本文為英文版的機器翻譯版本,如內容有任何歧義或不一致之處,概以英文版為準。
# 使用 AWS CloudTrail 適用於 S3 資料表的 進行記錄
Amazon S3 已與 服務整合 AWS CloudTrail,此服務可提供使用者、角色或服務所採取動作的記錄 AWS 。CloudTrail 會將 Amazon S3 的所有 API 呼叫當做事件來擷取。您可以利用 CloudTrail 所收集的資訊來判斷向 Amazon S3 發出的請求,以及發出請求的 IP 位址、時間和其他詳細資訊。Amazon S3 中發生支援的事件活動時,該活動會記錄在 CloudTrail 事件中。您可以使用 AWS CloudTrail 線索記錄 S3 Tables 的管理事件和資料事件。如需詳細資訊,請參閱《AWS CloudTrail使用者指南》**中的 [Amazon S3 CloudTrail 事件](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html)和[什麼是 AWS CloudTrail?](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-user-guide.html)。
## S3 Tables 的 CloudTrail 管理事件
管理事件提供對 AWS 帳戶中資源執行的管理操作的相關資訊。
CloudTrail 預設會記錄 S3 Tables 的管理事件。S3 Tables 的 CloudTrail 管理事件 `eventsource` 為 ` s3tables.amazonaws.com`。當您設定 AWS 帳戶時,預設會啟用 CloudTrail 管理事件。CloudTrail 會追蹤下列 API 動作,並將其記錄為管理事件。
+ [https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3TableBuckets_CreateNamespace.html](https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3TableBuckets_CreateNamespace.html)
+ [https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3TableBuckets_CreateTable.html](https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3TableBuckets_CreateTable.html)
+ [https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3TableBuckets_CreateTableBucket.html](https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3TableBuckets_CreateTableBucket.html)
+ [https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3TableBuckets_DeleteNamespace.html](https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3TableBuckets_DeleteNamespace.html)
+ [https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3TableBuckets_DeleteTable.html](https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3TableBuckets_DeleteTable.html)
+ [https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3TableBuckets_DeleteTableBucket.html](https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3TableBuckets_DeleteTableBucket.html)
+ [https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3TableBuckets_DeleteTableBucketPolicy.html](https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3TableBuckets_DeleteTableBucketPolicy.html)
+ [https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3TableBuckets_DeleteTablePolicy.html](https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3TableBuckets_DeleteTablePolicy.html)
+ [https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3TableBuckets_GetNamespace.html](https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3TableBuckets_GetNamespace.html)
+ [https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3TableBuckets_GetTable.html](https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3TableBuckets_GetTable.html)
+ [https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3TableBuckets_GetTableBucket.html](https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3TableBuckets_GetTableBucket.html)
+ [https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3TableBuckets_GetTableBucketMaintenanceConfiguration.html](https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3TableBuckets_GetTableBucketMaintenanceConfiguration.html)
+ [https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3TableBuckets_GetTableBucketPolicy.html](https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3TableBuckets_GetTableBucketPolicy.html)
