TWI833501B - Assets and configuration management system and method for multi-cloud and computer program product thereof - Google Patents

Assets and configuration management system and method for multi-cloud and computer program product thereof Download PDF

Info

Publication number
TWI833501B
TWI833501B TW111148268A TW111148268A TWI833501B TW I833501 B TWI833501 B TW I833501B TW 111148268 A TW111148268 A TW 111148268A TW 111148268 A TW111148268 A TW 111148268A TW I833501 B TWI833501 B TW I833501B
Authority
TW
Taiwan
Prior art keywords
asset
query
cloud
configuration
public cloud
Prior art date
Application number
TW111148268A
Other languages
Chinese (zh)
Inventor
陳振翔
李可柔
Original Assignee
中華電信股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中華電信股份有限公司 filed Critical 中華電信股份有限公司
Priority to TW111148268A priority Critical patent/TWI833501B/en
Application granted granted Critical
Publication of TWI833501B publication Critical patent/TWI833501B/en

Links

Images

Landscapes

  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

An assets and configuration management system and an assets and configuration method for multi-cloud and a computer program thereof are disclosed. A multi-cloud assets management core unit is configured to acquire a public cloud account of a user and an asset enquiry strategy according to an asset enquiry request. An asset enquiry strategy unit is configured to query assets in public clouds according to the public cloud account and the asset enquiry strategy, so that the multi-cloud assets management core unit collates the queried assets query results into asset information and then stores the asset information in a multi-cloud asset management database. A multi-cloud configuration management core unit is configured to query configuration in the public clouds in response to a configuration enquiry request for a given asset in the asset information, so as to collate the queried configuration query results into configuration information and then reply the user with the queried configuration information of the given asset.

Description

用於多個公有雲之資產與組態管理系統、資產與組態管理方法及其電腦程式產品 Asset and configuration management systems, asset and configuration management methods and computer program products for multiple public clouds

本案係關於一種用於多雲的資產與組態之管理技術,詳言之,係關於一種用於多個公有雲之資產與組態管理系統、資產與組態管理方法及其電腦程式產品。 This case is about an asset and configuration management technology for multi-cloud. Specifically, it is about an asset and configuration management system, asset and configuration management method and computer program product for multiple public clouds.

目前雲端平台可例如有Amazon Web Services(AWS)、Microsoft Azure、Google Cloud Platform(GCP)等,可供使用者透過網際網路來使用公有雲上的雲端資源,例如虛擬主機(Virtual Machine,VM)、儲存空間、應用程式等。 Current cloud platforms include Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform (GCP), etc., which allow users to use cloud resources on public clouds through the Internet, such as virtual machines (VM), Storage space, applications, etc.

不同的雲端平台提供不同的管理機制,以供使用者了解自己在雲端上使用的作業環境或軟體服務等。然而,當使用者或企業擁有多個公有雲的帳號時,且多個公有雲上還有不同類型的服務或資源,管理這些服務或資源之資產及他們的組態配置時,提供整合性和即時的管理系統與方法,對於使用者而言甚為重要。 Different cloud platforms provide different management mechanisms for users to understand the operating environment or software services they use on the cloud. However, when a user or enterprise has multiple public cloud accounts, and there are different types of services or resources on the multiple public clouds, it provides integration and real-time management of the assets of these services or resources and their configuration. Management systems and methods are very important to users.

因此,如何提供一種便利管理技術,讓使用者能方便地在多個公有雲上管理自己的資產和組態,為目前待解決的議題。 Therefore, how to provide a convenient management technology that allows users to easily manage their assets and configurations on multiple public clouds is an issue that needs to be solved.

為解決上述問題及其他問題,本案揭示一種用於多個公有雲之資產與組態管理系統、資產與組態管理方法及其電腦程式產品。 In order to solve the above problems and other problems, this case discloses an asset and configuration management system, asset and configuration management method and computer program product for multiple public clouds.

本案所揭之用於多個公有雲之資產與組態管理系統,係包括:多雲資產管理資料庫;多雲資產管理核心單元,用於根據一資產查詢請求,取得使用者的公有雲帳號及資產查詢策略;資產查詢策略單元,係根據該多雲資產管理核心單元所取得之該公有雲帳號及該資產查詢策略,在公有雲上進行資產查詢,以將所查詢到之資產查詢結果傳送至該多雲資產管理核心單元彙整為資產資訊而儲存至該多雲資產管理資料庫;以及多雲組態管理核心單元,係響應於針對該資產資訊中給定資產之一組態查詢請求,根據該組態查詢請求在該公有雲上進行組態查詢,以將所查詢到之組態查詢結果彙整為組態資訊而回傳該組態資訊。 The asset and configuration management system for multiple public clouds disclosed in this case includes: a multi-cloud asset management database; a multi-cloud asset management core unit used to obtain the user's public cloud account and assets based on an asset query request Query strategy; the asset query strategy unit performs asset query on the public cloud based on the public cloud account and the asset query strategy obtained by the multi-cloud asset management core unit, so as to transmit the queried asset query results to the multi-cloud asset The management core unit collects asset information and stores it in the multi-cloud asset management database; and the multi-cloud configuration management core unit responds to a configuration query request for a given asset in the asset information, and performs the configuration query on Configuration query is performed on the public cloud, and the configuration query results are compiled into configuration information and the configuration information is returned.

本案所揭之用於多個公有雲之資產與組態管理系統,更包括:外部公有雲事件接收單元,係用於接收更新事件;以及工作排程與事件管理單元,係產生由工作排程所啟動之該資產查詢請求和由更新事件所驅動之該資產查詢請求,其中,該多雲資產管理核心單元根據由該工作排程所啟動之該資產查詢請求,至該多雲資產管理資料庫中取得該公有雲帳號及該資產查詢策略,或者其中,該多雲資產管理核心單元根據由該更新事件所驅動之該資產查詢請求,自該更新事件的活動紀錄中取得該公有雲帳號及該資產查詢策略,其中,該工作排程與事件管理單元、該多雲資產管理核心單元、及該資產查詢策略單元係構成多雲 資產管理子系統,且該多雲資產管理子系統係以叢集化容器技術部屬於電子裝置中。 The asset and configuration management system used in multiple public clouds disclosed in this case also includes: an external public cloud event receiving unit, which is used to receive update events; and a work scheduling and event management unit, which is generated by the work schedule The asset query request initiated and the asset query request driven by the update event, wherein the multi-cloud asset management core unit obtains the asset query request from the multi-cloud asset management database according to the asset query request initiated by the work schedule. The public cloud account and the asset query strategy, or the multi-cloud asset management core unit obtains the public cloud account and the asset query strategy from the activity record of the update event based on the asset query request driven by the update event , wherein the work scheduling and event management unit, the multi-cloud asset management core unit, and the asset query strategy unit constitute a multi-cloud Asset management subsystem, and the multi-cloud asset management subsystem is based on clustered container technology and is part of the electronic device.

本案所揭之用於多個公有雲之資產與組態管理系統,更包括:外部公有雲介面單元,用於介接多個公有雲;以及組態大數據處理單元,於該多雲組態管理核心單元藉由該外部公有雲介面單元在該公有雲所查詢到的組態查詢結果為批次時,該組態大數據處理單元將批次之組態查詢結果組合為完整的組態資訊,其中,該多雲組態管理核心單元及該組態大數據處理單元係構成多雲組態管理子系統,且該多雲組態管理子系統係以叢集化容器技術部屬於電子裝置中。 The asset and configuration management system for multiple public clouds disclosed in this case also includes: an external public cloud interface unit for connecting multiple public clouds; and a configuration big data processing unit for configuration management of the multi-cloud When the configuration query results queried by the core unit in the public cloud through the external public cloud interface unit are batches, the configuration big data processing unit combines the configuration query results of the batches into complete configuration information. Among them, the multi-cloud configuration management core unit and the configuration big data processing unit constitute a multi-cloud configuration management subsystem, and the multi-cloud configuration management subsystem is based on clustered container technology and is part of an electronic device.

於一實施例中,該資產查詢策略單元包括:設定檔(Config)資產管理單元,其用於呼叫該設定檔(Config)資產所對應之外部公有雲介面,以查詢設定檔(Config)型資產資訊;資源群組與標籤(Resource Group & Tag)資產管理單元,其用於呼叫該資源群組與標籤(Resource Group & Tag)資產所對應之外部公有雲介面,以查詢資源群組與標籤(Resource Group & Tag)型資產資訊;軟體開發工具套件(software development kit,SDK)資產管理單元,其用於在該公有雲查詢SDK型資產資訊;以及資源圖譜(Resource Graph)資產管理單元,其用於呼叫該資源圖譜(Resource Graph)產所對應之外部公有雲介面,以查詢資源圖譜(Resource Graph)型資產資訊。 In one embodiment, the asset query strategy unit includes: a configuration file (Config) asset management unit, which is used to call an external public cloud interface corresponding to the configuration file (Config) asset to query the configuration file (Config) type asset. Information; resource group and tag (Resource Group & Tag) asset management unit, which is used to call the external public cloud interface corresponding to the resource group and tag (Resource Group & Tag) assets to query the resource group and tag ( Resource Group & Tag) type asset information; a software development kit (SDK) asset management unit, which is used to query SDK type asset information in the public cloud; and a Resource Graph (Resource Graph) asset management unit, which is used to query SDK type asset information in the public cloud. Call the external public cloud interface corresponding to the resource graph (Resource Graph) product to query the resource graph (Resource Graph) type asset information.

於一實施例中,該多雲資產管理資料庫係儲存公有雲區域清單資料表、公有雲資產查詢策略資料表、公有雲服務或資源類型資料表、公有雲平台種類資料表、使用者多雲帳號資料表、多雲帳號資產排程啟動與事件驅動管理紀錄表、及/或資產查詢結果之服務或資源識別碼資料表,且其中,該資產查詢結 果之服務或資源識別碼資料表與該多雲帳號資產排程啟動與事件驅動管理紀錄表為多對多的關係,該多雲帳號資產排程啟動與事件驅動管理紀錄表與該使用者多雲帳號資料表為多對一的關係,該使用者多雲帳號資料表與該公有雲平台種類資料表為多對一的關係,而該公有雲平台種類資料表與該公有雲資產查詢策略資料表為一對多的關係,該公有雲平台種類資料表與該公有雲區域清單資料表為一對多的關係,該公有雲平台種類資料表與該公有雲服務或資源類型資料表為一對多的關係。 In one embodiment, the multi-cloud asset management database stores a public cloud region list data table, a public cloud asset query strategy data table, a public cloud service or resource type data table, a public cloud platform type data table, and user multi-cloud account data. table, multi-cloud account asset schedule activation and event-driven management record table, and/or service or resource identification data table of asset query results, and among them, the asset query result If the service or resource identifier data table has a many-to-many relationship with the multi-cloud account asset schedule activation and event-driven management record table, the multi-cloud account asset schedule activation and event-driven management record table has the user multi-cloud account information. The table has a many-to-one relationship, the user multi-cloud account data table and the public cloud platform type data table have a many-to-one relationship, and the public cloud platform type data table and the public cloud asset query strategy data table have a one-to-one relationship. There is a many-to-many relationship. The public cloud platform type data table has a one-to-many relationship with the public cloud region list data table. The public cloud platform type data table has a one-to-many relationship with the public cloud service or resource type data table.

