本文属于机器翻译版本。若本译文内容与英语原文存在差异,则一律以英文原文为准。
AwsEc2
以下是AwsEc2资源Amazon的安全查找格式的示例。
AwsEc2Eip
该AwsEc2Eip对象提供弹性 IP 地址的相关信息。
以下示例显示AwsEc2Eip对象Amazon的安全结果格式 (ASFF)。要查看AwsEc2Eip属性的描述,请参阅 Amazon Security HubAPI 参考EipDetails中的 AwsEc2。
示例
"AwsEc2Eip": { "InstanceId": "instance1", "PublicIp": "192.0.2.04", "AllocationId": "eipalloc-example-id-1", "AssociationId": "eipassoc-example-id-1", "Domain": "vpc", "PublicIpv4Pool": "anycompany", "NetworkBorderGroup": "eu-central-1", "NetworkInterfaceId": "eni-example-id-1", "NetworkInterfaceOwnerId": "777788889999", "PrivateIpAddress": "192.0.2.03" }
AwsEc2Instance
该AwsEc2Instance对象可提供有关 Amazon EC2 实例的详细信息。
以下示例显示AwsEc2Instance对象Amazon的安全结果格式 (ASFF)。要查看AwsEc2Instance属性的描述,请参阅 Amazon Security HubAPI 参考InstanceDetails中的 AwsEc2。
示例
"AwsEc2Instance": { "IamInstanceProfileArn": "string", "ImageId": "string", "IpV4Addresses": [ "string" ], "IpV6Addresses": [ "string" ], "KeyName": "string", "LaunchedAt": "string", "NetworkInterfaces": [ { "NetworkInterfaceId": "string" } ], "SubnetId": "string", "Type": "string", "VpcId": "string" }
AwsEc2NetworkAcl
该AwsEc2NetworkAcl对象包含有关 Amazon EC2 网络访问控制列表 (ACL) 的详细信息。
以下示例显示AwsEc2NetworkAcl对象Amazon的安全结果格式 (ASFF)。要查看AwsEc2NetworkAcl属性的描述,请参阅 Amazon Security HubAPI 参考NetworkAclDetails中的 AwsEc2。
示例
AwsEc2NetworkAcl: { "IsDefault": false, "NetworkAclId": "acl-1234567890abcdef0", "OwnerId": "123456789012", "VpcId": "vpc-1234abcd", "Associations": [{ "NetworkAclAssociationId": "aclassoc-abcd1234", "NetworkAclId": "acl-021345abcdef6789", "SubnetId": "subnet-abcd1234" }], "Entries": [{ "CidrBlock": "10.24.34.0/23", "Egress": true, "IcmpTypeCode": { "Code": 10, "Type": 30 }, "Ipv6CidrBlock": "2001:DB8::/32", "PortRange": { "From": 20, "To": 40 }, "Protocol": "tcp", "RuleAction": "allow", "RuleNumber": 100 }] }
AwsEc2NetworkInterface
该AwsEc2NetworkInterface对象提供有关 Amazon EC2 网络接口的信息。
以下示例显示AwsEc2NetworkInterface对象Amazon的安全结果格式 (ASFF)。要查看AwsEc2NetworkInterface属性的描述,请参阅 Amazon Security HubAPI 参考NetworkInterfaceDetails中的 AwsEc2。
示例
"AwsEc2NetworkInterface": { "Attachment": { "AttachTime": "2019-01-01T03:03:21Z", "AttachmentId": "eni-attach-43348162", "DeleteOnTermination": true, "DeviceIndex": 123, "InstanceId": "i-1234567890abcdef0", "InstanceOwnerId": "123456789012", "Status": 'ATTACHED' }, "SecurityGroups": [ { "GroupName": "my-security-group", "GroupId": "sg-903004f8" }, ], "NetworkInterfaceId": 'eni-686ea200', "SourceDestCheck": false }
AwsEc2SecurityGroup
AwsEc2SecurityGroup对象描述了一个Amazon EC2 安全组。
以下示例显示AwsEc2SecurityGroup对象Amazon的安全结果格式 (ASFF)。要查看AwsEc2SecurityGroup属性的描述,请参阅 Amazon Security HubAPI 参考SecurityGroupDetails中的 AwsEc2。
示例
"AwsEc2SecurityGroup": { "GroupName": "MySecurityGroup", "GroupId": "sg-903004f8", "OwnerId": "123456789012", "VpcId": "vpc-1a2b3c4d", "IpPermissions": [ { "IpProtocol": "-1", "IpRanges": [], "UserIdGroupPairs": [ { "UserId": "123456789012", "GroupId": "sg-903004f8" } ], "PrefixListIds": [ {"PrefixListId": "pl-63a5400a"} ] }, { "PrefixListIds": [], "FromPort": 22, "IpRanges": [ { "CidrIp": "203.0.113.0/24" } ], "ToPort": 22, "IpProtocol": "tcp", "UserIdGroupPairs": [] } ] }
AwsEc2Subnet
