使用适用于 Java 的 SDK 的 Amazon S3 Storage Lens 示例
Amazon S3 Storage Lens 总结您的使用率和活动指标,并在 Amazon S3 控制台主页(存储桶)页面、交互式控制面板上的帐户快照中显示信息,或通过可下载为 CSV 或 Parquet 格式的指标导出显示信息。您可以使用控制面板可视化见解和趋势,标记异常,并接收有关优化存储成本和应用数据保护最佳实践的建议。您可以通过 Amazon Web Services Management Console、Amazon CLI、Amazon 开发工具包或 REST API 使用 S3 Storage Lens。有关更多信息,请参阅使用 Amazon S3 Storage Lens 评估存储活动和使用情况。
以下示例说明如何将 S3 Storage Lens 与 Amazon SDK for Java 配合使用。
主题
使用适用于 Java 的开发工具包使用 Amazon S3 Storage Lens 配置
您可以使用适用于 Java 的开发工具包列出、创建、获取和更新 S3 Storage Lens 配置。以下示例使用帮助程序 json 文件进行关键输入。
主题
创建和更新 S3 Storage Lens 配置
例 创建和更新 S3 Storage Lens 配置
package aws.example.s3control; import com.amazonaws.AmazonServiceException; import com.amazonaws.SdkClientException; import com.amazonaws.auth.profile.ProfileCredentialsProvider; import com.amazonaws.services.s3control.AWSS3Control; import com.amazonaws.services.s3control.AWSS3ControlClient; import com.amazonaws.services.s3control.model.AccountLevel; import com.amazonaws.services.s3control.model.ActivityMetrics; import com.amazonaws.services.s3control.model.BucketLevel; import com.amazonaws.services.s3control.model.Format; import com.amazonaws.services.s3control.model.Include; import com.amazonaws.services.s3control.model.OutputSchemaVersion; import com.amazonaws.services.s3control.model.PrefixLevel; import com.amazonaws.services.s3control.model.PrefixLevelStorageMetrics; import com.amazonaws.services.s3control.model.PutStorageLensConfigurationRequest; import com.amazonaws.services.s3control.model.S3BucketDestination; import com.amazonaws.services.s3control.model.SSES3; import com.amazonaws.services.s3control.model.SelectionCriteria; import com.amazonaws.services.s3control.model.StorageLensAwsOrg; import com.amazonaws.services.s3control.model.StorageLensConfiguration; import com.amazonaws.services.s3control.model.StorageLensDataExport; import com.amazonaws.services.s3control.model.StorageLensDataExportEncryption; import com.amazonaws.services.s3control.model.StorageLensTag; import java.util.Arrays; import java.util.List; import static com.amazonaws.regions.Regions.US_WEST_2; public class CreateAndUpdateDashboard { public static void main(String[] args) { String configurationId = "ConfigurationId"; String sourceAccountId = "Source Account ID"; String exportAccountId = "Destination Account ID"; String exportBucketArn = "arn:aws:s3:::destBucketName"; // The destination bucket for your metrics export must be in the same Region as your S3 Storage Lens configuration. String awsOrgARN = "arn:aws:organizations::222222222222:organization/o-abcdefgh"; Format exportFormat = Format.CSV; try { SelectionCriteria selectionCriteria = new SelectionCriteria() .withDelimiter("/") .withMaxDepth(5) .withMinStorageBytesPercentage(10.0); PrefixLevelStorageMetrics prefixStorageMetrics = new PrefixLevelStorageMetrics() .withIsEnabled(true) .withSelectionCriteria(selectionCriteria); BucketLevel bucketLevel = new BucketLevel() .withActivityMetrics(new ActivityMetrics().withIsEnabled(true)) .withPrefixLevel(new PrefixLevel().withStorageMetrics(prefixStorageMetrics)); AccountLevel accountLevel = new AccountLevel() .withActivityMetrics(new ActivityMetrics().withIsEnabled(true)) .withBucketLevel(bucketLevel); Include include = new Include() .withBuckets(Arrays.asList("arn:aws:s3:::bucketName")) .withRegions(Arrays.asList("us-west-2")); StorageLensDataExportEncryption exportEncryption = new StorageLensDataExportEncryption() .withSSES3(new SSES3()); S3BucketDestination s3BucketDestination = new S3BucketDestination() .withAccountId(exportAccountId) .withArn(exportBucketArn) .withEncryption(exportEncryption) .withFormat(exportFormat) .withOutputSchemaVersion(OutputSchemaVersion.V_1) .withPrefix("Prefix"); StorageLensDataExport dataExport = new StorageLensDataExport() .withS3BucketDestination(s3BucketDestination); StorageLensAwsOrg