使用记录亚马逊的ECR操作 Amazon CloudTrail - Amazon ECR
Amazon Web Services 文档中描述的 Amazon Web Services 服务或功能可能因区域而异。要查看适用于中国区域的差异,请参阅 中国的 Amazon Web Services 服务入门 (PDF)

本文属于机器翻译版本。若本译文内容与英语原文存在差异,则一律以英文原文为准。

使用记录亚马逊的ECR操作 Amazon CloudTrail

ECRAmazon 与 Amazon CloudTrail一项服务集成,该服务可记录用户、角色或 Amazon 服务在亚马逊中执行的操作ECR。 CloudTrail 将以下 Amazon ECR 操作捕获为事件:

  • 所有API通话,包括来自 Amazon ECR 控制台的电话

  • 由于存储库上的加密设置而采取的所有操作

  • 由于生命周期策略规则而采取的所有操作,包括成功和不成功的操作

    重要

    由于单个 CloudTrail 事件的大小限制,对于 10 张或更多图像过期的生命周期策略操作,Amazon ECR 会向发送多个事件 CloudTrail。此外,Amazon 每张图片最多ECR包含 100 个标签。

创建跟踪后,您可以允许将 CloudTrail 事件持续传输到 Amazon S3 存储桶,包括针对亚马逊的事件ECR。如果您未配置跟踪,您仍然可以在 CloudTrail 控制台的 “事件历史记录” 中查看最新的事件。利用这些信息,您可以确定向 Amazon 发出的请求ECR、来源 IP 地址、谁提出请求、何时提出请求以及其他详细信息。

有关更多信息,请参阅 用户指南。Amazon CloudTrail

中的亚马逊ECR信息 CloudTrail

CloudTrail 在您创建 Amazon 账户时已在您的账户上启用。当 Amazon 中发生活动时ECR,该活动会与其他 Amazon 服务 CloudTrail 事件一起记录在事件历史记录中。您可以在自己的 Amazon 账户中查看、搜索和下载最近发生的事件。有关更多信息,请参阅使用事件历史记录查看 CloudTrail 事件

要持续记录您的 Amazon 账户中的事件,包括亚马逊的事件ECR,请创建跟踪。跟踪允许 CloudTrail 将日志文件传输到 Amazon S3 存储桶。在控制台中创建跟踪时,您可以将跟踪应用到单个区域或所有区域。跟踪记录 Amazon 分区中的事件,并将日志文件传送到您指定的 Amazon S3 存储桶。此外,您可以配置其他 Amazon 服务来分析和处理 CloudTrail 日志中收集的事件数据。有关更多信息,请参阅:

所有亚马逊ECRAPI操作均由《亚马逊弹性容器注册表API参考》记录 CloudTrail 并记录在案。执行常见任务时,会在 CloudTrail 日志文件中为该任务中的每个API操作生成部分。例如,当您创建存储库时 GetAuthorizationTokenCreateRepository,会在 CloudTrail 日志文件中生成SetRepositoryPolicy章节。当您将某个镜像推送到存储库中时,则将生成 InitiateLayerUploadUploadLayerPartCompleteLayerUploadPutImage 部分。当您提取镜像时,则将生成 GetDownloadUrlForLayerBatchGetImage 部分。时间 OCI 支持以下内容的客户 OCI 1.1 specification 使用反向链接获取图像的反向链接或引用工件列表API,则ListImageReferrers CloudTrail 会触发一个事件。有关这些常见任务的示例,请参阅 CloudTrail 日志条目示例

每个事件或日记账条目都包含有关生成请求的人员信息。身份信息有助于您确定以下内容:

  • 请求是使用根用户凭证还是 用户凭证发出的

  • 请求是使用角色还是联合用户的临时安全凭证发出的

  • 请求是否由其他 Amazon 服务发出

有关更多信息,请参阅CloudTrailuserIdentity元素

了解 Amazon ECR 日志文件条目

跟踪是一种配置,允许将事件作为日志文件传输到您指定的 Amazon S3 存储桶。 CloudTrail 日志文件包含一个或多个日志条目。事件代表来自任何来源的单个请求,包括有关所请求操作的信息、操作的日期和时间、请求参数以及其他信息。 CloudTrail 日志文件不是公共API调用的有序堆栈跟踪,因此它们不会按任何特定的顺序出现。

