Les traductions sont fournies par des outils de traduction automatique. En cas de conflit entre le contenu d'une traduction et celui de la version originale en anglais, la version anglaise prévaudra.
ReplicateKey
L'exemple suivant montre une entrée de journal AWS CloudTrail générée en appelant l'opération ReplicateKey. Une ReplicateKey demande entraîne une ReplicateKey opération et une CreateKeyopération.
Pour plus d'informations sur la réplication de clés multi-région, veuillez consulter Création de clés de réplica multi-région.
{ "eventVersion": "1.08", "userIdentity": { "type": "IAMUser", "principalId": "EX_PRINCIPAL_ID", "arn": "arn:aws:iam::111122223333:user/Alice", "accountId": "111122223333", "accessKeyId": "EXAMPLE_KEY_ID", "userName": "Alice" }, "eventTime": "2020-11-18T01:29:18Z", "eventSource": "kms.amazonaws.com", "eventName": "ReplicateKey", "awsRegion": "us-east-1", "sourceIPAddress": "192.0.2.0", "userAgent": "AWS Internal", "requestParameters": { "keyId": "1234abcd-12ab-34cd-56ef-1234567890ab", "replicaRegion": "us-west-2", "bypassPolicyLockoutSafetyCheck": false, "description": "" }, "responseElements": { "replicaKeyMetadata": { "aWSAccountId": "111122223333", "keyId": "1234abcd-12ab-34cd-56ef-1234567890ab", "arn": "arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab", "creationDate": "Nov 18, 2020, 1:29:18 AM", "enabled": false, "description": "", "keyUsage": "ENCRYPT_DECRYPT", "keyState": "Creating", "origin": "AWS_KMS", "keyManager": "CUSTOMER", "keySpec": "SYMMETRIC_DEFAULT", "customerMasterKeySpec": "SYMMETRIC_DEFAULT", "encryptionAlgorithms": [ "SYMMETRIC_DEFAULT" ], "multiRegion": true, "multiRegionConfiguration": { "multiRegionKeyType": "REPLICA", "primaryKey": { "arn": "arn:aws:kms:us-east-1:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab", "region": "us-east-1" }, "replicaKeys": [ { "arn": "arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab", "region": "us-west-2" } ] } }, "replicaPolicy": "{\n \"Version\":\"2012-10-17\",\n \"Statement\":[{\n \"Effect\":\"Allow\",\n \"Principal\":{\"AWS\":\"arn:aws:iam::123456789012:user/Alice\"},\n \"Action\":\"kms:*\",\n \"Resource\":\"*\"\n }, {\n \"Effect\":\"Allow\",\n \"Principal\":{\"AWS\":\"arn:aws:iam::012345678901:user/Bob\"},\n \"Action\":\"kms:CreateGrant\",\n \"Resource\":\"*\"\n }, {\n \"Effect\":\"Allow\",\n \"Principal\":{\"AWS\":\"arn:aws:iam::012345678901:user/Charlie\"},\n \"Action\":\"kms:Encrypt\",\n \"Resource\":\"*\"\n}]\n}", }, "requestID": "abcdef68-63bc-11e4-bc2b-4198b6150d5c", "eventID": "fedcba44-6773-4f96-8763-1993aec9ae6a", "readOnly": false, "resources": [ { "accountId": "111122223333", "type": "AWS::KMS::Key", "ARN": "arn:aws:kms:us-east-1:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab" } ], "eventType": "AwsApiCall", "managementEvent": true, "recipientAccountId": "111122223333", "eventCategory": "Management" }
