ASFF 中的 AwsBackup 资源 - Amazon Security Hub
AwsBackupBackupPlanAwsBackupBackupVaultAwsBackupRecoveryPoint
Amazon Web Services 文档中描述的 Amazon Web Services 服务或功能可能因区域而异。要查看适用于中国区域的差异,请参阅 中国的 Amazon Web Services 服务入门 (PDF)

ASFF 中的 AwsBackup 资源

以下是 AwsBackup 资源的 Amazon 安全调查发现格式(ASFF)的示例。

Amazon Security Hub CSPM 会将各种来源的调查发现标准化为 ASFF。有关 ASFF 的背景信息,请参阅 Amazon安全调查发现格式 (ASFF)

AwsBackupBackupPlan

AwsBackupBackupPlan 对象提供有关 Amazon Backup 备份计划的信息。Amazon Backup 备份计划是一种策略表达式,定义您希望何时以及如何备份 Amazon 资源。

以下示例显示了 AwsBackupBackupPlan 对象的 Amazon 安全调查发现格式 (ASFF)。要查看 AwsBackupBackupPlan 属性的描述,请参阅 Amazon Security Hub CSPM API 参考中的 AwsBackupBackupPlan

示例

"AwsBackupBackupPlan": {
    "BackupPlan": {
    	"AdvancedBackupSettings": [{
    		"BackupOptions": {
    			"WindowsVSS":"enabled"
    		},
    		"ResourceType":"EC2"
    	}],
    	"BackupPlanName": "test",
    	"BackupPlanRule": [{
    		"CompletionWindowMinutes": 10080,
    		"CopyActions": [{
    			"DestinationBackupVaultArn": "arn:aws:backup:us-east-1:858726136373:backup-vault:aws/efs/automatic-backup-vault",
    			"Lifecycle": {
    				"DeleteAfterDays": 365,
    				"MoveToColdStorageAfterDays": 30
    			}
    		}],
    		"Lifecycle": {
    			"DeleteAfterDays": 35
    		},
    		"RuleName": "DailyBackups",
    		"ScheduleExpression": "cron(0 5 ? * * *)",
    		"StartWindowMinutes": 480,
    		"TargetBackupVault": "Default"
    		},
    		{
    		"CompletionWindowMinutes": 10080,
    		"CopyActions": [{
    			"DestinationBackupVaultArn": "arn:aws:backup:us-east-1:858726136373:backup-vault:aws/efs/automatic-backup-vault",
    			"Lifecycle": {
    				"DeleteAfterDays": 365,
    				"MoveToColdStorageAfterDays": 30
    			}
    		}],
    		"Lifecycle": {
    			"DeleteAfterDays": 35
    		},
    		"RuleName": "Monthly",
    		"ScheduleExpression": "cron(0 5 1 * ? *)",
    		"StartWindowMinutes": 480,
    		"TargetBackupVault": "Default"
    	}]
    },
    "BackupPlanArn": "arn:aws:backup:us-east-1:858726136373:backup-plan:b6d6b896-590d-4ee1-bf29-c5ccae63f4e7",
    "BackupPlanId": "b6d6b896-590d-4ee1-bf29-c5ccae63f4e7",
    "VersionId": "ZDVjNDIzMjItYTZiNS00NzczLTg4YzctNmExMWM2NjZhY2E1"
}

AwsBackupBackupVault

AwsBackupBackupVault 对象提供有关 Amazon Backup 备份文件库的信息。Amazon Backup 备份文件是存储和组织备份的容器。

以下示例显示了 AwsBackupBackupVault 对象的 Amazon 安全调查发现格式 (ASFF)。要查看 AwsBackupBackupVault 属性的描述,请参阅 Amazon Security Hub CSPM API 参考中的 AwsBackupBackupVault