本案所揭之用於多個公有雲之資產與組態管理方法,係包括:根據一資產查詢請求,取得使用者的公有雲帳號及資產查詢策略;根據該公有雲帳號及該資產查詢策略,在公有雲上進行資產查詢;將所查詢到之資產查詢結果彙整為資產資訊而儲存在多雲資產管理資料庫;響應於針對該資產資訊中給定資產之一組態查詢請求,根據該組態查詢請求在該公有雲上進行組態查詢;以及將所查詢到之組態查詢結果彙整為組態資訊,以回傳該給定資產之該組態資訊。 The asset and configuration management method for multiple public clouds disclosed in this case includes: obtaining the user's public cloud account and asset query strategy based on an asset query request; based on the public cloud account and the asset query strategy, Perform asset query on the public cloud; compile the queried asset query results into asset information and store them in the multi-cloud asset management database; respond to a configuration query request for a given asset in the asset information, query according to the configuration Request a configuration query on the public cloud; and compile the configuration query results into configuration information to return the configuration information of the given asset.

於一實施例中,所述根據一資產查詢請求,取得使用者的公有雲帳號及資產查詢策略之步驟係包括:於該資產查詢請求係由工作排程所啟動時,根據由該工作排程所啟動之該資產查詢請求,至該多雲資產管理資料庫中取得該公有雲帳號及該資產查詢策略;以及於該資產查詢請求係由更新事件所驅動時,根據由該更新事件所驅動之該資產查詢請求,自該更新事件的活動紀錄中取得該公有雲帳號及該資產查詢策略。 In one embodiment, the step of obtaining the user's public cloud account and asset query strategy according to an asset query request includes: when the asset query request is initiated by a work schedule, according to the work schedule The initiated asset query request obtains the public cloud account and the asset query policy from the multi-cloud asset management database; and when the asset query request is driven by an update event, the The asset query request obtains the public cloud account and the asset query policy from the activity record of the update event.

於一實施例中,所述將所查詢到之組態查詢結果彙整為組態資訊,以回傳該給定資產之該組態資訊之步驟係包括:於所查詢到的該組態資訊為批次時,將批次之組態資訊組合為完整組態資訊再回傳。 In one embodiment, the step of compiling the queried configuration query results into configuration information to return the configuration information of the given asset includes: when the queried configuration information is When batching, combine the configuration information of the batch into complete configuration information and then return it.

於一實施例中,所述根據該公有雲帳號及該資產查詢策略,在公有雲上進行資產查詢之步驟係包括:於該資產查詢策略包括設定檔(Config)資產查詢策略時,呼叫該設定檔(Config)資產所對應之外部公有雲介面,以查詢設定檔(Config)型資產資訊;於該資產查詢策略包括資源群組與標籤(Resource Group & Tag)資產查詢策略時,呼叫該資源群組與標籤(Resource Group & Tag)資產所對應之外部公有雲介面,以查詢資源群組與標籤(Resource Group & Tag)型資產資訊;於該資產查詢策略包括軟體開發工具套件(software development kit,SDK)資產查詢策略時,在該公有雲查詢SDK型資產資訊;以及於該資產查詢策略包括資源圖譜(Resource Graph)資產查詢策略時,呼叫該資源圖譜(Resource Graph)產所對應之外部公有雲介面,以查詢資源圖譜(Resource Graph)型資產資訊。 In one embodiment, the step of performing asset query on the public cloud according to the public cloud account and the asset query strategy includes: when the asset query strategy includes a configuration file (Config) asset query strategy, calling the configuration file (Config) The external public cloud interface corresponding to the asset to query the configuration file (Config) asset information; when the asset query strategy includes the resource group and tag (Resource Group & Tag) asset query strategy, call the resource group The external public cloud interface corresponding to the resource group & tag asset is used to query resource group and tag asset information; the asset query strategy includes software development kit (SDK) ) asset query strategy, query SDK asset information in the public cloud; and when the asset query strategy includes a Resource Graph asset query strategy, call the external public cloud interface corresponding to the Resource Graph product. , to query resource graph (Resource Graph) asset information.

於一實施例中,該多雲資產管理資料庫係儲存公有雲區域清單資料表、公有雲資產查詢策略資料表、公有雲服務或資源類型資料表、公有雲平台種類資料表、使用者多雲帳號資料表、多雲帳號資產排程啟動與事件驅動管理紀錄表、及/或資產查詢結果之服務或資源識別碼資料表,且其中,該資產查詢結果之服務或資源識別碼資料表與該多雲帳號資產排程啟動與事件驅動管理紀錄表為多對多的關係,該多雲帳號資產排程啟動與事件驅動管理紀錄表與該使用者多雲帳號資料表為多對一的關係,該使用者多雲帳號資料表與該公有雲平台種類資料表為多對一的關係,而該公有雲平台種類資料表與該公有雲資產查詢策略資料表為一對多的關係,該公有雲平台種類資料表與該公有雲區域清單資料表為一對多的關係,該公有雲平台種類資料表與該公有雲服務或資源類型資料表為一對多的關係。 In one embodiment, the multi-cloud asset management database stores a public cloud region list data table, a public cloud asset query strategy data table, a public cloud service or resource type data table, a public cloud platform type data table, and user multi-cloud account data. table, the multi-cloud account asset schedule activation and event-driven management record table, and/or the service or resource identification code data table of the asset query results, and among them, the service or resource identification code data table of the asset query results and the multi-cloud account assets The schedule activation and event-driven management record table are in a many-to-many relationship. The multi-cloud account asset schedule activation and event-driven management record table are in a many-to-one relationship with the user multi-cloud account data table. The user multi-cloud account data is in a many-to-one relationship. The table has a many-to-one relationship with the public cloud platform type data table, and the public cloud platform type data table has a one-to-many relationship with the public cloud asset query strategy data table. The public cloud platform type data table has a one-to-one relationship with the public cloud platform type data table. The cloud region list data table has a one-to-many relationship, and the public cloud platform type data table has a one-to-many relationship with the public cloud service or resource type data table.

本案所揭之電腦程式產品係經電腦載入程式以執行本案所揭之用於多個公有雲之資產與組態管理方法。 The computer program product disclosed in this case is loaded into the computer to execute the asset and configuration management method disclosed in this case for multiple public clouds.

本案所揭之電腦可讀取媒體係儲存本案所揭之電腦程式產品。 The computer-readable media disclosed in this case stores the computer program product disclosed in this case.

藉由本案所揭之用於多個公有雲之資產與組態管理系統、資產與組態管理方法及其電腦程式產品,係於多雲資產與組態管理服務範疇中設計一套多雲資產與組態管理,藉以提供查詢公有雲上複數區域上異質型服務或資源之識別碼、數量與組態。首先,可由工作排程啟動時觸發查詢,取得使用者授權之公有雲帳號,參照資料庫記載之可用公有雲區域清單,依續針對各個區域中不同類型服務或資源進行資產數量查詢,資產之查詢策略可包含但不限於SDK型資產、ResourceGroup&Tag型資產、Config型資產與Resource Graph型資產,資產數量查詢之結果亦提供依據服務或資源類種類分類查詢與管理,當複數種公有雲區域上之服務或資源資產數量更新時,亦將觸發進行最新服務或資源之數量更新,以提供使用者最新之多雲資產結果。此外,更可針對已有記載之特定服務或資源進一步提供組態資料查訊,組態資訊將透過大數據處理機制,以提升查詢效率,提供即時之多雲資產與組態管理服務。 Through the asset and configuration management system, asset and configuration management methods and computer program products for multiple public clouds disclosed in this case, a set of multi-cloud assets and configuration management services are designed. State management provides the ability to query the identification, quantity, and configuration of heterogeneous services or resources in multiple regions on the public cloud. First, the query can be triggered when the work schedule is started, obtain the public cloud account authorized by the user, refer to the list of available public cloud regions recorded in the database, and continue to query the asset quantity and asset query for different types of services or resources in each region. Strategies can include but are not limited to SDK-type assets, ResourceGroup&Tag-type assets, Config-type assets, and Resource Graph-type assets. The results of asset quantity query also provide classification query and management based on service or resource type. When services on multiple public cloud regions Or when the quantity of resource assets is updated, it will also trigger an update of the quantity of the latest services or resources to provide users with the latest multi-cloud asset results. In addition, configuration data query can be further provided for specific services or resources that have been recorded. Configuration information will be processed through big data processing mechanisms to improve query efficiency and provide real-time multi-cloud asset and configuration management services.

100:資產與組態管理系統 100:Asset and configuration management system

1:多雲資產管理子系統 1: Multi-cloud asset management subsystem

2:多雲組態管理子系統 2: Multi-cloud configuration management subsystem

10、10A、10B、10C:使用者終端裝置 10, 10A, 10B, 10C: User terminal device

11:外部公有雲事件收集單元 11: External public cloud event collection unit

12:工作排程與事件管理單元 12: Work scheduling and event management unit

13:多雲資產管理核心單元 13: Multi-cloud asset management core unit

14:資產查詢策略單元 14: Asset query strategy unit

141:設定檔(Config)資產管理單元 141:Config asset management unit

142:資源群組與標籤(Resource Group & Tag)資產管理單元 142: Resource Group & Tag asset management unit

143:軟體開發工具套件(software development kit,SDK)資產管理單元 143: Software development kit (SDK) asset management unit

144:資源圖譜(Resource Graph)資產管理單元 144: Resource Graph asset management unit

15:多雲資產管理資料庫 15:Multi-cloud asset management database

16:多雲組態管理核心單元 16: Multi-cloud configuration management core unit

17:組態大數據處理單元 17:Configuring big data processing unit

18:外部公有雲介面單元 18:External public cloud interface unit

200:資產與組態管理方法 200: Asset and configuration management methods

S21~S23、S231~S234、S24、S241~S244、S25~S27:步驟 S21~S23, S231~S234, S24, S241~S244, S25~S27: steps

300:多雲資產管理資料表 300: Multi-cloud Asset Management Fact Sheet

31:公有雲區域清單資料表 31: Public cloud region list information table

32:公有雲資產查詢策略資料表 32: Public cloud asset query strategy data sheet

33:公有雲服務或資源類型資料表 33: Public cloud service or resource type information table

34:公有雲平台種類資料表 34: Public cloud platform type information table

35:使用者多雲帳號資料表 35: User multi-cloud account information table

36:多雲帳號資產排程啟動與事件驅動管理紀錄表 36: Multi-cloud account asset schedule activation and event-driven management record table

37:資產查詢結果之服務或資源識別碼資料表 37: Service or resource identification code data table of asset query results

400:流程 400:Process

S401~S416:步驟 S401~S416: steps

500:流程 500:Process

S501~S523:步驟 S501~S523: steps

600:流程 600:Process

S601~S612:步驟 S601~S612: steps

700:流程 700:Process

S701~S711:步驟 S701~S711: steps

圖1係本案之用於多個公有雲之資產與組態管理系統的實施例之方塊示意圖。 Figure 1 is a block diagram of an embodiment of the asset and configuration management system for multiple public clouds in this case.

圖2係本案之用於多個公有雲之資產與組態管理方法的步驟實施例的流程示意圖。 Figure 2 is a schematic flowchart of a step embodiment of the asset and configuration management method for multiple public clouds in this case.

圖3係本案之用於多個公有雲之資產與組態管理系統中多雲資產管理資料表的結構關係示意圖。 Figure 3 is a schematic diagram of the structural relationship of the multi-cloud asset management data table in the asset and configuration management system for multiple public clouds in this case.

圖4係本案之用於多個公有雲之資產與組態管理系統及方法的實施例之流程示意圖。 Figure 4 is a flow diagram of an embodiment of the asset and configuration management system and method for multiple public clouds in this case.

