翻訳は機械翻訳により提供されています。提供された翻訳内容と英語版の間で齟齬、不一致または矛盾がある場合、英語版が優先します。
CreateKey
これらの例は、CreateKey オペレーションの AWS CloudTrail ログエントリを示しています。
CreateKey
ログエントリは、ReplicateKey リクエストの CreateKey
リクエストまたは CreateKey
オペレーションによって生成されます。
以下は、対称暗号化 KMS キーを作成する CreateKey オペレーションの CloudTrail ログエントリを示す例です。KMS キー作成の詳細については、KMS キーを作成する を参照してください。
{ "eventVersion": "1.08", "userIdentity": { "type": "IAMUser", "principalId": "EX_PRINCIPAL_ID", "arn": "arn:aws:iam::111122223333:user/Alice", "accountId": "111122223333", "accessKeyId": "EXAMPLE_KEY_ID", "userName": "Alice" }, "eventTime": "2022-08-10T22:38:27Z", "eventSource": "kms.amazonaws.com", "eventName": "CreateKey", "awsRegion": "us-west-2", "sourceIPAddress": "192.0.2.0", "userAgent": "AWS Internal", "requestParameters": { "description": "", "origin": "EXTERNAL", "bypassPolicyLockoutSafetyCheck": false, "customerMasterKeySpec": "SYMMETRIC_DEFAULT", "keySpec": "SYMMETRIC_DEFAULT", "keyUsage": "ENCRYPT_DECRYPT" }, "responseElements": { "keyMetadata": { "AWSAccountId": "111122223333", "keyId": "1234abcd-12ab-34cd-56ef-1234567890ab", "arn": "arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab", "creationDate": "Aug 10, 2022, 10:38:27 PM", "enabled": false, "description": "", "keyUsage": "ENCRYPT_DECRYPT", "keyState": "PendingImport", "origin": "EXTERNAL", "keyManager": "CUSTOMER", "customerMasterKeySpec": "SYMMETRIC_DEFAULT", "keySpec": "SYMMETRIC_DEFAULT", "encryptionAlgorithms": [ "SYMMETRIC_DEFAULT" ], "multiRegion": false } }, "requestID": "1aef6713-0223-4ff7-9a6d-781360521930", "eventID": "36327b37-f4f6-40a9-92ab-48064ec905a2", "readOnly": false, "resources": [ { "accountId": "111122223333", "type": "AWS::KMS::Key", "ARN": "arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab" } ], "eventType": "AwsApiCall", "managementEvent": true, "recipientAccountId": "111122223333", "eventCategory": "Management" }
次の例は、 AWS CloudHSM キーストアに対称暗号化 KMS キーを作成する CreateKey
オペレーションの CloudTrail ログを示しています。
{ "eventVersion": "1.08", "userIdentity": { "type": "IAMUser", "principalId": "EX_PRINCIPAL_ID", "arn": "arn:aws:iam::111122223333:user/Alice", "accountId": "111122223333", "accessKeyId": "EXAMPLE_KEY_ID", "userName": "Alice" }, "eventTime": "2021-10-14T17:39:50Z", "eventSource": "kms.amazonaws.com", "eventName": "CreateKey", "awsRegion": "us-west-2", "sourceIPAddress": "192.0.2.0", "userAgent": "AWS Internal", "requestParameters": { "keyUsage": "ENCRYPT_DECRYPT", "bypassPolicyLockoutSafetyCheck": false, "origin": "AWS_CLOUDHSM", "keySpec": "SYMMETRIC_DEFAULT", "customerMasterKeySpec": "SYMMETRIC_DEFAULT", "customKeyStoreId": "cks-1234567890abcdef0", "description": "" }, "responseElements": { "keyMetadata": { "aWSAccountId": "111122223333", "keyId": "0987dcba-09fe-87dc-65ba-ab0987654321", "arn": "arn:aws:kms:us-west-2:111122223333:key/0987dcba-09fe-87dc-65ba-ab0987654321", "creationDate": "Oct 