Terjemahan disediakan oleh mesin penerjemah. Jika konten terjemahan yang diberikan bertentangan dengan versi bahasa Inggris aslinya, utamakan versi bahasa Inggris.
Contoh-contoh ini menunjukkan entri AWS CloudTrail log untuk CreateKeyoperasi.
Entri CreateKey log dapat dihasilkan dari CreateKey permintaan atau CreateKey operasi untuk ReplicateKeypermintaan.
Contoh berikut menunjukkan entri CloudTrail log untuk CreateKeyoperasi yang menciptakan kunci KMS enkripsi simetris. Untuk informasi tentang membuat kunci KMS, lihatBuat kunci KMS.
{
"eventVersion": "1.08",
"userIdentity": {
"type": "IAMUser",
"principalId": "EX_PRINCIPAL_ID",
"arn": "arn:aws:iam::111122223333:user/Alice",
"accountId": "111122223333",
"accessKeyId": "EXAMPLE_KEY_ID",
"userName": "Alice"
},
"eventTime": "2022-08-10T22:38:27Z",
"eventSource": "kms.amazonaws.com",
"eventName": "CreateKey",
"awsRegion": "us-west-2",
"sourceIPAddress": "192.0.2.0",
"userAgent": "AWS Internal",
"requestParameters": {
"description": "",
"origin": "EXTERNAL",
"bypassPolicyLockoutSafetyCheck": false,
"customerMasterKeySpec": "SYMMETRIC_DEFAULT",
"keySpec": "SYMMETRIC_DEFAULT",
"keyUsage": "ENCRYPT_DECRYPT"
},
"responseElements": {
"keyMetadata": {
"AWSAccountId": "111122223333",
"keyId": "1234abcd-12ab-34cd-56ef-1234567890ab",
"arn": "arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab",
"creationDate": "Aug 10, 2022, 10:38:27 PM",
"enabled": false,
"description": "",
"keyUsage": "ENCRYPT_DECRYPT",
"keyState": "PendingImport",
"origin": "EXTERNAL",
"keyManager": "CUSTOMER",
"customerMasterKeySpec": "SYMMETRIC_DEFAULT",
"keySpec": "SYMMETRIC_DEFAULT",
"encryptionAlgorithms": [
"SYMMETRIC_DEFAULT"
],
"multiRegion": false
}
},
"requestID": "1aef6713-0223-4ff7-9a6d-781360521930",
"eventID": "36327b37-f4f6-40a9-92ab-48064ec905a2",
"readOnly": false,
"resources": [
{
"accountId": "111122223333",
"type": "AWS::KMS::Key",
"ARN": "arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab"
}
],
"eventType": "AwsApiCall",
"managementEvent": true,
"recipientAccountId": "111122223333",
"eventCategory": "Management"
}Contoh berikut menunjukkan CloudTrail log CreateKey operasi yang menciptakan kunci KMS enkripsi simetris di toko AWS CloudHSM kunci.