圖5係本案之用於多個公有雲之資產與組態管理系統及方法的實施例中排程啟動之流程示意圖。 Figure 5 is a schematic flowchart of scheduled startup in an embodiment of the asset and configuration management system and method for multiple public clouds in this case.

圖6係本案之用於多個公有雲之資產與組態管理系統及方法的實施例中事件驅動之流程示意圖。 Figure 6 is a schematic diagram of an event-driven process in an embodiment of the asset and configuration management system and method for multiple public clouds in this case.

圖7係本案之用於多個公有雲之資產與組態管理系統及方法的實施例中組態查詢之流程示意圖。 Figure 7 is a schematic flowchart of configuration query in an embodiment of the asset and configuration management system and method for multiple public clouds in this case.

以下藉由特定的實施例說明本案之實施方式,熟習此項技藝之人士可由本文所揭示之內容輕易地瞭解本案之其他優點及功效。本說明書所附圖式所繪示之結構、比值、大小等均僅用於配合說明書所揭示之內容,以供熟悉此技藝之人士之瞭解與閱讀,非用於限定本案可實施之限定條件,故任何修飾、改變或調整,在不影響本案所能產生之功效及所能達成之目的下,均應仍落在本案所揭示之技術內容得能涵蓋之範圍內。 The following uses specific examples to illustrate the implementation of the present invention. People familiar with this art can easily understand other advantages and effects of the present invention from the content disclosed in this article. The structures, ratios, sizes, etc. shown in the drawings attached to this manual are only used to coordinate with the content disclosed in the manual for the understanding and reading of those familiar with this art. They are not used to limit the conditions for the implementation of this case. Therefore, any modification, change or adjustment, without affecting the effectiveness and purpose of this case, should still fall within the scope of the technical content disclosed in this case.

於本文中所用之術語「包括」、「包含」、「具有」、「含有」或其任何其他變體都旨在涵蓋非排他性的包含。除非另有說明,單數形式的措辭,如「一」、「一個」、「該」也適用於複數形式,而「或」、「及/或」等措辭可互換使用。 As used herein, the terms "includes," "includes," "has," "contains" or any other variations thereof are intended to cover a non-exclusive inclusion. Unless stated otherwise, singular terms such as "a", "an" and "the" also apply to the plural form and terms such as "or", "and/or" are used interchangeably.

請參閱圖1,其示意說明本案之用於多個公有雲之資產與組態管理系統的實施例。 Please refer to Figure 1, which schematically illustrates an embodiment of the asset and configuration management system for multiple public clouds in this case.

本案之資產與組態管理系統100包括外部公有雲事件收集單元11、工作排程與事件管理單元12、多雲資產管理核心單元13、資產查詢策略單元14、多雲資產管理資料庫15、多雲組態管理核心單元16、組態大數據處理單元17、外部公有雲介面單元18。 The asset and configuration management system 100 in this case includes an external public cloud event collection unit 11, a work scheduling and event management unit 12, a multi-cloud asset management core unit 13, an asset query strategy unit 14, a multi-cloud asset management database 15, and a multi-cloud configuration Management core unit 16, configuration big data processing unit 17, external public cloud interface unit 18.

外部公有雲事件收集單元11用於接收更新事件,即,負責接收多個公有雲上使用者的公有雲帳號之服務或資源的更新事件。 The external public cloud event collection unit 11 is configured to receive update events, that is, responsible for receiving update events for services or resources of public cloud accounts of multiple users on the public cloud.

外部公有雲介面單元18用於介接多個公有雲,即,負責與多個公有雲上之介面進行介接工作。 The external public cloud interface unit 18 is used to interface with multiple public clouds, that is, responsible for interfacing with interfaces on multiple public clouds.

多雲資產管理資料庫15主要用於存放資產查詢策略和資產查詢結果等。於一實施例中,多雲資產管理資料庫15儲存:公有雲區域清單資料表31、公有雲資產查詢策略資料表32、公有雲服務或資源類型資料表33、公有雲平台種類資料表34、使用者多雲帳號資料表35、多雲帳號資產排程啟動與事件驅動管理紀錄表36、及/或資產查詢結果之服務或資源識別碼資料表37,如圖3所示。 The multi-cloud asset management database 15 is mainly used to store asset query strategies and asset query results. In one embodiment, the multi-cloud asset management database 15 stores: public cloud area list data table 31, public cloud asset query strategy data table 32, public cloud service or resource type data table 33, public cloud platform type data table 34, usage The multi-cloud account data table 35, the multi-cloud account asset schedule activation and event-driven management record table 36, and/or the service or resource identification code data table 37 of the asset query results are shown in Figure 3.

工作排程與事件管理單元12用於產生資產查詢請求。於一實施例,工作排程與事件管理單元12可產生由工作排程所啟動之資產查詢請求。於另一實施例,工作排程與事件管理單元12可產生由外部公有雲事件收集單元11所收集之更新事件所驅動之資產查詢請求。換言之,工作排程與事件管理單元12接收排程啟動和事件驅動兩種模式,以觸發資產查詢任務。 The work scheduling and event management unit 12 is used to generate asset query requests. In one embodiment, the work schedule and event management unit 12 may generate an asset query request initiated by the work schedule. In another embodiment, the work scheduling and event management unit 12 may generate asset query requests driven by update events collected by the external public cloud event collection unit 11 . In other words, the work schedule and event management unit 12 accepts two modes: schedule start and event drive to trigger the asset query task.

多雲資產管理核心單元13用於接收來自工作排程與事件管理單元12之一資產查詢請求,以根據該資產查詢請求取得使用者的公有雲帳號及資產查詢策略。於一實施例,該資產查詢請求可由工作排程所啟動,則多雲資產管理核心單元13根據由該工作排程所啟動之該資產查詢請求,至多雲資產管理資料庫15中取得該公有雲帳號及該資產查詢策略。於另一實施例,該資產查詢請求可由更新事件所驅動,多雲資產管理核心單元13根據由該更新事件所驅動之資產查詢請求,自該更新事件的活動紀錄中取得該公有雲帳號及該資產查詢策略。 The multi-cloud asset management core unit 13 is configured to receive an asset query request from the work schedule and event management unit 12, and obtain the user's public cloud account and asset query policy according to the asset query request. In one embodiment, the asset query request can be initiated by a work schedule, and the multi-cloud asset management core unit 13 obtains the public cloud account from the multi-cloud asset management database 15 according to the asset query request initiated by the work schedule. and the asset query strategy. In another embodiment, the asset query request may be driven by an update event. The multi-cloud asset management core unit 13 obtains the public cloud account and the asset from the activity record of the update event based on the asset query request driven by the update event. Query strategy.

資產查詢策略單元14根據該公有雲帳號及該資產查詢策略,藉由或不藉由外部公有雲介面單原18而在公有雲上進行資產查詢,以將所查詢到之資產查詢結果交付多雲資產管理核心單元13彙整為資產資訊而儲存在多雲資產管理資料庫15,俾供多雲資產管理核心單元13自多雲資產管理資料庫15取出以回傳該使用者的該公有雲帳號之該資產資訊。 The asset query strategy unit 14 performs asset query on the public cloud according to the public cloud account and the asset query strategy, with or without the external public cloud interface unit 18, to deliver the queried asset query results to multi-cloud asset management. The core unit 13 compiles the asset information and stores it in the multi-cloud asset management database 15, so that the multi-cloud asset management core unit 13 can retrieve the asset information from the multi-cloud asset management database 15 and return the asset information of the user's public cloud account.

換言之,多雲資產管理核心單元13和資產查詢策略單元14負責查詢或更新使用者的公有雲帳號下的資產資訊,並且取得或決定資產查詢策略,進而彙整所查詢或更新的結果以儲存至多雲資產管理資料庫15,便於當使用者查詢時,即能從多雲資產管理資料庫15中取得以回傳。 In other words, the multi-cloud asset management core unit 13 and the asset query strategy unit 14 are responsible for querying or updating the asset information under the user's public cloud account, obtaining or determining the asset query strategy, and then integrating the query or updated results to store them in the multi-cloud asset The management database 15 is so that when the user queries, it can be retrieved from the multi-cloud asset management database 15 and returned.

另外,如圖5所示,資產查詢策略單元14更包括但不限於:設定檔(Config)資產管理單元141、資源群組與標籤(Resource Group & Tag)資產管理單元142、軟體開發工具套件(software development kit,SDK)資產管理單元143、資源圖譜(Resource Graph)資產管理單元144。 In addition, as shown in Figure 5, the asset query strategy unit 14 further includes but is not limited to: a configuration file (Config) asset management unit 141, a resource group and tag (Resource Group & Tag) asset management unit 142, a software development tool suite ( software development kit (SDK) asset management unit 143 and resource graph (Resource Graph) asset management unit 144.

設定檔(Config)資產管理單元141用於呼叫該設定檔(Config)資產所對應之外部公有雲介面,以查詢設定檔(Config)型資產資訊。資源群組與標籤(Resource Group & Tag)資產管理單元142於呼叫該資源群組與標籤(Resource Group & Tag)資產所對應之外部公有雲介面,以查詢資源群組與標籤(Resource Group & Tag)型資產資訊。軟體開發工具套件(software development kit,SDK)資產管理單元143用於在該公有雲查詢SDK型資產資訊。資源圖譜(Resource Graph)資產管理單元144用於呼叫該資源圖譜(Resource Graph)產所對應之外部公有雲介面,以查詢資源圖譜(Resource Graph)型資產資訊。 The configuration file (Config) asset management unit 141 is used to call the external public cloud interface corresponding to the configuration file (Config) asset to query the configuration file (Config) type asset information. The Resource Group & Tag asset management unit 142 calls the external public cloud interface corresponding to the Resource Group & Tag asset to query the Resource Group & Tag ) type asset information. The software development kit (SDK) asset management unit 143 is used to query SDK asset information in the public cloud. The resource graph (Resource Graph) asset management unit 144 is used to call the external public cloud interface corresponding to the resource graph (Resource Graph) product to query resource graph (Resource Graph) type asset information.

多雲組態管理核心單元16響應於針對該資產資訊中給定資產之一組態查詢請求,根據該組態查詢請求在公有雲上進行組態查詢,以將所查詢到之組態查詢結果彙整為組態資訊而回傳該組態資訊。換言之,多雲組態管理核心單元16負責即時查詢使用者所指定之服務或資源的組態資訊,以將組態查詢結果彙整為組態資訊。 The multi-cloud configuration management core unit 16 responds to a configuration query request for a given asset in the asset information, performs a configuration query on the public cloud according to the configuration query request, and summarizes the queried configuration query results as Configuration information and return the configuration information. In other words, the multi-cloud configuration management core unit 16 is responsible for instantly querying the configuration information of the services or resources specified by the user, so as to compile the configuration query results into configuration information.

組態大數據處理單元17於多雲組態管理核心單元16藉由外部公有雲介面單元18在公有雲所查詢到的組態查詢結果為批次時,組態大數據處理單元17將批次之組態查詢結果組合為完整的組態資訊,即,於組態查詢結果的量較多時,以大數據機制處理之,可有效提升即時查詢效率。 When the configuration query result queried by the multi-cloud configuration management core unit 16 in the public cloud through the external public cloud interface unit 18 is a batch, the configuration big data processing unit 17 configures the big data processing unit 17 to process the batch. The configuration query results are combined into complete configuration information. That is, when the amount of configuration query results is large, the big data mechanism is used to process them, which can effectively improve the real-time query efficiency.