awsOrg = new StorageLensAwsOrg() .withArn(awsOrgARN); StorageLensConfiguration configuration = new StorageLensConfiguration() .withId(configurationId) .withAccountLevel(accountLevel) .withInclude(include) .withDataExport(dataExport) .withAwsOrg(awsOrg) .withIsEnabled(true); List<StorageLensTag> tags = Arrays.asList( new StorageLensTag().withKey("key-1").withValue("value-1"), new StorageLensTag().withKey("key-2").withValue("value-2") ); AWSS3Control s3ControlClient = AWSS3ControlClient.builder() .withCredentials(new ProfileCredentialsProvider()) .withRegion(US_WEST_2) .build(); s3ControlClient.putStorageLensConfiguration(new PutStorageLensConfigurationRequest() .withAccountId(sourceAccountId) .withConfigId(configurationId) .withStorageLensConfiguration(configuration) .withTags(tags) ); } catch (AmazonServiceException e) { // The call was transmitted successfully, but Amazon S3 couldn't process // it and returned an error response. e.printStackTrace(); } catch (SdkClientException e) { // Amazon S3 couldn't be contacted for a response, or the client // couldn't parse the response from Amazon S3. e.printStackTrace(); } } }
删除 S3 Storage Lens 配置
例 删除 S3 Storage Lens 配置。
package aws.example.s3control; import com.amazonaws.AmazonServiceException; import com.amazonaws.SdkClientException; import com.amazonaws.auth.profile.ProfileCredentialsProvider; import com.amazonaws.services.s3control.AWSS3Control; import com.amazonaws.services.s3control.AWSS3ControlClient; import com.amazonaws.services.s3control.model.DeleteStorageLensConfigurationRequest; import static com.amazonaws.regions.Regions.US_WEST_2; public class DeleteDashboard { public static void main(String[] args) { String configurationId = "ConfigurationId"; String sourceAccountId = "Source Account ID"; try { AWSS3Control s3ControlClient = AWSS3ControlClient.builder() .withCredentials(new ProfileCredentialsProvider()) .withRegion(US_WEST_2) .build(); s3ControlClient.deleteStorageLensConfiguration(new DeleteStorageLensConfigurationRequest() .withAccountId(sourceAccountId) .withConfigId(configurationId) ); } catch (AmazonServiceException e) { // The call was transmitted successfully, but Amazon S3 couldn't process // it and returned an error response. e.printStackTrace(); } catch (SdkClientException e) { // Amazon S3 couldn't be contacted for a response, or the client // couldn't parse the response from Amazon S3. e.printStackTrace(); } } }
获取 S3 Storage Lens 配置
例 获取 S3 Storage Lens 配置
package aws.example.s3control; import com.amazonaws.AmazonServiceException; import com.amazonaws.SdkClientException; import com.amazonaws.auth.profile.ProfileCredentialsProvider; import com.amazonaws.services.s3control.AWSS3Control; import com.amazonaws.services.s3control.AWSS3ControlClient; import com.amazonaws.services.s3control.model.GetStorageLensConfigurationRequest; import com.amazonaws.services.s3control.model.GetStorageLensConfigurationResult; import com.amazonaws.services.s3control.model.StorageLensConfiguration; import static com.amazonaws.regions.Regions.US_WEST_2; public class GetDashboard { public static void main(String[] args) { String configurationId = "ConfigurationId"; String sourceAccountId = "Source Account ID"; try { AWSS3Control s3ControlClient = AWSS3ControlClient.builder() .withCredentials(new ProfileCredentialsProvider()) .withRegion(US_WEST_2) .build(); final StorageLensConfiguration configuration = s3ControlClient.getStorageLensConfiguration(new GetStorageLensConfigurationRequest() .withAccountId(sourceAccountId) .withConfigId(configurationId) ).getStorageLensConfiguration(); System.out.println(configuration.toString()); } catch (AmazonServiceException e) { // The call was transmitted successfully, but Amazon S3 couldn't process // it and returned an error response. e.printStackTrace(); } catch (SdkClientException e) { // Amazon S3 couldn't be contacted for a response, or the client // couldn't parse the response from Amazon S3. e.printStackTrace(); } } }
