本文属于机器翻译版本。若本译文内容与英语原文存在差异，则一律以英文原文为准。

# UpdatePrimaryRegion
<a name="ct-update-primary-region"></a>

以下示例显示了通过对[多区域密钥](multi-region-keys-overview.md)调用[UpdatePrimaryRegion](https://docs.amazonaws.cn/kms/latest/APIReference/API_UpdatePrimaryRegion.html)操作生成的 Amazon CloudTrail 日志条目。

该`UpdatePrimaryRegion`操作写入两个 CloudTrail 日志条目：一个在区域中，多区域主键已转换为副本密钥，另一个在区域中，多区域副本密钥已转换为主键。

CloudTrail 2022 年 12 月或之后记录的此操作的日志条目在`responseElements.keyId`值中包含受影响 KMS 密钥的密钥 ARN，即使此操作不返回密钥 ARN。

以下示例显示了多区域密钥从主键更改为副本密钥 (us-west-2) 的区域`UpdatePrimaryRegion`中的 CloudTrail 日志条目。`primaryRegion` 字段显示了现在托管主键的区域 (ap-northeast-1)。

```
{
    "eventVersion": "1.08",
    "userIdentity": {
            "type": "IAMUser",
            "principalId": "EX_PRINCIPAL_ID",
            "arn": "arn:aws:iam::111122223333:user/Alice",
            "accountId": "111122223333",
            "accessKeyId": "EXAMPLE_KEY_ID",
            "userName": "Alice"
    },
    "eventTime": "2021-03-10T20:23:37Z",
    "eventSource": "kms.amazonaws.com",
    "eventName": "UpdatePrimaryRegion",
    "awsRegion": "us-west-2",
    "sourceIPAddress": "192.0.2.0",
    "userAgent": "AWS Internal",
    "requestParameters": {
        "keyId": "mrk-1234abcd12ab34cd56ef1234567890ab",
        "primaryRegion": "ap-northeast-1"
    },
    "responseElements": {
        "keyId":"arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab"
    },    
    "requestID": "ee408f36-ea01-422b-ac14-b0f147c68334",
    "eventID": "3c4226b0-1e81-48a8-a333-7fa5f3cbd118",
    "readOnly": false,
    "resources": [
        {
            "accountId": "111122223333",
            "type": "AWS::KMS::Key",
            "ARN": "arn:aws:kms:us-west-2:111122223333:key/mrk-1234abcd12ab34cd56ef1234567890ab"
        }
    ],
    "eventType": "AwsApiCall",
    "managementEvent": true,
    "eventCategory": "Management",
    "recipientAccountId": "111122223333"
}
```

以下示例表示该区域的 CloudTrail 日志条目，其中多区域密钥从副本密钥更改为`UpdatePrimaryRegion`主键 (ap-northeast-1)。此日志条目没有标识以前的主要区域。

```
{
    "eventVersion": "1.08",
    "userIdentity": {
            "type": "IAMUser",
            "principalId": "EX_PRINCIPAL_ID",
            "arn": "arn:aws:iam::111122223333:user/Alice",
            "accountId": "111122223333",
            "accessKeyId": "EXAMPLE_KEY_ID",
            "userName": "Alice",
            "invokedBy": "kms.amazonaws.com"
    },
    "eventTime": "2021-03-10T20:23:37Z",
    "eventSource": "kms.amazonaws.com",
    "eventName": "UpdatePrimaryRegion",
    "awsRegion": "ap-northeast-1",
    "sourceIPAddress": "192.0.2.0",
    "userAgent": "AWS Internal",
    "requestParameters": {
        "keyId": "arn:aws:kms:ap-northeast-1:111122223333:key/mrk-1234abcd12ab34cd56ef1234567890ab",
        "primaryRegion": "ap-northeast-1"
    },
    "responseElements": {
        "keyId":"arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab"
    },
    "requestID": "ee408f36-ea01-422b-ac14-b0f147c68334",
    "eventID": "091e6be5-737f-43c6-8431-e3679d6d0619",
    "readOnly": false,    
    "eventType": "AwsApiCall",
    "managementEvent": true,
    "eventCategory": "Management",
    "recipientAccountId": "111122223333"
}
```