於一實施例中,工作排程與事件管理單元12、多雲資產管理核心單元13、及資產查詢策略單元14可構成多雲資產管理子系統1,並且多雲資產管理子系統1係以叢集化容器技術部屬於電子裝置中。 In one embodiment, the work scheduling and event management unit 12, the multi-cloud asset management core unit 13, and the asset query strategy unit 14 may constitute the multi-cloud asset management subsystem 1, and the multi-cloud asset management subsystem 1 is based on clustered container technology. Part of the electronic device.

於另一實施例中,多雲組態管理核心單元16及組態大數據處理單元17可構成多雲組態管理子系統2,並且多雲組態管理子系統2係以叢集化容器技術部屬於電子裝置中。 In another embodiment, the multi-cloud configuration management core unit 16 and the configuration big data processing unit 17 may constitute the multi-cloud configuration management subsystem 2, and the multi-cloud configuration management subsystem 2 is part of the electronic device using clustered container technology. middle.

簡言之,在圖1所示之用於多個公有雲之資產與組態管理系統100之實施例中,本發明之資產與組態管理系統100以及其子系統及單元係以叢集化容器技術方式部署於電子裝置中,負責於多雲資產與組態管理服務範疇中,提供公有雲上複數區域上異質型服務或資源之識別碼、數量與組態查詢與管理機制,包括多雲資產管理子系統1與多雲組態管理子系統2,其中,多雲資產管理子系統1提供使用者可查詢其於多種公有雲上最新之多雲資產資訊,多雲資產資訊可包含但不限於:資產之服務或資源種類、數量與唯一識別資訊。 Briefly, in the embodiment of the asset and configuration management system 100 for multiple public clouds shown in FIG. 1 , the asset and configuration management system 100 of the present invention and its subsystems and units are configured as clustered containers. The technical method is deployed in electronic devices and is responsible for providing the identification code, quantity and configuration query and management mechanism of heterogeneous services or resources in multiple regions on the public cloud in the field of multi-cloud asset and configuration management services, including the multi-cloud asset management subsystem. 1 and multi-cloud configuration management subsystem 2. Among them, multi-cloud asset management subsystem 1 allows users to query the latest multi-cloud asset information on multiple public clouds. Multi-cloud asset information can include but is not limited to: asset services or resource types, Quantity and unique identifying information.

多雲資產管理子系統1中首先由工作排程與事件管理單元12以使用者的公有雲上之所屬帳號為單位,負責驅動資產查詢或更新之任務,接續由多雲資產管理核心單元13負責管理資產資訊查詢之生命週期,包括資產資訊之更新工作,亦將依據使用者的公有雲上之公雲帳號取得合適之複數種資產查詢策略,並分別分派至資產查詢策略單元14中的Config資產管理單元或ResourceGroup&Tag資產管理單元或SDK查詢資產管理單元或Resource Graph資產管理單元進行查詢,分別運作如下,Config資產管理單元需申請或開通公有雲上之Config服務,例如但不限於AWS Config服務,因此使用者之公有雲帳號必須於所有資產所在之公有雲區域啟用Config服務,並啟用Config服務接收器Recorder,即可搭配外部公有雲介面單元18,取得Config型資產。ResourceGroup&Tag資產管理單元無須另行申租公有雲之服務,負責針對使用者之公有雲帳號已設有標籤(Tag)之服務或資源進行資產查詢,同上可搭配外部公 有雲介面單元18,取得ResourceGroup&Tag型資產。SDK查詢資產管理單元無須另行申租公有雲之服務,著重鎖定單一種服務或資源,透過公有雲該服務或資源所提供之介接查詢工具(SDK),無須搭配外部公有雲介面單元18,即可進行SDK型資產查詢,Resource Graph資產管理單元無須申租或啟用公有雲之服務,但須搭配公有雲上之Resource Graph服務,需搭配外部公有雲介面單元18,即可取得Resource Graph型所支援服務或資源之資產,但Resource Graph具有介面呼叫配額限制,因此當超過配額時,將無法及時取得Resource Graph型資產資訊。分派之查詢結果彙整後,將存放至多雲資產管理資料庫15,供使用者查詢資產結果。 In the multi-cloud asset management subsystem 1, the work schedule and event management unit 12 is first responsible for driving the task of asset query or update based on the user's account on the public cloud. Subsequently, the multi-cloud asset management core unit 13 is responsible for managing asset information. The life cycle of the query, including the update of asset information, will also obtain a plurality of appropriate asset query strategies based on the user's public cloud account and assign them to the Config asset management unit or ResourceGroup&Tag in the asset query strategy unit 14 respectively. The asset management unit or SDK queries the asset management unit or Resource Graph asset management unit for query. The operations are as follows. The Config asset management unit needs to apply for or activate the Config service on the public cloud, such as but not limited to AWS Config service, so the user's public cloud The account must enable the Config service in the public cloud area where all assets are located, and enable the Config service receiver Recorder, which can be used with the external public cloud interface unit 18 to obtain Config-type assets. The ResourceGroup&Tag asset management unit does not need to apply for a separate public cloud service. It is responsible for conducting asset queries for services or resources that have been tagged in the user's public cloud account. The same as above, and can be used with external public cloud services. There is a cloud interface unit 18 that obtains ResourceGroup&Tag type assets. The SDK query asset management unit does not need to apply for a separate public cloud service. It focuses on locking a single service or resource and uses the interface query tool (SDK) provided by the service or resource in the public cloud. It does not need to be matched with an external public cloud interface unit 18, that is SDK-type asset query can be performed. The Resource Graph asset management unit does not need to apply for rent or activate public cloud services, but it must be paired with the Resource Graph service on the public cloud. It needs to be paired with an external public cloud interface unit 18 to obtain the supported services of the Resource Graph type. Or resource assets, but Resource Graph has interface call quota limit, so when the quota is exceeded, Resource Graph type asset information will not be obtained in time. After the distributed query results are compiled, they will be stored in the multi-cloud asset management database 15 for users to query asset results.

此外,多雲組態管理子系統2提供使用者即時查詢公有雲帳號中指定服務或資源之組態資訊,多雲組態管理核心單元16負責接收指定服務或資源之組態查詢請求,接續搭配外部公有雲介面單元18,將根據指定服務或資源之識別碼將組態資訊查回,若查回之組態資訊過大,則委派組態大數據處理單元17將組態回傳結果,轉成大數據串流,依序收到切格成較小串流單位,後方才組合回完整組態數據,提供即時之多雲組態管理查詢功能。 In addition, the multi-cloud configuration management subsystem 2 provides users with real-time query of configuration information of specified services or resources in public cloud accounts. The multi-cloud configuration management core unit 16 is responsible for receiving configuration query requests for specified services or resources, and continues to coordinate with external public cloud accounts. The cloud interface unit 18 will retrieve the configuration information based on the identification code of the designated service or resource. If the retrieved configuration information is too large, the configuration big data processing unit 17 will be assigned to return the configuration result and convert it into big data. Streaming is received sequentially and divided into smaller streaming units, and then the complete configuration data is assembled back to provide real-time multi-cloud configuration management query function.

請參閱圖2,其示意說明本案之用於多個公有雲之資產與組態管理方法的步驟之實施例。資產與組態管理方法200包括步驟S21~S27,其可由電子裝置所執行,例如以叢集化容器技術部署有資產與組態管理系統100之伺服器。 Please refer to Figure 2, which schematically illustrates an embodiment of the steps of the asset and configuration management method for multiple public clouds in this case. The asset and configuration management method 200 includes steps S21 to S27, which can be executed by an electronic device, such as a server on which the asset and configuration management system 100 is deployed using clustered container technology.

於步驟S21中,接收一資產查詢請求,其中,該資產查詢請求可由工作排程所啟動或由更新事件所驅動。 In step S21, an asset query request is received, where the asset query request may be initiated by a work schedule or driven by an update event.

於步驟S22中,取得使用者的公有雲帳號。 In step S22, the user's public cloud account is obtained.

於步驟S23中,取得對應該公有雲帳號之資產查詢策略。 In step S23, the asset query policy corresponding to the public cloud account is obtained.

須說明的是,若該資產查詢請求是由工作排程所啟動,則先至多雲資產管理資料庫15取得使用者的公有雲帳號,再根據該公有雲帳號自多雲資產管理資料庫15取得對應的資產查詢策略。若該資產查詢請求是由更新事件所驅動,且若該更新事件的活動紀錄中有使用者之公有雲帳號和對應的資產查詢策略,則無需至多雲資產管理資料庫15,惟若該更新事件的活動紀錄中未有使用者之公有雲帳號和對應的資產查詢策略時,則比照工作排程啟動的資產查詢請求的運作。 It should be noted that if the asset query request is initiated by a work schedule, the user's public cloud account is first obtained from the multi-cloud asset management database 15, and then the corresponding data is obtained from the multi-cloud asset management database 15 based on the public cloud account. Asset query strategy. If the asset query request is driven by an update event, and if the activity record of the update event contains the user's public cloud account and the corresponding asset query policy, there is no need to go to the multi-cloud asset management database 15. However, if the update event If the user's public cloud account and corresponding asset query policy are not included in the activity record, the operation of the asset query request initiated by the work schedule will be compared.

於步驟S24中,根據使用者的公有雲帳號和資產查詢策略在公有雲上進行資產查詢。 In step S24, asset query is performed on the public cloud according to the user's public cloud account and asset query policy.

於一實施例中,包括步驟S231和S241,於多雲資產管理資料庫查詢資產查詢策略中是否存在ResourceGroup&Tag資產的類型,若是,取得ResourceGroup&Tag資產資訊,接著返回步驟S23;若否,進至步驟S232。於又一實施例中,包括步驟S232和S242,於多雲資產管理資料庫查詢資產查詢策略中是否存在Config資產的類型,若是,取得Config資產資訊,接著返回步驟S23;若否,進至步驟S232。於再一實施例中,包括步驟S233和S243,於多雲資產管理資料庫查詢資產查詢策略中是否存在SDK資產的類型,若是,取得SDK資產資訊,接著返回步驟S23;若否,進至步驟S234。於另一實施例中,包括步驟S234和S244,於多雲資產管理資料庫查詢資產查詢策略中是否存在ResourceGraph資產的類型,若是,取得ResourceGraph資產資訊;若否,進至步驟S25。須說明的是,步驟S231、S232、S233、S234並無順序上的限制,僅需每個類型的資產皆判斷過即可。 In one embodiment, including steps S231 and S241, the multi-cloud asset management database is queried to see if there is a ResourceGroup&Tag asset type in the asset query policy. If so, the ResourceGroup&Tag asset information is obtained, and then returns to step S23; if not, proceeds to step S232. In another embodiment, steps S232 and S242 are included to query whether the type of Config asset exists in the asset query policy in the multi-cloud asset management database. If so, obtain the Config asset information, and then return to step S23; if not, proceed to step S232. . In yet another embodiment, steps S233 and S243 are included to query whether the asset query policy contains the type of SDK asset in the multi-cloud asset management database. If so, obtain the SDK asset information and then return to step S23; if not, proceed to step S234. . In another embodiment, steps S234 and S244 are included to query whether the resource graph asset type exists in the asset query policy in the multi-cloud asset management database. If so, obtain the ResourceGraph asset information; if not, proceed to step S25. It should be noted that there is no order restriction on steps S231, S232, S233, and S234, as long as each type of asset has been judged.