示例

"AwsBackupBackupVault": {
    "AccessPolicy": {
    	"Statement": [{
    		"Action": [
    			"backup:DeleteBackupVault",
    			"backup:DeleteBackupVaultAccessPolicy",
    			"backup:DeleteRecoveryPoint",
    			"backup:StartCopyJob",
    			"backup:StartRestoreJob",
    			"backup:UpdateRecoveryPointLifecycle"
    		],
    		"Effect": "Deny",
    		"Principal": {
    			"Amazon": "*"
    		},
    		"Resource": "*"
    	}],
    	"Version": "2012-10-17"		 	 	 
    },
    "BackupVaultArn": "arn:aws:backup:us-east-1:123456789012:backup-vault:aws/efs/automatic-backup-vault",
    "BackupVaultName": "aws/efs/automatic-backup-vault",
    "EncrytionKeyArn": "arn:aws:kms:us-east-1:444455556666:key/72ba68d4-5e43-40b0-ba38-838bf8d06ca0",
    "Notifications": {
    	"BackupVaultEvents": ["BACKUP_JOB_STARTED", "BACKUP_JOB_COMPLETED", "COPY_JOB_STARTED"],
    	"SNSTopicArn": "arn:aws:sns:us-west-2:111122223333:MyVaultTopic"
    }
}

AwsBackupRecoveryPoint

AwsBackupRecoveryPoint 对象提供有关 Amazon Backup 备份的信息,也称为恢复点。Amazon Backup 恢复点表示指定时间的资源内容。

以下示例显示了 AwsBackupRecoveryPoint 对象的 Amazon 安全调查发现格式 (ASFF)。要查看 AwsBackupBackupVault 属性的描述,请参阅 Amazon Security Hub CSPM API 参考中的 AwsBackupRecoveryPoint

示例

"AwsBackupRecoveryPoint": {
    "BackupSizeInBytes": 0,
    "BackupVaultName": "aws/efs/automatic-backup-vault",
    "BackupVaultArn": "arn:aws:backup:us-east-1:111122223333:backup-vault:aws/efs/automatic-backup-vault",
    "CalculatedLifecycle": {
    	"DeleteAt": "2021-08-30T06:51:58.271Z",
    	"MoveToColdStorageAt": "2020-08-10T06:51:58.271Z"
    },
    "CompletionDate": "2021-07-26T07:21:40.361Z",
    "CreatedBy": {
    	"BackupPlanArn": "arn:aws:backup:us-east-1:111122223333:backup-plan:aws/efs/73d922fb-9312-3a70-99c3-e69367f9fdad",
    	"BackupPlanId": "aws/efs/73d922fb-9312-3a70-99c3-e69367f9fdad",
    	"BackupPlanVersion": "ZGM4YzY5YjktMWYxNC00ZTBmLWE5MjYtZmU5OWNiZmM5ZjIz",
    	"BackupRuleId": "2a600c2-42ad-4196-808e-084923ebfd25"
    },
    "CreationDate": "2021-07-26T06:51:58.271Z",
    "EncryptionKeyArn": "arn:aws:kms:us-east-1:111122223333:key/72ba68d4-5e43-40b0-ba38-838bf8d06ca0",
    "IamRoleArn": "arn:aws:iam::111122223333:role/aws-service-role/backup.amazonaws.com/AWSServiceRoleForBackup",
    "IsEncrypted": true,
    "LastRestoreTime": "2021-07-26T06:51:58.271Z",
    "Lifecycle": {
    	"DeleteAfterDays": 35,
    	"MoveToColdStorageAfterDays": 15
    },
    "RecoveryPointArn": "arn:aws:backup:us-east-1:111122223333:recovery-point:151a59e4-f1d5-4587-a7fd-0774c6e91268",
    "ResourceArn": "arn:aws:elasticfilesystem:us-east-1:858726136373:file-system/fs-15bd31a1",
    "ResourceType": "EFS",
    "SourceBackupVaultArn": "arn:aws:backup:us-east-1:111122223333:backup-vault:aws/efs/automatic-backup-vault",
    "Status": "COMPLETED",
    "StatusMessage": "Failure message",
    "StorageClass": "WARM"
}