00| AWSResilienceHub-ChangeLambdaExecutionTimeLimitSOP_2020-10-26 | None |
| 2021-11-06T07:36:33.668000+09:00| AWSResilienceHub-ChangeLambdaMemorySizeSOP_2020-10-26 | None |
| 2021-11-06T07:36:33.113000+09:00| AWSResilienceHub-ChangeLambdaProvisionedConcurrencySOP_2020-10-26 | None |
| 2021-11-06T07:58:49.991000+09:00| AWSResilienceHub-ChangeRestApiGwQuotaLimitSOP_2020-10-26 | None |
| 2021-11-06T07:36:42.262000+09:00| AWSResilienceHub-ChangeRestApiGwThrottlingSettingsSOP_2020-10-26 | None |
| 2021-11-06T07:34:57.072000+09:00| AWSResilienceHub-CleanS3BucketUtil_2020-03-03 | None |
| 2021-11-06T07:37:16.438000+09:00| AWSResilienceHub-CopyDynamoDBTablePropertiesUtil_2020-04-01 | None |
| 2021-11-06T07:35:27.708000+09:00| AWSResilienceHub-CreateEFSBackupSOP_2020-10-26 | None |
| 2021-11-06T07:36:00.353000+09:00| AWSResilienceHub-CreateNewDocumentDBInstanceSOP_2020-09-21 | None |
| 2022-04-26T05:11:28.582000+09:00| AWSResilienceHub-DenyLambdaAllTrafficTest_2022-04-12 | None |
| 2021-11-06T08:47:56.621000+09:00| AWSResilienceHub-ExceedRestApiGwQuotaTest_2020-09-21 | None |
| 2021-11-05T03:19:07.306000+09:00| AWSResilienceHub-FailoverRdsAuroraClusterTest_2020-04-01 | None |
| 2021-11-05T03:19:07.296000+09:00| AWSResilienceHub-FailoverRdsInstanceTest_2020-04-01 | None |
| 2021-11-06T07:36:00.408000+09:00| AWSResilienceHub-ForceDocumentDBDatabaseToBeInaccessibleTest_2020-09-21 | None |
| 2021-11-06T07:53:01.930000+09:00| AWSResilienceHub-ForceDynamoDBTableReadThrottlingTest_2020-09-21 | None |
| 2022-01-19T00:18:05.764000+09:00| AWSResilienceHub-ForceECSServiceTaskFailureTest_2020-04-01 | None |
| 2021-11-06T07:36:33.131000+09:00| AWSResilienceHub-ForceLambdaThrottlingTest_2020-10-26 | None |
| 2021-11-06T07:49:13.739000+09:00| AWSResilienceHub-ForceSQSCapacityFailureTest_2021-03-13 | None |
| 2021-11-06T08:22:02.414000+09:00| AWSResilienceHub-ForceSQSFifoQueueMaxReceiveFailureTest_2020-11-27 | None |
| 2021-11-06T07:36:00.978000+09:00| AWSResilienceHub-ForceSQSStandardQueueMaxReceiveFailureTest_2020-11-27 | None |
| 2021-11-05T03:18:28.622000+09:00| AWSResilienceHub-IncreaseVolumeSizeEbsSOP_2020-05-26 | None |
| 2021-11-05T03:19:05.067000+09:00| AWSResilienceHub-InjectCpuLoadInAsgTest_2021-09-22 | None |
| 2021-11-05T03:19:44.239000+09:00| AWSResilienceHub-InjectCpuLoadInEc2Test_2020-07-28 | None |
| 2021-11-05T03:19:05.004000+09:00| AWSResilienceHub-InjectMemoryLoadInAsgTest_2020-10-11 | None |
| 2021-11-05T03:19:44.210000+09:00| AWSResilienceHub-InjectMemoryLoadInEc2Test_2020-07-28 | None |
| 2021-11-05T03:19:44.145000+09:00| AWSResilienceHub-KillProcessInEc2Test_2021-10-22 | None |
