Key Management Service (KMS) is integrated with ActionTrail. You can use ActionTrail to query all events triggered on KMS resources by all users, including Alibaba Cloud accounts and Resource Access Management (RAM) users, so you have a complete audit trail of KMS activity for security and compliance reviews.
How ActionTrail records KMS events
ActionTrail records call events for all KMS API operations, except DescribeRegions. For event code samples, see KMS. For a description of event fields, see Management event structure.
Query KMS events in ActionTrail
Log on to the ActionTrail console.
In the left-side navigation pane, click Events > Event Query.
In the top navigation bar, select the region of the events you want to query.
On the Event Query page, select Service Name from the drop-down list.
Enter Kms in the field and click the
icon.Find the target event by time, then click View Details in the Actions column.
What's next
Review the KMS event code samples to understand the structure of recorded events.
Review Management event structure for a full description of event fields.