列出 S3 Storage Lens 配置
例 列出 S3 Storage Lens 配置
package aws.example.s3control; import com.amazonaws.AmazonServiceException; import com.amazonaws.SdkClientException; import com.amazonaws.auth.profile.ProfileCredentialsProvider; import com.amazonaws.services.s3control.AWSS3Control; import com.amazonaws.services.s3control.AWSS3ControlClient; import com.amazonaws.services.s3control.model.ListStorageLensConfigurationEntry; import com.amazonaws.services.s3control.model.ListStorageLensConfigurationsRequest; import java.util.List; import static com.amazonaws.regions.Regions.US_WEST_2; public class ListDashboard { public static void main(String[] args) { String sourceAccountId = "Source Account ID"; String nextToken = "nextToken"; try { AWSS3Control s3ControlClient = AWSS3ControlClient.builder() .withCredentials(new ProfileCredentialsProvider()) .withRegion(US_WEST_2) .build(); final List<ListStorageLensConfigurationEntry> configurations = s3ControlClient.listStorageLensConfigurations(new ListStorageLensConfigurationsRequest() .withAccountId(sourceAccountId) .withNextToken(nextToken) ).getStorageLensConfigurationList(); System.out.println(configurations.toString()); } catch (AmazonServiceException e) { // The call was transmitted successfully, but Amazon S3 couldn't process // it and returned an error response. e.printStackTrace(); } catch (SdkClientException e) { // Amazon S3 couldn't be contacted for a response, or the client // couldn't parse the response from Amazon S3. e.printStackTrace(); } } }
将标签放置到 S3 Storage Lens 配置
例 将标签放置到 S3 Storage Lens 配置
package aws.example.s3control; import com.amazonaws.AmazonServiceException; import com.amazonaws.SdkClientException; import com.amazonaws.auth.profile.ProfileCredentialsProvider; import com.amazonaws.services.s3control.AWSS3Control; import com.amazonaws.services.s3control.AWSS3ControlClient; import com.amazonaws.services.s3control.model.PutStorageLensConfigurationTaggingRequest; import com.amazonaws.services.s3control.model.StorageLensTag; import java.util.Arrays; import java.util.List; import static com.amazonaws.regions.Regions.US_WEST_2; public class PutDashboardTagging { public static void main(String[] args) { String configurationId = "ConfigurationId"; String sourceAccountId = "Source Account ID"; try { List<StorageLensTag> tags = Arrays.asList( new StorageLensTag().withKey("key-1").withValue("value-1"), new StorageLensTag().withKey("key-2").withValue("value-2") ); AWSS3Control s3ControlClient = AWSS3ControlClient.builder() .withCredentials(new ProfileCredentialsProvider()) .withRegion(US_WEST_2) .build(); s3ControlClient.putStorageLensConfigurationTagging(new PutStorageLensConfigurationTaggingRequest() .withAccountId(sourceAccountId) .withConfigId(configurationId) .withTags(tags) ); } catch (AmazonServiceException e) { // The call was transmitted successfully, but Amazon S3 couldn't process // it and returned an error response. e.printStackTrace(); } catch (SdkClientException e) { // Amazon S3 couldn't be contacted for a response, or the client // couldn't parse the response from Amazon S3. e.printStackTrace(); } } }
获取 S3 Storage Lens 配置标签
例 获取 S3 Storage Lens 配置标签