| 2021-11-05T03:19:05.418000+09:00| AWSResilienceHub-KillStressOnHealthyInstances_2020-07-28 | None |
| 2021-11-06T07:36:00.911000+09:00| AWSResilienceHub-MoveSQSMessagesBetweenQueuesSOP_2021-03-11 | None |
| 2021-11-06T07:36:00.284000+09:00| AWSResilienceHub-PromoteDocumentDBReadReplicaSOP_2020-09-21 | None |
| 2021-11-05T03:19:07.414000+09:00| AWSResilienceHub-PromoteRdsReadReplicaSOP_2020-04-01 | None |
| 2021-11-06T07:48:47.609000+09:00| AWSResilienceHub-PurgeSQSQueueSOP_2021-03-11 | None |
| 2021-11-06T08:02:20.680000+09:00| AWSResilienceHub-RebootDocumentDBInstanceTest_2020-09-21 | None |
| 2021-11-05T03:19:44.196000+09:00| AWSResilienceHub-RebootEc2InstanceSOP_2020-05-20 | None |
| 2021-11-05T03:19:08.137000+09:00| AWSResilienceHub-RebootRdsInstanceTest_2020-04-01 | None |
| 2021-11-05T03:19:04.793000+09:00| AWSResilienceHub-RefreshInstancesInAsgTest_2020-07-23 | None |
| 2021-11-06T07:36:00.358000+09:00| AWSResilienceHub-RestoreDocumentDBClusterFromBackupSOP_2020-09-21 | None |
| 2021-11-06T08:22:15.257000+09:00| AWSResilienceHub-RestoreDocumentDBClusterFromPointInTimeSOP_2020-09-21 | None |
| 2021-11-06T08:03:20.806000+09:00| AWSResilienceHub-RestoreDynamoDBTableFromBackupSOP_2020-04-01 | None |
| 2021-11-06T07:37:15.952000+09:00| AWSResilienceHub-RestoreDynamoDBTableToPointInTimeSOP_2020-04-01 | None |
| 2021-11-06T07:35:27.734000+09:00| AWSResilienceHub-RestoreEFSBackupInAnotherRegionSOP_2020-10-26 | None |
| 2021-11-05T11:32:21.409000+09:00| AWSResilienceHub-RestoreFromBackupEbsSOP_2020-05-26 | None |
| 2021-11-05T03:19:07.319000+09:00| AWSResilienceHub-RestoreFromRdsBackupSOP_2020-04-01 | None |
| 2021-11-06T07:34:57.345000+09:00| AWSResilienceHub-RestoreS3BucketFromBackupSOP_2020-09-21 | None |
| 2021-11-06T07:34:57.287000+09:00| AWSResilienceHub-RestoreS3ObjectToPreviousVersionSOP_2020-09-21 | None |
| 2021-11-06T08:13:05.856000+09:00| AWSResilienceHub-ScaleDownDocumentDBClusterSOP_2020-09-21 | None |
| 2022-01-19T00:18:05.785000+09:00| AWSResilienceHub-ScaleECSServiceSOP_2020-04-01 | None |
| 2021-11-05T03:19:04.891000+09:00| AWSResilienceHub-ScaleOutAsgSOP_2020-07-01 | None |
| 2021-11-05T03:31:40.751000+09:00| AWSResilienceHub-ScaleUpAsgSOP_2020-07-01 | None |
| 2021-11-06T07:35:59.067000+09:00| AWSResilienceHub-ScaleUpDocumentDBClusterSOP_2020-09-21 | None |
| 2021-11-05T03:32:50.255000+09:00| AWSResilienceHub-ScaleUpEc2SOP_2020-05-20 | None |
| 2021-11-05T03:19:04.837000+09:00| AWSResilienceHub-SimulateAzOutageInAsgTest_2020-07-23 | None |
| 2021-11-06T07:37:45.786000+09:00| AWSResilienceHub-SimulateNatGwInternetUnavailableTest_2020-09-21 | None |
