Amazon S3 和 S3 on Outposts 的 CloudTrail 日志文件条目
重要
Amazon S3 现在将具有 Amazon S3 托管密钥的服务器端加密(SSE-S3)作为 Amazon S3 中每个存储桶的基本加密级别。从 2023 年 1 月 5 日起,上传到 Amazon S3 的所有新对象都将自动加密,不会产生额外费用,也不会影响性能。S3 存储桶默认加密配置和上传的新对象的自动加密状态可在 AWS CloudTrail 日志、S3 清单、S3 Storage Lens 存储统计管理工具、Amazon S3 控制台中获得,并可用作 AWS Command Line Interface 和 AWS SDK 中的附加 Amazon S3 API 响应标头。有关更多信息,请参阅默认加密常见问题解答。
一个事件表示一个来自任何源的请求,包括有关所请求的 API 操作、操作的日期和时间、请求参数等方面的信息。CloudTrail 日志文件不是公用 API 调用的有序堆栈跟踪,因此事件不会按任何特定顺序显示。
注意
要查看 Amazon S3 Express One Zone 存储类的 CloudTrail 日志文件示例,请参阅 CloudTrail log file examples for S3 Express One Zone。
有关更多信息,请参阅以下示例。
示例:Amazon S3 的 CloudTrail 日志文件条目
下面的示例显示了一个 CloudTrail 日志条目,该条目说明了 GET 服务、PutBucketAcl 和 GetBucketVersioning 操作。
{ "Records": [ { "eventVersion": "1.03", "userIdentity": { "type": "IAMUser", "principalId": "111122223333", "arn": "arn:aws:iam::111122223333:user/myUserName", "accountId": "111122223333", "accessKeyId": "AKIAIOSFODNN7EXAMPLE", "userName": "myUserName" }, "eventTime": "2019-02-01T03:18:19Z", "eventSource": "s3.amazonaws.com", "eventName": "ListBuckets", "awsRegion": "us-west-2", "sourceIPAddress": "127.0.0.1", "userAgent": "[]", "requestParameters": { "host": [ "s3.us-west-2.amazonaws.com" ] }, "responseElements": null, "additionalEventData": { "SignatureVersion": "SigV2", "AuthenticationMethod": "QueryString", "aclRequired": "Yes" }, "requestID": "47B8E8D397DCE7A6", "eventID": "cdc4b7ed-e171-4cef-975a-ad829d4123e8", "eventType": "AwsApiCall", "recipientAccountId": "444455556666", "tlsDetails": { "tlsVersion": "TLSv1.2", "cipherSuite": "ECDHE-RSA-AES128-GCM-SHA256", "clientProvidedHostHeader": "s3.amazonaws.com" } }, { "eventVersion": "1.03", "userIdentity": { "type": "IAMUser", "principalId": "111122223333", "arn": "arn:aws:iam::111122223333:user/myUserName", "accountId": "111122223333", "accessKeyId": "AKIAIOSFODNN7EXAMPLE", "userName": "myUserName" }, "eventTime": "2019-02-01T03:22:33Z", "eventSource": "s3.amazonaws.com", "eventName": "PutBucketAcl", "awsRegion": "us-west-2", "sourceIPAddress": "", "userAgent": "[]", "requestParameters": { "bucketName": "", "AccessControlPolicy": { "AccessControlList": { "Grant": { "Grantee": { "xsi:type": "CanonicalUser", "xmlns:xsi": "http://www.w3.org/2001/XMLSchema-instance", "ID": "d25639fbe9c19cd30a4c0f43fbf00e2d3f96400a9aa8dabfbbebe1906Example" }, "Permission": "FULL_CONTROL" } }, "xmlns": "http://s3.amazonaws.com/doc/2006-03-01/", "Owner": { "ID": "d25639fbe9c19cd30a4c0f43fbf00e2d3f96400a9aa8dabfbbebe1906Example" } }, "host": [ "s3.us-west-2.amazonaws.com" ], "acl": [ "" ] }, "responseElements": null, "additionalEventData": { "SignatureVersion": "SigV4", "CipherSuite": "ECDHE-RSA-AES128-SHA", "AuthenticationMethod": "AuthHeader" }, "requestID": "BD8798EACDD16751", "eventID": "607b9532-1423-41c7-b048-ec2641693c47", "eventType": "AwsApiCall", "recipientAccountId": "111122223333", "tlsDetails": { "tlsVersion": "TLSv1.2", "cipherSuite": "ECDHE-RSA-AES128-GCM-SHA256", "clientProvidedHostHeader": "s3.amazonaws.com" } }, { "eventVersion": "1.03", "userIdentity": { "type": "IAMUser", "principalId": "111122223333", "arn": "arn:aws:iam::111122223333:user/myUserName", "accountId": "111122223333", "accessKeyId": "AKIAIOSFODNN7EXAMPLE", "userName": "myUserName" }, "eventTime": "2019-02-01T03:26:37Z", "eventSource": "s3.amazonaws.com", "eventName": "GetBucketVersioning", "awsRegion": "us-west-2", "sourceIPAddress": "", "userAgent": "[]", "requestParameters": { "host": [ "s3.us-west-2.amazonaws.com" ], "bucketName": "amzn-s3-demo-bucket1", "versioning": [ "" ] }, "responseElements": null, "additionalEventData": { "SignatureVersion": "SigV4", "CipherSuite": "ECDHE-RSA-AES128-SHA", "AuthenticationMethod": "AuthHeader" }, "requestID": "07D681279BD94AED", "eventID": "f2b287f3-0df1-4961-a2f4-c4bdfed47657", "eventType": "AwsApiCall", "recipientAccountId": "111122223333", "tlsDetails": { "tlsVersion": "TLSv1.2", "cipherSuite": "ECDHE-RSA-AES128-GCM-SHA256", "clientProvidedHostHeader": "s3.amazonaws.com" } } ] }
