Terjemahan disediakan oleh mesin penerjemah. Jika konten terjemahan yang diberikan bertentangan dengan versi bahasa Inggris aslinya, utamakan versi bahasa Inggris.
CreateKey
Contoh-contoh ini menunjukkan AWS CloudTrail entri log untuk CreateKeyoperasi.
Entri CreateKey log dapat dihasilkan dari CreateKey permintaan atau CreateKey operasi untuk ReplicateKeypermintaan.
Contoh berikut menunjukkan entri CloudTrail log untuk CreateKeyoperasi yang membuat KMSkunci enkripsi simetris. Untuk informasi tentang membuat KMS kunci, lihatMembuat kunci.
{ "eventVersion": "1.08", "userIdentity": { "type": "IAMUser", "principalId": "EX_PRINCIPAL_ID", "arn": "arn:aws:iam::111122223333:user/Alice", "accountId": "111122223333", "accessKeyId": "EXAMPLE_KEY_ID", "userName": "Alice" }, "eventTime": "2022-08-10T22:38:27Z", "eventSource": "kms.amazonaws.com", "eventName": "CreateKey", "awsRegion": "us-west-2", "sourceIPAddress": "192.0.2.0", "userAgent": "AWS Internal", "requestParameters": { "description": "", "origin": "EXTERNAL", "bypassPolicyLockoutSafetyCheck": false, "customerMasterKeySpec": "SYMMETRIC_DEFAULT", "keySpec": "SYMMETRIC_DEFAULT", "keyUsage": "ENCRYPT_DECRYPT" }, "responseElements": { "keyMetadata": { "AWSAccountId": "111122223333", "keyId": "1234abcd-12ab-34cd-56ef-1234567890ab", "arn": "arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab", "creationDate": "Aug 10, 2022, 10:38:27 PM", "enabled": false, "description": "", "keyUsage": "ENCRYPT_DECRYPT", "keyState": "PendingImport", "origin": "EXTERNAL", "keyManager": "CUSTOMER", "customerMasterKeySpec": "SYMMETRIC_DEFAULT", "keySpec": "SYMMETRIC_DEFAULT", "encryptionAlgorithms": [ "SYMMETRIC_DEFAULT" ], "multiRegion": false } }, "requestID": "1aef6713-0223-4ff7-9a6d-781360521930", "eventID": "36327b37-f4f6-40a9-92ab-48064ec905a2", "readOnly": false, "resources": [ { "accountId": "111122223333", "type": "AWS::KMS::Key", "ARN": "arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab" } ], "eventType": "AwsApiCall", "managementEvent": true, "recipientAccountId": "111122223333", "eventCategory": "Management" }
Contoh berikut menunjukkan CloudTrail log CreateKey operasi yang membuat KMS kunci enkripsi simetris dalam AWS CloudHSM toko kunci.
