ASFF 中的 AwsElb 资源
以下是 AwsElb 资源的 Amazon 安全调查发现格式(ASFF)的示例。
Amazon Security Hub CSPM 会将各种来源的调查发现标准化为 ASFF。有关 ASFF 的背景信息,请参阅 Amazon安全调查发现格式 (ASFF)。
AwsElbLoadBalancer
AwsElbLoadBalancer 对象包含有关经典负载均衡器的详细信息。
以下示例显示了 AwsElbLoadBalancer 对象的 Amazon 安全调查发现格式 (ASFF)。要查看 AwsElbLoadBalancer 属性的描述,请参阅 Amazon Security Hub CSPM API 参考中的 AwsElbLoadBalancerDetails。
示例:
"AwsElbLoadBalancer": { "AvailabilityZones": ["us-west-2a"], "BackendServerDescriptions": [ { "InstancePort": 80, "PolicyNames": ["doc-example-policy"] } ], "CanonicalHostedZoneName": "Z3DZXE0EXAMPLE", "CanonicalHostedZoneNameID": "my-load-balancer-444455556666.us-west-2.elb.amazonaws.com", "CreatedTime": "2020-08-03T19:22:44.637Z", "DnsName": "my-load-balancer-444455556666.us-west-2.elb.amazonaws.com", "HealthCheck": { "HealthyThreshold": 2, "Interval": 30, "Target": "HTTP:80/png", "Timeout": 3, "UnhealthyThreshold": 2 }, "Instances": [ { "InstanceId": "i-example" } ], "ListenerDescriptions": [ { "Listener": { "InstancePort": 443, "InstanceProtocol": "HTTPS", "LoadBalancerPort": 443, "Protocol": "HTTPS", "SslCertificateId": "arn:aws:iam::444455556666:server-certificate/my-server-cert" }, "PolicyNames": ["ELBSecurityPolicy-TLS-1-2-2017-01"] } ], "LoadBalancerAttributes": { "AccessLog": { "EmitInterval": 60, "Enabled": true, "S3BucketName": "amzn-s3-demo-bucket", "S3BucketPrefix": "doc-example-prefix" }, "ConnectionDraining": { "Enabled": false, "Timeout": 300 }, "ConnectionSettings": { "IdleTimeout": 30 }, "CrossZoneLoadBalancing": { "Enabled": true }, "AdditionalAttributes": [{ "Key": "elb.http.desyncmitigationmode", "Value": "strictest" }] }, "LoadBalancerName": "example-load-balancer", "Policies": { "AppCookieStickinessPolicies": [ { "CookieName": "", "PolicyName": "" } ], "LbCookieStickinessPolicies": [ { "CookieExpirationPeriod": 60, "PolicyName": "my-example-cookie-policy" } ], "OtherPolicies": [ "my-PublicKey-policy", "my-authentication-policy", "my-SSLNegotiation-policy", "my-ProxyProtocol-policy", "ELBSecurityPolicy-2015-03" ] }, "Scheme": "internet-facing", "SecurityGroups": ["sg-example"], "SourceSecurityGroup": { "GroupName": "my-elb-example-group", "OwnerAlias": "444455556666" }, "Subnets": ["subnet-example"], "VpcId": "vpc-a01106c2" }
AwsElbv2LoadBalancer
AwsElbv2LoadBalancer 对象提供有关负载均衡器的信息。
以下示例显示了 AwsElbv2LoadBalancer 对象的 Amazon 安全调查发现格式 (ASFF)。要查看 AwsElbv2LoadBalancer 属性的描述,请参阅 Amazon Security Hub CSPM API 参考中的 AwsElbv2LoadBalancerDetails。
示例:
"AwsElbv2LoadBalancer": { "AvailabilityZones": { "SubnetId": "string", "ZoneName": "string" }, "CanonicalHostedZoneId": "string", "CreatedTime": "string", "DNSName": "string", "IpAddressType": "string", "LoadBalancerAttributes": [ { "Key": "string", "Value": "string" } ], "Scheme": "string", "SecurityGroups": [ "string" ], "State": { "Code": "string", "Reason": "string" }, "Type": "string", "VpcId": "string" }