CloudTrail 日志条目示例

以下是一些常见的 Amazon ECR 任务的 CloudTrail 日志条目示例。

为提高可读性,这些示例已进行格式化处理。在 CloudTrail 日志文件中,所有条目和事件都连接成一行。此外,此示例仅限于单个 Amazon ECR 条目。在真实的 CloudTrail 日志文件中,您可以看到来自多个 Amazon 服务的条目和事件。

重要

sourceIPAddress是发出请求的 IP 地址。对于源自服务控制台的操作,报告的地址针对的是基础资源而不是控制台 Web 服务器。对于中的服务 Amazon,仅显示DNS名称。即使已编辑到 Amazon 服务DNS名称,我们仍会使用客户端源 IP 来评估身份验证。

示例:创建存储库操作

以下示例显示了演示该CreateRepository操作的 CloudTrail 日志条目。

{ "eventVersion": "1.04", "userIdentity": { "type": "AssumedRole", "principalId": "AIDACKCEVSQ6C2EXAMPLE:account_name", "arn": "arn:aws:sts::123456789012:user/Mary_Major", "accountId": "123456789012", "accessKeyId": "AKIAIOSFODNN7EXAMPLE", "sessionContext": { "attributes": { "mfaAuthenticated": "false", "creationDate": "2018-07-11T21:54:07Z" }, "sessionIssuer": { "type": "Role", "principalId": "AIDACKCEVSQ6C2EXAMPLE", "arn": "arn:aws:iam::123456789012:role/Admin", "accountId": "123456789012", "userName": "Admin" } } }, "eventTime": "2018-07-11T22:17:43Z", "eventSource": "ecr.amazonaws.com", "eventName": "CreateRepository", "awsRegion": "us-east-2", "sourceIPAddress": "203.0.113.12", "userAgent": "console.amazonaws.com", "requestParameters": { "repositoryName": "testrepo" }, "responseElements": { "repository": { "repositoryArn": "arn:aws:ecr:us-east-2:123456789012:repository/testrepo", "repositoryName": "testrepo", "repositoryUri": "123456789012.dkr.ecr.us-east-2.amazonaws.com/testrepo", "createdAt": "Jul 11, 2018 10:17:44 PM", "registryId": "123456789012" } }, "requestID": "cb8c167e-EXAMPLE", "eventID": "e3c6f4ce-EXAMPLE", "resources": [ { "ARN": "arn:aws:ecr:us-east-2:123456789012:repository/testrepo", "accountId": "123456789012" } ], "eventType": "AwsApiCall", "recipientAccountId": "123456789012" }

示例:创建 Amazon ECR 存储库时的 Amazon KMS CreateGrant API操作

以下示例显示了一个 CloudTrail 日志条目,该条目演示了创建启用KMS加密的 Amazon ECR 存储库时的 Amazon KMS CreateGrant 操作。对于每个启用了KMS加密功能的存储库,您应该会在中看到两个 CreateGrant 日志条目 CloudTrail。

{ "eventVersion": "1.05", "userIdentity": { "type": "IAMUser", "principalId": "AIDAIEP6W46J43IG7LXAQ", "arn": "arn:aws:iam::123456789012:user/Mary_Major", "accountId": "123456789012", "accessKeyId": "AKIAIOSFODNN7EXAMPLE", "userName": "Mary_Major", "sessionContext": { "sessionIssuer": { }, "webIdFederationData": { }, "attributes": { "mfaAuthenticated": "false", "creationDate": "2020-06-10T19:22:10Z" } }, "invokedBy": "AWS Internal" }, "eventTime": "2020-06-10T19:22:10Z", "eventSource": "kms.amazonaws.com", "eventName": "CreateGrant", "awsRegion": "us-west-2", "sourceIPAddress": "203.0.113.12", "userAgent": "console.amazonaws.com", "requestParameters": { "keyId": "4b55e5bf-39c8-41ad-b589-18464af7758a", "granteePrincipal": "ecr.us-west-2.amazonaws.com", "operations": [ "GenerateDataKey", "Decrypt" ], "retiringPrincipal": "ecr.us-west-2.amazonaws.com", "constraints": { "encryptionContextSubset": { "aws:ecr:arn": "arn:aws:ecr:us-west-2:123456789012:repository/testrepo" } } }, "responseElements": { "grantId": "3636af9adfee1accb67b83941087dcd45e7fadc4e74ff0103bb338422b5055f3" }, "requestID": "047b7dea-b56b-4013-87e9-a089f0f6602b", "eventID": "af4c9573-c56a-4886-baca-a77526544469", "readOnly": false, "resources": [ { "accountId": "123456789012", "type": "AWS::KMS::Key", "ARN": "arn:aws:kms:us-west-2:123456789012:key/4b55e5bf-39c8-41ad-b589-18464af7758a" } ], "eventType": "AwsApiCall", "recipientAccountId": "123456789012" }