{
"eventVersion": "1.08",
"userIdentity": {
"type": "IAMUser",
"principalId": "EX_PRINCIPAL_ID",
"arn": "arn:aws:iam::111122223333:user/Alice",
"accountId": "111122223333",
"accessKeyId": "EXAMPLE_KEY_ID",
"userName": "Alice"
},
"eventTime": "2021-10-14T17:39:50Z",
"eventSource": "kms.amazonaws.com",
"eventName": "CreateKey",
"awsRegion": "us-west-2",
"sourceIPAddress": "192.0.2.0",
"userAgent": "AWS Internal",
"requestParameters": {
"keyUsage": "ENCRYPT_DECRYPT",
"bypassPolicyLockoutSafetyCheck": false,
"origin": "AWS_CLOUDHSM",
"keySpec": "SYMMETRIC_DEFAULT",
"customerMasterKeySpec": "SYMMETRIC_DEFAULT",
"customKeyStoreId": "cks-1234567890abcdef0",
"description": ""
},
"responseElements": {
"keyMetadata": {
"aWSAccountId": "111122223333",
"keyId": "0987dcba-09fe-87dc-65ba-ab0987654321",
"arn": "arn:aws:kms:us-west-2:111122223333:key/0987dcba-09fe-87dc-65ba-ab0987654321",
"creationDate": "Oct 14, 2021, 5:39:50 PM",
"enabled": true,
"description": "",
"keyUsage": "ENCRYPT_DECRYPT",
"keyState": "Enabled",
"origin": "AWS_CLOUDHSM",
"customKeyStoreId": "cks-1234567890abcdef0",
"cloudHsmClusterId": "cluster-1a23b4cdefg",
"keyManager": "CUSTOMER",
"customerMasterKeySpec": "SYMMETRIC_DEFAULT",
"keySpec": "SYMMETRIC_DEFAULT",
"encryptionAlgorithms": [
"SYMMETRIC_DEFAULT"
],
"multiRegion": false
}
},
"additionalEventData": {
"backingKey": "{\"backingKeyId\":\"backing-key-id\"}"
},
"requestID": "4f0b185c-588c-4767-9e90-c618f7e13cad",
"eventID": "c73964b8-703d-49e4-bd9e-f773d0ee1e65",
"readOnly": false,
"resources": [
{
"accountId": "111122223333",
"type": "AWS::KMS::Key",
"ARN": "arn:aws:kms:us-west-2:111122223333:key/0987dcba-09fe-87dc-65ba-ab0987654321"
}
],
"eventType": "AwsApiCall",
"managementEvent": true,
"recipientAccountId": "111122223333",
"eventCategory": "Management"
}Contoh berikut menunjukkan CloudTrail log CreateKey operasi yang membuat kunci KMS enkripsi simetris di toko kunci eksternal.
{
"eventVersion": "1.08",
"userIdentity": {
"type": "IAMUser",
"principalId": "EX_PRINCIPAL_ID",
"arn": "arn:aws:iam::111122223333:user/Alice",
"accountId": "111122223333",
"accessKeyId": "EXAMPLE_KEY_ID",
"userName": "Alice"
},
"eventTime": "2022-09-07T22:37:45Z",
"eventSource": "kms.amazonaws.com",
"eventName": "CreateKey",
"awsRegion": "us-east-1",
"sourceIPAddress": "192.0.2.0",
"userAgent": "AWS Internal",
"requestParameters": {
"tags": [],
"keyUsage": "ENCRYPT_DECRYPT",
"description": "",
"origin": "EXTERNAL_KEY_STORE",
"multiRegion": false,
"keySpec": "SYMMETRIC_DEFAULT",
"customerMasterKeySpec": "SYMMETRIC_DEFAULT",
"bypassPolicyLockoutSafetyCheck": false,
"customKeyStoreId": "cks-1234567890abcdef0",
"xksKeyId": "bb8562717f809024"
},
"responseElements": {
"keyMetadata": {
"aWSAccountId": "111122223333",
"keyId": "1234abcd-12ab-34cd-56ef-1234567890ab",
"arn": "arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab",
"creationDate": "Dec 7, 2022, 10:37:45 PM",
"enabled": true,
"description": "",
"keyUsage": "ENCRYPT_DECRYPT",
"keyState": "Enabled",
"origin": "EXTERNAL_KEY_STORE",
"customKeyStoreId": "cks-1234567890abcdef0",
"keyManager": "CUSTOMER",
"customerMasterKeySpec": "SYMMETRIC_DEFAULT",
"keySpec": "SYMMETRIC_DEFAULT",
"encryptionAlgorithms": [
"SYMMETRIC_DEFAULT"
],
"multiRegion": false,
"xksKeyConfiguration": {
"id": "bb8562717f809024"
}
}
},
"requestID": "ba197c82-3ac7-487a-8ff4-7736bbeb1316",
"eventID": "838ad5f4-5fdd-4044-afd7-4dbd88c6af56",
"readOnly": false,
"resources": [
{
"accountId": "227179770375",
"type": "AWS::KMS::Key",
"ARN": "arn:aws:kms:us-east-1:227179770375:key/39c5eb22-f37c-4956-92ca-89e8f8b57ab2"
}
],
"eventType": "AwsApiCall",
"managementEvent": true,
"recipientAccountId": "111122223333",
"eventCategory": "Management"
} 