+ [https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3TableBuckets_GetTableMaintenanceConfiguration.html](https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3TableBuckets_GetTableMaintenanceConfiguration.html)
+ [https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3TableBuckets_GetTableMaintenanceJobStatus.html](https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3TableBuckets_GetTableMaintenanceJobStatus.html)
+ [https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3TableBuckets_GetTableMetadataLocation.html](https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3TableBuckets_GetTableMetadataLocation.html)
+ [https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3TableBuckets_GetTablePolicy.html](https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3TableBuckets_GetTablePolicy.html)
+ [https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3TableBuckets_ListNamespaces.html](https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3TableBuckets_ListNamespaces.html)
+ [https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3TableBuckets_ListTableBuckets.html](https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3TableBuckets_ListTableBuckets.html)
+ [https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3TableBuckets_ListTables.html](https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3TableBuckets_ListTables.html)
+ [https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3TableBuckets_PutTableBucketMaintenanceConfiguration.html](https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3TableBuckets_PutTableBucketMaintenanceConfiguration.html)
+ [https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3TableBuckets_PutTableMaintenanceConfiguration.html](https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3TableBuckets_PutTableMaintenanceConfiguration.html)
+ [https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3TableBuckets_PutBucketPolicy.html](https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3TableBuckets_PutBucketPolicy.html)
+ [https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3TableBuckets_PutTablePolicy.html](https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3TableBuckets_PutTablePolicy.html)
+ [https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3TableBuckets_RenameTable.html](https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3TableBuckets_RenameTable.html)
+ [https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3TableBuckets_UpdateTableMetadataLocation.html](https://docs.aws.amazon.com/AmazonS3/latest/API/API_s3TableBuckets_UpdateTableMetadataLocation.html)
如需 CloudTrail 管理事件的詳細資訊,請參閱《AWS CloudTrail 使用者指南》**中的[記錄管理事件](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-management-events-with-cloudtrail.html)。
## 適用於 S3 Tables 維護的 CloudTrail 管理事件
S3 會將自動維護操作記錄為 CloudTrail 中的 `TablesMaintenanceEvent` 管理事件。這些事件會在壓縮和快照過期等操作期間發生。如需有關 S3 資料表維護的詳細資訊,請參閱 [資料表的維護](s3-tables-maintenance.md)。
### 如何識別維護事件
您可以透過這些屬性值,在 CloudTrail 日誌中識別 S3 Tables 維護事件:
+ `eventSource: s3tables.amazonaws.com`
+ `eventType: AwsServiceEvent`
+ `eventName: TablesMaintenanceEvent`
+ `userAgent: maintenance.s3tables.amazonaws.com`
+ `activityType:`
+ `IcebergCompaction` (用於壓縮)
+ `IcebergSnapshotManagement` (用於快照過期)
如需壓縮維護事件的範例,請參閱 [範例 – 資料表維護管理事件的 CloudTrail 日誌檔案](s3-tables-log-files.md#example-ct-log-s3tables-3)。
## S3 Tables 的 CloudTrail 資料事件
資料事件可提供對資源執行或在資源內執行之資源操作的相關資訊,CloudTrail 追蹤預設不會記錄資料事件,但您可以將追蹤設定記錄資料事件。
