AwsLambda
以下是 AwsLambda 资源的 Amazon 安全调查发现格式(ASFF)的示例。
Amazon Security Hub CSPM 会将各种来源的调查发现标准化为 ASFF。有关 ASFF 的背景信息,请参阅 Amazon安全调查发现格式 (ASFF)。
AwsLambdaFunction
AwsLambdaFunction 对象提供有关 Lambda 函数配置的详细信息。
以下示例显示了 AwsLambdaFunction 对象的 Amazon 安全调查发现格式 (ASFF)。要查看 AwsLambdaFunction 属性的描述,请参阅 Amazon Security Hub CSPM API 参考中的 AwsLambdaFunctionDetails。
示例:
"AwsLambdaFunction": { "Architectures": [ "x86_64" ], "Code": { "S3Bucket": "amzn-s3-demo-bucket", "S3Key": "samplekey", "S3ObjectVersion": "2", "ZipFile": "myzip.zip" }, "CodeSha256": "1111111111111abcdef", "DeadLetterConfig": { "TargetArn": "arn:aws:lambda:us-east-2:123456789012:queue:myqueue:2" }, "Environment": { "Variables": { "Stage": "foobar" }, "Error": { "ErrorCode": "Sample-error-code", "Message": "Caller principal is a manager." } }, "FunctionName": "CheckOut", "Handler": "main.py:lambda_handler", "KmsKeyArn": "arn:aws:kms:us-west-2:123456789012:key/mykey", "LastModified": "2001-09-11T09:00:00Z", "Layers": { "Arn": "arn:aws:lambda:us-east-2:123456789012:layer:my-layer:3", "CodeSize": 169 }, "PackageType": "Zip", "RevisionId": "23", "Role": "arn:aws:iam::123456789012:role/Accounting-Role", "Runtime": "go1.7", "Timeout": 15, "TracingConfig": { "Mode": "Active" }, "Version": "$LATEST$", "VpcConfig": { "SecurityGroupIds": ["sg-085912345678492fb", "sg-08591234567bdgdc"], "SubnetIds": ["subnet-071f712345678e7c8", "subnet-07fd123456788a036"] }, "MasterArn": "arn:aws:lambda:us-east-2:123456789012:\$LATEST", "MemorySize": 2048 }
AwsLambdaLayerVersion
AwsLambdaLayerVersion 对象提供有关 Lambda 层版本的详细信息。
以下示例显示了 AwsLambdaLayerVersion 对象的 Amazon 安全调查发现格式 (ASFF)。要查看 AwsLambdaLayerVersion 属性的描述,请参阅 Amazon Security Hub CSPM API 参考中的 AwsLambdaLayerVersionDetails。
示例:
"AwsLambdaLayerVersion": { "Version": 2, "CompatibleRuntimes": [ "java8" ], "CreatedDate": "2019-10-09T22:02:00.274+0000" }