選取您的 Cookie 偏好設定

我們使用提供自身網站和服務所需的基本 Cookie 和類似工具。我們使用效能 Cookie 收集匿名統計資料,以便了解客戶如何使用我們的網站並進行改進。基本 Cookie 無法停用,但可以按一下「自訂」或「拒絕」以拒絕效能 Cookie。

如果您同意,AWS 與經核准的第三方也會使用 Cookie 提供實用的網站功能、記住您的偏好設定,並顯示相關內容,包括相關廣告。若要接受或拒絕所有非必要 Cookie,請按一下「接受」或「拒絕」。若要進行更詳細的選擇,請按一下「自訂」。

ACM API CloudTrail 日誌中支援的動作

焦點模式
ACM API CloudTrail 日誌中支援的動作 - AWS Certificate Manager

本文為英文版的機器翻譯版本,如內容有任何歧義或不一致之處,概以英文版為準。

本文為英文版的機器翻譯版本,如內容有任何歧義或不一致之處,概以英文版為準。

ACM 支援將下列動作記錄為 CloudTrail 日誌檔案中的事件:

每一筆事件或日誌專案都會包含產生請求者的資訊。身分資訊可協助您判斷下列事項:

  • 請求是使用 AWS 帳戶根使用者 還是 AWS Identity and Access Management (IAM) 使用者憑證提出。

  • 提出該請求時,是否使用了特定角色或聯合身分使用者的暫時安全憑證。

  • 該請求是否由其他 AWS 服務提出

如需詳細資訊,請參閱CloudTrail userIdentity 元素

下列各節提供支援API操作的範例日誌。

將標籤新增到憑證 (AddTagsToCertificate)

下列 CloudTrail 範例顯示呼叫 AddTagsToCertificate 的結果API。

{ "Records":[ { "eventVersion":"1.04", "userIdentity":{ "type":"IAMUser", "principalId":"AIDACKCEVSQ6C2EXAMPLE", "arn":"arn:aws:iam::123456789012:user/Alice", "accountId":"123456789012", "accessKeyId":"AKIAIOSFODNN7EXAMPLE", "userName":"Alice" }, "eventTime":"2016-04-06T13:53:53Z", "eventSource":"acm.amazonaws.com", "eventName":"AddTagsToCertificate", "awsRegion":"us-east-1", "sourceIPAddress":"192.0.2.0", "userAgent":"aws-cli/1.10.16", "requestParameters":{ "tags":[ { "value":"Alice", "key":"Admin" } ], "certificateArn":"arn:aws:acm:us-east-1:123456789012:certificate/fedcba98-7654-3210-fedc-ba9876543210" }, "responseElements":null, "requestID":"fedcba98-7654-3210-fedc-ba9876543210", "eventID":"fedcba98-7654-3210-fedc-ba9876543210", "eventType":"AwsApiCall", "recipientAccountId":"123456789012" } ] }

刪除憑證 (DeleteCertificate)

下列 CloudTrail 範例顯示呼叫 DeleteCertificate 的結果API。

{ "Records":[ { "eventVersion":"1.04", "userIdentity":{ "type":"IAMUser", "principalId":"AIDACKCEVSQ6C2EXAMPLE", "arn":"arn:aws:iam::123456789012:user/Alice", "accountId":"123456789012", "accessKeyId":"AKIAIOSFODNN7EXAMPLE", "userName":"Alice" }, "eventTime":"2016-03-18T00:00:26Z", "eventSource":"acm.amazonaws.com", "eventName":"DeleteCertificate", "awsRegion":"us-east-1", "sourceIPAddress":"192.0.2.0", "userAgent":"aws-cli/1.9.15", "requestParameters":{ "certificateArn":"arn:aws:acm:us-east-1:123456789012:certificate/fedcba98-7654-3210-fedc-ba9876543210" }, "responseElements":null, "requestID":"01234567-89ab-cdef-0123-456789abcdef", "eventID":"01234567-89ab-cdef-0123-456789abcdef", "eventType":"AwsApiCall", "recipientAccountId":"123456789012" } ] }

描述憑證 (DescribeCertificate)

下列 CloudTrail 範例顯示呼叫 DescribeCertificate 的結果API。

注意

DescribeCertificate 操作的 CloudTrail 日誌不會顯示您指定ACM憑證的相關資訊。您可以使用主控台、 AWS Command Line Interface或 DescribeCertificate 來檢視憑證的相關資訊API。