示例:镜像推送操作

以下示例显示了一个 CloudTrail 日志条目,该条目演示了使用该PutImage操作的图像推送。

注意

推送图像时,您还将在 CloudTrail 日志中看到InitiateLayerUploadUploadLayerPart、和CompleteLayerUpload引用。

{ "eventVersion": "1.04", "userIdentity": { "type": "IAMUser", "principalId": "AIDACKCEVSQ6C2EXAMPLE:account_name", "arn": "arn:aws:sts::123456789012:user/Mary_Major", "accountId": "123456789012", "accessKeyId": "AKIAIOSFODNN7EXAMPLE", "userName": "Mary_Major", "sessionContext": { "attributes": { "mfaAuthenticated": "false", "creationDate": "2019-04-15T16:42:14Z" } } }, "eventTime": "2019-04-15T16:45:00Z", "eventSource": "ecr.amazonaws.com", "eventName": "PutImage", "awsRegion": "us-east-2", "sourceIPAddress": "Amazon Internal", "userAgent": "Amazon Internal", "requestParameters": { "repositoryName": "testrepo", "imageTag": "latest", "registryId": "123456789012", "imageManifest": "{\n \"schemaVersion\": 2,\n \"mediaType\": \"application/vnd.docker.distribution.manifest.v2+json\",\n \"config\": {\n \"mediaType\": \"application/vnd.docker.container.image.v1+json\",\n \"size\": 5543,\n \"digest\": \"sha256:000b9b805af1cdb60628898c9f411996301a1c13afd3dbef1d8a16ac6dbf503a\"\n },\n \"layers\": [\n {\n \"mediaType\": \"application/vnd.docker.image.rootfs.diff.tar.gzip\",\n \"size\": 43252507,\n \"digest\": \"sha256:3b37166ec61459e76e33282dda08f2a9cd698ca7e3d6bc44e6a6e7580cdeff8e\"\n },\n {\n \"mediaType\": \"application/vnd.docker.image.rootfs.diff.tar.gzip\",\n \"size\": 846,\n \"digest\": \"sha256:504facff238fde83f1ca8f9f54520b4219c5b8f80be9616ddc52d31448a044bd\"\n },\n {\n \"mediaType\": \"application/vnd.docker.image.rootfs.diff.tar.gzip\",\n \"size\": 615,\n \"digest\": \"sha256:ebbcacd28e101968415b0c812b2d2dc60f969e36b0b08c073bf796e12b1bb449\"\n },\n {\n \"mediaType\": \"application/vnd.docker.image.rootfs.diff.tar.gzip\",\n \"size\": 850,\n \"digest\": \"sha256:c7fb3351ecad291a88b92b600037e2435c84a347683d540042086fe72c902b8a\"\n },\n {\n \"mediaType\": \"application/vnd.docker.image.rootfs.diff.tar.gzip\",\n \"size\": 168,\n \"digest\": \"sha256:2e3debadcbf7e542e2aefbce1b64a358b1931fb403b3e4aeca27cb4d809d56c2\"\n },\n {\n \"mediaType\": \"application/vnd.docker.image.rootfs.diff.tar.gzip\",\n \"size\": 37720774,\n \"digest\": \"sha256:f8c9f51ad524d8ae9bf4db69cd3e720ba92373ec265f5c390ffb21bb0c277941\"\n },\n {\n \"mediaType\": \"application/vnd.docker.image.rootfs.diff.tar.gzip\",\n \"size\": 30432107,\n \"digest\": \"sha256:813a50b13f61cf1f8d25f19fa96ad3aa5b552896c83e86ce413b48b091d7f01b\"\n },\n {\n \"mediaType\": \"application/vnd.docker.image.rootfs.diff.tar.gzip\",\n \"size\": 197,\n \"digest\": \"sha256:7ab043301a6187ea3293d80b30ba06c7bf1a0c3cd4c43d10353b31bc0cecfe7d\"\n },\n {\n \"mediaType\": \"application/vnd.docker.image.rootfs.diff.tar.gzip\",\n \"size\": 154,\n \"digest\": \"sha256:67012cca8f31dc3b8ee2305e7762fee20c250513effdedb38a1c37784a5a2e71\"\n },\n {\n \"mediaType\": \"application/vnd.docker.image.rootfs.diff.tar.gzip\",\n \"size\": 176,\n \"digest\": \"sha256:3bc892145603fffc9b1c97c94e2985b4cb19ca508750b15845a5d97becbd1a0e\"\n },\n {\n \"mediaType\": \"application/vnd.docker.image.rootfs.diff.tar.gzip\",\n \"size\": 183,\n \"digest\": \"sha256:6f1c79518f18251d35977e7e46bfa6c6b9cf50df2a79d4194941d95c54258d18\"\n },\n {\n \"mediaType\": \"application/vnd.docker.image.rootfs.diff.tar.gzip\",\n \"size\": 212,\n \"digest\": \"sha256:b7bcfbc2e2888afebede4dd1cd5eebf029bb6315feeaf0b56e425e11a50afe42\"\n },\n {\n \"mediaType\": \"application/vnd.docker.image.rootfs.diff.tar.gzip\",\n \"size\": 212,\n \"digest\": \"sha256:2b220f8b0f32b7c2ed8eaafe1c802633bbd94849b9ab73926f0ba46cdae91629\"\n }\n ]\n}" }, "responseElements": { "image": { "repositoryName": "testrepo", "imageManifest": "{\n \"schemaVersion\": 2,\n \"mediaType\": \"application/vnd.docker.distribution.manifest.v2+json\",\n \"config\": {\n \"mediaType\": \"application/vnd.docker.container.image.v1+json\",\n \"size\": 5543,\n \"digest\": \"sha256:000b9b805af1cdb60628898c9f411996301a1c13afd3dbef1d8a16ac6dbf503a\"\n },\n \"layers\": [\n {\n \"mediaType\": \"application/vnd.docker.image.rootfs.diff.tar.gzip\",\n \"size\": 43252507,\n \"digest\": \"sha256:3b37166ec61459e76e33282dda08f2a9cd698ca7e3d6bc44e6a6e7580cdeff8e\"\n },\n {\n \"mediaType\": \"application/vnd.docker.image.rootfs.diff.tar.gzip\",\n \"size\": 846,\n \"digest\": \"sha256:504facff238fde83f1ca8f9f54520b4219c5b8f80be9616ddc52d31448a044bd\"\n },\n {\n \"mediaType\": \"application/vnd.docker.image.rootfs.diff.tar.gzip\",\n \"size\": 615,\n \"digest\": \"sha256:ebbcacd28e101968415b0c812b2d2dc60f969e36b0b08c073bf796e12b1bb449\"\n },\n {\n \"mediaType\": \"application/vnd.docker.image.rootfs.diff.tar.gzip\",\n \"size\": 850,\n \"digest\": \"sha256:c7fb3351ecad291a88b92b600037e2435c84a347683d540042086fe72c902b8a\"\n },\n {\n \"mediaType\": \"application/vnd.docker.image.rootfs.diff.tar.gzip\",\n \"size\": 168,\n \"digest\": \"sha256:2e3debadcbf7e542e2aefbce1b64a358b1931fb403b3e4aeca27cb4d809d56c2\"\n },\n {\n \"mediaType\": \"application/vnd.docker.image.rootfs.diff.tar.gzip\",\n \"size\": 37720774,\n \"digest\": \"sha256:f8c9f51ad524d8ae9bf4db69cd3e720ba92373ec265f5c390ffb21bb0c277941\"\n },\n {\n \"mediaType\": \"application/vnd.docker.image.rootfs.diff.tar.gzip\",\n \"size\": 30432107,\n \"digest\": \"sha256:813a50b13f61cf1f8d25f19fa96ad3aa5b552896c83e86ce413b48b091d7f01b\"\n },\n {\n \"mediaType\": \"application/vnd.docker.image.rootfs.diff.tar.gzip\",\n \"size\": 197,\n \"digest\": \"sha256:7ab043301a6187ea3293d80b30ba06c7bf1a0c3cd4c43d10353b31bc0cecfe7d\"\n },\n {\n \"mediaType\": \"application/vnd.docker.image.rootfs.diff.tar.gzip\",\n \"size\": 154,\n \"digest\": \"sha256:67012cca8f31dc3b8ee2305e7762fee20c250513effdedb38a1c37784a5a2e71\"\n },\n {\n \"mediaType\": \"application/vnd.docker.image.rootfs.diff.tar.gzip\",\n \"size\": 176,\n \"digest\": \"sha256:3bc892145603fffc9b1c97c94e2985b4cb19ca508750b15845a5d97becbd1a0e\"\n },\n {\n \"mediaType\": \"application/vnd.docker.image.rootfs.diff.tar.gzip\",\n \"size\": 183,\n \"digest\": \"sha256:6f1c79518f18251d35977e7e46bfa6c6b9cf50df2a79d4194941d95c54258d18\"\n },\n {\n \"mediaType\": \"application/vnd.docker.image.rootfs.diff.tar.gzip\",\n \"size\": 212,\n \"digest\": \"sha256:b7bcfbc2e2888afebede4dd1cd5eebf029bb6315feeaf0b56e425e11a50afe42\"\n },\n {\n \"mediaType\": \"application/vnd.docker.image.rootfs.diff.tar.gzip\",\n \"size\": 212,\n \"digest\": \"sha256:2b220f8b0f32b7c2ed8eaafe1c802633bbd94849b9ab73926f0ba46cdae91629\"\n }\n ]\n}", "registryId": "123456789012", "imageId": { "imageDigest": "sha256:98c8b060c21d9adbb6b8c41b916e95e6307102786973ab93a41e8b86d1fc6d3e", "imageTag": "latest" } } }, "requestID": "cf044b7d-5f9d-11e9-9b2a-95983139cc57", "eventID": "2bfd4ee2-2178-4a82-a27d-b12939923f0f", "resources": [{ "ARN": "arn:aws:ecr:us-east-2:123456789012:repository/testrepo", "accountId": "123456789012" }], "eventType": "AwsApiCall", "recipientAccountId": "123456789012" }

