As traduções são geradas por tradução automática. Em caso de conflito entre o conteúdo da tradução e da versão original em inglês, a versão em inglês prevalecerá.
CreateKey
Esses exemplos mostram entradas de log do AWS CloudTrail para a operação CreateKey.
Uma entrada de log de CreateKey
pode resultar de uma solicitação CreateKey
ou da operação CreateKey
para uma solicitação ReplicateKey.
O exemplo a seguir mostra uma entrada de log do CloudTrail para uma operação CreateKey que cria uma chave do KMS de criptografia simétrica. Para obter mais informações sobre como criar chaves do KMS, consulte Criar uma chave do KMS.
{ "eventVersion": "1.08", "userIdentity": { "type": "IAMUser", "principalId": "EX_PRINCIPAL_ID", "arn": "arn:aws:iam::111122223333:user/Alice", "accountId": "111122223333", "accessKeyId": "EXAMPLE_KEY_ID", "userName": "Alice" }, "eventTime": "2022-08-10T22:38:27Z", "eventSource": "kms.amazonaws.com", "eventName": "CreateKey", "awsRegion": "us-west-2", "sourceIPAddress": "192.0.2.0", "userAgent": "AWS Internal", "requestParameters": { "description": "", "origin": "EXTERNAL", "bypassPolicyLockoutSafetyCheck": false, "customerMasterKeySpec": "SYMMETRIC_DEFAULT", "keySpec": "SYMMETRIC_DEFAULT", "keyUsage": "ENCRYPT_DECRYPT" }, "responseElements": { "keyMetadata": { "AWSAccountId": "111122223333", "keyId": "1234abcd-12ab-34cd-56ef-1234567890ab", "arn": "arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab", "creationDate": "Aug 10, 2022, 10:38:27 PM", "enabled": false, "description": "", "keyUsage": "ENCRYPT_DECRYPT", "keyState": "PendingImport", "origin": "EXTERNAL", "keyManager": "CUSTOMER", "customerMasterKeySpec": "SYMMETRIC_DEFAULT", "keySpec": "SYMMETRIC_DEFAULT", "encryptionAlgorithms": [ "SYMMETRIC_DEFAULT" ], "multiRegion": false } }, "requestID": "1aef6713-0223-4ff7-9a6d-781360521930", "eventID": "36327b37-f4f6-40a9-92ab-48064ec905a2", "readOnly": false, "resources": [ { "accountId": "111122223333", "type": "AWS::KMS::Key", "ARN": "arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab" } ], "eventType": "AwsApiCall", "managementEvent": true, "recipientAccountId": "111122223333", "eventCategory": "Management" }
O exemplo a seguir mostra uma entrada de log do CloudTrail para uma operação CreateKey
que cria uma chave do KMS de criptografia simétrica em um armazenamento de chaves do AWS CloudHSM.