{ "Records":[ { "eventVersion":"1.04", "userIdentity":{ "type":"IAMUser", "principalId":"AIDACKCEVSQ6C2EXAMPLE", "arn":"arn:aws:iam::123456789012:user/Alice", "accountId":"123456789012", "accessKeyId":"AKIAIOSFODNN7EXAMPLE", "userName":"Alice" }, "eventTime":"2016-03-18T00:00:42Z", "eventSource":"acm.amazonaws.com", "eventName":"DescribeCertificate", "awsRegion":"us-east-1", "sourceIPAddress":"192.0.2.0", "userAgent":"aws-cli/1.9.15", "requestParameters":{ "certificateArn":"arn:aws:acm:us-east-1:123456789012:certificate/fedcba98-7654-3210-fedc-ba9876543210" }, "responseElements":null, "requestID":"fedcba98-7654-3210-fedc-ba9876543210", "eventID":"fedcba98-7654-3210-fedc-ba9876543210", "eventType":"AwsApiCall", "recipientAccountId":"123456789012" } ] }

匯出憑證 (ExportCertificate)

下列 CloudTrail 範例顯示呼叫 ExportCertificate 的結果API。

{ "Records":[ { "version":"0", "id":"01234567-89ab-cdef-0123-456789abcdef", "detail-type":"AWS API Call via CloudTrail", "source":"aws.acm", "account":"123456789012", "time":"2018-05-24T15:28:11Z", "region":"us-east-1", "resources":[ ], "detail":{ "eventVersion":"1.04", "userIdentity":{ "type":"Root", "principalId":"123456789012", "arn":"arn:aws:iam::123456789012:user/Alice", "accountId":"123456789012", "accessKeyId":"AKIAIOSFODNN7EXAMPLE", "userName":"Alice" }, "eventTime":"2018-05-24T15:28:11Z", "eventSource":"acm.amazonaws.com", "eventName":"ExportCertificate", "awsRegion":"us-east-1", "sourceIPAddress":"192.0.2.0", "userAgent":"aws-cli/1.15.4 Python/2.7.9 Windows/8 botocore/1.10.4", "requestParameters":{ "passphrase":{ "hb":[ 42, 42, 42, 42, 42, 42, 42, 42, 42, 42 ], "offset":0, "isReadOnly":false, "bigEndian":true, "nativeByteOrder":false, "mark":-1, "position":0, "limit":10, "capacity":10, "address":0 }, "certificateArn":"arn:aws:acm:us-east-1:123456789012:certificate/fedcba98-7654-3210-fedc-ba9876543210" }, "responseElements":{ "certificateChain": "-----BEGIN CERTIFICATE----- base64 certificate -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- base64 certificate -----END CERTIFICATE-----", "privateKey":"**********", "certificate": "-----BEGIN CERTIFICATE----- base64 certificate -----END CERTIFICATE-----" }, "requestID":"01234567-89ab-cdef-0123-456789abcdef", "eventID":"fedcba98-7654-3210-fedc-ba9876543210", "eventType":"AwsApiCall" } } ] }

匯入憑證 (ImportCertificate)

下列範例顯示記錄對ACMImportCertificateAPI操作呼叫的 CloudTrail 日誌項目。

{ "eventVersion":"1.04", "userIdentity":{ "type":"IAMUser", "principalId":"AIDACKCEVSQ6C2EXAMPLE", "arn":"arn:aws:iam::111122223333:user/Alice", "accountId":"111122223333", "accessKeyId":"AKIAIOSFODNN7EXAMPLE", "userName":"Alice" }, "eventTime":"2016-10-04T16:01:30Z", "eventSource":"acm.amazonaws.com", "eventName":"ImportCertificate", "awsRegion":"ap-southeast-2", "sourceIPAddress":"54.240.193.129", "userAgent":"Coral/Netty", "requestParameters":{ "privateKey":{ "hb":[ "byte", "byte", "byte", "..." ], "offset":0, "isReadOnly":false, "bigEndian":true, "nativeByteOrder":false, "mark":-1, "position":0, "limit":1674, "capacity":1674, "address":0 }, "certificateChain":{ "hb":[ "byte", "byte", "byte", "..." ], "offset":0, "isReadOnly":false, "bigEndian":true, "nativeByteOrder":false, "mark":-1, "position":0, "limit":2105, "capacity":2105, "address":0 }, "certificate":{ "hb":[ "byte", "byte", "byte", "..." ], "offset":0, "isReadOnly":false, "bigEndian":true, "nativeByteOrder":false, "mark":-1, "position":0, "limit":2503, "capacity":2503, "address":0 } }, "responseElements":{ "certificateArn":"arn:aws:acm:ap-southeast-2:111122223333:certificate/01234567-89ab-cdef-0123-456789abcdef" }, "requestID":"01234567-89ab-cdef-0123-456789abcdef", "eventID":"01234567-89ab-cdef-0123-456789abcdef", "eventType":"AwsApiCall", "recipientAccountId":"111122223333" }