於步驟S25中,彙整以儲存資產查詢結果,也就是將步驟S24中所查詢到的資產查詢皆果彙整,以儲存或更新至多雲資產管理資料庫中。 In step S25, the asset query results are collected and stored, that is, the asset query results queried in step S24 are collected and stored or updated in the multi-cloud asset management database.

於步驟S26中,是否查詢組態資訊,若是,進至步驟S27,若否,則完成此次查詢。 In step S26, whether to query configuration information, if yes, proceed to step S27, if not, complete the query.

於步驟S27中,查詢組態資訊,之後,完成此次查詢。 In step S27, the configuration information is queried, and then the query is completed.

簡言之,在圖2所示之用於多個公有雲之資產與組態管理方法200之實施例中,首先關於步驟S21的資產查詢請求,可由多雲資產查詢工作排程啟動或多雲資產更新事件驅動進行觸發,觸發後,接續於步驟S22中取得之使用者的公有雲帳號並取得資產查詢策略,經步驟S231的判斷,查詢的資產是否為ResourceGroup&Tag型資產,則進行取得ResourceGroup&Tag資產的步驟S232,若非為ResourceGroup&Tag型資產,則前往以下判斷式,同理完成步驟S232及步驟S242、步驟S233及步驟S243、步驟S234與步驟S244之判斷與查詢,則將上述資產查詢結果經彙整,於步驟S25進行儲存,接著,於步驟S26判斷是否需即時查詢組態資訊,若為否,則流程結束,若是,則繼續進行進一步之步驟S27組態查詢,其中可透過步驟大數據組態資訊處理完成查詢提升組態查詢效率,藉以完成查詢。 In short, in the embodiment of the asset and configuration management method 200 for multiple public clouds shown in FIG. 2 , first of all, the asset query request in step S21 can be initiated by a multi-cloud asset query work schedule or a multi-cloud asset update. Event-driven triggering. After triggering, the user's public cloud account obtained in step S22 is connected and the asset query strategy is obtained. After judging in step S231, whether the queried asset is a ResourceGroup&Tag type asset, then proceed to step S232 of obtaining the ResourceGroup&Tag asset. , if it is not a ResourceGroup&Tag type asset, go to the following judgment formula, and similarly complete the judgment and query of steps S232 and S242, step S233 and step S243, step S234 and step S244, then the above asset query results are compiled and processed in step S25 Store, and then determine whether real-time query of configuration information is required in step S26. If not, the process ends. If yes, proceed to further step S27 configuration query, in which the query can be completed through step big data configuration information processing. Improve the efficiency of configuration query to complete the query.

須說明的是,本案之方法可執行在例如伺服器、電腦或其他具有資料處理、運算、儲存、網路通聯等功能的一個單獨或多個集合之設備中,其中,該伺服器、電腦或設備包括中央處理器、硬碟、記憶體等。 It should be noted that the method in this case can be executed on, for example, a server, computer, or other equipment with data processing, computing, storage, network communication, etc. functions as a single or multiple collections, where the server, computer, or Equipment includes central processing unit, hard drive, memory, etc.

在一實施例中,所述模組、單元均可為軟體、硬體或韌體;若為硬體,則可為具有資料處理與運算能力之處理單元、處理器、電腦或伺 服器;若為軟體或韌體,則可包括處理單元、處理器、電腦或伺服器可執行之指令,且可安裝於同一硬體裝置或分布於不同的複數硬體裝置。 In one embodiment, the modules and units can be software, hardware or firmware; if they are hardware, they can be a processing unit, processor, computer or server with data processing and computing capabilities. Server; if it is software or firmware, it may include instructions executable by a processing unit, processor, computer or server, and may be installed on the same hardware device or distributed across multiple different hardware devices.

另外,本案之電腦程式產品係經由電腦載入程式後執行該方法。另外,電腦程式(產品)除可儲存於記錄媒體外,亦可在網路上直接傳輸提供,電腦程式(產品)係為載有電腦可讀取之程式且不限外在形式之物。所述電腦包括但不限於具有處理器之電子裝置,例如手機或平板等。 In addition, the computer program product in this case executes the method after loading the program on the computer. In addition, in addition to being stored in recording media, computer programs (products) can also be directly transmitted and provided over the Internet. Computer programs (products) are things that contain computer-readable programs and are not limited to external forms. The computer includes but is not limited to an electronic device with a processor, such as a mobile phone or a tablet.

此外,本案還提供一種電腦可讀取記錄媒體,係應用於具有處理器及/或記憶體之計算設備或電腦中,且電腦可讀取記錄媒體儲存有指令,並可利用計算設備或電腦透過處理器及/或記憶體執行電腦可讀取記錄媒體,以於執行電腦可讀取記錄媒體時執行上述方法及/或內容。所述電腦可讀取紀錄媒體(例如硬碟、軟碟、光碟、USB隨身碟)係儲存有該電腦程式(產品)。 In addition, this case also provides a computer-readable recording medium, which is used in a computing device or computer with a processor and/or memory. The computer-readable recording medium stores instructions and can be used by the computing device or computer. The processor and/or memory executes the computer-readable recording medium to execute the above method and/or content when executing the computer-readable recording medium. The computer-readable recording medium (such as a hard disk, a floppy disk, an optical disk, a USB flash drive) stores the computer program (product).

請參閱圖3,其示意性說明本案之用於多個公有雲之資產與組態管理系統中多雲資產管理資料表的結構關係。 Please refer to Figure 3, which schematically illustrates the structural relationship between the assets used in multiple public clouds and the multi-cloud asset management data table in the configuration management system in this case.

多雲資產管理資料庫15儲存有各種資料表、清單或紀錄表,其資料結構關係如圖3所示,使用者多雲帳號資料表35記載使用者的多個公有雲已授權帳號及帳號隸屬之公有雲平台種類,透過記載之公有雲平台種類可關連至一筆公有雲平台種類資料表34之紀錄,公有雲平台種類資料表34中之一筆紀錄可關連至複數組公有雲區域清單資料表31、且關連至複數組公有雲資產查詢策略資料表32、並關連至複數組公有雲服務或資源類型資料表33。 The multi-cloud asset management database 15 stores various data tables, lists or record tables. The data structure relationship is shown in Figure 3. The user multi-cloud account data table 35 records the user's multiple public cloud authorized accounts and the public cloud to which the account belongs. The cloud platform type can be related to a record of the public cloud platform type data table 34 through the recorded public cloud platform type, and one record in the public cloud platform type data table 34 can be related to multiple sets of public cloud region list data tables 31, and It is related to a plurality of sets of public cloud asset query strategy data tables 32 and is related to a plurality of sets of public cloud service or resource type data tables 33.

另外,公有雲區域清單資料表31、公有雲資產查詢策略資料表32、公有雲服務或資源類型資料表33分別記錄公有雲具有之屬性,以提供資產查詢流程時必要之參數。使用者多雲帳號資料表35亦可關連至複數筆多雲帳號資產 排程啟動與事件驅動管理紀錄表36之紀錄,其分別記錄使用者多雲帳號之排程啟動或事件驅動資產查詢紀錄與時間戳記,爾後將查詢結果存放至資產查詢結果之服務或資源識別碼資料表37,資產查詢結果之服務或資源識別碼資料表37中記載之資產查詢結果資訊亦關連至多雲帳號資產排程啟動與事件驅動管理紀錄表36對應之紀錄,以提供使用者可透過時間戳記查詢最新之資產資料。 In addition, the public cloud region list data table 31, the public cloud asset query strategy data table 32, and the public cloud service or resource type data table 33 respectively record the attributes of the public cloud to provide necessary parameters for the asset query process. The user multi-cloud account data table 35 can also be related to multiple multi-cloud account assets. Records in the schedule startup and event-driven management record table 36, which respectively record the schedule startup or event-driven asset query records and timestamps of the user's multi-cloud account, and then store the query results in the service or resource identification code data of the asset query results. Table 37, Service or Resource Identification Code Data of Asset Query Result The asset query result information recorded in Table 37 is also related to the record corresponding to the multi-cloud account asset schedule activation and event-driven management record table 36 to provide users with time stamps Check the latest asset information.

須說明的是,圖3中各方塊連線上的「1」和「n」分別表示「一」和「多」,例如使用者多雲帳號資料表35與公有雲平台種類資料表34為多對一的關係,而公有雲平台種類資料表34與公有雲資產查詢策略資料表32為一對多的關係,其餘以此類推。在一實施例中,該資產查詢結果之服務或資源識別碼資料表37與該多雲帳號資產排程啟動與事件驅動管理紀錄表36為多對多的關係,該多雲帳號資產排程啟動與事件驅動管理紀錄表36與該使用者多雲帳號資料表35為多對一的關係,該公有雲平台種類資料表34與該公有雲區域清單資料表31為一對多的關係,該公有雲平台種類資料表34與該公有雲服務或資源類型資料表33為一對多的關係。 It should be noted that "1" and "n" on the connection lines between the blocks in Figure 3 represent "one" and "many" respectively. For example, the user multi-cloud account data table 35 and the public cloud platform type data table 34 are many pairs. There is a one-to-one relationship, and the public cloud platform type data table 34 and the public cloud asset query strategy data table 32 are a one-to-many relationship, and so on. In one embodiment, the service or resource identification code data table 37 of the asset query result and the multi-cloud account asset schedule activation and event-driven management record table 36 have a many-to-many relationship. The multi-cloud account asset schedule activation and event The driver management record table 36 has a many-to-one relationship with the user multi-cloud account data table 35. The public cloud platform type data table 34 has a one-to-many relationship with the public cloud region list data table 31. The public cloud platform type The data table 34 has a one-to-many relationship with the public cloud service or resource type data table 33 .

請參閱圖4,其示意性說明本案之用於多個公有雲之資產與組態管理系統及方法的實施例之流程示意圖。圖4所示之流程400可包括步驟S401~S416。 Please refer to Figure 4, which schematically illustrates a flow chart of an embodiment of the asset and configuration management system and method for multiple public clouds in this case. The process 400 shown in Figure 4 may include steps S401 to S416.

於資產查詢階段,資產查詢請求可由工作排程所啟動或由更新事件所驅動,即,工作排程與事件管理單元12可產生由工作排程所啟動之資產查詢請求,如步驟S401所示;或者,外部公有雲事件收集單元11可接收更新事件,如步驟S402所示,再觸發工作排程與事件管理單元12產生由更新事件所驅動之資產查詢請求,如步驟S403所示。爾後,多雲資產管理核心單元13至多 雲資產管理資料庫15取得使用者的公有雲帳號及決定資產查詢策略,如步驟S404和S405所示。若決定之資產查詢策略為Config型資產,則委派Config資產管理單元141負責後續資產查詢,如步驟S406所示,而其餘ResourceGroup&Tag資產管理單元142、SDK查詢資產管理單元143、Resource Graph資產管理單元144與Config資產管理單元141於運作流程同理,因此由Config資產管理單元141為例說明。Config資產管理單元141呼叫外部公有雲介面單元18以取得Config型資產外部介面所需查詢結果,以回傳至多雲資產管理核心單元13,如步驟S407、S408和S409所示。多雲資產管理核心單元13則將資產結果進行彙整後,儲存至多雲資產管理資料庫15,如步驟S410所示。接著,多雲資產管理核心單元13將多雲資產管理資料庫15中彙整好的使用者的公有雲帳號之資產資訊提供至使用者終端裝置10,如步驟S411和S412所示。 In the asset query stage, the asset query request may be initiated by the work schedule or driven by the update event. That is, the work schedule and event management unit 12 may generate an asset query request initiated by the work schedule, as shown in step S401; Alternatively, the external public cloud event collection unit 11 may receive the update event, as shown in step S402, and then trigger the work scheduling and event management unit 12 to generate an asset query request driven by the update event, as shown in step S403. Thereafter, multi-cloud asset management core unit 13 at least The cloud asset management database 15 obtains the user's public cloud account and determines the asset query strategy, as shown in steps S404 and S405. If the determined asset query strategy is a Config-type asset, the Config asset management unit 141 is assigned to be responsible for subsequent asset query, as shown in step S406, and the remaining ResourceGroup&Tag asset management unit 142, SDK query asset management unit 143, and Resource Graph asset management unit 144 The operation process of the Config asset management unit 141 is the same, so the Config asset management unit 141 is used as an example for illustration. The Config asset management unit 141 calls the external public cloud interface unit 18 to obtain the query results required by the Config asset external interface and transmit them back to the multi-cloud asset management core unit 13, as shown in steps S407, S408 and S409. The multi-cloud asset management core unit 13 summarizes the asset results and stores them in the multi-cloud asset management database 15, as shown in step S410. Next, the multi-cloud asset management core unit 13 provides the asset information of the user's public cloud account compiled in the multi-cloud asset management database 15 to the user terminal device 10, as shown in steps S411 and S412.

