本文為英文版的機器翻譯版本,如內容有任何歧義或不一致之處,概以英文版為準。
CloudTrail Outposts 上 Amazon S3 和 S3 的日誌文件條目
重要
Amazon S3 現在將伺服器端加密與 Amazon S3 受管金鑰 (SSE-S3) 套用為 Amazon S3 中每個儲存貯體的基本加密層級。從 2023 年 1 月 5 日起,所有上傳到 Amazon S3 的新物件都會自動加密,無需額外費用,也不會影響效能。S3 儲存貯體預設加密組態和新物件上傳的自動加密狀態可在 AWS CloudTrail 日誌、S3 庫存、S3 儲存鏡頭、Amazon S3 主控台中使用,以及作為和 AWS 開發套件中的額外 Amazon S3 API 回應標頭。 AWS Command Line Interface 如需詳細資訊,請參閱預設加密常見問答集。
事件代表來自任何來源的單一請求,並包括有關請求的 API 操作,操作的日期和時間,請求參數等信息。 CloudTrail 日誌文件不是公共 API 調用的有序堆棧跟踪,因此事件不會以任何特定順序顯示。
如需詳細資訊,請參閱下列範例。
範例:Amazon S3 的 CloudTrail 日誌檔項目
下列範例顯示示範 GETService、PutBucketAcl和GetBucketVersioning動作的 CloudTrail 記錄項目。
{ "Records": [ { "eventVersion": "1.03", "userIdentity": { "type": "IAMUser", "principalId": "111122223333", "arn": "arn:aws:iam::111122223333:user/myUserName", "accountId": "111122223333", "accessKeyId": "AKIAIOSFODNN7EXAMPLE", "userName": "myUserName" }, "eventTime": "2019-02-01T03:18:19Z", "eventSource": "s3.amazonaws.com", "eventName": "ListBuckets", "awsRegion": "us-west-2", "sourceIPAddress": "127.0.0.1", "userAgent": "[]", "requestParameters": { "host": [ "s3.us-west-2.amazonaws.com" ] }, "responseElements": null, "additionalEventData": { "SignatureVersion": "SigV2", "AuthenticationMethod": "QueryString", "aclRequired": "Yes" }, "requestID": "47B8E8D397DCE7A6", "eventID": "cdc4b7ed-e171-4cef-975a-ad829d4123e8", "eventType": "AwsApiCall", "recipientAccountId": "444455556666", "tlsDetails": { "tlsVersion": "TLSv1.2", "cipherSuite": "ECDHE-RSA-AES128-GCM-SHA256", "clientProvidedHostHeader": "s3.amazonaws.com" } }, { "eventVersion": "1.03", "userIdentity": { "type": "IAMUser", "principalId": "111122223333", "arn": "arn:aws:iam::111122223333:user/myUserName", "accountId": "111122223333", "accessKeyId": "AKIAIOSFODNN7EXAMPLE", "userName": "myUserName" }, "eventTime": "2019-02-01T03:22:33Z", "eventSource": "s3.amazonaws.com", "eventName": "PutBucketAcl", "awsRegion": "us-west-2", "sourceIPAddress": "", "userAgent": "[]", "requestParameters": { "bucketName": "", "AccessControlPolicy": { "AccessControlList": { "Grant": { "Grantee": { "xsi:type": "CanonicalUser", "xmlns:xsi": "http://www.w3.org/2001/XMLSchema-instance", "ID": "d25639fbe9c19cd30a4c0f43fbf00e2d3f96400a9aa8dabfbbebe1906Example" }, "Permission": "FULL_CONTROL" } }, "xmlns": "http://s3.amazonaws.com/doc/2006-03-01/", "Owner": { "ID": "d25639fbe9c19cd30a4c0f43fbf00e2d3f96400a9aa8dabfbbebe1906Example" } }, "host": [ "s3.us-west-2.amazonaws.com" ], "acl": [ "" ] }, "responseElements": null, "additionalEventData": { "SignatureVersion": "SigV4", "CipherSuite": "ECDHE-RSA-AES128-SHA", "AuthenticationMethod": "AuthHeader" }, "requestID": "BD8798EACDD16751", "eventID": "607b9532-1423-41c7-b048-ec2641693c47", "eventType": "AwsApiCall", "recipientAccountId": "111122223333", "tlsDetails": { "tlsVersion": "TLSv1.2", "cipherSuite": "ECDHE-RSA-AES128-GCM-SHA256", "clientProvidedHostHeader": "s3.amazonaws.com" } }, { "eventVersion": "1.03", "userIdentity": { "type": "IAMUser", "principalId": "111122223333", "arn": "arn:aws:iam::111122223333:user/myUserName", "accountId": "111122223333", "accessKeyId": "AKIAIOSFODNN7EXAMPLE", "userName": "myUserName" }, "eventTime": "2019-02-01T03:26:37Z", "eventSource": "s3.amazonaws.com", "eventName": "GetBucketVersioning", "awsRegion": "us-west-2", "sourceIPAddress": "", "userAgent": "[]", "requestParameters": { "host": [ "s3.us-west-2.amazonaws.com" ], "bucketName": "DOC-EXAMPLE-BUCKET1", "versioning": [ "" ] }, "responseElements": null, "additionalEventData": { "SignatureVersion": "SigV4", "CipherSuite": "ECDHE-RSA-AES128-SHA", "AuthenticationMethod": "AuthHeader" }, "requestID": "07D681279BD94AED", "eventID": "f2b287f3-0df1-4961-a2f4-c4bdfed47657", "eventType": "AwsApiCall", "recipientAccountId": "111122223333", "tlsDetails": { "tlsVersion": "TLSv1.2", "cipherSuite": "ECDHE-RSA-AES128-GCM-SHA256", "clientProvidedHostHeader": "s3.amazonaws.com" } } ] }
範例:Amazon S3 on Outposts 日誌檔項目
Outposts 上的 Amazon S3 管理事件可透過 AWS CloudTrail。如需詳細資訊,請參閱 使用記錄 Amazon S3 API 呼叫 AWS CloudTrail。此外,您可以選擇為 AWS CloudTrail中的資料事件啟用日誌記錄功能。
追蹤是一種組態,能讓事件以日誌檔案的形式交付至您所指定區域的 S3 儲存貯體中。 CloudTrail Outposts 值區的記錄包含新欄位edgeDeviceDetails,可識別指定值區所在的 Outpost。
其他記錄欄位包括請求的動作、動作的日期和時間,以及請求參數。 CloudTrail 日誌文件不是公共 API 調用的有序堆棧跟踪,因此它們不會以任何特定順序顯示。
下列範例顯示示範上PutObject動作的 CloudTrail 記錄項目s3-outposts。
{ "eventVersion": "1.08", "userIdentity": { "type": "IAMUser", "principalId": "111122223333", "arn": "arn:aws:iam::111122223333:user/yourUserName", "accountId": "222222222222", "accessKeyId": "AKIAIOSFODNN7EXAMPLE", "userName": "yourUserName" }, "eventTime": "2020-11-30T15:44:33Z", "eventSource": "s3-outposts.amazonaws.com", "eventName": "PutObject", "awsRegion": "us-east-1", "sourceIPAddress": "26.29.66.20", "userAgent": "aws-cli/1.18.39 Python/3.4.10 Darwin/18.7.0 botocore/1.15.39", "requestParameters": { "expires": "Wed, 21 Oct 2020 07:28:00 GMT", "Content-Language": "english", "x-amz-server-side-encryption-customer-key-MD5": "wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY", "ObjectCannedACL": "BucketOwnerFullControl", "x-amz-server-side-encryption": "Aes256", "Content-Encoding": "gzip", "Content-Length": "10", "Cache-Control": "no-cache", "Content-Type": "text/html; charset=UTF-8", "Content-Disposition": "attachment", "Content-MD5": "je7MtGbClwBF/2Zp9Utk/h3yCo8nvbEXAMPLEKEY", "x-amz-storage-class": "Outposts", "x-amz-server-side-encryption-customer-algorithm": "Aes256", "bucketName": "", "Key": "path/upload.sh" }, "responseElements": { "x-amz-server-side-encryption-customer-key-MD5": "DOC-EXAMPLE-BUCKET1wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY", "x-amz-server-side-encryption": "Aes256", "x-amz-version-id": "001", "x-amz-server-side-encryption-customer-algorithm": "Aes256", "ETag": "d41d8cd98f00b204e9800998ecf8427f" }, "additionalEventData": { "CipherSuite": "ECDHE-RSA-AES128-SHA", "bytesTransferredIn": 10, "x-amz-id-2": "29xXQBV2O+xOHKItvzY1suLv1i6A52E0zOX159fpfsItYd58JhXwKxXAXI4IQkp6", "SignatureVersion": "SigV4", "bytesTransferredOut": 20, "AuthenticationMethod": "AuthHeader" }, "requestID": "8E96D972160306FA", "eventID": "ee3b4e0c-ab12-459b-9998-0a5a6f2e4015", "readOnly": false, "resources": [ { "accountId": "222222222222", "type": "AWS::S3Outposts::Object", "ARN": "arn:aws:s3-outposts:us-east-1:YYY:outpost/op-01ac5d28a6a232904/bucket/path/upload.sh" }, { "accountId": "222222222222", "type": "AWS::S3Outposts::Bucket", "ARN": "arn:aws:s3-outposts:us-east-1:YYY:outpost/op-01ac5d28a6a232904/bucket/" } ], "eventType": "AwsApiCall", "managementEvent": false, "recipientAccountId": "444455556666", "sharedEventID": "02759a4c-c040-4758-b84b-7cbaaf17747a", "edgeDeviceDetails": { "type": "outposts", "deviceId": "op-01ac5d28a6a232904" }, "eventCategory": "Data" }