列出憑證 (ListCertificates)

下列 CloudTrail 範例顯示呼叫 ListCertificates 的結果API。

注意

ListCertificates 操作的 CloudTrail 日誌不會顯示您的ACM憑證。您可以使用主控台、 AWS Command Line Interface或 ListCertificates 來檢視憑證清單API。

{ "Records":[ { "eventVersion":"1.04", "userIdentity":{ "type":"IAMUser", "principalId":"AIDACKCEVSQ6C2EXAMPLE", "arn":"arn:aws:iam::123456789012:user/Alice", "accountId":"123456789012", "accessKeyId":"AKIAIOSFODNN7EXAMPLE", "userName":"Alice" }, "eventTime":"2016-03-18T00:00:43Z", "eventSource":"acm.amazonaws.com", "eventName":"ListCertificates", "awsRegion":"us-east-1", "sourceIPAddress":"192.0.2.0", "userAgent":"aws-cli/1.9.15", "requestParameters":{ "maxItems":1000, "certificateStatuses":[ "ISSUED" ] }, "responseElements":null, "requestID":"74c99844-ec9c-11e5-ac34-d1e4dfe1a11b", "eventID":"cdfe1051-88aa-4aa3-8c33-a325270bff21", "eventType":"AwsApiCall", "recipientAccountId":"123456789012" } ] }

列出憑證標籤 (ListTagsForCertificate)

下列 CloudTrail 範例顯示呼叫 ListTagsForCertificate 的結果API。

注意

ListTagsForCertificate 操作的 CloudTrail 日誌不會顯示您的標籤。您可以使用 主控台、 AWS Command Line Interface或 ListTagsForCertificate 來檢視標籤清單API。

{ "Records":[ { "eventVersion":"1.04", "userIdentity":{ "type":"IAMUser", "principalId":"AIDACKCEVSQ6C2EXAMPLE", "arn":"arn:aws:iam::123456789012:user/Alice", "accountId":"123456789012", "accessKeyId":"AKIAIOSFODNN7EXAMPLE", "userName":"Alice" }, "eventTime":"2016-04-06T13:30:11Z", "eventSource":"acm.amazonaws.com", "eventName":"ListTagsForCertificate", "awsRegion":"us-east-1", "sourceIPAddress":"192.0.2.0", "userAgent":"aws-cli/1.10.16", "requestParameters":{ "certificateArn":"arn:aws:acm:us-east-1:123456789012:certificate/12345678-1234-1234-1234-123456789012" }, "responseElements":null, "requestID":"b010767f-fbfb-11e5-b596-79e9a97a2544", "eventID":"32181be6-a4a0-48d3-8014-c0d972b5163b", "eventType":"AwsApiCall", "recipientAccountId":"123456789012" } ] }

從憑證移除標籤 (RemoveTagsFromCertificate)

下列 CloudTrail 範例顯示呼叫 RemoveTagsFromCertificate 的結果API。

{ "Records":[ { "eventVersion":"1.04", "userIdentity":{ "type":"IAMUser", "principalId":"AIDACKCEVSQ6C2EXAMPLE", "arn":"arn:aws:iam::123456789012:user/Alice", "accountId":"123456789012", "accessKeyId":"AKIAIOSFODNN7EXAMPLE", "userName":"Alice" }, "eventTime":"2016-04-06T14:10:01Z", "eventSource":"acm.amazonaws.com", "eventName":"RemoveTagsFromCertificate", "awsRegion":"us-east-1", "sourceIPAddress":"192.0.2.0", "userAgent":"aws-cli/1.10.16", "requestParameters":{ "certificateArn":"arn:aws:acm:us-east-1:123456789012:certificate/12345678-1234-1234-1234-123456789012", "tags":[ { "value":"Bob", "key":"Admin" } ] }, "responseElements":null, "requestID":"40ded461-fc01-11e5-a747-85804766d6c9", "eventID":"0cfa142e-ef74-4b21-9515-47197780c424", "eventType":"AwsApiCall", "recipientAccountId":"123456789012" } ] }