於組態查詢階段,使用者終端裝置10可根據資產資訊,其中服務或資源合稱為資產,發出進一步取得指定的服務或資源之組態查詢請求,如步驟S413所示。多雲組態管理核心單元16負責接收組態查詢請求,進而呼叫外部公有雲介面單元18取得組態查詢結果並將結果處理後,回傳該指定的服務或資源之組態資訊至使用者終端裝置10,如步驟S414、S415和S416所示。 In the configuration query stage, the user terminal device 10 can issue a configuration query request to further obtain specified services or resources based on the asset information, in which services or resources are collectively referred to as assets, as shown in step S413. The multi-cloud configuration management core unit 16 is responsible for receiving the configuration query request, and then calling the external public cloud interface unit 18 to obtain the configuration query result, processing the result, and returning the configuration information of the specified service or resource to the user terminal device. 10, as shown in steps S414, S415 and S416.

請參閱圖5,其示意性說明本案之用於多個公有雲之資產與組態管理系統及方法的實施例中排程啟動之流程。圖5所示之流程500可包括步驟S501~S523,此流程圖闡述使用者A欲取得其具有之公有雲授權帳號X資產資訊之排程啟動查詢流程。 Please refer to Figure 5, which schematically illustrates the process of scheduled startup in the embodiment of the asset and configuration management system and method for multiple public clouds in this case. The process 500 shown in FIG. 5 may include steps S501 to S523. This flow chart illustrates the scheduled query process for user A to obtain X asset information of the public cloud authorized account he owns.

於步驟S501中,工作排程與事件管理單元12,以每複數個小時(如:4小時)排程為頻率啟動資產查詢。 In step S501, the work schedule and event management unit 12 starts asset query with a schedule frequency of every plurality of hours (eg, 4 hours).

於步驟S502和503中,多雲資產管理核心單元13接收資產查詢請求後,取得使用者終端裝置10A之目標查詢之公有雲帳號X,根據公有帳號之公有雲特性取得資產查詢策略,例如Config型、ResourceGroup&Tag型、SDK型和ResourceGraph型四種。 In steps S502 and 503, after receiving the asset query request, the multi-cloud asset management core unit 13 obtains the public cloud account X of the target query of the user terminal device 10A, and obtains the asset query policy according to the public cloud characteristics of the public account, such as Config type, There are four types: ResourceGroup&Tag type, SDK type and ResourceGraph type.

於步驟S504、S505、S506和S507中,多雲資產管理核心單元13指派Config資產管理單元141進行查詢,進而透過外部公有雲介面單元18取得Config型資產資訊。 In steps S504, S505, S506 and S507, the multi-cloud asset management core unit 13 assigns the Config asset management unit 141 to query, and then obtains the Config asset information through the external public cloud interface unit 18.

於步驟S508、S509、S510和S511中,多雲資產管理核心單元13指派ResourceGroup&Tag資產管理單元142進行查詢,進而透過外部公有雲介面單元18取得ResourceGroup&Tag型資產資訊。 In steps S508, S509, S510 and S511, the multi-cloud asset management core unit 13 assigns the ResourceGroup&Tag asset management unit 142 to query, and then obtains the ResourceGroup&Tag type asset information through the external public cloud interface unit 18.

於步驟S512和S513中,多雲資產管理核心單元13指派SDK查詢資產管理單元143進行查詢,SDK查詢直接可取得SDK型資產資訊。 In steps S512 and S513, the multi-cloud asset management core unit 13 assigns the SDK query asset management unit 143 to perform query, and the SDK query can directly obtain SDK-type asset information.

於步驟S514、S515、S516和S517中,多雲資產管理核心單元13指派Resource Graph資產管理單元144進行查詢,進而透過外部公有雲介面單元11418取得Resource Graph型資產資訊。 In steps S514, S515, S516 and S517, the multi-cloud asset management core unit 13 assigns the Resource Graph asset management unit 144 to query, and then obtains the Resource Graph type asset information through the external public cloud interface unit 11418.

於步驟S518和S519中,多雲資產管理核心單元13彙整上述四種類型資產資訊,並將彙整好的資產資訊儲存至多雲資產管理資料庫15。 In steps S518 and S519, the multi-cloud asset management core unit 13 aggregates the above four types of asset information and stores the aggregated asset information in the multi-cloud asset management database 15.

於步驟S520、S521、S522和S523中,使用者終端裝置10A即可查回公有雲帳號X之資產資訊。 In steps S520, S521, S522 and S523, the user terminal device 10A can retrieve the asset information of the public cloud account X.

請參閱圖6,其示意性說明本案之用於多個公有雲之資產與組態管理系統及方法的實施例中事件驅動之流程。圖6所示之流程600可包括步驟 S601~S612,此流程圖闡述使用者B欲取得其具有之公有雲授權帳號Y資產資訊之事件驅動查詢流程。 Please refer to Figure 6, which schematically illustrates the event-driven process in the embodiment of the asset and configuration management system and method for multiple public clouds in this case. The process 600 shown in Figure 6 may include the steps S601~S612, this flow chart describes the event-driven query process for user B to obtain the asset information of the public cloud authorized account Y that he owns.

於步驟S601中,外部公有雲事件收集單元11接收到公有雲(例如Azure)上使用者B之帳號Y之活動記錄(例如Azure Activity logs)之資源變更事件。 In step S601, the external public cloud event collection unit 11 receives resource change events of activity records (eg, Azure Activity logs) of user B's account Y on the public cloud (eg, Azure).

於步驟S602中,外部公有雲事件收集單元11觸發多雲資產管理核心單元13。 In step S602, the external public cloud event collection unit 11 triggers the multi-cloud asset management core unit 13.

於步驟S603,多雲資產管理核心單元13根據事件確定資產查詢策略為Resource Graph型。 In step S603, the multi-cloud asset management core unit 13 determines that the asset query strategy is Resource Graph type according to the event.

於步驟S604中,多雲資產管理核心單元13指派Resource Graph資產管理單元144查詢Resource Graph型之帳號Y資產資訊。 In step S604, the multi-cloud asset management core unit 13 assigns the Resource Graph asset management unit 144 to query the Account Y asset information of the Resource Graph type.

於步驟S605、S606、S607中,Resource Graph資產管理單元144透過外部公有雲介面單元18,呼叫Resource Graph型資產所需之外部公有雲介面,取得Resource Graph型資產結果。 In steps S605, S606, and S607, the Resource Graph asset management unit 144 calls the external public cloud interface required by the Resource Graph type asset through the external public cloud interface unit 18 to obtain the Resource Graph type asset result.

於步驟S608中,多雲資產管理核心單元13由多雲資產管理資料庫15取得帳號Y既有資產資訊,並根據上步驟資產結果更新至多雲資產管理資料庫15。 In step S608, the multi-cloud asset management core unit 13 obtains the existing asset information of account Y from the multi-cloud asset management database 15, and updates it to the multi-cloud asset management database 15 based on the asset result in the previous step.

於步驟S609、S610、S611和S622中,使用者終端裝置10B即可查回公有雲帳號Y之資產資訊。 In steps S609, S610, S611 and S622, the user terminal device 10B can retrieve the asset information of the public cloud account Y.

請參閱圖7,其示意性說明本案之用於多個公有雲之資產與組態管理系統及方法的實施例中組態查詢之流程。圖7所示之流程700可包括步驟 S701~S711,此流程圖闡述使用者C欲取得指定資源或服務組態資訊之查詢流程。 Please refer to Figure 7, which schematically illustrates the configuration query process in the embodiment of the asset and configuration management system and method for multiple public clouds in this case. The process 700 shown in Figure 7 may include the steps S701~S711, this flow chart describes the query process for user C to obtain specified resource or service configuration information.

於步驟S701、S702、S703和S704中,使用者終端裝置10C透過多雲資產管理核心單元13查詢多雲資產管理資料庫14取得特定資源或服務類型之資產資訊。 In steps S701, S702, S703 and S704, the user terminal device 10C queries the multi-cloud asset management database 14 through the multi-cloud asset management core unit 13 to obtain asset information of a specific resource or service type.

於步驟S705中,使用者終端裝置10C由資產資訊以確認欲取得組態資訊之指定資源或服務所屬識別碼I。 In step S705, the user terminal device 10C uses the asset information to confirm the identification code I belonging to the designated resource or service for which the configuration information is to be obtained.

於步驟S706中,使用者終端裝置10C依據識別碼I指定資源或服務查詢組態資訊,透過多雲組態管理核心單元16進行查詢。 In step S706, the user terminal device 10C queries the configuration information according to the resource or service specified by the identification code I, and performs the query through the multi-cloud configuration management core unit 16.

於步驟S707中,多雲組態管理核心單元16呼叫外部公有雲介面單元18所需之組態查詢介面。 In step S707, the multi-cloud configuration management core unit 16 calls the configuration query interface required by the external public cloud interface unit 18.

於步驟S708中,外部公有雲介面單元18將批次查回之數據傳送至組態大數據處理單元17。 In step S708, the external public cloud interface unit 18 transmits the batch retrieved data to the configuration big data processing unit 17.

於步驟S709中,組態大數據處理單元17逐批次將回傳數據組合回完整組態資訊 In step S709, the configuration big data processing unit 17 combines the returned data into complete configuration information batch by batch.

於步驟S710和S711中,回傳給使用者終端裝置10C其所指定的資源或服務屬識別碼I之組態查詢結果,即組態資訊。 In steps S710 and S711, the configuration query result of the specified resource or service identification code I is returned to the user terminal device 10C, that is, the configuration information.

在一實施例中,針對某個服務或資源的詳細資料,公有雲上的資料,例如虛擬機,在AWS上稱作instance,每個instance有各自的識別碼並且專屬配置有各自對應的組態資訊,包括虛擬機所屬區域、所屬網路子網段、連外網路介面與IP、運算規格、儲存裝置規格、安全性設定資訊、來源映像檔與當前運行狀態等綜合資訊之組態資訊。 In one embodiment, for detailed information about a certain service or resource, data on the public cloud, such as a virtual machine, is called an instance on AWS. Each instance has its own identification code and is exclusively configured with its own corresponding configuration information. , including the configuration information of the virtual machine's region, network subnet segment, external network interface and IP, computing specifications, storage device specifications, security setting information, source image file and current running status and other comprehensive information.