| 2021-11-06T08:28:59.475000+09:00| AWSResilienceHub-SimulateRestApiGwNetworkUnavailableTest_2020-09-21 | None |
| 2021-11-06T07:35:08.790000+09:00| AWSResilienceHub-SimulateS3ObjectsAccidentalDeleteTest_2020-04-01 | None |
| 2021-11-06T07:36:33.190000+09:00| AWSResilienceHub-SwitchLambdaVersionInAliasSOP_2020-10-26 | None |
| 2021-11-06T07:40:56.464000+09:00| AWSResilienceHub-TriggerHttpWsApiGwThrottlingTest_2020-09-21 | None |
| 2021-11-06T08:20:47.229000+09:00| AWSResilienceHub-TriggerRestApiGwThrottlingTest_2020-09-21 | None |
| 2021-11-06T07:37:15.908000+09:00| AWSResilienceHub-UpdateDynamoDBTableProvisionedCapacitySOP_2020-04-01 | None |
| 2021-11-06T08:11:01.055000+09:00| AWSResilienceHub-UpdateHttpWsApiGwVersionSOP_2020-10-26 | None |
| 2021-11-06T08:44:55.165000+09:00| AWSResilienceHub-UpdateRestApiGwVersionSOP_2020-10-26 | None |
| 2020-12-15T09:56:08.817000+09:00| AWSSQLServer-Backup | /AWS::EC2::Instance |
| 2020-12-15T09:56:08.238000+09:00| AWSSQLServer-DBCC | /AWS::EC2::Instance |
| 2020-12-15T09:56:07.699000+09:00| AWSSQLServer-Index | /AWS::EC2::Instance |
| 2020-12-15T09:56:09.262000+09:00| AWSSQLServer-Restore | /AWS::EC2::Instance |
| 2018-04-24T08:39:55.958000+09:00| AWSSupport-ActivateWindowsWithAmazonLicense | None |
| 2022-01-12T03:26:17.112000+09:00| AWSSupport-AnalyzeEMRLogs | None |
| 2022-02-26T02:29:31.802000+09:00| AWSSupport-CalculateEBSPerformanceMetrics | None |
| 2021-01-06T14:18:14.851000+09:00| AWSSupport-CheckAndMountEFS | None |
| 2021-10-19T00:54:28.502000+09:00| AWSSupport-CheckXenToNitroMigrationRequirements | None |
| 2022-03-24T06:53:14.863000+09:00| AWSSupport-CollectECSInstanceLogs | None |
| 2020-10-09T00:08:02.350000+09:00| AWSSupport-CollectEKSInstanceLogs | None |
| 2021-06-28T13:29:27.127000+09:00| AWSSupport-CollectElasticBeanstalkLogs | None |
| 2021-12-16T01:49:41.113000+09:00| AWSSupport-ConfigureDNSQueryLogging | None |
| 2021-06-09T16:52:26.893000+09:00| AWSSupport-ConfigureEC2Metadata | None |
| 2020-10-08T19:59:19.188000+09:00| AWSSupport-ConnectivityTroubleshooter | None |
| 2021-06-29T23:58:47.207000+09:00| AWSSupport-CopyEC2Instance | None |
| 2021-06-30T00:06:20.161000+09:00| AWSSupport-EnableVPCFlowLogs | None |
| 2017-09-19T07:51:36.281000+09:00| AWSSupport-ExecuteEC2Rescue | None |
| 2018-04-21T08:16:29.473000+09:00| AWSSupport-GrantPermissionsToIAMUser | None |
| 2020-08-31T21:13:57.468000+09:00| AWSSupport-ListEC2Resources | None |
| 2018-07-04T08:39:17.699000+09:00| AWSSupport-ManageRDPSettings | None |
| 2018-07-04T07:23:41.300000+09:00| AWSSupport-ManageWindowsService | None |
| 2021-02-20T03:07:06.370000+09:00| AWSSupport-MigrateEC2ClassicToVPC | None |
