本文属于机器翻译版本。若本译文内容与英语原文存在差异,则一律以英文原文为准。
CreateAlias
以下示例显示了该CreateAlias操作的Amazon CloudTrail日志条目。resources 元素包含别名和 KMS 密钥资源的字段。有关在 Amazon KMS 中创建别名的信息,请参阅 创建别名。
CloudTrail 2022 年 12 月或之后记录的此操作的日志条目在responseElements.keyId值中包含受影响 KMS 密钥的密钥 ARN,即使此操作不返回密钥 ARN。
{ "eventVersion": "1.08", "userIdentity": { "type": "IAMUser", "principalId": "EX_PRINCIPAL_ID", "arn": "arn:aws:iam::111122223333:user/Alice", "accountId": "111122223333", "accessKeyId": "EXAMPLE_KEY_ID", "userName": "Alice" }, "eventTime": "2022-08-14T23:08:31Z", "eventSource": "kms.amazonaws.com", "eventName": "CreateAlias", "awsRegion": "us-west-2", "sourceIPAddress": "192.0.2.0", "userAgent": "Amazon Internal", "requestParameters": { "aliasName": "alias/ExampleAlias", "targetKeyId": "1234abcd-12ab-34cd-56ef-1234567890ab" }, "responseElements": { "keyId":"arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab" }, "requestID": "caec1e0c-ce03-419e-bdab-6ab1f7c57c01", "eventID": "2dd6e784-8286-46a6-befd-d64e5a02fb28", "readOnly": false, "resources": [ { "accountId": "111122223333", "type": "AWS::KMS::Key", "ARN": "arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab" }, { "accountId": "111122223333", "type": "AWS::KMS::Key", "ARN": "arn:aws:kms:us-west-2:111122223333:alias/ExampleAlias" } ], "eventType": "AwsApiCall", "managementEvent": true, "recipientAccountId": "111122223333", "eventCategory": "Management" }