该AwsEc2Subnet对象提供有关 Amazon EC2 中子网的信息。
以下示例显示AwsEc2Subnet对象Amazon的安全结果格式 (ASFF)。要查看AwsEc2Subnet属性的描述,请参阅 Amazon Security HubAPI 参考SubnetDetails中的 AwsEc2。
示例
AwsEc2Subnet: { "AssignIpv6AddressOnCreation": false, "AvailabilityZone": "us-west-2c", "AvailabilityZoneId": "usw2-az3", "AvailableIpAddressCount": 8185, "CidrBlock": "10.0.0.0/24", "DefaultForAz": false, "MapPublicIpOnLaunch": false, "OwnerId": "123456789012", "State": "available", "SubnetArn": "arn:aws:ec2:us-west-2:123456789012:subnet/subnet-d5436c93", "SubnetId": "subnet-d5436c93", "VpcId": "vpc-153ade70", "Ipv6CidrBlockAssociationSet": [{ "AssociationId": "subnet-cidr-assoc-EXAMPLE", "Ipv6CidrBlock": "2001:DB8::/32", "CidrBlockState": "associated" }] }
AwsEc2TransitGateway
AwsEc2TransitGateway对象提供有关 Amazon EC2 中转网关的详细信息,用于互连 Virtual Private Cloud (VPC) 和本地网络。
以下是Security FAwsEc2TransitGateway indingAmazon 格式 (ASFF) 中的结果示例。要查看AwsEc2TransitGateway属性的描述,请参阅 Amazon Security HubAPI 参考TransitGatewayDetails中的 AwsEc2。
示例
"AwsEc2TransitGateway": { "AmazonSideAsn": 65000, "AssociationDefaultRouteTableId": "tgw-rtb-099ba47cbbea837cc", "AutoAcceptSharedAttachments": "disable", "DefaultRouteTableAssociation": "enable", "DefaultRouteTablePropagation": "enable", "Description": "sample transit gateway", "DnsSupport": "enable", "Id": "tgw-042ae6bf7a5c126c3", "MulticastSupport": "disable", "PropagationDefaultRouteTableId": "tgw-rtb-099ba47cbbea837cc", "TransitGatewayCidrBlocks": ["10.0.0.0/16"], "VpnEcmpSupport": "enable" }
AwsEc2Volume
该AwsEc2Volume对象提供有关Amazon EC2 卷的详细信息。
以下示例显示AwsEc2Volume对象Amazon的安全结果格式 (ASFF)。要查看AwsEc2Volume属性的描述,请参阅 Amazon Security HubAPI 参考VolumeDetails中的 AwsEc2。
示例
"AwsEc2Volume": { "Attachments": [ { "AttachTime": "2017-10-17T14:47:11Z", "DeleteOnTermination": true, "InstanceId": "i-123abc456def789g", "Status": "attached" } ], "CreateTime": "2020-02-24T15:54:30Z", "Encrypted": true, "KmsKeyId": "arn:aws:kms:us-east-1:111122223333:key/wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY", "Size": 80, "SnapshotId": "", "Status": "available" }
AwsEc2Vpc
该AwsEc2Vpc对象提供有关Amazon EC2 VPC 的详细信息。
以下示例显示AwsEc2Vpc对象Amazon的安全结果格式 (ASFF)。要查看AwsEc2Vpc属性的描述,请参阅 Amazon Security HubAPI 参考VpcDetails中的 AwsEc2。
示例
"AwsEc2Vpc": { "CidrBlockAssociationSet": [ { "AssociationId": "vpc-cidr-assoc-0dc4c852f52abda97", "CidrBlock": "192.0.2.0/24", "CidrBlockState": "associated" } ], "DhcpOptionsId": "dopt-4e42ce28", "Ipv6CidrBlockAssociationSet": [ { "AssociationId": "vpc-cidr-assoc-0dc4c852f52abda97", "CidrBlockState": "associated", "Ipv6CidrBlock": "192.0.2.0/24" } ], "State": "available" }
AwsEc2VpcEndpointService
该AwsEc2VpcEndpointService对象包含有关 VPC 终端节点服务的服务配置的详细信息。
以下示例显示AwsEc2VpcEndpointService对象Amazon的安全结果格式 (ASFF)。要查看AwsEc2VpcEndpointService属性的描述,请参阅 Amazon Security HubAPI 参考VpcEndpointServiceDetails中的 AwsEc2。
示例
"AwsEc2VpcEndpointService": { "ServiceType": [ { "ServiceType": "Interface" } ], "ServiceId": "vpce-svc-example1", "ServiceName": "com.amazonaws.vpce.us-east-1.vpce-svc-example1", "ServiceState": "Available", "AvailabilityZones": [ "us-east-1" ], "AcceptanceRequired": true, "ManagesVpcEndpoints": false, "NetworkLoadBalancerArns": [ "arn:aws:elasticloadbalancing:us-east-1:444455556666:loadbalancer/net/my-network-load-balancer/example1" ], "GatewayLoadBalancerArns": [], "BaseEndpointDnsNames": [ "vpce-svc-04eec859668b51c34.us-east-1.vpce.amazonaws.com" ], "PrivateDnsName": "my-private-dns" }