示例:镜像提取操作

以下示例显示了一个 CloudTrail 日志条目,该条目演示了使用该BatchGetImage操作的图像拉取。

注意

拉取图像时,如果您在本地还没有该图像,则还会在 CloudTrail 日志中看到GetDownloadUrlForLayer引用。

{ "eventVersion": "1.04", "userIdentity": { "type": "IAMUser", "principalId": "AIDACKCEVSQ6C2EXAMPLE:account_name", "arn": "arn:aws:sts::123456789012:user/Mary_Major", "accountId": "123456789012", "accessKeyId": "AKIAIOSFODNN7EXAMPLE", "userName": "Mary_Major", "sessionContext": { "attributes": { "mfaAuthenticated": "false", "creationDate": "2019-04-15T16:42:14Z" } } }, "eventTime": "2019-04-15T17:23:20Z", "eventSource": "ecr.amazonaws.com", "eventName": "BatchGetImage", "awsRegion": "us-east-2", "sourceIPAddress": "ecr.amazonaws.com", "userAgent": "ecr.amazonaws.com", "requestParameters": { "imageIds": [{ "imageTag": "latest" }], "acceptedMediaTypes": [ "application/json", "application/vnd.oci.image.manifest.v1+json", "application/vnd.oci.image.index.v1+json", "application/vnd.docker.distribution.manifest.v2+json", "application/vnd.docker.distribution.manifest.list.v2+json", "application/vnd.docker.distribution.manifest.v1+prettyjws" ], "repositoryName": "testrepo", "registryId": "123456789012" }, "responseElements": null, "requestID": "2a1b97ee-5fa3-11e9-a8cd-cd2391aeda93", "eventID": "c84f5880-c2f9-4585-9757-28fa5c1065df", "resources": [{ "ARN": "arn:aws:ecr:us-east-2:123456789012:repository/testrepo", "accountId": "123456789012" }], "eventType": "AwsApiCall", "recipientAccountId": "123456789012" }

示例:镜像生命周期策略操作

以下示例显示了一个 CloudTrail 日志条目,该条目演示了图像何时因生命周期策略规则而过期。可通过筛选事件名称字段的 PolicyExecutionEvent 来定位此事件类型。

