This topic provides several examples of event logs related to Security Token Service (STS).
A RAM user switches the role by calling an STS API operation in the console
{
"apiVersion": "2015-04-01",
"eventId": "64e9b93e-13da-4ea4-8b72-081069ff****",
"eventName": "AssumeRole",
"eventSource": "sts.aliyuncs.com",
"eventTime": "2016-01-05T02:41:58Z",
"eventType": "ApiCall",
"eventVersion": "1",
"recipientAccountId": "102440540619****",
"requestId": "F678C471-BEAA-4DE4-B09E-FD7F5A5248E8",
"requestParameters": {
"RoleArn": "acs:ram::4****:role/ram-admin",
"RoleSessionName": "l****"
},
"serviceName": "Sts",
"sourceIpAddress": "42.120.XX.XX",
"userAgent": "AliyunConsole",
"userIdentity": {
"type": "ram-user",
"accountId": "102440540619****",
"principalId": "24894915196108****",
"userName": "l****",
"sessionContext": {
"attributes": {
"creationDate": "2016-01-05T02:41:58Z",
"mfaAuthenticated": "true"
}
}
}
}A RAM user switches the role by using the STS SDK
{
"apiVersion": "2015-04-01",
"eventId": "23f2a6b5-c628-49bb-8dc9-8f976050****",
"eventName": "AssumeRole",
"eventSource": "sts.aliyuncs.com",
"eventTime": "2016-01-05T02:41:58Z",
"eventType": "ApiCall",
"eventVersion": "1",
"recipientAccountId": "102440540619****",
"requestId": "8BE01A78-4026-4E7D-B4E1-95B0323E968E",
"requestParameters": {
"RoleArn": "acs:ram::4****:role/ram-admin",
"RoleSessionName": "l****"
},
"serviceName": "Sts",
"sourceIpAddress": "42.120.XX.XX",
"userAgent": "aliyuncli/2.0.6",
"userIdentity": {
"type": "ram-user",
"accountId": "102440540619****",
"principalId": "24894915196108****",
"accessKeyId": "55nCtAwmPLkk****",
"userName": "l***"
}
}