14, 2021, 5:39:50 PM", "enabled": true, "description": "", "keyUsage": "ENCRYPT_DECRYPT", "keyState": "Enabled", "origin": "AWS_CLOUDHSM", "customKeyStoreId": "cks-1234567890abcdef0", "cloudHsmClusterId": "cluster-1a23b4cdefg", "keyManager": "CUSTOMER", "customerMasterKeySpec": "SYMMETRIC_DEFAULT", "keySpec": "SYMMETRIC_DEFAULT", "encryptionAlgorithms": [ "SYMMETRIC_DEFAULT" ], "multiRegion": false } }, "additionalEventData": { "backingKey": "{\"backingKeyId\":\"
backing-key-id
\"}" }, "requestID": "4f0b185c-588c-4767-9e90-c618f7e13cad", "eventID": "c73964b8-703d-49e4-bd9e-f773d0ee1e65", "readOnly": false, "resources": [ { "accountId": "111122223333", "type": "AWS::KMS::Key", "ARN": "arn:aws:kms:us-west-2:111122223333:key/0987dcba-09fe-87dc-65ba-ab0987654321" } ], "eventType": "AwsApiCall", "managementEvent": true, "recipientAccountId": "111122223333", "eventCategory": "Management" }
次の例は、外部キーストアに対称暗号化 KMS キーを作成する CreateKey
オペレーションの CloudTrail ログを示しています。
{ "eventVersion": "1.08", "userIdentity": { "type": "IAMUser", "principalId": "EX_PRINCIPAL_ID", "arn": "arn:aws:iam::111122223333:user/Alice", "accountId": "111122223333", "accessKeyId": "EXAMPLE_KEY_ID", "userName": "Alice" }, "eventTime": "2022-09-07T22:37:45Z", "eventSource": "kms.amazonaws.com", "eventName": "CreateKey", "awsRegion": "us-east-1", "sourceIPAddress": "192.0.2.0", "userAgent": "AWS Internal", "requestParameters": { "tags": [], "keyUsage": "ENCRYPT_DECRYPT", "description": "", "origin": "EXTERNAL_KEY_STORE", "multiRegion": false, "keySpec": "SYMMETRIC_DEFAULT", "customerMasterKeySpec": "SYMMETRIC_DEFAULT", "bypassPolicyLockoutSafetyCheck": false, "customKeyStoreId": "cks-1234567890abcdef0", "xksKeyId": "bb8562717f809024" }, "responseElements": { "keyMetadata": { "aWSAccountId": "111122223333", "keyId": "1234abcd-12ab-34cd-56ef-1234567890ab", "arn": "arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab", "creationDate": "Dec 7, 2022, 10:37:45 PM", "enabled": true, "description": "", "keyUsage": "ENCRYPT_DECRYPT", "keyState": "Enabled", "origin": "EXTERNAL_KEY_STORE", "customKeyStoreId": "cks-1234567890abcdef0", "keyManager": "CUSTOMER", "customerMasterKeySpec": "SYMMETRIC_DEFAULT", "keySpec": "SYMMETRIC_DEFAULT", "encryptionAlgorithms": [ "SYMMETRIC_DEFAULT" ], "multiRegion": false, "xksKeyConfiguration": { "id": "bb8562717f809024" } } }, "requestID": "ba197c82-3ac7-487a-8ff4-7736bbeb1316", "eventID": "838ad5f4-5fdd-4044-afd7-4dbd88c6af56", "readOnly": false, "resources": [ { "accountId": "227179770375", "type": "AWS::KMS::Key", "ARN": "arn:aws:kms:us-east-1:227179770375:key/39c5eb22-f37c-4956-92ca-89e8f8b57ab2" } ], "eventType": "AwsApiCall", "managementEvent": true, "recipientAccountId": "111122223333", "eventCategory": "Management" }