當您在 CloudTrail 中記錄追蹤的資料事件時,您將選擇或指定資源類型。S3 Tables 有 `AWS::S3Tables::Table` 和 `AWS::S3Tables::TableBucket` 兩種資源類型。
系統會將下列資料事件記錄於 CloudTrail:
+ [https://docs.aws.amazon.com/AmazonS3/latest/API/API_AbortMultipartUpload.html](https://docs.aws.amazon.com/AmazonS3/latest/API/API_AbortMultipartUpload.html)
+ [https://docs.aws.amazon.com/AmazonS3/latest/API/API_CompleteMultipartUpload.html](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CompleteMultipartUpload.html)
+ [https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateMultipartUpload.html](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateMultipartUpload.html)
+ [https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html)
+ [https://docs.aws.amazon.com/AmazonS3/latest/API/API_HeadObject.html](https://docs.aws.amazon.com/AmazonS3/latest/API/API_HeadObject.html)
+ [https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListParts.html](https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListParts.html)
+ [https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html)
+ [https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPart.html](https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPart.html)
如需 CloudTrail 資料事件的詳細資訊,請參閱《AWS CloudTrail 使用者指南》**中的[記錄資料事件](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html)。
如需 S3 Tables 的 CloudTrail 事件詳細資訊,請參閱下列主題:
**Topics**
+ [S3 Tables 的 CloudTrail 管理事件](#s3-tables-management-events)
+ [適用於 S3 Tables 維護的 CloudTrail 管理事件](#s3-tables-maintenance-events)
+ [S3 Tables 的 CloudTrail 資料事件](#s3-tables-data-events)
+ [AWS CloudTrail S3 Tables 的資料事件日誌檔案範例](s3-tables-log-files.md)
# AWS CloudTrail S3 Tables 的資料事件日誌檔案範例
AWS CloudTrail 日誌檔案包含所請求 API 操作、操作的日期和時間、請求參數等相關資訊。本主題提供 S3 Tables CloudTrail 資料事件的範例日誌檔案。
**Topics**
+ [範例 – `GetObject` 資料事件的 CloudTrail 日誌檔案](#example-ct-log-s3tables)
+ [範例 – 資料表維護管理事件的 CloudTrail 日誌檔案](#example-ct-log-s3tables-3)
+ [範例 – `PutObject` 資料事件的 CloudTrail 日誌檔案](#example-ct-log-s3tables-2)
## 範例 – `GetObject` 資料事件的 CloudTrail 日誌檔案
下列範例顯示的 CloudTrail 日誌檔案範例會示範 [https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html) API 操作。
```
{
"eventVersion": "1.11",
"userIdentity": {
"type": "IAMUser",
"principalId": "123456789012",
"arn": "arn:aws:iam::111122223333:user/"myUserName",
"accountId": "111122223333",
"accessKeyId": "AKIAIOSFODNN7EXAMPLE",
"userName":"myUserName"
},
"eventTime": "2024-11-22T17:12:25Z",
"eventSource": "s3tables.amazonaws.com",
"eventName": "GetObject",
"awsRegion": "us-east-1",
"sourceIPAddress": "192.0.2.0",
"userAgent": "[aws-cli/2.18.5]",
"requestParameters": {
"Host": "tableWarehouseLocation.s3.us-east-1.amazonaws.com",
"key": "product-info.json"
},
"responseElements": null,
"additionalEventData": {
"SignatureVersion": "SigV4",
"cipherSuite": "ECDHE-RSA-AES128-GCM-SHA256",
"bytesTransferredIn": 0,
"AuthenticationMethod": "AuthHeader",
"xAmzId2": "q6xhNJYmhg",
"bytesTransferredOut": 28441
},
"requestID": "07D681123BD12AED",
"eventID": "f2b287f3-0df1-1234-a2f4-c4bdfed47657",
"readOnly": true,
"resources": [{
"accountId": "111122223333",
"type": "AWS::S3Tables::TableBucket",
"ARN": "arn:aws:s3tables:us-east-1:111122223333:bucket/amzn-s3-demo-bucket1"
}, {
"accountId": "111122223333",
"type": "AWS::S3Tables::Table",
"ARN": "arn:aws:s3tables:us-east-1:111122223333:bucket/amzn-s3-demo-bucket/table/111aa1111-22bb-33cc-44dd-5555eee66ffff"
}],