{ "eventVersion": "1.08", "userIdentity": { "type": "IAMUser", "principalId": "EX_PRINCIPAL_ID", "arn": "arn:aws:iam::111122223333:user/Alice", "accountId": "111122223333", "accessKeyId": "EXAMPLE_KEY_ID", "userName": "Alice" }, "eventTime": "2021-10-14T17:39:50Z", "eventSource": "kms.amazonaws.com", "eventName": "CreateKey", "awsRegion": "us-west-2", "sourceIPAddress": "192.0.2.0", "userAgent": "AWS Internal", "requestParameters": { "keyUsage": "ENCRYPT_DECRYPT", "bypassPolicyLockoutSafetyCheck": false, "origin": "AWS_CLOUDHSM", "keySpec": "SYMMETRIC_DEFAULT", "customerMasterKeySpec": "SYMMETRIC_DEFAULT", "customKeyStoreId": "cks-1234567890abcdef0", "description": "" }, "responseElements": { "keyMetadata": { "aWSAccountId": "111122223333", "keyId": "0987dcba-09fe-87dc-65ba-ab0987654321", "arn": "arn:aws:kms:us-west-2:111122223333:key/0987dcba-09fe-87dc-65ba-ab0987654321", "creationDate": "Oct 14, 2021, 5:39:50 PM", "enabled": true, "description": "", "keyUsage": "ENCRYPT_DECRYPT", "keyState": "Enabled", "origin": "AWS_CLOUDHSM", "customKeyStoreId": "cks-1234567890abcdef0", "cloudHsmClusterId": "cluster-1a23b4cdefg", "keyManager": "CUSTOMER", "customerMasterKeySpec": "SYMMETRIC_DEFAULT", "keySpec": "SYMMETRIC_DEFAULT", "encryptionAlgorithms": [ "SYMMETRIC_DEFAULT" ], "multiRegion": false } }, "additionalEventData": { "backingKey": "{\"backingKeyId\":\"
backing-key-id
\"}" }, "requestID": "4f0b185c-588c-4767-9e90-c618f7e13cad", "eventID": "c73964b8-703d-49e4-bd9e-f773d0ee1e65", "readOnly": false, "resources": [ { "accountId": "111122223333", "type": "AWS::KMS::Key", "ARN": "arn:aws:kms:us-west-2:111122223333:key/0987dcba-09fe-87dc-65ba-ab0987654321" } ], "eventType": "AwsApiCall", "managementEvent": true, "recipientAccountId": "111122223333", "eventCategory": "Management" }
O exemplo a seguir mostra uma entrada de log do CloudTrail para uma operação CreateKey
que cria uma chave do KMS de criptografia simétrica em um armazenamento de chaves externas.
{ "eventVersion": "1.08", "userIdentity": { "type": "IAMUser", "principalId": "EX_PRINCIPAL_ID", "arn": "arn:aws:iam::111122223333:user/Alice", "accountId": "111122223333", "accessKeyId": "EXAMPLE_KEY_ID", "userName": "Alice" }, "eventTime": "2022-09-07T22:37:45Z", "eventSource": "kms.amazonaws.com", "eventName": "CreateKey", "awsRegion": "us-east-1", "sourceIPAddress": "192.0.2.0", "userAgent": "AWS Internal", "requestParameters": { "tags": [], "keyUsage": "ENCRYPT_DECRYPT", "description": "", "origin": "EXTERNAL_KEY_STORE", "multiRegion": false, "keySpec": "SYMMETRIC_DEFAULT", "customerMasterKeySpec": "SYMMETRIC_DEFAULT", "bypassPolicyLockoutSafetyCheck": false, "customKeyStoreId": "cks-1234567890abcdef0", "xksKeyId": "bb8562717f809024" }, "responseElements": { "keyMetadata": { "aWSAccountId": "111122223333", "keyId": "1234abcd-12ab-34cd-56ef-1234567890ab", "arn": "arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab", "creationDate": "Dec 7, 2022, 10:37:45 PM", "enabled": true, "description": "", "keyUsage": "ENCRYPT_DECRYPT", "keyState": "Enabled", "origin": "EXTERNAL_KEY_STORE", "customKeyStoreId": "cks-1234567890abcdef0", "keyManager": "CUSTOMER", "customerMasterKeySpec": "SYMMETRIC_DEFAULT", "keySpec": "SYMMETRIC_DEFAULT", "encryptionAlgorithms": [ "SYMMETRIC_DEFAULT" ], "multiRegion": false, "xksKeyConfiguration": { "id": "bb8562717f809024" } } }, "requestID": "ba197c82-3ac7-487a-8ff4-7736bbeb1316", "eventID": "838ad5f4-5fdd-4044-afd7-4dbd88c6af56", "readOnly": false, "resources": [ { "accountId": "227179770375", "type": "AWS::KMS::Key", "ARN": "arn:aws:kms:us-east-1:227179770375:key/39c5eb22-f37c-4956-92ca-89e8f8b57ab2" } ], "eventType": "AwsApiCall", "managementEvent": true, "recipientAccountId": "111122223333", "eventCategory": "Management" }