本文属于机器翻译版本。若本译文内容与英语原文存在差异,则一律以英文原文为准。
ASFF 中的 AwsIam 资源
以下是AwsIam资源 Amazon 的安全调查结果格式 (ASFF) 语法的示例。
Amazon Security Hub 将各种来源的发现标准化为 ASFF。有关 ASFF 的背景信息,请参阅 Amazon 安全调查结果格式 (ASFF)。
AwsIamAccessKey
AwsIamAccessKey 对象包含与调查发现相关的 IAM 访问密钥的详细信息。
以下示例显示了AwsIamAccessKey对象 Amazon 的安全调查结果格式 (ASFF)。要查看 AwsIamAccessKey 属性的描述,请参阅 Amazon Security Hub API 参考中的 AwsIamAccessKeyDetails。
示例
"AwsIamAccessKey": { "AccessKeyId": "string", "AccountId": "string", "CreatedAt": "string", "PrincipalId": "string", "PrincipalName": "string", "PrincipalType": "string", "SessionContext": { "Attributes": { "CreationDate": "string", "MfaAuthenticated": boolean }, "SessionIssuer": { "AccountId": "string", "Arn": "string", "PrincipalId": "string", "Type": "string", "UserName": "string" } }, "Status": "string" }
AwsIamGroup
AwsIamGroup 对象包含有关 IAM 组的详细信息。
以下示例显示了AwsIamGroup对象 Amazon 的安全调查结果格式 (ASFF)。要查看 AwsIamGroup 属性的描述,请参阅 Amazon Security Hub API 参考中的 AwsIamGroupDetails。
示例
"AwsIamGroup": { "AttachedManagedPolicies": [ { "PolicyArn": "arn:aws:iam::aws:policy/ExampleManagedAccess", "PolicyName": "ExampleManagedAccess", } ], "CreateDate": "2020-04-28T14:08:37.000Z", "GroupId": "AGPA4TPS3VLP7QEXAMPLE", "GroupName": "Example_User_Group", "GroupPolicyList": [ { "PolicyName": "ExampleGroupPolicy" } ], "Path": "/" }
AwsIamPolicy
AwsIamPolicy 对象代表一个 IAM 权限策略。
以下示例显示了AwsIamPolicy对象 Amazon 的安全调查结果格式 (ASFF)。要查看 AwsIamPolicy 属性的描述,请参阅 Amazon Security Hub API 参考中的 AwsIamPolicyDetails。
示例
"AwsIamPolicy": { "AttachmentCount": 1, "CreateDate": "2017-09-14T08:17:29.000Z", "DefaultVersionId": "v1", "Description": "Example IAM policy", "IsAttachable": true, "Path": "/", "PermissionsBoundaryUsageCount": 5, "PolicyId": "ANPAJ2UCCR6DPCEXAMPLE", "PolicyName": "EXAMPLE-MANAGED-POLICY", "PolicyVersionList": [ { "VersionId": "v1", "IsDefaultVersion": true, "CreateDate": "2017-09-14T08:17:29.000Z" } ], "UpdateDate": "2017-09-14T08:17:29.000Z" }
AwsIamRole
AwsIamRole 对象包含有关 IAM 角色的信息,包括该角色的所有策略。
以下示例显示了AwsIamRole对象 Amazon 的安全调查结果格式 (ASFF)。要查看 AwsIamRole 属性的描述,请参阅 Amazon Security Hub API 参考中的 AwsIamRoleDetails。
示例
"AwsIamRole": { "AssumeRolePolicyDocument": "{'Version': '2012-10-17','Statement': [{'Effect': 'Allow','Action': 'sts:AssumeRole'}]}", "AttachedManagedPolicies": [ { "PolicyArn": "arn:aws:iam::aws:policy/ExamplePolicy1", "PolicyName": "Example policy 1" }, { "PolicyArn": "arn:aws:iam::444455556666:policy/ExamplePolicy2", "PolicyName": "Example policy 2" } ], "CreateDate": "2020-03-14T07:19:14.000Z", "InstanceProfileList": [ { "Arn": "arn:aws:iam::333333333333:ExampleProfile", "CreateDate": "2020-03-11T00:02:27Z", "InstanceProfileId": "AIPAIXEU4NUHUPEXAMPLE", "InstanceProfileName": "ExampleInstanceProfile", "Path": "/", "Roles": [ { "Arn": "arn:aws:iam::444455556666:role/example-role", "AssumeRolePolicyDocument": "", "CreateDate": "2020-03-11T00:02:27Z", "Path": "/", "RoleId": "AROAJ52OTH4H7LEXAMPLE", "RoleName": "example-role", } ] } ], "MaxSessionDuration": 3600, "Path": "/", "PermissionsBoundary": { "PermissionsBoundaryArn": "arn:aws:iam::aws:policy/AdministratorAccess", "PermissionsBoundaryType": "PermissionsBoundaryPolicy" }, "RoleId": "AROA4TPS3VLEXAMPLE", "RoleName": "BONESBootstrapHydra-OverbridgeOpsFunctionsLambda", "RolePolicyList": [ { "PolicyName": "Example role policy" } ] }
AwsIamUser
AwsIamUser 对象提供有关用户的信息。
以下示例显示了AwsIamUser对象 Amazon 的安全调查结果格式 (ASFF)。要查看 AwsIamUser 属性的描述,请参阅 Amazon Security Hub API 参考中的 AwsIamUserDetails。
示例
"AwsIamUser": { "AttachedManagedPolicies": [ { "PolicyName": "ExamplePolicy", "PolicyArn": "arn:aws:iam::aws:policy/ExampleAccess" } ], "CreateDate": "2018-01-26T23:50:05.000Z", "GroupList": [], "Path": "/", "PermissionsBoundary" : { "PermissionsBoundaryArn" : "arn:aws:iam::aws:policy/AdministratorAccess", "PermissionsBoundaryType" : "PermissionsBoundaryPolicy" }, "UserId": "AIDACKCEVSQ6C2EXAMPLE", "UserName": "ExampleUser", "UserPolicyList": [ { "PolicyName": "InstancePolicy" } ] }