AwsEc2VpcPeeringConnection
该AwsEc2VpcPeeringConnection对象提供有关两个 VPC 之间的网络连接的详细信息。
以下示例显示AwsEc2VpcPeeringConnection对象Amazon的安全结果格式 (ASFF)。要查看AwsEc2VpcPeeringConnection属性的描述,请参阅 Amazon Security HubAPI 参考VpcPeeringConnectionDetails中的 AwsEc2。
示例
"AwsEc2VpcPeeringConnection": { "AccepterVpcInfo": { "CidrBlock": "10.0.0.0/28", "CidrBlockSet": [{ "CidrBlock": "10.0.0.0/28" }], "Ipv6CidrBlockSet": [{ "Ipv6CidrBlock": "2002::1234:abcd:ffff:c0a8:101/64" }], "OwnerId": "012345678910", "PeeringOptions": { "AllowDnsResolutionFromRemoteVpc": true, "AllowEgressFromLocalClassicLinkToRemoteVpc": false, "AllowEgressFromLocalVpcToRemoteClassicLink": true }, "Region": "us-west-2", "VpcId": "vpc-i123456" }, "ExpirationTime": "2022-02-18T15:31:53.161Z", "RequesterVpcInfo": { "CidrBlock": "192.168.0.0/28", "CidrBlockSet": [{ "CidrBlock": "192.168.0.0/28" }], "Ipv6CidrBlockSet": [{ "Ipv6CidrBlock": "2002::1234:abcd:ffff:c0a8:101/64" }], "OwnerId": "012345678910", "PeeringOptions": { "AllowDnsResolutionFromRemoteVpc": true, "AllowEgressFromLocalClassicLinkToRemoteVpc": false, "AllowEgressFromLocalVpcToRemoteClassicLink": true }, "Region": "us-west-2", "VpcId": "vpc-i123456" }, "Status": { "Code": "initiating-request", "Message": "Active" }, "VpcPeeringConnectionId": "pcx-1a2b3c4d" }
AwsEc2VpnConnection
该AwsEc2VpnConnection对象提供有关Amazon EC2 VPN 连接的详细信息。
以下示例显示AwsEc2VpnConnection对象Amazon的安全结果格式 (ASFF)。要查看AwsEc2VpnConnection属性的描述,请参阅 Amazon Security HubAPI 参考VpnConnectionDetails中的 AwsEc2。
示例
"AwsEc2VpnConnection": { "VpnConnectionId": "vpn-205e4f41", "State": "available", "CustomerGatewayConfiguration": "", "CustomerGatewayId": "cgw-5699703f", "Type": "ipsec.1", "VpnGatewayId": "vgw-2ccb2245", "Category": "VPN" "TransitGatewayId": "tgw-09b6f3a659e2b5elf", "VgwTelemetry": [ { "OutsideIpAddress": "92.0.2.11", "Status": "DOWN", "LastStatusChange": "2016-11-11T23:09:32.000Z", "StatusMessage": "IPSEC IS DOWN", "AcceptedRouteCount": 0 }, { "OutsideIpAddress": "92.0.2.12", "Status": "DOWN", "LastStatusChange": "2016-11-11T23:10:51.000Z", "StatusMessage": "IPSEC IS DOWN", "AcceptedRouteCount": 0 } ], "Routes": [{ "DestinationCidrBlock": "10.24.34.0/24", "State": "available" }], "Options": { "StaticRoutesOnly": true "TunnelOptions": [{ "DpdTimeoutSeconds": 30, "IkeVersions": ["ikev1", "ikev2"], "Phase1DhGroupNumbers": [14, 15, 16, 17, 18}, "Phase1EncryptionAlgorithms": ["AES128", "AES256"], "Phase1IntegrityAlgorithms": ["SHA1", "SHA2-256"], "Phase1LifetimeSeconds": 28800, "Phase2DhGroupNumbers": [14, 15, 16, 17, 18], "Phase2EncryptionAlgorithms": ["AES128", "AES256"], "Phase2IntegrityAlgorithms": ["SHA1", "SHA2-256"], "Phase2LifetimeSeconds": 28800, "PreSharedKey": "RltXC3REhTw1RAdiM2s1uMfkkSDLyGJoe1QEWeGxqkQ=", "RekeyFuzzPercentage": 100, "RekeyMarginTimeSeconds": 540, "ReplayWindowSize": 1024, "TunnelInsideCidr": "10.24.34.0/23" }] } }