| 2022-01-12T03:22:02.474000+09:00| AWSSupport-ModifyEBSSnapshotPermission | None |
| 2022-01-12T03:17:06.027000+09:00| AWSSupport-ModifyRDSSnapshotPermission | None |
| 2021-01-29T20:50:35.598000+09:00| AWSSupport-RecoverWorkSpace | None |
| 2021-01-29T20:50:35.778000+09:00| AWSSupport-RecoverWorkSpaceWithApproval | None |
| 2022-01-12T03:38:02.233000+09:00| AWSSupport-RemediateLambdaS3Event | None |
| 2017-10-17T07:27:54.365000+09:00| AWSSupport-ResetAccess | None |
| 2021-10-29T00:41:25.070000+09:00| AWSSupport-RestoreEC2InstanceFromSnapshot | None |
| 2018-04-24T07:03:24.826000+09:00| AWSSupport-SendLogBundleToS3Bucket | None |
| 2021-03-03T17:51:52.259000+09:00| AWSSupport-SetupConfig | None |
| 2018-10-30T09:00:28.516000+09:00| AWSSupport-SetupIPMonitoringFromVPC | None |
| 2020-09-04T00:25:10.241000+09:00| AWSSupport-ShareRDSSnapshot | None |
| 2018-09-13T20:44:04.142000+09:00| AWSSupport-StartEC2RescueWorkflow | None |
| 2018-10-30T08:59:53.420000+09:00| AWSSupport-TerminateIPMonitoringFromVPC | None |
| 2021-08-20T18:30:16.553000+09:00| AWSSupport-TroubleshootCodeDeploy | None |
| 2020-03-23T23:56:57.566000+09:00| AWSSupport-TroubleshootConnectivityToRDS | None |
| 2020-03-24T02:22:22.142000+09:00| AWSSupport-TroubleshootDirectoryTrust | None |
| 2022-04-27T02:09:51.044000+09:00| AWSSupport-TroubleshootECSContainerInstance | / |
| 2022-04-22T17:54:54.410000+09:00| AWSSupport-TroubleshootEKSWorkerNode | / |
| 2021-06-28T13:30:23.070000+09:00| AWSSupport-TroubleshootLambdaInternetAccess | None |
| 2021-06-28T13:30:52.823000+09:00| AWSSupport-TroubleshootLambdaS3Event | None |
| 2021-06-16T01:03:35.005000+09:00| AWSSupport-TroubleshootManagedInstance | None |
| 2018-07-04T09:47:29.218000+09:00| AWSSupport-TroubleshootRDP | None |
| 2022-04-12T00:34:47.795000+09:00| AWSSupport-TroubleshootS3AccessSameAccount | / |
| 2020-10-08T19:22:39.952000+09:00| AWSSupport-TroubleshootS3PublicRead | None |
| 2018-08-29T02:53:34.073000+09:00| AWSSupport-TroubleshootSSH | None |
| 2021-08-26T22:54:03.054000+09:00| AWSSupport-TroubleshootSUSERegistration | None |
| 2018-09-13T21:01:04.876000+09:00| AWSSupport-UpgradeWindowsAWSDrivers | None |
+----------------------------------+---------------------------------------------------------------------------+----------------------------------------------+
一日一個試せば一年足らずでコンプリートできそうですね!
脚注
- 当初リファレンス自体がない、と思っていたのですが同僚が存在を教えてくれました! ↩
![[レポート]みなさん体験可能なクラウド運用をインテリジェントに自動化する「SUP402-R | Intelligently automating cloud operations」に参加しました #AWSreInvent #SUP402](https://images.ctfassets.net/ct0aopd36mqt/3IQLlbdUkRvu7Q2LupRW2o/edff8982184ea7cc2d5efa2ddd2915f5/reinvent-2024-sessionreport-jp.jpg)
