日本熟妇hd丰满老熟妇,中文字幕一区二区三区在线不卡 ,亚洲成片在线观看,免费女同在线一区二区

操作審計支持查詢阿里云STS(Security Token Service)相關(guān)事件。您可以快速查詢STS事件并獲取事件發(fā)生的時間、地域、臨時身份等信息。本文為您舉例說明STS相關(guān)事件。

RAM用戶通過控制臺調(diào)用STS切換角色身份

以下示例表示,在北京時間2021年08月05日15:59:47,RAM用戶Alice調(diào)用AssumeRole接口通過扮演阿里云賬號127812487797****下的cna-manager-test-role角色獲取了一個臨時身份。

{
  "eventId": "FC410992-13D4-5D33-89A7-D8F4100CEE6B",
  "eventVersion": 1,
  "responseElements": {
    "RequestId": "FC410992-13D4-5D33-89A7-D8F4100CEE6B",
    "AssumedRoleUser": {
      "Arn": "acs:ram::127812487797****:role/cna-manager-test-role/169074",
      "AssumedRoleId": "33618118978621****:169074"
    },
    "Credentials": {
      "AccessKeyId": "STS.NUQ79dzjpMPxYesi1YY5U****",
      "AccessKeySecret": "gS09k8a8fDwwgR0ey9IeCFuNfr****",
      "Expiration": "2021-08-05T08:59:47Z"
    }
  },
  "eventSource": "sts.aliyuncs.com",
  "requestParameters": {
    "AcsHost": "sts.aliyuncs.com",
    "AcsProduct": "Sts",
    "RequestId": "FC410992-13D4-5D33-89A7-D8F4100CEE6B",
    "RoleSessionName": 169074,
    "RegionId": "cn-hangzhou",
    "HostId": "sts.aliyuncs.com",
    "RoleArn": "acs:ram::127812487797****:role/cna-manager-test-role"
  },
  "sourceIpAddress": "192.168.XX.XX",
  "userAgent": "AlibabaCloud (Linux; amd64) Java/1.8.0_152-b187 Core/4.5.17 HTTPClient/ApacheHttpClient",
  "eventType": "ApiCall",
  "referencedResources": {
    "ACS::RAM::AccessKey": [
      "STS.NUQ79dzjpMPxYesi1YY5U****"
    ]
  },
  "userIdentity": {
    "sessionContext": {
      "attributes": {
        "mfaAuthenticated": "false",
        "creationDate": "2021-08-05T07:59:46Z"
      }
    },
    "accountId": "146411043369****",
    "principalId": "21336811218169****",
    "type": "ram-user",
    "userName": "Alice"
  },
  "serviceName": "Sts",
  "additionalEventData": {
    "Scheme": "https",
    "CallerBid": "26842"
  },
  "apiVersion": "2015-04-01",
  "requestId": "FC410992-13D4-5D33-89A7-D8F4100CEE6B",
  "eventTime": "2021-08-05T07:59:47Z",
  "isGlobal": false,
  "acsRegion": "cn-hangzhou",
  "eventName": "AssumeRole"
}

示例中關(guān)鍵字段含義如下:

  • userIdentity.type:請求者的身份類型。取值為ram-user,表示RAM用戶。

  • userIdentity.userName:請求者的RAM用戶名稱。

  • serviceName:事件相關(guān)的阿里云服務(wù)名稱。取值為Sts,表示STS。

  • eventName:事件名稱。取值為AssumeRole,表示獲取一個扮演該角色的臨時身份,此處RAM用戶扮演的是受信實體為阿里云賬號類型的RAM角色。

  • requestParameters.RoleArn:扮演角色的ARN信息。取值為acs:ram::127812487797****:role/cna-manager-test-role127812487797****表示角色所屬的阿里云賬號ID,cna-manager-test-role表示角色名稱。

  • referencedResources:事件影響的資源列表。取值為{"ACS::RAM::AccessKey": ["STS.NUQ79dzjpMPxYesi1YY5U****"]},表示扮演角色獲取的臨時身份憑證STS.NUQ79dzjpMPxYesi1YY5U****

  • eventTime:事件發(fā)生的時間(UTC格式)。取值為2021-08-05T07:59:47Z,表示北京時間2021年08月05日15:59:47。

RAM用戶通過調(diào)用SDK獲取臨時訪問令牌

以下示例表示,在北京時間2021年08月05日16:03:31,RAM用戶Alice調(diào)用AssumeRole接口通過扮演阿里云賬號193875730500****下的aliyunosstokengeneratorrole角色獲取了一個臨時身份。

