本文属于机器翻译版本。若本译文内容与英语原文存在差异,则一律以英文原文为准。
Security Hub 控制结果所需的 Amazon Config 资源
某些 Amazon Security Hub 控件使用服务相关 Amazon Config 规则来检测 Amazon 资源中的配置更改。为了让 Security Hub 生成准确的控制结果,您必须在中启用 Amazon Config 并打开资源记录 Amazon Config。有关 Security Hub 如何使用 Amazon Config 规则以及如何启用和配置的背景信息 Amazon Config,请参阅为 Security Hub 启用和配置 Amazon Config。
要获得准确的控制结果,您必须为已启用控件开启 Amazon Config 资源记录,并使用更改触发的计划类型。某些具有定期计划类型的控件也需要资源记录。
本页列出了每个 Security Hub 控件所需的资源。
Security Hub 控件可以依赖托管 Amazon Config 规则或自定义 Security Hub 规则。确保 Organizations 中没有管理的 Amazon Identity and Access Management (IAM) 策略或策略会 Amazon Config 阻止您有权记录您的资源。Security Hub 控制检查直接评估资源的配置,不考虑组织策略。有关 Amazon Config 录制的更多信息,请参阅《Amazon Config 开发者指南》中的 Amazon Config 托管规则列表-注意事项。
注意
Amazon Web Services 区域 如果控件不可用,则相应的资源在中不可用 Amazon Config。有关 Security Hub 控件的区域限制列表,请参阅 对 Security Hub 控件的区域限制。
所有 Security Hub 控件所需的资源
要让 Security Hub 为启用的 Security Hub 更改触发的使用 Amazon Config 规则的控件生成调查结果,您必须将这些资源记录在中 Amazon Config。此表还指出了哪些控件评估特定资源。单个控件可以评估多个资源。
服务 | 所需资源 | 相关控件 |
---|---|---|
亚马逊API网关 | AWS::ApiGateway::Stage |
APIGateway1. APIGateway2. APIGateway3. APIGateway4. APIGateway5. |
AWS::ApiGatewayV2::Stage |
APIGateway1. APIGateway.9 |
|
Amazon AppSync | AWS::AppSync::GraphQLApi
|
AppSync2. AppSync4. AppSync5. |
AWS::AppSync::ApiCache
|
AppSync1. AppSync.6 |
|
Amazon Backup (Amazon Backup) | AWS::Backup::BackupPlan
|
Backup.5 |
AWS::Backup::BackupVault
|
Backup.3 |
|
AWS::Backup::RecoveryPoint
|
Backup.1 Backup.2 |
|
AWS::Backup::ReportPlan
|
Backup.4 |
|
Amazon Certificate Manager (ACM) | AWS::ACM::Certificate
|
ACM1. ACM2. ACM3. |
Amazon Athena | AWS::Athena::DataCatalog |
Athena.2 |
AWS::Athena::WorkGroup |
Athena.3 Athena.4 |
|
Amazon CloudFormation | AWS::CloudFormation::Stack |
CloudFormation2. |
Amazon CloudFront | AWS::CloudFront::Distribution
|
CloudFront1. CloudFront3. CloudFront4. CloudFront5. CloudFront.6 CloudFront.7 CloudFront.8 CloudFront.9 CloudFront.10 CloudFront.13 CloudFront.14 |
Amazon CloudTrail | AWS::CloudTrail::Trail
|
CloudTrail.9 |
Amazon CloudWatch | AWS::CloudWatch::Alarm
|
CloudWatch.15 CloudWatch.17 |
Amazon CodeArtifact | AWS::CodeArtifact::Repository
|
CodeArtifact1. |
Amazon CodeBuild | AWS::CodeBuild::Project
|
CodeBuild1. CodeBuild2. CodeBuild3. CodeBuild4. |
AWS::CodeBuild::ReportGroup
|
CodeBuild.7 |
|
Amazon Cognito | AWS::Cognito::UserPool |
Cognito1 |
Amazon DataSync | AWS::DataSync::Task |
DataSync1. |
Amazon Detective | AWS::Detective::Graph |
Detective.1 |
Amazon Database Migration Service (Amazon DMS) | AWS::DMS::Certificate |
DMS2. |
AWS::DMS::Endpoint
|
|
|
AWS::DMS::EventSubscription
|
DMS3. | |
