虚拟私有云(Virtual Private Cloud,以下简称VPC)为弹性云主机构建隔离的、用户自主配置和管理的虚拟网络环境,提升用户企业云中资源的安全性,简化用户的网络部署。
通过云审计服务,您可以记录与虚拟私有云相关的操作事件,便于日后的查询、审计和回溯。
表 云审计服务支持的VPC操作列表
操作名称 | 资源类型 | 事件名称 |
---|---|---|
修改Bandwidth | bandwidth | modifyBandwidth |
创建EIP | eip | createEip |
释放EIP | eip | deleteEip |
绑定EIP | eip | bindEip |
解绑定EIP | eip | unbindEip |
创建PrivateIp | privateIps | createPrivateIp |
删除PrivateIp | privateIps | deletePrivateIp |
创建Security Group | security_group | createSecurityGroup |
创建Subnet | subnet | createSubnet |
删除Subnet | subnet | deleteSubnet |
修改Subnet | subnet | modifySubnet |
创建VPC | vpc | createVpc |
删除VPC | vpc | deleteVpc |
修改VPC | vpc | modifyVpc |
创建VPN | vpn | createVpn |
删除VPN | vpn | deleteVpn |
修改VPN | vpn | modifyVpn |
上表中VPC的操作,为底层(OpenStack)服务触发;部分事件名称与表6-8中重复,是因为这些事件采用了异步调用的模式:操作下发会产生上表中描述的事件,而操作结果响应会产生表6-9中描述的事件。
表 云审计服务支持的VPC操作列表(由底层服务触发)
操作名称 | 资源类型 | 事件名称 |
---|---|---|
创建虚拟网络 | network | createNetwork |
更新虚拟网络 | networks | updateNetwork |
删除虚拟网络 | networks | deleteNetwork |
创建虚拟子网 | subnets | createSubnet |
更新虚拟子网 | subnets | updateSubnet |
删除虚拟子网 | subnets | deleteSubnet |
创建虚拟端口 | ports | createPort |
更新虚拟端口 | ports | updatePort |
删除虚拟端口 | ports | deletePort |
创建浮动IP | floatingips | createFloatingip |
更新浮动IP | floatingips | updateFloatingip |
删除浮动IP | floatingips | deleteFloatingip |
创建虚拟路由 | routes | createRouter |
更新虚拟路由 | routes | updateRouter |
删除虚拟路由 | routes | deleteRouter |
添加虚拟路由的接口 | routes | addRouterInterface |
删除虚拟路由的接口 | routes | removeRouterInterface |
为当前vpc-router添加扩展路由 | routes | addExtraRoute |
为当前vpc-router删除指定的扩展路由 | routes | removeExtraRoute |
创建安全组 | security-groups | createSecurity-group |
删除安全组 | security-groups | deleteSecurity-group |
更新安全组 | security-groups | updateSecurity-group |
创建安全组规则 | security-group-rules | createSecurity-group-rule |
删除安全组规则 | security-group-rules | deleteSecurity-group-rule |
创建一个vpnservice | vpn | createVpnService |
更新vpn-service | vpn | updateVpnService |
删除vpn-service | vpn | deleteVpnService |
创建密钥交换策略 | vpn | createVpnIkepolicy |
更新密钥交换策略信息 | vpn | updateVpnIkepolicy |
删除租户指定ikepolicy | vpn | deleteVpnIkepolicy |
创建一个ipsecpolicy | vpn | createVpnIpsecpolicy |
更新指定ipsecpolicy | vpn | updateVpnIpsecpolicy |
删除指定的ipsecpolicy | vpn | deleteVpnIpsecpolicy |
创建一个ipsec连接 | vpn | createVpnIpsec-site-connection |
更新ipsec连接 | vpn | updateVpnIpsec-site-connection |
删除指定ipsec连接 | vpn | deleteVpnIpsec-site-connection |
Create VPN endpoint group | vpn | createVpnEndpoint-group |
Update VPN endpoint group | vpn | updateVpnEndpoint-group |
Remove VPN endpoint group | vpn | deleteVpnEndpoint-group |
更新代理 | agent | updateAgent |
删除代理 | agent | deleteAgent |
指定网络使用的DHCP Agent | agent | createAgentDhcp-network |
移除网络使用的DHCP Agent | agent | deleteAgentDhcp-network |
更新指定租户的配额值 | quota | updateQuota |
重置指定租户的配额值 | quota | deleteQuota |
创建firewall group | FWaaS v2 | createFirewallGroup |
更新firewall group | FWaaS v2 | updateFirewallGroup |
删除firewall group | FWaaS v2 | deleteFirewallGroup |
创建firewall policy | FWaaS v2 | createFirewallPolicy |
更新firewall policy | FWaaS v2 | updateFirewallPolicy |
删除firewall policy | FWaaS v2 | deleteFirewallPolicy |
firewall policy中插入firewall rule | FWaaS v2 | insertFirewallPolicyRule |
firewall policy中移除firewall rule | FWaaS v2 | removeFirewallPolicyRule |
创建firewall rule | FWaaS v2 | createFirewallRule |
更新firewall rule | FWaaS v2 | updateFirewallRule |
删除firewall rule | FWaaS v2 | deleteFirewallRule |
创建loadbalancer | loadbalancer | createLBaaSLoadbalancer |
更新指定的loadbalancer | loadbalancer | updateLBaaSLoadbalancer |
删除指定的loadbalancer | loadbalancer | deleteLBaaSLoadbalancer |
创建listener | listener | createLBaaSListener |
更新指定的listener | listener | updateLBaaSListener |
删除指定的listener | listener | deleteLBaaSlistener |
创建pool | pool | createLBaaSPool |
更新指定的pool | pool | updateLBaaSPool |
删除指定的Pool | pool | deleteLbaasPool |
创建Member | member | createLBaaSPoolMember |
更新指定的Member | member | updateLBaaSPoolMember |
删除指定的member | member | deleteLBaaSPoolMember |
创建healthmonitor | healthmonitor | createLBaaSHealthMonitor |
更新指定的healthmonitor | healthmonitor | updateLBaaSHealthMonitor |
删除指定的healthmonitor | healthmonitor | deleteLBaaSHealthMonitor |