Find answers, ask questions, and connect with our
community around the world.

Home Forums AWS AWS Certified Security – Specialty Correction: Review Mode Set 1 – Question #12

  • Correction: Review Mode Set 1 – Question #12

  • Roamer2025

    Member
    March 1, 2024 at 10:34 am

    AWS KMS actions such as Encrypt, Decrypt, and GenerateDataKey typically generate a large volume (more than 99%) of events. These actions are logged as Read events, like low-volume AWS KMS actions such as Disable, Delete, and ScheduleKey (which typically account for less than 0.5% of AWS KMS event volume).

    ->

    AWS KMS actions such as Encrypt, Decrypt, and GenerateDataKey typically generate a large volume (more than 99%) of events. These actions are now logged as Read events. Low-volume, relevant AWS KMS actions such as Disable, Delete, and ScheduleKey (which typically account for less than 0.5% of AWS KMS event volume) are logged as Write events.

    References:

    https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-management-events-with-cloudtrail.html#read-write-events-mgmt

  • Carlo-TutorialsDojo

    Member
    March 4, 2024 at 6:19 pm

    Hello Roamer2025,

    We appreciate your effort in pointing this out.

    We will update our explanation to reflect this update.

    Please let us know if you need further clarification.

    Thank you and regards,

    Carlo @ Tutorials Dojo

Viewing 1 - 2 of 2 replies

Log in to reply.

Original Post
0 of 0 posts June 2018
Now