{
  "eventId": "B936D2EE-05DC-5AC1-9163-48F0DE28B963",
  "eventVersion": 1,
  "responseElements": {
    "RequestId": "B936D2EE-05DC-5AC1-9163-48F0DE28B963",
    "AssumedRoleUser": {
      "Arn": "acs:ram::193875730500****:role/aliyunosstokengeneratorrole/X5wpmS6EgkM080aE0Kym****",
      "AssumedRoleId": "30815480203992****:X5wpmS6EgkM080aE0Kym****"
    },
    "Credentials": {
      "AccessKeyId": "STS.NTobFuYYn6EBxAVhC18ta****",
      "AccessKeySecret": "gS09k8a8fDwwgR0ey9IeCFuNfr****",
      "Expiration": "2021-08-05T09:03:31Z"
    }
  },
  "eventSource": "sts.cn-hangzhou.aliyuncs.com",
  "requestParameters": {
    "Policy": {
      "Version": "1",
      "Statement": [
        {
          "Condition": {},
          "Action": [
            "oss:PutObject"
          ],
          "Resource": [
            "acs:oss:*:*:taowo/image/disucss/2021/8/5/xNodqHMtGkX9arNrAkrz4d****/*",
            "acs:oss:*:*:taowo/video/disucss/2021/8/5/xNodqHMtGkX9arNrAkrz4d****/*",
            "acs:oss:*:*:taowo/sound/disucss/2021/8/5/xNodqHMtGkX9arNrAkrz4d****/*"
          ],
          "Effect": "Allow"
        }
      ]
    },
    "AcsHost": "sts.cn-hangzhou.aliyuncs.com",
    "AcsProduct": "Sts",
    "RequestId": "B936D2EE-05DC-5AC1-9163-48F0DE28B963",
    "RoleSessionName": "X5wpmS6EgkM080aE0Kym****",
    "Region": "cn-hangzhou",
    "SignatureType": "",
    "RegionId": "cn-hangzhou",
    "HostId": "sts.cn-hangzhou.aliyuncs.com",
    "RoleArn": "acs:ram::193875730500****:role/aliyunosstokengeneratorrole"
  },
  "sourceIpAddress": "192.168.XX.XX",
  "userAgent": "AlibabaCloud (Linux 3.10.0-1127.19.1.el7.x86_64;x86_64) Python/3.8.8 Core/2.13.32 python-requests/2.18.3",
  "eventType": "ApiCall",
  "referencedResources": {
    "ACS::RAM::AccessKey": [
      "STS.NTobFuYYn6EBxAVhC18ta****"
    ]
  },
  "userIdentity": {
    "accessKeyId": "LTAI2jP0BF0f****",
    "sessionContext": {
      "attributes": {
        "mfaAuthenticated": "false",
        "creationDate": "2021-08-05T08:03:31Z"
      }
    },
    "accountId": "193875730500****",
    "principalId": "21365465900895****",
    "type": "ram-user",
    "userName": "Alice"
  },
  "serviceName": "Sts",
  "additionalEventData": {
    "Scheme": "https",
    "CallerBid": "26842"
  },
  "apiVersion": "2015-04-01",
  "requestId": "B936D2EE-05DC-5AC1-9163-48F0DE28B963",
  "eventTime": "2021-08-05T08:03:31Z",
  "isGlobal": false,
  "acsRegion": "cn-hangzhou",
  "eventName": "AssumeRole"
}

示例中關(guān)鍵字段含義如下:

  • userIdentity.accessKeyId:發(fā)起API調(diào)用的AccessKey ID。取值為LTAI2jP0BF0f****

  • userIdentity.principalId:AK所屬的賬號ID。取值為21365465900895****

  • userIdentity.type:請求者的身份類型。取值為ram-user,表示RAM用戶。

  • serviceName:事件相關(guān)的阿里云服務(wù)名稱。取值為Sts,表示STS。

  • eventName:事件名稱。取值為AssumeRole,表示獲取一個扮演該角色的臨時身份,此處RAM用戶扮演的是受信實體為阿里云賬號類型的RAM角色。

  • requestParameters.RoleArn:扮演角色的ARN信息。取值為acs:ram::193875730500****:role/aliyunosstokengeneratorrole193875730500****表示角色所屬的阿里云賬號ID,aliyunosstokengeneratorrole表示角色名稱。