AWS::DMS::ReplicationInstance
|
DMS4. DMS.6 |
|
AWS::DMS::ReplicationSubnetGroup
|
DMS5. | |
AWS::DMS::ReplicationTask |
DMS.7 DMS.8 |
|
Amazon DynamoDB | AWS::DynamoDB::Table
|
DynamoDB.1 DynamoDB.2 DynamoDB.5 DynamodB.6 |
亚马逊弹性计算云 (EC2) | AWS::EC2::ClientVpnEndpoint |
EC2.51 |
AWS::EC2::CustomerGateway |
EC2.36 | |
AWS::EC2::EIP |
EC2.12 EC2.37 |
|
AWS::EC2::FlowLog |
EC2.48 | |
AWS::EC2::Instance |
EC24. EC2.8 EC2.9 EC2.17 EC2.24 EC2.38 EMR1. SSM1. |
|
AWS::EC2::InternetGateway |
EC2.39 |
|
AWS::EC2::LaunchTemplate |
EC2.25 EC2.170 |
|
AWS::EC2::NatGateway |
EC2.40 |
|
AWS::EC2::NetworkAcl |
EC2.16 EC2.21 EC2.41 |
|
AWS::EC2::NetworkInterface |
EC2.22 EC2.35 |
|
AWS::EC2::RouteTable |
EC2.42 | |
AWS::EC2::SecurityGroup |
EC22. EC2.13 EC2.14 EC2.18 EC2.19 EC2.43 |
|
AWS::EC2::Subnet |
EC2.15 EC2.44 ElastiCache.7 |
|
AWS::EC2::TransitGateway |
EC2.23 EC2.52 |
|
AWS::EC2::TransitGatewayAttachment |
EC2.33 | |
AWS::EC2::TransitGatewayRouteTable |
EC2.34 | |
AWS::EC2::Volume |
EC23. EC2.45 |
|
AWS::EC2::VPC |
EC2.6 EC2.46 |
|
AWS::EC2::VPCEndpointService |
EC2.47 | |
AWS::EC2::VPCPeeringConnection |
EC2.49 | |
AWS::EC2::VPNConnection |
EC2.20 EC2.171 |
|
AWS::EC2::VPNGateway |
EC2.50 | |
Amazon A EC2 uto Scaling | AWS::AutoScaling::AutoScalingGroup |
AutoScaling1. AutoScaling2. AutoScaling.6 AutoScaling.9 AutoScaling.10 |
AWS::AutoScaling::LaunchConfiguration |
AutoScaling3. Autoscaling.5 |
|
亚马逊 S EC2 ystems Manager (SSM) | AWS::SSM::AssociationCompliance |
SSM3. |
AWS::SSM::ManagedInstanceInventory |
SSM1. |
|
AWS::SSM::PatchCompliance |
SSM2. |
|
亚马逊弹性容器注册表(亚马逊ECR) | AWS::ECR::PublicRepository |
ECR4. |
AWS::ECR::Repository |
ECR2. ECR3. |
|
亚马逊弹性容器服务(亚马逊ECS) | AWS::ECS::Cluster |
ECS.12 ECS.14 |
AWS::ECS::Service |
ECS2. ECS.10 ECS.13 |
|
AWS::ECS::TaskDefinition |
ECS1. ECS3. ECS4. ECS5. ECS.8 ECS.9 ECS.15 |
|
AWS::ECS::TaskSet |
ECS.16 |
|
亚马逊 Elastic File System(亚马逊EFS) | AWS::EFS::AccessPoint
|
EFS3. EFS4. EFS5. |
AWS::EFS::FileSystem
|
EFS.7 EFS.8 |
|
亚马逊 Elastic Kubernetes Service(亚马逊)EKS | AWS::EKS::Cluster |
EKS2. EKS.6 EKS.8 |
AWS::EKS::IdentityProviderConfig |
EKS.7 | |
Amazon Elastic Beanstalk | AWS::ElasticBeanstalk::Environment
|
ElasticBeanstalk1. ElasticBeanstalk2. ElasticBeanstalk3. |
Elastic Load Balancing | AWS::ElasticLoadBalancing::LoadBalancer |
ELB2. ELB3. ELB5. ELB.7 ELB.8 ELB.9 ELB.10 ELB.14 |
AWS::ElasticLoadBalancingV2::LoadBalancer |
ELB1. ELB4. ELB5. ELB.6 ELB.12 ELB.13 ELB.16 |
|
ElasticSearch | AWS::Elasticsearch::Domain |
ES.3 ES.4 ES.5 ES.6 ES.7 ES.8 ES.9 |
Amazon EventBridge | AWS::Events::EventBus |
EventBridge2. EventBridge3. |