package aws.example.s3control; import com.amazonaws.AmazonServiceException; import com.amazonaws.SdkClientException; import com.amazonaws.auth.profile.ProfileCredentialsProvider; import com.amazonaws.services.s3control.AWSS3Control; import com.amazonaws.services.s3control.AWSS3ControlClient; import com.amazonaws.services.s3control.model.DeleteStorageLensConfigurationRequest; import com.amazonaws.services.s3control.model.GetStorageLensConfigurationTaggingRequest; import com.amazonaws.services.s3control.model.StorageLensTag; import java.util.List; import static com.amazonaws.regions.Regions.US_WEST_2; public class GetDashboardTagging { public static void main(String[] args) { String configurationId = "ConfigurationId"; String sourceAccountId = "Source Account ID"; try { AWSS3Control s3ControlClient = AWSS3ControlClient.builder() .withCredentials(new ProfileCredentialsProvider()) .withRegion(US_WEST_2) .build(); final List<StorageLensTag> s3Tags = s3ControlClient .getStorageLensConfigurationTagging(new GetStorageLensConfigurationTaggingRequest() .withAccountId(sourceAccountId) .withConfigId(configurationId) ).getTags(); System.out.println(s3Tags.toString()); } catch (AmazonServiceException e) { // The call was transmitted successfully, but Amazon S3 couldn't process // it and returned an error response. e.printStackTrace(); } catch (SdkClientException e) { // Amazon S3 couldn't be contacted for a response, or the client // couldn't parse the response from Amazon S3. e.printStackTrace(); } } }
删除 S3 Storage Lens 配置标签
例 删除 S3 Storage Lens 配置标签
package aws.example.s3control; import com.amazonaws.AmazonServiceException; import com.amazonaws.SdkClientException; import com.amazonaws.auth.profile.ProfileCredentialsProvider; import com.amazonaws.services.s3control.AWSS3Control; import com.amazonaws.services.s3control.AWSS3ControlClient; import com.amazonaws.services.s3control.model.DeleteStorageLensConfigurationTaggingRequest; import static com.amazonaws.regions.Regions.US_WEST_2; public class DeleteDashboardTagging { public static void main(String[] args) { String configurationId = "ConfigurationId"; String sourceAccountId = "Source Account ID"; try { AWSS3Control s3ControlClient = AWSS3ControlClient.builder() .withCredentials(new ProfileCredentialsProvider()) .withRegion(US_WEST_2) .build(); s3ControlClient.deleteStorageLensConfigurationTagging(new DeleteStorageLensConfigurationTaggingRequest() .withAccountId(sourceAccountId) .withConfigId(configurationId) ); } catch (AmazonServiceException e) { // The call was transmitted successfully, but Amazon S3 couldn't process // it and returned an error response. e.printStackTrace(); } catch (SdkClientException e) { // Amazon S3 couldn't be contacted for a response, or the client // couldn't parse the response from Amazon S3. e.printStackTrace(); } } }
使用高级指标和建议更新默认 S3 Storage Lens 配置
例 使用高级指标和建议更新默认 S3 Storage Lens 配置
package aws.example.s3control; import com.amazonaws.AmazonServiceException; import com.amazonaws.SdkClientException; import com.amazonaws.auth.profile.ProfileCredentialsProvider; import com.amazonaws.services.s3control.AWSS3Control; import com.amazonaws.services.s3control.AWSS3ControlClient; import com.amazonaws.services.s3control.model.AccountLevel; import com.amazonaws.services.s3control.model.ActivityMetrics; import com.amazonaws.services.s3control.model.BucketLevel; import com.amazonaws.services.s3control.model.Format; import com.amazonaws.services.s3control.model.Include; import com.amazonaws.services.s3control.model.OutputSchemaVersion; import com.amazonaws.services.s3control.model.PrefixLevel; import com.amazonaws.services.s3control.model.PrefixLevelStorageMetrics; import com.amazonaws.services.s3control.model.PutStorageLensConfigurationRequest; import com.amazonaws.services.s3control.model.S3BucketDestination; import com.amazonaws.services.s3control.model.SSES3; import com.amazonaws.services.s3control.model.SelectionCriteria; import com.amazonaws.services.s3control.model.StorageLensAwsOrg; import com.amazonaws.services.s3control.model.StorageLensConfiguration; import com.amazonaws.services.s3control.model.StorageLensDataExport; import com.amazonaws.services.s3control.model.StorageLensDataExportEncryption; import com.amazonaws.services.s3control.model.StorageLensTag; import java.util.Arrays; import java.util.List; import static com.amazonaws.regions.Regions.US_WEST_2; public