{ "eventVersion": "1.08", "userIdentity": { "type": "IAMUser", "principalId": "EX_PRINCIPAL_ID", "arn": "arn:aws:iam::111122223333:user/Alice", "accountId": "111122223333", "accessKeyId": "EXAMPLE_KEY_ID", "userName": "Alice" }, "eventTime": "2021-10-14T17:39:50Z", "eventSource": "kms.amazonaws.com", "eventName": "CreateKey", "awsRegion": "us-west-2", "sourceIPAddress": "192.0.2.0", "userAgent": "AWS Internal", "requestParameters": { "keyUsage": "ENCRYPT_DECRYPT", "bypassPolicyLockoutSafetyCheck": false, "origin": "AWS_CLOUDHSM", "keySpec": "SYMMETRIC_DEFAULT", "customerMasterKeySpec": "SYMMETRIC_DEFAULT", "customKeyStoreId": "cks-1234567890abcdef0", "description": "" }, "responseElements": { "keyMetadata": { "aWSAccountId": "111122223333", "keyId": "0987dcba-09fe-87dc-65ba-ab0987654321", "arn": "arn:aws:kms:us-west-2:111122223333:key/0987dcba-09fe-87dc-65ba-ab0987654321", "creationDate": "Oct 14, 2021, 5:39:50 PM", "enabled": true, "description": "", "keyUsage": "ENCRYPT_DECRYPT", "keyState": "Enabled", "origin": "AWS_CLOUDHSM", "customKeyStoreId": "cks-1234567890abcdef0", "cloudHsmClusterId": "cluster-1a23b4cdefg", "keyManager": "CUSTOMER", "customerMasterKeySpec": "SYMMETRIC_DEFAULT", "keySpec": "SYMMETRIC_DEFAULT", "encryptionAlgorithms": [ "SYMMETRIC_DEFAULT" ], "multiRegion": false } }, "additionalEventData": { "backingKey": "{\"backingKeyId\":\"backing-key-id\"}" }, "requestID": "4f0b185c-588c-4767-9e90-c618f7e13cad", "eventID": "c73964b8-703d-49e4-bd9e-f773d0ee1e65", "readOnly": false, "resources": [ { "accountId": "111122223333", "type": "AWS::KMS::Key", "ARN": "arn:aws:kms:us-west-2:111122223333:key/0987dcba-09fe-87dc-65ba-ab0987654321" } ], "eventType": "AwsApiCall", "managementEvent": true, "recipientAccountId": "111122223333", "eventCategory": "Management" }
Contoh berikut menunjukkan CloudTrail log CreateKey operasi yang membuat KMS kunci enkripsi simetris di penyimpanan kunci eksternal.
{ "eventVersion": "1.08", "userIdentity": { "type": "IAMUser", "principalId": "EX_PRINCIPAL_ID", "arn": "arn:aws:iam::111122223333:user/Alice", "accountId": "111122223333", "accessKeyId": "EXAMPLE_KEY_ID", "userName": "Alice" }, "eventTime": "2022-09-07T22:37:45Z", "eventSource": "kms.amazonaws.com", "eventName": "CreateKey", "awsRegion": "us-east-1", "sourceIPAddress": "192.0.2.0", "userAgent": "AWS Internal", "requestParameters": { "tags": [], "keyUsage": "ENCRYPT_DECRYPT", "description": "", "origin": "EXTERNAL_KEY_STORE", "multiRegion": false, "keySpec": "SYMMETRIC_DEFAULT", "customerMasterKeySpec": "SYMMETRIC_DEFAULT", "bypassPolicyLockoutSafetyCheck": false, "customKeyStoreId": "cks-1234567890abcdef0", "xksKeyId": "bb8562717f809024" }, "responseElements": { "keyMetadata": { "aWSAccountId": "111122223333", "keyId": "1234abcd-12ab-34cd-56ef-1234567890ab", "arn": "arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab", "creationDate": "Dec 7, 2022, 10:37:45 PM", "enabled": true, "description": "", "keyUsage": "ENCRYPT_DECRYPT", "keyState": "Enabled", "origin": "EXTERNAL_KEY_STORE", "customKeyStoreId": "cks-1234567890abcdef0", "keyManager": "CUSTOMER", "customerMasterKeySpec": "SYMMETRIC_DEFAULT", "keySpec": "SYMMETRIC_DEFAULT", "encryptionAlgorithms": [ "SYMMETRIC_DEFAULT" ], "multiRegion": false, "xksKeyConfiguration": { "id": "bb8562717f809024" } } }, "requestID": "ba197c82-3ac7-487a-8ff4-7736bbeb1316", "eventID": "838ad5f4-5fdd-4044-afd7-4dbd88c6af56", "readOnly": false, "resources": [ { "accountId": "227179770375", "type": "AWS::KMS::Key", "ARN": "arn:aws:kms:us-east-1:227179770375:key/39c5eb22-f37c-4956-92ca-89e8f8b57ab2" } ], "eventType": "AwsApiCall", "managementEvent": true, "recipientAccountId": "111122223333", "eventCategory": "Management" }