重要

由于单个 CloudTrail 事件的大小限制,对于 10 张或更多图像过期的生命周期策略操作,Amazon ECR 会向发送多个事件 CloudTrail。此外,Amazon 每张图片最多ECR包含 100 个标签。

{ "eventVersion": "1.05", "userIdentity": { "accountId": "123456789012", "invokedBy": "AWS Internal" }, "eventTime": "2020-03-12T20:22:12Z", "eventSource": "ecr.amazonaws.com", "eventName": "PolicyExecutionEvent", "awsRegion": "us-west-2", "sourceIPAddress": "AWS Internal", "userAgent": "AWS Internal", "requestParameters": null, "responseElements": null, "eventID": "9354dd7f-9aac-4e9d-956d-12561a4923aa", "readOnly": true, "resources": [ { "ARN": "arn:aws:ecr:us-west-2:123456789012:repository/testrepo", "accountId": "123456789012", "type": "AWS::ECR::Repository" } ], "eventType": "AwsServiceEvent", "recipientAccountId": "123456789012", "serviceEventDetails": { "repositoryName": "testrepo", "lifecycleEventPolicy": { "lifecycleEventRules": [ { "rulePriority": 1, "description": "remove all images > 2", "lifecycleEventSelection": { "tagStatus": "Any", "tagPrefixList": [], "countType": "Image count more than", "countNumber": 2 }, "action": "expire" } ], "lastEvaluatedAt": 0, "policyVersion": 1, "policyId": "ceb86829-58e7-9498-920c-aa042e33037b" }, "lifecycleEventImageActions": [ { "lifecycleEventImage": { "digest": "sha256:ddba4d27a7ffc3f86dd6c2f92041af252a1f23a8e742c90e6e1297bfa1bc0c45", "tagStatus": "Tagged", "tagList": [ "alpine" ], "pushedAt": 1584042813000 }, "rulePriority": 1 }, { "lifecycleEventImage": { "digest": "sha256:6ab380c5a5acf71c1b6660d645d2cd79cc8ce91b38e0352cbf9561e050427baf", "tagStatus": "Tagged", "tagList": [ "centos" ], "pushedAt": 1584042842000 }, "rulePriority": 1 } ] } }

示例:映像引用站点操作

以下示例显示了一个 Amazon CloudTrail 日志条目,该条目演示了何时 OCI 1.1 合规客户端使用获取图片的反向链接或参考工件列表。Referrers API

{ "eventVersion": "1.08", "userIdentity": { "type": "AssumedRole", "principalId": "AIDACKCEVSQ6C2EXAMPLE:account_name", "arn": "arn:aws:sts::123456789012:user/Mary_Major", "accountId": "123456789012", "accessKeyId": "AKIAIOSFODNN7EXAMPLE", "sessionContext": { "sessionIssuer": { "type": "Role", "principalId": "AIDACKCEVSQ6C2EXAMPLE", "arn": "arn:aws:iam::123456789012:role/Admin", "accountId": "123456789012", "userName": "Admin" }, "webIdFederationData": {}, "attributes": { "creationDate": "2024-10-08T16:38:39Z", "mfaAuthenticated": "false" }, "ec2RoleDelivery": "2.0" }, "invokedBy": "ecr.amazonaws.com" }, "eventTime": "2024-10-08T17:22:51Z", "eventSource": "ecr.amazonaws.com", "eventName": "ListImageReferrers", "awsRegion": "us-east-2", "sourceIPAddress": "ecr.amazonaws.com", "userAgent": "ecr.amazonaws.com", "requestParameters": { "registryId": "123456789012", "repositoryName": "testrepo", "subjectId": { "imageDigest": "sha256:000b9b805af1cdb60628898c9f411996301a1c13afd3dbef1d8a16ac6dbf503a" }, "nextToken": "urD72mdD/mC8b5-EXAMPLE" }, "responseElements": null, "requestID": "cb8c167e-EXAMPLE", "eventID": "e3c6f4ce-EXAMPLE", "readOnly": true, "resources": [ { "accountId": "123456789012", "ARN": "arn:aws:ecr:us-east-2:123456789012:repository/testrepo" } ], "eventType": "AwsApiCall", "managementEvent": true, "recipientAccountId": "123456789012", "eventCategory": "Management" }