綜上所述,本案所揭之用於多個公有雲之資產與組態管理系統、資產與組態管理方法及其電腦程式產品係於多雲資產與組態管理服務範圍中,提供使用者多雲資產資訊查詢功能,首先取得使用者已授權之複數種公有雲上之不同帳號,其帳號不限於帳號或訂閱或專案等形式,取得使用者已授權公有雲之不同帳號後,使多雲資產管理服務子系統將具備足夠權限查詢公有雲帳號中使用者服務或資源資訊,接著依序使用者所屬之複數種公有雲帳號進行不同區域之服務或資源數量查詢與統計,以提供使用者查詢所屬之複數種公有雲帳號之不同區域與各種服務或資源之累計資訊,以提供多雲資產資訊查詢功能。於資產查詢時,依據公有雲特性選定最適合之資產查詢策略,資產查詢策略包括:Config資產查詢策略、ResourceGroup&Tag資產查詢策略、SDK資產查詢策略與ResourceGraph資產查詢策略,即分別委交Config資產管理單元、ResourceGroup&Tag資產管理單元、SDK資產管理單元與ResourceGraph資產管理單元個別執行公有雲使用者服務或資源數量查詢任務,針對個別查詢結果進行整合與統計並儲存記載,以支援複數種公有雲之資產查詢功能。 To sum up, the asset and configuration management system, asset and configuration management methods and computer program products for multiple public clouds disclosed in this case are within the scope of multi-cloud asset and configuration management services, providing users with multi-cloud The asset information query function first obtains multiple different accounts on the public cloud that the user has authorized. The accounts are not limited to accounts, subscriptions, projects, etc. After obtaining the different accounts on the public cloud that the user has authorized, the multi-cloud asset management service can The system will have sufficient permissions to query the user's service or resource information in the public cloud account, and then conduct query and statistics on the number of services or resources in different regions according to the plurality of public cloud accounts to which the user belongs, so as to provide the user with the ability to query the plurality of public cloud accounts to which the user belongs. Accumulated information of different regions and various services or resources of public cloud accounts to provide multi-cloud asset information query function. When querying assets, select the most suitable asset query strategy based on the characteristics of the public cloud. The asset query strategies include: Config asset query strategy, ResourceGroup&Tag asset query strategy, SDK asset query strategy and ResourceGraph asset query strategy, which are respectively entrusted to the Config asset management unit. , ResourceGroup&Tag asset management unit, SDK asset management unit and ResourceGraph asset management unit individually execute public cloud user service or resource quantity query tasks, integrate and collect statistics on individual query results, and store records to support multiple public cloud asset query functions. .

另外,為確保多雲資產查詢結果為最新資訊,工作排程與事件管理單元以排程輪詢與事件驅動兩種模式進行更新,將根據資產查詢策略之最適合模式擇取一種模式進行,若為排程輪詢模式時,由工作排程與事件管理單元主動觸發,以排程以週期方式進行資產查詢結果更新,若資產查詢策略支援事件驅動之更新模式時,被動接收由外部事件收集中心單元傳送之資產更新事件,以驅動多雲資產管理核心單元進行資產查詢結果更新,更新之查詢結果將進行彙整與統計後進行儲存記載,以提供最新之多雲資產管理查詢功能。因此,多雲資產管理資料庫紀錄並提供存取多雲資產與組態管理所需之設定與資產查詢結果, 多雲資產管理資料庫存放並管理使用者授權公有雲帳號、公有雲資產查詢策略、公有雲區域清單、公有雲服務或資源類型清單與資產查詢結果之服務或資源識別碼,並將其進行關聯,以提供多雲資產管理子系統與組態管理子系統調用查詢。 In addition, in order to ensure that the multi-cloud asset query results are the latest information, the work schedule and event management unit are updated in two modes: scheduled polling and event-driven. One mode will be selected based on the most suitable mode of the asset query strategy. If In the scheduled polling mode, the work schedule and event management unit actively triggers the asset query results to be updated periodically in a scheduled manner. If the asset query strategy supports the event-driven update mode, it is passively received by the external event collection center unit. The transmitted asset update event drives the multi-cloud asset management core unit to update the asset query results. The updated query results will be summarized and counted before being stored and recorded to provide the latest multi-cloud asset management query function. Therefore, the multi-cloud asset management database records and provides the settings and asset query results required for accessing multi-cloud assets and configuration management. The multi-cloud asset management database stores and manages user authorized public cloud accounts, public cloud asset query policies, public cloud region lists, public cloud service or resource type lists, and service or resource identification codes of asset query results, and associates them. To provide multi-cloud asset management subsystem and configuration management subsystem call query.

再者,本案所揭之用於多個公有雲之資產與組態管理系統、資產與組態管理方法及其電腦程式產品亦提供使用者多雲組態資訊查詢功能,使用者藉由上述資產查詢結果,可以進一步依據服務或資源類型,指定一組特定之服務或資源進行組態資訊查詢,多雲組態管理子系統將執行即時組態資訊查詢任務,若查詢結果之組態資訊含量大時,為有效提供即時方式查詢,將藉由大數據處理單元將組態將查詢結果轉成大數據串流,依據分割成較小串流單元後方才組合回完整數據,再行進行彙整成有效組態資訊,以提供即時之多雲組態管理查詢功能。 Furthermore, the asset and configuration management system, asset and configuration management method and computer program product for multiple public clouds disclosed in this case also provide users with multi-cloud configuration information query functions. Users can query through the above assets As a result, a specific group of services or resources can be further specified for configuration information query based on the service or resource type. The multi-cloud configuration management subsystem will perform real-time configuration information query tasks. If the query result contains a large amount of configuration information, In order to effectively provide real-time query, the big data processing unit will be used to convert the configuration into a big data stream, which will be divided into smaller streaming units before being combined back to the complete data, and then consolidated into an effective configuration. information to provide real-time multi-cloud configuration management query capabilities.

100:資產與組態管理系統 100:Asset and configuration management system

1:多雲資產管理子系統 1: Multi-cloud asset management subsystem

2:多雲組態管理子系統 2: Multi-cloud configuration management subsystem

11:外部公有雲事件收集單元 11: External public cloud event collection unit

12:工作排程與事件管理單元 12: Work scheduling and event management unit

13:多雲資產管理核心單元 13: Multi-cloud asset management core unit

14:資產查詢策略單元 14: Asset query strategy unit

15:多雲資產管理資料庫 15:Multi-cloud asset management database

16:多雲組態管理核心單元 16: Multi-cloud configuration management core unit

17:組態大數據處理單元 17:Configuring big data processing unit

18:外部公有雲介面單元 18:External public cloud interface unit

Claims (9)

