# Amazon S3 和 S3 on Outposts 的 CloudTrail 日志文件条目
**重要**
Amazon S3 现在将具有 Amazon S3 托管密钥的服务器端加密(SSE-S3)作为 Amazon S3 中每个存储桶的基本加密级别。从 2023 年 1 月 5 日起,上传到 Amazon S3 的所有新对象都将自动加密,不会产生额外费用,也不会影响性能。S3 存储桶默认加密配置和上传的新对象的自动加密状态可在 CloudTrail 日志、S3 清单、S3 Storage Lens 存储统计管理工具和 Amazon S3 控制台中查看,并可用作 Amazon CLI 和 Amazon SDK 中的附加 Amazon S3 API 响应标头。有关更多信息,请参阅[默认加密常见问题解答](https://docs.amazonaws.cn/AmazonS3/latest/userguide/default-encryption-faq.html)。
一个事件表示一个来自任何源的请求,包括有关所请求的 API 操作、操作的日期和时间、请求参数等方面的信息。CloudTrail 日志文件不是公用 API 调用的有序堆栈跟踪,因此事件不会按任何特定顺序显示。
**注意**
要查看 Amazon S3 Express One Zone 存储类的 CloudTrail 日志文件示例,请参阅 [CloudTrail log file examples for S3 Express One Zone](https://docs.amazonaws.cn/AmazonS3/latest/userguide/s3-express-log-files.html)。
有关更多信息,请参阅以下示例。
**Topics**
+ [示例:Amazon S3 的 CloudTrail 日志文件条目](#example-ct-log-s3)
## 示例:Amazon S3 的 CloudTrail 日志文件条目
下面的示例显示一个 CloudTrail 日志条目,该条目演示了 [GET 服务](https://docs.amazonaws.cn/AmazonS3/latest/API/RESTServiceGET.html)、[https://docs.amazonaws.cn/AmazonS3/latest/API/RESTBucketPUTacl.html](https://docs.amazonaws.cn/AmazonS3/latest/API/RESTBucketPUTacl.html) 和 [https://docs.amazonaws.cn/AmazonS3/latest/API/RESTBucketGETversioningStatus.html](https://docs.amazonaws.cn/AmazonS3/latest/API/RESTBucketGETversioningStatus.html) 操作。
```
{
"Records": [
{
"eventVersion": "1.03",
"userIdentity": {
"type": "IAMUser",
"principalId": "{{111122223333}}",
"arn": "arn:aws:iam::111122223333:user/{{myUserName}}",
"accountId": "{{111122223333}}",
"accessKeyId": "{{AKIAIOSFODNN7EXAMPLE}}",
"userName": "{{myUserName}}"
},
"eventTime": "2019-02-01T03:18:19Z",
"eventSource": "s3.amazonaws.com",
"eventName": "ListBuckets",
"awsRegion": "{{us-west-2}}",
"sourceIPAddress": "{{127.0.0.1}}",
"userAgent": "[]",
"requestParameters": {
"host": [
"s3.{{us-west-2}}.amazonaws.com"
]
},
"responseElements": null,
"additionalEventData": {
"SignatureVersion": "SigV2",
"AuthenticationMethod": "QueryString",
"aclRequired": "Yes"
},
"requestID": "47B8E8D397DCE7A6",
"eventID": "cdc4b7ed-e171-4cef-975a-ad829d4123e8",
"eventType": "AwsApiCall",
"recipientAccountId": "{{444455556666}}",
"tlsDetails": {
"tlsVersion": "TLSv1.2",
"cipherSuite": "ECDHE-RSA-AES128-GCM-SHA256",
"clientProvidedHostHeader": "s3.amazonaws.com"
}
},
{
"eventVersion": "1.03",
"userIdentity": {
"type": "IAMUser",
"principalId": "{{111122223333}}",
"arn": "arn:aws:iam::{{111122223333}}:user/{{myUserName}}",
"accountId": "{{111122223333}}",
"accessKeyId": "{{AKIAIOSFODNN7EXAMPLE}}",
"userName": "{{myUserName}}"
},
"eventTime": "2019-02-01T03:22:33Z",
"eventSource": "s3.amazonaws.com",
"eventName": "PutBucketAcl",
"awsRegion": "{{us-west-2}}",
"sourceIPAddress": "",
"userAgent": "[]",
"requestParameters": {
"bucketName": "",
"AccessControlPolicy": {
"AccessControlList": {
"Grant": {
"Grantee": {
"xsi:type": "CanonicalUser",
"xmlns:xsi": "http://www.w3.org/2001/XMLSchema-instance",
"ID": "d25639fbe9c19cd30a4c0f43fbf00e2d3f96400a9aa8dabfbbebe1906Example"
},
"Permission": "FULL_CONTROL"
}
},
"xmlns": "http://s3.amazonaws.com/doc/2006-03-01/",
"Owner": {
"ID": "d25639fbe9c19cd30a4c0f43fbf00e2d3f96400a9aa8dabfbbebe1906Example"
}
},
"host": [
"s3.{{us-west-2}}.amazonaws.com"
],
"acl": [
""
]
},
"responseElements": null,
"additionalEventData": {
"SignatureVersion": "SigV4",
"CipherSuite": "ECDHE-RSA-AES128-SHA",
"AuthenticationMethod": "AuthHeader"
},
"requestID": "BD8798EACDD16751",
"eventID": "607b9532-1423-41c7-b048-ec2641693c47",
"eventType": "AwsApiCall",
"recipientAccountId": "{{111122223333}}",
"tlsDetails": {
"tlsVersion": "TLSv1.2",
"cipherSuite": "ECDHE-RSA-AES128-GCM-SHA256",
"clientProvidedHostHeader": "s3.amazonaws.com"
}
},
{
"eventVersion": "1.03",
"userIdentity": {
"type": "IAMUser",
"principalId": "{{111122223333}}",
"arn": "arn:aws:iam::{{111122223333}}:user/{{myUserName}}",
"accountId": "{{111122223333}}",
"accessKeyId": "{{AKIAIOSFODNN7EXAMPLE}}",
"userName": "{{myUserName}}"
},
"eventTime": "2019-02-01T03:26:37Z",
"eventSource": "s3.amazonaws.com",
"eventName": "GetBucketVersioning",
"awsRegion": "{{us-west-2}}",
"sourceIPAddress": "",
"userAgent": "[]",
"requestParameters": {
"host": [
"s3.u{{s-west-2}}.amazonaws.com"
],
"bucketName": "{{amzn-s3-demo-bucket1}}",
"versioning": [
""
]
},
"responseElements": null,
"additionalEventData": {
"SignatureVersion": "SigV4",
"CipherSuite": "ECDHE-RSA-AES128-SHA",
"AuthenticationMethod": "AuthHeader"
},
"requestID": "07D681279BD94AED",
"eventID": "f2b287f3-0df1-4961-a2f4-c4bdfed47657",
"eventType": "AwsApiCall",
"recipientAccountId": "{{111122223333}}",
"tlsDetails": {
"tlsVersion": "TLSv1.2",
"cipherSuite": "ECDHE-RSA-AES128-GCM-SHA256",
"clientProvidedHostHeader": "s3.amazonaws.com"
}
}
]
}
```