充当事件网格源的 Azure Key VaultAzure Key Vault as Event Grid source

本文提供了 Azure Key Vault 中事件的属性和架构。This article provides the properties and schema for events in Azure Key Vault. 有关事件架构的简介,请参阅 Azure 事件网格事件架构For an introduction to event schemas, see Azure Event Grid event schema.

可用事件类型Available event types

Azure Key Vault 帐户生成以下事件类型:An Azure Key Vault account generates the following event types:

事件全名Event full name 事件显示名称Event display name 说明Description
Microsoft.KeyVault.CertificateNewVersionCreatedMicrosoft.KeyVault.CertificateNewVersionCreated 创建的证书新版本Certificate New Version Created 创建新证书或新证书版本时触发。Triggered when a new certificate or new certificate version is created.
Microsoft.KeyVault.CertificateNearExpiryMicrosoft.KeyVault.CertificateNearExpiry 证书即将过期Certificate Near Expiry 当前版本的证书即将过期时触发。Triggered when the current version of certificate is about to expire. (此事件在证书到期日期前 30 天触发。)(The event is triggered 30 days before the expiration date.)
Microsoft.KeyVault.CertificateExpiredMicrosoft.KeyVault.CertificateExpired 证书已过期Certificate Expired 证书过期时触发。Triggered when the certificate is expired.
Microsoft.KeyVault.KeyNewVersionCreatedMicrosoft.KeyVault.KeyNewVersionCreated 创建的密钥新版本Key New Version Created 创建新密钥或新密钥版本时触发。Triggered when a new key or new key version is created.
Microsoft.KeyVault.KeyNearExpiryMicrosoft.KeyVault.KeyNearExpiry 密钥即将过期Key Near Expiry 当前版本的密钥即将过期时触发。Triggered when the current version of a key is about to expire. (此事件在证书到期日期前 30 天触发。)(The event is triggered 30 days before the expiration date.)
Microsoft.KeyVault.KeyExpiredMicrosoft.KeyVault.KeyExpired 密钥已过期Key Expired 密钥过期时触发。Triggered when a key is expired.
Microsoft.KeyVault.SecretNewVersionCreatedMicrosoft.KeyVault.SecretNewVersionCreated 创建的机密新版本Secret New Version Created 创建新机密或新机密版本时触发。Triggered when a new secret or new secret version is created.
Microsoft.KeyVault.SecretNearExpiryMicrosoft.KeyVault.SecretNearExpiry 机密即将过期Secret Near Expiry 当前版本的机密即将过期时触发。Triggered when the current version of a secret is about to expire. (此事件在机密到期日期前 30 天触发。)(The event is triggered 30 days before the expiration date.)
Microsoft.KeyVault.SecretExpiredMicrosoft.KeyVault.SecretExpired 机密已过期Secret Expired 机密过期时触发。Triggered when a secret is expired.
Microsoft.KeyVault.VaultAccessPolicyChangedMicrosoft.KeyVault.VaultAccessPolicyChanged 保管库访问策略已更改Vault Access Policy Changed 当 Key Vault 上的访问策略发生更改时触发。Triggered when an access policy on Key Vault changed. 它包括将 Key Vault 权限模型更改为 Azure 基于角色的访问控制或从 Azure 基于角色的访问控制更改为 Key Vault 权限模型时的方案。It includes a scenario when Key Vault permission model is changed to/from Azure role-based access control.

事件示例Event examples

以下示例显示 Microsoft.KeyVault.SecretNewVersionCreated 的架构:The following example show schema for Microsoft.KeyVault.SecretNewVersionCreated:

[
   {
      "id":"00eccf70-95a7-4e7c-8299-2eb17ee9ad64",
      "topic":"/subscriptions/{subscription-id}/resourceGroups/sample-rg/providers/Microsoft.KeyVault/vaults/sample-kv",
      "subject":"newsecret",
      "eventType":"Microsoft.KeyVault.SecretNewVersionCreated",
      "eventTime":"2019-07-25T01:08:33.1036736Z",
      "data":{
         "Id":"https://sample-kv.vault.azure.cn/secrets/newsecret/ee059b2bb5bc48398a53b168c6cdcb10",
         "vaultName":"sample-kv",
         "objectType":"Secret",
         "objectName ":"newsecret",
         "version":" ee059b2bb5bc48398a53b168c6cdcb10",
         "nbf":"1559081980",
         "exp":"1559082102"
      },
      "dataVersion":"1",
      "metadataVersion":"1"
   }
]

事件属性Event properties

事件具有以下顶级数据:An event has the following top-level data:

属性Property 类型Type 说明Description
topic stringstring 事件源的完整资源路径。Full resource path to the event source. 此字段不可写入。This field isn't writeable. 事件网格提供此值。Event Grid provides this value.
subject stringstring 事件主题的发布者定义路径。Publisher-defined path to the event subject.
eventType stringstring 此事件源的一个注册事件类型。One of the registered event types for this event source.
eventTime stringstring 基于提供程序 UTC 时间的事件生成时间。The time the event is generated based on the provider's UTC time.
id 字符串string 事件的唯一标识符。Unique identifier for the event.
data 对象object 应用配置事件数据。App Configuration event data.
dataVersion stringstring 数据对象的架构版本。The schema version of the data object. 发布者定义架构版本。The publisher defines the schema version.
metadataVersion stringstring 事件元数据的架构版本。The schema version of the event metadata. 事件网格定义顶级属性的架构。Event Grid defines the schema of the top-level properties. 事件网格提供此值。Event Grid provides this value.

数据对象具有以下属性:The data object has the following properties:

属性Property 类型Type 说明Description
id stringstring 触发了此事件的对象的 IDThe ID of the object that triggered this event
vaultName stringstring 触发了此事件的对象的密钥保管库名称The key vault name of the object that triggered this event
objectType stringstring 触发了此事件的对象的类型The type of the object that triggered this event
objectName stringstring 触发了此事件的对象的名称The name of the object that triggered this event
version stringstring 触发了此事件的对象的版本The version of the object that triggered this event
nbf numbernumber 触发了此事件的对象的 not-before 日期(自 1970-01-01T00:00:00Z 以来的秒数)The not-before date in seconds since 1970-01-01T00:00:00Z of the object that triggered this event
exp numbernumber 触发了此事件的对象的到期日期(自 1970-01-01T00:00:00Z 以来的秒数)The expiration date in seconds since 1970-01-01T00:00:00Z of the object that triggered this event

后续步骤Next steps