一種用於多個公有雲之資產與組態管理系統,係包括:多雲資產管理資料庫;多雲資產管理核心單元,用於根據一資產查詢請求,取得使用者的公有雲帳號及資產查詢策略;資產查詢策略單元,係根據該多雲資產管理核心單元所取得之該公有雲帳號及該資產查詢策略,在公有雲上進行資產查詢,以將所查詢到之資產查詢結果傳送至該多雲資產管理核心單元彙整為資產資訊而儲存至該多雲資產管理資料庫,其中,該資產查詢策略單元包括:設定檔(Config)資產管理單元,其用於呼叫該設定檔資產所對應之外部公有雲介面,以查詢設定檔型資產資訊;資源群組與標籤(Resource Group & Tag)資產管理單元,其用於呼叫該資源群組與標籤資產所對應之外部公有雲介面,以查詢資源群組與標籤型資產資訊;軟體開發工具套件(software development kit,SDK)資產管理單元,其用於在該公有雲查詢SDK型資產資訊;以及資源圖譜(Resource Graph)資產管理單元,其用於呼叫該資源圖譜產所對應之外部公有雲介面,以查詢資源圖譜型資產資訊;以及多雲組態管理核心單元,係響應於針對該資產資訊中給定資產之一組態查詢請求,根據該組態查詢請求在該公有雲上進行組態查詢,以將所查詢到之組態查詢結果彙整為組態資訊而回傳該組態資訊。 An asset and configuration management system for multiple public clouds, including: a multi-cloud asset management database; a multi-cloud asset management core unit used to obtain the user's public cloud account and asset query strategy according to an asset query request; The asset query strategy unit performs asset query on the public cloud based on the public cloud account and the asset query strategy obtained by the multi-cloud asset management core unit, and transmits the queried asset query results to the multi-cloud asset management core unit. The asset information is collected and stored in the multi-cloud asset management database. The asset query strategy unit includes: a configuration file (Config) asset management unit, which is used to call the external public cloud interface corresponding to the configuration file asset to query. Profile asset information; Resource Group & Tag asset management unit, which is used to call the external public cloud interface corresponding to the resource group and tag assets to query resource group and tag asset information ; a software development kit (SDK) asset management unit, which is used to query SDK-type asset information in the public cloud; and a resource graph (Resource Graph) asset management unit, which is used to call the corresponding resource graph product The external public cloud interface is used to query resource map-type asset information; and the multi-cloud configuration management core unit responds to a configuration query request for a given asset in the asset information, and performs a configuration query on the public cloud according to the configuration query request. Perform configuration query to compile the configuration query results into configuration information and return the configuration information. 如請求項1所述之資產與組態管理系統,更包括:外部公有雲事件接收單元,係用於接收更新事件;以及 工作排程與事件管理單元,係產生由工作排程所啟動之該資產查詢請求和由更新事件所驅動之該資產查詢請求,其中,該多雲資產管理核心單元根據由該工作排程所啟動之該資產查詢請求,至該多雲資產管理資料庫中取得該公有雲帳號及該資產查詢策略,或者其中,該多雲資產管理核心單元根據由該更新事件所驅動之該資產查詢請求,自該更新事件的活動紀錄中取得該公有雲帳號及該資產查詢策略,其中,該工作排程與事件管理單元、該多雲資產管理核心單元、及該資產查詢策略單元係構成多雲資產管理子系統,且該多雲資產管理子系統係以叢集化容器技術部屬於電子裝置中。 The asset and configuration management system as described in request item 1 further includes: an external public cloud event receiving unit for receiving update events; and The work schedule and event management unit generates the asset query request initiated by the work schedule and the asset query request driven by the update event, wherein the multi-cloud asset management core unit generates the asset query request initiated by the work schedule. The asset query request is to obtain the public cloud account and the asset query policy from the multi-cloud asset management database, or the multi-cloud asset management core unit obtains the asset query request from the update event based on the asset query request driven by the update event. The public cloud account and the asset query strategy are obtained from the activity records of The asset management subsystem is based on clustered container technology and is part of the electronic device. 如請求項1所述之資產與組態管理系統,更包括:外部公有雲介面單元,用於介接多個公有雲;以及組態大數據處理單元,於該多雲組態管理核心單元藉由該外部公有雲介面單元在該公有雲所查詢到的組態查詢結果為批次時,該組態大數據處理單元將批次之組態查詢結果組合為完整的組態資訊,其中,該多雲組態管理核心單元及該組態大數據處理單元係構成多雲組態管理子系統,且該多雲組態管理子系統係以叢集化容器技術部屬於電子裝置中。 The asset and configuration management system as described in claim 1 further includes: an external public cloud interface unit for interfacing with multiple public clouds; and a configuration big data processing unit, in which the multi-cloud configuration management core unit uses When the configuration query results queried by the external public cloud interface unit in the public cloud are batches, the configuration big data processing unit combines the configuration query results of the batches into complete configuration information, wherein the multi-cloud The configuration management core unit and the configuration big data processing unit constitute a multi-cloud configuration management subsystem, and the multi-cloud configuration management subsystem is part of the electronic device using clustered container technology. 如請求項1所述之資產與組態管理系統,其中,該多雲資產管理資料庫係儲存公有雲區域清單資料表、公有雲資產查詢策略資料表、公有雲服務或資源類型資料表、公有雲平台種類資料表、使用者多雲帳號資料表、多雲帳號資產排程啟動與事件驅動管理紀錄表、及/或資產查詢結果之服務或資源識別碼資料表,且其中,該資產查詢結果之服務或資源識別碼資料表與該多雲帳號資產排程啟動與事件驅動管理紀錄表為多對多的關係,該多雲帳號資產排程啟動 與事件驅動管理紀錄表與該使用者多雲帳號資料表為多對一的關係,該使用者多雲帳號資料表與該公有雲平台種類資料表為多對一的關係,而該公有雲平台種類資料表與該公有雲資產查詢策略資料表為一對多的關係,該公有雲平台種類資料表與該公有雲區域清單資料表為一對多的關係,該公有雲平台種類資料表與該公有雲服務或資源類型資料表為一對多的關係。 The asset and configuration management system as described in request item 1, wherein the multi-cloud asset management database stores a public cloud region list data table, a public cloud asset query strategy data table, a public cloud service or resource type data table, a public cloud Platform type data table, user multi-cloud account data table, multi-cloud account asset schedule activation and event-driven management record table, and/or service or resource identification code data table of asset query results, and among them, the service or resource identification code data table of the asset query results The resource identification code data table has a many-to-many relationship with the multi-cloud account asset schedule activation and event-driven management record table. The multi-cloud account asset schedule activation The event-driven management record table has a many-to-one relationship with the user multi-cloud account data table, the user multi-cloud account data table has a many-to-one relationship with the public cloud platform type data table, and the public cloud platform type data The table has a one-to-many relationship with the public cloud asset query strategy data table. The public cloud platform type data table has a one-to-many relationship with the public cloud region list data table. The public cloud platform type data table has a one-to-many relationship with the public cloud region list data table. The service or resource type data table has a one-to-many relationship. 一種用於多個公有雲之資產與組態管理方法,係包括:根據一資產查詢請求,取得使用者的公有雲帳號及資產查詢策略;根據該公有雲帳號及該資產查詢策略,在公有雲上進行資產查詢,其中,所述根據該公有雲帳號及該資產查詢策略在公有雲上進行資產查詢之步驟係包括:於該資產查詢策略包括設定檔(Config)資產查詢策略時,呼叫該設定檔資產所對應之外部公有雲介面,以查詢設定檔型資產資訊;於該資產查詢策略包括資源群組與標籤(Resource Group & Tag)資產查詢策略時,呼叫該資源群組與標籤資產所對應之外部公有雲介面,以查詢資源群組與標籤型資產資訊;於該資產查詢策略包括軟體開發工具套件(software development kit,SDK)資產查詢策略時,在該公有雲查詢SDK型資產資訊;以及於該資產查詢策略包括資源圖譜(Resource Graph)資產查詢策略時,呼叫該資源圖譜產所對應之外部公有雲介面,以查詢資源圖譜型資產資訊;將所查詢到之資產查詢結果彙整為資產資訊而儲存在多雲資產管理資料庫; 響應於針對該資產資訊中給定資產之一組態查詢請求,根據該組態查詢請求在該公有雲上進行組態查詢;以及將所查詢到之組態查詢結果彙整為組態資訊,以回傳該給定資產之該組態資訊。 An asset and configuration management method for multiple public clouds, which includes: obtaining the user's public cloud account and asset query strategy based on an asset query request; and obtaining the user's public cloud account and asset query strategy on the public cloud based on the public cloud account and the asset query strategy. Perform asset query, wherein the step of performing asset query on the public cloud based on the public cloud account and the asset query strategy includes: when the asset query strategy includes a configuration file (Config) asset query strategy, call the profile asset The corresponding external public cloud interface is used to query profile asset information; when the asset query strategy includes the resource group and tag (Resource Group & Tag) asset query strategy, call the external server corresponding to the resource group and tag assets. A public cloud interface to query resource group and tag asset information; when the asset query strategy includes a software development kit (SDK) asset query strategy, query SDK asset information in the public cloud; and in the When the asset query strategy includes a resource graph (Resource Graph) asset query strategy, the external public cloud interface corresponding to the resource graph product is called to query the resource graph asset information; the queried asset query results are compiled into asset information and stored In a multi-cloud asset management repository; In response to a configuration query request for a given asset in the asset information, perform a configuration query on the public cloud according to the configuration query request; and compile the queried configuration query results into configuration information to return Pass the configuration information for the given asset. 如請求項5所述之資產與組態管理方法,其中,所述根據一資產查詢請求,取得使用者的公有雲帳號及資產查詢策略之步驟係包括:於該資產查詢請求係由工作排程所啟動時,根據由該工作排程所啟動之該資產查詢請求,至該多雲資產管理資料庫中取得該公有雲帳號及該資產查詢策略;以及於該資產查詢請求係由更新事件所驅動時,根據由該更新事件所驅動之該資產查詢請求,自該更新事件的活動紀錄中取得該公有雲帳號及該資產查詢策略。 The asset and configuration management method as described in claim 5, wherein the step of obtaining the user's public cloud account and asset query strategy according to an asset query request includes: when the asset query request is processed by a work schedule When activated, obtain the public cloud account and the asset query strategy from the multi-cloud asset management database according to the asset query request initiated by the work schedule; and when the asset query request is driven by an update event , according to the asset query request driven by the update event, obtain the public cloud account and the asset query policy from the activity record of the update event. 如請求項5所述之資產與組態管理方法,其中,所述將所查詢到之組態查詢結果彙整為組態資訊,以回傳該給定資產之該組態資訊之步驟係包括:於所查詢到的該組態查詢結果為批次時,將批次之組態查詢結果組合為完整的組態資訊再回傳。 The asset and configuration management method as described in request item 5, wherein the step of compiling the queried configuration query results into configuration information to return the configuration information of the given asset includes: When the configuration query result is a batch, the configuration query results of the batch are combined into complete configuration information and then returned. 如請求項5所述之資產與組態管理方法,其中,該多雲資產管理資料庫係儲存公有雲區域清單資料表、公有雲資產查詢策略資料表、公有雲服務或資源類型資料表、公有雲平台種類資料表、使用者多雲帳號資料表、多雲帳號資產排程啟動與事件驅動管理紀錄表、及/或資產查詢結果之服務或資源識別碼資料表,且其中,該資產查詢結果之服務或資源識別碼資料表與該多雲帳號資產排程啟動與事件驅動管理紀錄表為多對多的關係,該多雲帳號資產排程啟動 與事件驅動管理紀錄表與該使用者多雲帳號資料表為多對一的關係,該使用者多雲帳號資料表與該公有雲平台種類資料表為多對一的關係,而該公有雲平台種類資料表與該公有雲資產查詢策略資料表為一對多的關係,該公有雲平台種類資料表與該公有雲區域清單資料表為一對多的關係,該公有雲平台種類資料表與該公有雲服務或資源類型資料表為一對多的關係。 The asset and configuration management method as described in claim 5, wherein the multi-cloud asset management database stores a public cloud region list data table, a public cloud asset query strategy data table, a public cloud service or resource type data table, a public cloud Platform type data table, user multi-cloud account data table, multi-cloud account asset schedule activation and event-driven management record table, and/or asset query result service or resource identification code data table, and among them, the service or resource identification code data table of the asset query result The resource identification code data table has a many-to-many relationship with the multi-cloud account asset schedule activation and event-driven management record table. The multi-cloud account asset schedule activation The event-driven management record table has a many-to-one relationship with the user multi-cloud account data table, the user multi-cloud account data table has a many-to-one relationship with the public cloud platform type data table, and the public cloud platform type data The table has a one-to-many relationship with the public cloud asset query strategy data table. The public cloud platform type data table has a one-to-many relationship with the public cloud region list data table. The public cloud platform type data table has a one-to-many relationship with the public cloud region list data table. The service or resource type data table has a one-to-many relationship. 一種電腦程式產品,經電腦載入程式以執行如請求項5-8任一項所述之用於多個公有雲之資產與組態管理方法。 A computer program product that is loaded into a computer to execute the asset and configuration management method for multiple public clouds as described in any one of claims 5-8.
TW111148268A 2022-12-15 2022-12-15 Assets and configuration management system and method for multi-cloud and computer program product thereof TWI833501B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
TW111148268A TWI833501B (en) 2022-12-15 2022-12-15 Assets and configuration management system and method for multi-cloud and computer program product thereof

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
TW111148268A TWI833501B (en) 2022-12-15 2022-12-15 Assets and configuration management system and method for multi-cloud and computer program product thereof

Publications (1)

Publication Number Publication Date
TWI833501B true TWI833501B (en) 2024-02-21

Family

ID=90824969

Family Applications (1)

Application Number Title Priority Date Filing Date
TW111148268A TWI833501B (en) 2022-12-15 2022-12-15 Assets and configuration management system and method for multi-cloud and computer program product thereof

Country Status (1)

Country Link
TW (1) TWI833501B (en)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102427481A (en) * 2012-01-12 2012-04-25 易云捷讯科技(北京)有限公司 System for managing cloud computing service and cloud computing management method
CN111371669A (en) * 2015-05-12 2020-07-03 环球互连及数据中心公司 Programmable network platform for cloud-based service exchange

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102427481A (en) * 2012-01-12 2012-04-25 易云捷讯科技(北京)有限公司 System for managing cloud computing service and cloud computing management method
CN111371669A (en) * 2015-05-12 2020-07-03 环球互连及数据中心公司 Programmable network platform for cloud-based service exchange

Similar Documents

Publication Publication Date Title
JP5512215B2 (en) Job processing system and method, and program thereof
US20110271275A1 (en) Software distribution management method of computer system and computer system for software distribution management
CN105049268A (en) Distributed computing resource allocation system and task processing method
JP2019517748A (en) Agent allocation method, device, server and recording medium
JP5459222B2 (en) Configuration management system, proxy system, and configuration management method
US20070198554A1 (en) Apparatus for business service oriented management infrastructure
WO2005036385A1 (en) Dynamic resource management for distributed retrieval system for security
CN1784656A (en) Monitoring operational data in data processing systems
CN105700908A (en) Management system and control method for management system
CN102346737A (en) Sharing method and device for hardware equipment driving program
JP6603645B2 (en) Resource search apparatus and resource search method
CN110336863A (en) A kind of data reporting method and system
US10452879B2 (en) Memory structure for inventory management
WO2021036319A1 (en) Data cleaning method and system
CN108574718B (en) Cloud host creation method and device
JP2010122773A (en) Distributed processing system, method of allocating processing, and information processing apparatus
US11218419B1 (en) Execution request prioritization by context
CN116225655A (en) Task scheduling method, device and storage medium
WO2019028114A1 (en) Cloud-based discovery and inventory
TWI833501B (en) Assets and configuration management system and method for multi-cloud and computer program product thereof
JP6279816B2 (en) Storage monitoring system and monitoring method thereof
CN112506926A (en) Monitoring data storage and query method and corresponding device, equipment and medium
CN110543509A (en) Monitoring system, method and device for user access data and electronic equipment
CN111913784A (en) Task scheduling method and device, network element and storage medium
CN113810475A (en) Wifi probe equipment management and control system based on big data architecture