請求憑證 (RequestCertificate)

下列 CloudTrail 範例顯示呼叫 RequestCertificate 的結果API。

{ "Records":[ { "eventVersion":"1.04", "userIdentity":{ "type":"IAMUser", "principalId":"AIDACKCEVSQ6C2EXAMPLE", "arn":"arn:aws:iam::123456789012:user/Alice", "accountId":"123456789012", "accessKeyId":"AKIAIOSFODNN7EXAMPLE", "userName":"Alice" }, "eventTime":"2016-03-18T00:00:49Z", "eventSource":"acm.amazonaws.com", "eventName":"RequestCertificate", "awsRegion":"us-east-1", "sourceIPAddress":"192.0.2.0", "userAgent":"aws-cli/1.9.15", "requestParameters":{ "subjectAlternativeNames":[ "example.net" ], "domainName":"example.com", "domainValidationOptions":[ { "domainName":"example.com", "validationDomain":"example.com" }, { "domainName":"example.net", "validationDomain":"example.net" } ], "idempotencyToken":"8186023d89681c3ad5" }, "responseElements":{ "certificateArn":"arn:aws:acm:us-east-1:123456789012:certificate/12345678-1234-1234-1234-123456789012" }, "requestID":"77dacef3-ec9c-11e5-ac34-d1e4dfe1a11b", "eventID":"a4954cdb-8f38-44c7-8927-a38ad4be3ac8", "eventType":"AwsApiCall", "recipientAccountId":"123456789012" } ] }

重新傳送驗證電子郵件 (ResendValidationEmail)

下列 CloudTrail 範例顯示呼叫 ResendValidationEmail 的結果API。

{ "Records":[ { "eventVersion":"1.04", "userIdentity":{ "type":"IAMUser", "principalId":"AIDACKCEVSQ6C2EXAMPLE", "arn":"arn:aws:iam::123456789012:user/Alice", "accountId":"123456789012", "accessKeyId":"AKIAIOSFODNN7EXAMPLE", "userName":"Alice" }, "eventTime":"2016-03-17T23:58:25Z", "eventSource":"acm.amazonaws.com", "eventName":"ResendValidationEmail", "awsRegion":"us-east-1", "sourceIPAddress":"192.0.2.0", "userAgent":"aws-cli/1.9.15", "requestParameters":{ "domain":"example.com", "certificateArn":"arn:aws:acm:us-east-1:123456789012:certificate/12345678-1234-1234-1234-123456789012", "validationDomain":"example.com" }, "responseElements":null, "requestID":"23760b88-ec9c-11e5-b6f4-cb861a6f0a28", "eventID":"41c11b06-ca91-4c1c-8c61-af349ea8bab8", "eventType":"AwsApiCall", "recipientAccountId":"123456789012" } ] }

擷取憑證 (GetCertificate)

下列 CloudTrail 範例顯示呼叫 GetCertificate 的結果API。

{ "Records":[ { "eventVersion":"1.04", "userIdentity":{ "type":"IAMUser", "principalId":"AIDACKCEVSQ6C2EXAMPLE", "arn":"arn:aws:iam::123456789012:user/Alice", "accountId":"123456789012", "accessKeyId":"AKIAIOSFODNN7EXAMPLE", "userName":"Alice" }, "eventTime":"2016-03-18T00:00:41Z", "eventSource":"acm.amazonaws.com", "eventName":"GetCertificate", "awsRegion":"us-east-1", "sourceIPAddress":"192.0.2.0", "userAgent":"aws-cli/1.9.15", "requestParameters":{ "certificateArn":"arn:aws:acm:us-east-1:123456789012:certificate/12345678-1234-1234-1234-123456789012" }, "responseElements":{ "certificateChain": "-----BEGIN CERTIFICATE----- Base64-encoded certificate chain -----END CERTIFICATE-----", "certificate": "-----BEGIN CERTIFICATE----- Base64-encoded certificate -----END CERTIFICATE-----" }, "requestID":"744dd891-ec9c-11e5-ac34-d1e4dfe1a11b", "eventID":"7aa4f909-00dd-478a-9a00-b2709bcad2bb", "eventType":"AwsApiCall", "recipientAccountId":"123456789012" } ] }
隱私權網站條款Cookie 偏好設定
© 2025, Amazon Web Services, Inc.或其附屬公司。保留所有權利。