虚拟私有云(Virtual Private Cloud,以下简称VPC)为弹性云主机构建隔离的、用户自主配置和管理的虚拟网络环境,提升用户企业云中资源的安全性,简化用户的网络部署。
通过云审计服务,您可以记录与虚拟私有云相关的操作事件,便于日后的查询、审计和回溯。
表 云审计服务支持的VPC操作列表
| 操作名称 | 资源类型 | 事件名称 |
|---|---|---|
| 修改Bandwidth | bandwidth | modifyBandwidth |
| 创建EIP | eip | createEip |
| 释放EIP | eip | deleteEip |
| 绑定EIP | eip | bindEip |
| 解绑定EIP | eip | unbindEip |
| 创建PrivateIp | privateIps | createPrivateIp |
| 删除PrivateIp | privateIps | deletePrivateIp |
| 创建Security Group | security_group | createSecurityGroup |
| 创建Subnet | subnet | createSubnet |
| 删除Subnet | subnet | deleteSubnet |
| 修改Subnet | subnet | modifySubnet |
| 创建VPC | vpc | createVpc |
| 删除VPC | vpc | deleteVpc |
| 修改VPC | vpc | modifyVpc |
| 创建VPN | vpn | createVpn |
| 删除VPN | vpn | deleteVpn |
| 修改VPN | vpn | modifyVpn |
上表中VPC的操作,为底层(OpenStack)服务触发;部分事件名称与表6-8中重复,是因为这些事件采用了异步调用的模式:操作下发会产生上表中描述的事件,而操作结果响应会产生表6-9中描述的事件。
表 云审计服务支持的VPC操作列表(由底层服务触发)
| 操作名称 | 资源类型 | 事件名称 |
|---|---|---|
| 创建虚拟网络 | network | createNetwork |
| 更新虚拟网络 | networks | updateNetwork |
| 删除虚拟网络 | networks | deleteNetwork |
| 创建虚拟子网 | subnets | createSubnet |
| 更新虚拟子网 | subnets | updateSubnet |
| 删除虚拟子网 | subnets | deleteSubnet |
| 创建虚拟端口 | ports | createPort |
| 更新虚拟端口 | ports | updatePort |
| 删除虚拟端口 | ports | deletePort |
| 创建浮动IP | floatingips | createFloatingip |
| 更新浮动IP | floatingips | updateFloatingip |
| 删除浮动IP | floatingips | deleteFloatingip |
| 创建虚拟路由 | routes | createRouter |
| 更新虚拟路由 | routes | updateRouter |
| 删除虚拟路由 | routes | deleteRouter |
| 添加虚拟路由的接口 | routes | addRouterInterface |
| 删除虚拟路由的接口 | routes | removeRouterInterface |
| 为当前vpc-router添加扩展路由 | routes | addExtraRoute |
| 为当前vpc-router删除指定的扩展路由 | routes | removeExtraRoute |
| 创建安全组 | security-groups | createSecurity-group |
| 删除安全组 | security-groups | deleteSecurity-group |
| 更新安全组 | security-groups | updateSecurity-group |
| 创建安全组规则 | security-group-rules | createSecurity-group-rule |
| 删除安全组规则 | security-group-rules | deleteSecurity-group-rule |
| 创建一个vpnservice | vpn | createVpnService |
| 更新vpn-service | vpn | updateVpnService |
| 删除vpn-service | vpn | deleteVpnService |
| 创建密钥交换策略 | vpn | createVpnIkepolicy |
| 更新密钥交换策略信息 | vpn | updateVpnIkepolicy |
| 删除租户指定ikepolicy | vpn | deleteVpnIkepolicy |
| 创建一个ipsecpolicy | vpn | createVpnIpsecpolicy |
| 更新指定ipsecpolicy | vpn | updateVpnIpsecpolicy |
| 删除指定的ipsecpolicy | vpn | deleteVpnIpsecpolicy |
| 创建一个ipsec连接 | vpn | createVpnIpsec-site-connection |
| 更新ipsec连接 | vpn | updateVpnIpsec-site-connection |
| 删除指定ipsec连接 | vpn | deleteVpnIpsec-site-connection |
| Create VPN endpoint group | vpn | createVpnEndpoint-group |
| Update VPN endpoint group | vpn | updateVpnEndpoint-group |
| Remove VPN endpoint group | vpn | deleteVpnEndpoint-group |
| 更新代理 | agent | updateAgent |
| 删除代理 | agent | deleteAgent |
| 指定网络使用的DHCP Agent | agent | createAgentDhcp-network |
| 移除网络使用的DHCP Agent | agent | deleteAgentDhcp-network |
| 更新指定租户的配额值 | quota | updateQuota |
| 重置指定租户的配额值 | quota | deleteQuota |
| 创建firewall group | FWaaS v2 | createFirewallGroup |
| 更新firewall group | FWaaS v2 | updateFirewallGroup |
| 删除firewall group | FWaaS v2 | deleteFirewallGroup |
| 创建firewall policy | FWaaS v2 | createFirewallPolicy |
| 更新firewall policy | FWaaS v2 | updateFirewallPolicy |
| 删除firewall policy | FWaaS v2 | deleteFirewallPolicy |
| firewall policy中插入firewall rule | FWaaS v2 | insertFirewallPolicyRule |
| firewall policy中移除firewall rule | FWaaS v2 | removeFirewallPolicyRule |
| 创建firewall rule | FWaaS v2 | createFirewallRule |
| 更新firewall rule | FWaaS v2 | updateFirewallRule |
| 删除firewall rule | FWaaS v2 | deleteFirewallRule |
| 创建loadbalancer | loadbalancer | createLBaaSLoadbalancer |
| 更新指定的loadbalancer | loadbalancer | updateLBaaSLoadbalancer |
| 删除指定的loadbalancer | loadbalancer | deleteLBaaSLoadbalancer |
| 创建listener | listener | createLBaaSListener |
| 更新指定的listener | listener | updateLBaaSListener |
| 删除指定的listener | listener | deleteLBaaSlistener |
| 创建pool | pool | createLBaaSPool |
| 更新指定的pool | pool | updateLBaaSPool |
| 删除指定的Pool | pool | deleteLbaasPool |
| 创建Member | member | createLBaaSPoolMember |
| 更新指定的Member | member | updateLBaaSPoolMember |
| 删除指定的member | member | deleteLBaaSPoolMember |
| 创建healthmonitor | healthmonitor | createLBaaSHealthMonitor |
| 更新指定的healthmonitor | healthmonitor | updateLBaaSHealthMonitor |
| 删除指定的healthmonitor | healthmonitor | deleteLBaaSHealthMonitor |
