GetParametersForImport
The following example shows an Amazon CloudTrail log entry generated when you use the GetParametersForImport
operation. This operation returns the public key and import token that you use when
importing key material into a KMS key. The same CloudTrail entry is recorded when you use the
GetParametersForImport
operation or use the Amazon KMS console to download the public key and import
token.
{ "eventVersion": "1.05", "userIdentity": { "type": "IAMUser", "principalId": "EX_PRINCIPAL_ID", "arn": "arn:aws:iam::111122223333:user/Alice", "accountId": "111122223333", "accessKeyId": "EXAMPLE_KEY_ID", "userName": "Alice" }, "eventTime": "2020-07-25T23:58:23Z", "eventSource": "kms.amazonaws.com", "eventName": "GetParametersForImport", "awsRegion": "us-west-2", "sourceIPAddress": "192.0.2.0", "userAgent": "Amazon Internal", "requestParameters": { "keyId": "1234abcd-12ab-34cd-56ef-1234567890ab", "wrappingAlgorithm": "RSAES_OAEP_SHA_256", "wrappingKeySpec": "RSA_2048" }, "responseElements": null, "requestID": "b5786406-e3c7-43d6-8d3c-6d5ef96e2278", "eventID": "4023e622-0c3e-4324-bdef-7f58193bba87", "readOnly": true, "resources": [ { "accountId": "111122223333", "type": "AWS::KMS::Key", "ARN": "arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab" } ], "eventType": "AwsApiCall", "recipientAccountId": "111122223333" }