Yandex Audit Trails event reference
Written by
Updated at December 4, 2024
Audit Trails supports tracking control plane and data plane events for Yandex Key Management Service.
The general format of the event_type
field value is as follows:
yandex.cloud.audit.kms.<event_name>
Management event reference
Event name | Description |
---|---|
CancelDeleteSymmetricKey |
Canceling a previously scheduled key destruction |
CancelSymmetricKeyVersionDestruction |
Canceling a previously planned destruction of a symmetric key version |
CreateAsymmetricEncryptionKey |
Creating an asymmetric encryption key pair |
CreateAsymmetricSignatureKey |
Creating a digital signature key pair |
CreateSymmetricKey |
Creating a symmetric key |
DeleteAsymmetricEncryptionKey |
Updating an asymmetric encryption key pair |
DeleteAsymmetricSignatureKey |
Updating a digital signature key pair |
DeleteSymmetricKey |
Deleting a symmetric key |
RotateSymmetricKey |
Rotating a symmetric key |
ScheduleSymmetricKeyVersionDestruction |
Scheduling the destruction of a symmetric key version |
SetAsymmetricEncryptionKeyAccessBindings |
Assigning access permissions for an asymmetric encryption key pair |
SetAsymmetricSignatureKeyAccessBindings |
Assigning access permissions for a digital signature key pair |
SetPrimarySymmetricKeyVersion |
Selecting the primary version of a symmetric key |
SetSymmetricKeyAccessBindings |
Assigning access permissions for a symmetric key |
UpdateAsymmetricEncryptionKey |
Updating an asymmetric encryption key pair |
UpdateAsymmetricSignatureKey |
Updating a digital signature key pair |
UpdateSymmetricKey |
Changing a symmetric key |
UpdateSymmetricKeyAccessBindings |
Updating access permissions for a symmetric key |
UpdateAsymmetricEncryptionKeyAccessBindings |
Updating access permissions for an asymmetric encryption key pair |
asymmetricencryption.CancelAsymmetricEncryptionKeyDeletion |
Canceling the deletion of an asymmetric encryption key pair |
asymmetricsignature.CancelAsymmetricSignatureKeyDeletion |
Canceling the deletion of a digital signature key pair |
Data event reference
Event name | Description |
---|---|
Decrypt |
Decrypting ciphertext with a key |
Encrypt |
Encrypting a text string with a key |
GenerateDataKey |
Generating a high-entropy key for Envelope Encryption |
ReEncrypt |
Decrypting ciphertext with a previous-version key and re-encrypting the decrypted text with a new version of the same key |