  • referencedResources:事件影響的資源列表。取值為{"ACS::RAM::AccessKey": ["STS.NTobFuYYn6EBxAVhC18ta****"]},表示扮演角色獲取的臨時身份憑證為test@example.onaliyun.com

  • eventTime:事件發(fā)生的時間(UTC格式)。取值為2021-08-05T08:03:31Z,表示北京時間2021年08月05日16:03:31。

企業(yè)用戶通過角色SSO獲取阿里云角色身份

以下示例表示,在北京時間2021年08月05日16:04:56,企業(yè)用戶Alice調(diào)用AssumeRoleWithSAML接口通過角色SSO扮演189186630579****賬號下的cruisetestrole角色獲取了一個臨時身份。

{
  "eventId": "66FDD0F9-3546-567A-8964-2BD734198356",
  "eventVersion": 1,
  "responseElements": {
    "RequestId": "66FDD0F9-3546-567A-8964-2BD734198356",
    "SAMLAssertionInfo": {
      "SubjectType": "transient",
      "Issuer": "https://testidp/saml",
      "Recipient": "https://signin.aliyun.com/saml-role/sso",
      "Subject": "Alice"
    },
    "AssumedRoleUser": {
      "Arn": "acs:ram::189186630579****:role/cruisetestrole/cruisetest",
      "AssumedRoleId": "37924473051351****:cruisetest"
    },
    "Credentials": {
      "AccessKeyId": "STS.NUTNKhGR8BR3QL9sJkSHp****",
      "AccessKeySecret": "gS09k8a8fDwwgR0ey9IeCFuNfr****",
      "Expiration": "2021-08-05T09:04:56Z"
    }
  },
  "eventSource": "sts.aliyuncs.com",
  "requestParameters": {
    "AcsHost": "sts.aliyuncs.com",
    "SAMLAssertion": "***",
    "AcsProduct": "Sts",
    "RequestId": "66FDD0F9-3546-567A-8964-2BD734198356",
    "DurationSeconds": 3600,
    "HostId": "sts.aliyuncs.com",
    "SAMLProviderArn": "acs:ram::189186630579****:saml-provider/mockedIdp",
    "RoleArn": "acs:ram::189186630579****:role/cruisetestrole"
  },
  "sourceIpAddress": "192.168.XX.XX",
  "userAgent": "Jakarta Commons-HttpClient/3.1",
  "eventType": "ApiCall",
  "referencedResources": {
    "ACS::RAM::AccessKey": [
      "STS.NUTNKhGR8BR3QL9sJkSHp****"
    ]
  },
  "userIdentity": {
    "accountId": "189186630579****",
    "samlProviderName": "mockedIdp",
    "type": "saml-user",
    "userName": "Alice",
    "samlIssuer": "https://testidp/saml"
  },
  "serviceName": "Sts",
  "additionalEventData": {
    "Scheme": "https",
    "CallerBid": "26842"
  },
  "apiVersion": "2015-04-01",
  "requestId": "66FDD0F9-3546-567A-8964-2BD734198356",
  "eventTime": "2021-08-05T08:04:56Z",
  "isGlobal": false,
  "acsRegion": "cn-shanghai",
  "eventName": "AssumeRoleWithSAML"
}

示例中關(guān)鍵字段含義如下:

  • userIdentity.type:請求者的身份類型。取值為saml-user,表示企業(yè)自有身份的用戶。

  • userIdentity.userName:發(fā)起角色SSO的企業(yè)用戶的用戶名。

  • requestParameters.RoleArn:扮演角色的ARN信息。取值為cs:ram::189186630579****:role/cruisetestrole189186630579****表示角色所屬的阿里云賬號ID,cruisetestrole表示角色名稱。

  • referencedResources:事件影響的資源列表。取值為{"ACS::RAM::AccessKey": ["STS.NUTNKhGR8BR3QL9sJkSHp****"]},表示扮演角色獲取的臨時身份憑證為STS.NUTNKhGR8BR3QL9sJkSHp****

  • serviceName:事件相關(guān)的阿里云服務(wù)名稱。取值為Sts,表示STS。

  • eventName:事件名稱。取值為AssumeRoleWithSAML,表示通過角色SSO獲取阿里云角色身份。

  • eventTime:事件發(fā)生的時間(UTC格式)。取值為2021-08-05T08:04:56Z,表示北京時間2021年08月05日16:04:56。