"eventType": "AwsApiCall",
"managementEvent": false,
"recipientAccountId": "444455556666",
"eventCategory": "Data",
"tlsDetails": {
"tlsVersion": "TLSv1.2",
"cipherSuite": "ECDHE-RSA-AES128-GCM-SHA256",
"clientProvidedHostHeader": "tableWarehouseLocation.s3.us-east-1.amazonaws.com"
}
}
```
## 範例 – 資料表維護管理事件的 CloudTrail 日誌檔案
以下是 CloudTrail 日誌檔案範例,展示 S3 執行的資料表壓縮維護事件,這是自動資料表維護工作的一部分。如需資料表維護事件的詳細資訊,請參閱 [適用於 S3 Tables 維護的 CloudTrail 管理事件](s3-tables-logging.md#s3-tables-maintenance-events)
```
{
"eventVersion": "1.11",
"userIdentity": {
"type": "AWSService",
"invokedBy": "maintenance.s3tables.amazonaws.com"
},
"eventTime": "2025-09-18T20:13:14Z",
"eventSource": "s3tables.amazonaws.com",
"eventName": "TablesMaintenanceEvent",
"awsRegion": "us-east-1",
"sourceIPAddress": "maintenance.s3tables.amazonaws.com",
"userAgent": "maintenance.s3tables.amazonaws.com",
"requestParameters": null,
"responseElements": null,
"eventID": "b8f96329-ef5c-32b5-94f6-eeed9061ea32",
"readOnly": false,
"resources": [
{
"accountId": "111122223333",
"type": "AWS::S3Tables::TableBucket",
"ARN": "arn:aws:s3tables:us-east-1:111122223333:bucket/amzn-s3-demo-table-bucket"
},
{
"accountId": "111122223333",
"type": "AWS::S3Tables::Table",
"ARN": "arn:aws:s3tables:us-east-1:111122223333:bucket/amzn-s3-demo-table-bucket/table/7ff7750e-23b3-481e-a90a-7d87d423d336"
}
],
"eventType": "AwsServiceEvent",
"managementEvent": true,
"recipientAccountId": "111122223333",
"sharedEventID": "62a57826-a66e-479b-befa-0e65663ee9e8",
"serviceEventDetails": {
"activityType": "icebergCompaction"
},
"eventCategory": "Management"
}
```
## 範例 – `PutObject` 資料事件的 CloudTrail 日誌檔案
下列範例顯示的 CloudTrail 日誌檔案範例會示範 [https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html) API 操作。
```
{
"eventVersion": "1.11",
"userIdentity": {
"type": "IAMUser",
"principalId": "123456789012",
"arn": "arn:aws:iam::444455556666:user/"myUserName",
"accountId": "444455556666",
"accessKeyId": "AKIAI44QH8DHBEXAMPLE",
"userName":"myUserName"
},
"eventTime": "2024-11-22T17:12:25Z",
"eventSource": "s3tables.amazonaws.com",
"eventName": "PutObject",
"awsRegion": "us-east-1",
"sourceIPAddress": "192.0.2.0",
"userAgent": "[aws-cli/2.18.5]",
"requestParameters": {
"Host": "tableWarehouseLocation.s3.us-east-1.amazonaws.com",
"key": "product-info.json"
},
"responseElements": {
"x-amz-server-side-encryption": "AES256",
"x-amz-version-id": "13zAFMdccAjt3MWd6ehxgCCCDRdkAKDw"
},
"additionalEventData": {
"SignatureVersion": "SigV4",
"cipherSuite": "ECDHE-RSA-AES128-GCM-SHA256",
"bytesTransferredIn": 28441,
"AuthenticationMethod": "AuthHeader",
"xAmzId2": "q6xhCJYmhg",
"bytesTransferredOut": 0
},
"requestID": "28d2faaf-1234-4649-997d-EXAMPLE72818",
"eventID": "694d604a-d190-1234-0dd1-EXAMPLEe20c1",
"readOnly": false,
"resources": [{
"accountId": "444455556666",
"type": "AWS::S3Tables::TableBucket",
"ARN": "arn:aws:s3tables:us-east-1:444455556666:bucket/amzn-s3-demo-bucket1"
}, {
"accountId": "444455556666",
"type": "AWS::S3Tables::Table",
"ARN": "arn:aws:s3tables:us-east-1:444455556666:bucket/amzn-s3-demo-bucket1/table/b89ec883-b1d9-4b37-9cd7-b86f590123f4"
}],
"eventType": "AwsApiCall",
"managementEvent": false,
"recipientAccountId": "111122223333",
"eventCategory": "Data",
"tlsDetails": {
"tlsVersion": "TLSv1.2",
"cipherSuite": "ECDHE-RSA-AES128-GCM-SHA256",
"clientProvidedHostHeader": "tableWarehouseLocation.s3.us-east-1.amazonaws.com"
}
}
```