class UpdateDefaultConfigWithPaidFeatures { public static void main(String[] args) { String configurationId = "default-account-dashboard"; // This configuration ID cannot be modified String sourceAccountId = "Source Account ID"; try { SelectionCriteria selectionCriteria = new SelectionCriteria() .withDelimiter("/") .withMaxDepth(5) .withMinStorageBytesPercentage(10.0); PrefixLevelStorageMetrics prefixStorageMetrics = new PrefixLevelStorageMetrics() .withIsEnabled(true) .withSelectionCriteria(selectionCriteria); BucketLevel bucketLevel = new BucketLevel() .withActivityMetrics(new ActivityMetrics().withIsEnabled(true)) .withPrefixLevel(new PrefixLevel().withStorageMetrics(prefixStorageMetrics)); AccountLevel accountLevel = new AccountLevel() .withActivityMetrics(new ActivityMetrics().withIsEnabled(true)) .withBucketLevel(bucketLevel); StorageLensConfiguration configuration = new StorageLensConfiguration() .withId(configurationId) .withAccountLevel(accountLevel) .withIsEnabled(true); AWSS3Control s3ControlClient = AWSS3ControlClient.builder() .withCredentials(new ProfileCredentialsProvider()) .withRegion(US_WEST_2) .build(); s3ControlClient.putStorageLensConfiguration(new PutStorageLensConfigurationRequest() .withAccountId(sourceAccountId) .withConfigId(configurationId) .withStorageLensConfiguration(configuration) ); } catch (AmazonServiceException e) { // The call was transmitted successfully, but Amazon S3 couldn't process // it and returned an error response. e.printStackTrace(); } catch (SdkClientException e) { // Amazon S3 couldn't be contacted for a response, or the client // couldn't parse the response from Amazon S3. e.printStackTrace(); } } }
注意
高级指标和建议需支付额外费用。有关详细信息,请参阅高级指标和建议。
使用适用于 Java 的 SDK 将 Amazon S3 Storage Lens 与您的 Amazon Organizations 结合使用
使用 Amazon S3 Storage Lens 收集属于 Amazon Organizations 层次结构的所有账户的存储指标和使用情况数据。有关更多信息,请参阅将 Amazon S3 Storage Lens 与 Amazon Organizations 结合使用。
主题
为 S3 Storage Lens 启用组织可信访问权限
例 为 S3 Storage Lens 启用组织可信访问权限
import com.amazonaws.AmazonServiceException; import com.amazonaws.SdkClientException; import com.amazonaws.auth.profile.ProfileCredentialsProvider; import com.amazonaws.regions.Regions; import com.amazonaws.services.organizations.AWSOrganizations; import com.amazonaws.services.organizations.AWSOrganizationsClient; import com.amazonaws.services.organizations.model.EnableAWSServiceAccessRequest; public class EnableOrganizationsTrustedAccess { private static final String S3_STORAGE_LENS_SERVICE_PRINCIPAL = "storage-lens.s3.amazonaws.com"; public static void main(String[] args) { try { AWSOrganizations organizationsClient = AWSOrganizationsClient.builder() .withCredentials(new ProfileCredentialsProvider()) .withRegion(Regions.US_EAST_1) .build(); organizationsClient.enableAWSServiceAccess(new EnableAWSServiceAccessRequest() .withServicePrincipal(S3_STORAGE_LENS_SERVICE_PRINCIPAL)); } catch (AmazonServiceException e) { // The call was transmitted successfully, but AWS Organizations couldn't process // it and returned an error response. e.printStackTrace(); } catch (SdkClientException e) { // AWS Organizations couldn't be contacted for a response, or the client // couldn't parse the response from AWS Organizations. e.printStackTrace(); } } }
为 S3 Storage Lens 禁用组织可信访问权限
例 为 S3 Storage Lens 禁用组织可信访问权限
