"AIDATO53XXXXXXXXKR5DN", "arn": "arn:aws:iam::xxxxxxxxxxxx:user/KMS-SourceIP-Limit-Test", "accountId": "xxxxxxxxxxxx", "accessKeyId": "ASIATO53XXXXXXXX4B3N", "userName": "KMS-SourceIP-Limit-Test", "sessionContext": { "attributes": { "creationDate": "2024-09-11T23:27:27Z", "mfaAuthenticated": "false" } }, "invokedBy": "AWS Internal" }, "eventTime": "2024-09-11T23:29:45Z", "eventSource": "kms.amazonaws.com", "eventName": "GenerateDataKey", "awsRegion": "ap-northeast-1", "sourceIPAddress": "AWS Internal", "userAgent": "AWS Internal", "errorCode": "AccessDenied", "errorMessage": "User: arn:aws:iam::xxxxxxxxxxxx:user/KMS-SourceIP-Limit-Test is not authorized to perform: kms:GenerateDataKey on resource: arn:aws:kms:ap-northeast-1:xxxxxxxxxxxx:key/c9cdbfe6-xxxx- xxxx-xxxx-7adba90f5f3d with an explicit deny in an identity-based policy", "readOnly": true, "eventType": "AwsApiCall", "managementEvent": true, "eventCategory": "Management", "sessionCredentialFromConsole": "true" } アクションの実行者は IAMユーザーになっている 送信元IPアドレスが “AWS Internal” になっている IAMポリシーでDenyされたと いうエラーメッセージが表示 されている