SynchronizeMultiRegionKey - Amazon Key Management Service
Amazon Web Services 文档中描述的 Amazon Web Services 服务或功能可能因区域而异。要查看适用于中国区域的差异,请参阅中国的 Amazon Web Services 服务入门

SynchronizeMultiRegionKey

以下示例显示了 Amazon KMS 同步多区域密钥时生成的一个 Amazon CloudTrail 日志条目。同步涉及将多区域主密钥的共享属性复制到其副本密钥的跨区域调用。Amazon KMS 会定期同步多区域密钥,以确保所有相关的多区域密钥具有相同的密钥材料。

CloudTrail 日志条目的 resources 元素包含多区域主密钥的密钥 ARN,包括其 Amazon Web Services 区域。此日志条目中未列出相关的多区域副本密钥及其区域。

{ "eventVersion": "1.08", "userIdentity": { "accountId": "111122223333", "invokedBy": "AWS Internal" }, "eventTime": "2020-11-18T02:04:37Z", "eventSource": "kms.amazonaws.com", "eventName": "SynchronizeMultiRegionKey", "awsRegion": "us-west-2", "sourceIPAddress": "AWS Internal", "userAgent": "AWS Internal", "requestParameters": null, "responseElements": null, "requestID": "12345681-de97-42e9-bed0-b02ae1abd8dc", "eventID": "abcdec99-2b5c-4670-9521-ddb8f031e146", "readOnly": false, "resources": [ { "accountId": "111122223333", "type": "AWS::KMS::Key", "ARN": "arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab" } ], "eventType": "AwsApiCall", "managementEvent": true, "recipientAccountId": "111122223333", "eventCategory": "Management" }