import com.amazonaws.AmazonServiceException; import com.amazonaws.SdkClientException; import com.amazonaws.auth.profile.ProfileCredentialsProvider; import com.amazonaws.regions.Regions; import com.amazonaws.services.organizations.AWSOrganizations; import com.amazonaws.services.organizations.AWSOrganizationsClient; import com.amazonaws.services.organizations.model.DisableAWSServiceAccessRequest; public class DisableOrganizationsTrustedAccess { private static final String S3_STORAGE_LENS_SERVICE_PRINCIPAL = "storage-lens.s3.amazonaws.com"; public static void main(String[] args) { try { AWSOrganizations organizationsClient = AWSOrganizationsClient.builder() .withCredentials(new ProfileCredentialsProvider()) .withRegion(Regions.US_EAST_1) .build(); // Make sure to remove any existing delegated administrator for S3 Storage Lens before disabling access, otherwise the request will fail. organizationsClient.disableAWSServiceAccess(new DisableAWSServiceAccessRequest() .withServicePrincipal(S3_STORAGE_LENS_SERVICE_PRINCIPAL)); } catch (AmazonServiceException e) { // The call was transmitted successfully, but AWS Organizations couldn't process // it and returned an error response. e.printStackTrace(); } catch (SdkClientException e) { // AWS Organizations couldn't be contacted for a response, or the client // couldn't parse the response from AWS Organizations. e.printStackTrace(); } } }
为 S3 Storage Lens 注册组织委托管理员
例 为 S3 Storage Lens 注册组织委托管理员
import com.amazonaws.AmazonServiceException; import com.amazonaws.SdkClientException; import com.amazonaws.auth.profile.ProfileCredentialsProvider; import com.amazonaws.regions.Regions; import com.amazonaws.services.organizations.AWSOrganizations; import com.amazonaws.services.organizations.AWSOrganizationsClient; import com.amazonaws.services.organizations.model.RegisterDelegatedAdministratorRequest; public class RegisterOrganizationsDelegatedAdministrator { private static final String S3_STORAGE_LENS_SERVICE_PRINCIPAL = "storage-lens.s3.amazonaws.com"; public static void main(String[] args) { try { String delegatedAdminAccountId = "253880222538"; // Account Id for the delegated administrator AWSOrganizations organizationsClient = AWSOrganizationsClient.builder() .withCredentials(new ProfileCredentialsProvider()) .withRegion(Regions.US_EAST_1) .build(); organizationsClient.registerDelegatedAdministrator(new RegisterDelegatedAdministratorRequest() .withAccountId(delegatedAdminAccountId) .withServicePrincipal(S3_STORAGE_LENS_SERVICE_PRINCIPAL)); } catch (AmazonServiceException e) { // The call was transmitted successfully, but AWS Organizations couldn't process // it and returned an error response. e.printStackTrace(); } catch (SdkClientException e) { // AWS Organizations couldn't be contacted for a response, or the client // couldn't parse the response from AWS Organizations. e.printStackTrace(); } } }
为 S3 Storage Lens 取消注册组织委托管理员
例 为 S3 Storage Lens 取消注册组织委托管理员
import com.amazonaws.AmazonServiceException; import com.amazonaws.SdkClientException; import com.amazonaws.auth.profile.ProfileCredentialsProvider; import com.amazonaws.regions.Regions; import com.amazonaws.services.organizations.AWSOrganizations; import com.amazonaws.services.organizations.AWSOrganizationsClient; import com.amazonaws.services.organizations.model.DeregisterDelegatedAdministratorRequest; public class DeregisterOrganizationsDelegatedAdministrator { private static final String S3_STORAGE_LENS_SERVICE_PRINCIPAL = "storage-lens.s3.amazonaws.com"; public static void main(String[] args) { try { String delegatedAdminAccountId = "Account ID"; // Account Id for the delegated administrator AWSOrganizations organizationsClient = AWSOrganizationsClient.builder() .withCredentials(new ProfileCredentialsProvider()) .withRegion(Regions.US_EAST_1) .build(); organizationsClient.deregisterDelegatedAdministrator(new DeregisterDelegatedAdministratorRequest() .withAccountId(delegatedAdminAccountId) .withServicePrincipal(S3_STORAGE_LENS_SERVICE_PRINCIPAL)); } catch (AmazonServiceException e) { // The call was transmitted successfully, but AWS Organizations couldn't process // it and returned an error response. e.printStackTrace(); } catch (SdkClientException e) { // AWS Organizations couldn't be contacted for a response, or the client // couldn't parse the response from AWS Organizations. e.printStackTrace(); } } }