AWS::Events::Endpoint |
EventBridge4. |
|
Amazon Global Accelerator |
AWS::GlobalAccelerator::Accelerator |
GlobalAccelerator1. |
Amazon Glue |
AWS::Glue::Job |
Glue.1 |
AWS::Glue::MLTransform |
Glue.3 |
|
Amazon GuardDuty |
AWS::GuardDuty::Detector |
GuardDuty4. |
AWS::GuardDuty::Filter |
GuardDuty2. |
|
AWS::GuardDuty::IPSet |
GuardDuty3. |
|
Amazon Identity and Access Management (IAM) | AWS::IAM::Group |
IAM.27 KMS2. |
AWS::IAM::Policy |
IAM1. IAM.21 KMS1. |
|
AWS::IAM::Role |
IAM.24 IAM.27 KMS2. |
|
AWS::IAM::User |
IAM2. IAM3. IAM5. IAM.8 IAM.19 IAM.22 IAM.25 IAM.27 KMS2. |
|
Amazon Identity and Access Management Access Analyzer | AWS::AccessAnalyzer::Analyzer |
IAM.23 |
Amazon IoT | AWS::IoT::Authorizer |
IoT.4 |
AWS::IoT::Dimension |
IoT.3 |
|
AWS::IoT::MitigationAction |
IoT.2 |
|
AWS::IoT::Policy |
IoT.6 |
|
AWS::IoT::RoleAlias |
IoT.5 |
|
AWS::IoT::SecurityProfile |
IoT.1 |
|
Amazon Kinesis | AWS::Kinesis::Stream |
Kinesis.1 Kinesis.2 Kinesis.3 |
Amazon Key Management Service (Amazon KMS) | AWS::KMS::Alias |
S3.17 |
AWS::KMS::Key |
KMS3. KMS5. S3.17 |
|
Amazon Lambda | AWS::Lambda::Function |
Lambda.1 Lambda.2 Lambda.3 Lambda.5 Lambda.6 |
Amazon MSK | AWS::MSK::Cluster |
MSK1. MSK2. |
AWS::KafkaConnect::Connector |
MSK3. |
|
Amazon MQ | AWS::AmazonMQ::Broker |
MQ.2 MQ.3 MQ.4 MQ.5 MQ.6 |
Amazon Network Firewall | AWS::NetworkFirewall::Firewall |
NetworkFirewall1. NetworkFirewall.7 NetworkFirewall.9 |
AWS::NetworkFirewall::FirewallPolicy |
NetworkFirewall3. NetworkFirewall4. NetworkFirewall5. NetworkFirewall.8 |
|
AWS::NetworkFirewall::RuleGroup |
NetworkFirewall.6 |
|
亚马逊 OpenSearch 服务 | AWS::OpenSearch::Domain |
Opensearch.1 Opensearch.2 Opensearch.3 Opensearch.4 Opensearch.5 Opensearch.6 Opensearch.7 Opensearch.8 OpenSearch.9 Opensearch.10 Opensearch.11 |
亚马逊 Relational Database Service(亚马逊RDS) | AWS::RDS::DBCluster |
DocumentDB.1 DocumentDB.2 DocumentDB.4 DocumentDB.5 Neptune.1 Neptune.2 Neptune.4 Neptune.5 Neptune.7 Neptune.8 Neptune.9 RDS.7 RDS.12 RDS.14 RDS.15 RDS.16 RDS.24 RDS.27 RDS.28 RDS.34 RDS.35 RDS.37 |
AWS::RDS::DBClusterSnapshot |
DocumentDB.3 Neptune.3 Neptune.6 RDS1. RDS4. RDS.29 |
|
AWS::RDS::DBInstance |
RDS2. RDS3. RDS5. RDS.6 RDS.8 RDS.9 RDS.10 RDS.11 RDS.13 RDS.17 RDS.18 RDS.23 RDS.25 RDS.30 RDS.36 |
|
AWS::RDS::DBSecurityGroup |
RDS.31 |
|
AWS::RDS::DBSnapshot |
RDS1. RDS4. RDS.32 |
|
AWS::RDS::DBSubnetGroup |
RDS.33 |
|
AWS::RDS::EventSubscription |
RDS.19 RDS.20 RDS.21 RDS.22 |
|
Amazon Redshift | AWS::Redshift::Cluster |
Redshift.1 Redshift.2 Redshift.3 Redshift.4 Redshift.6 Redshift.7 Redshift.8 Redshift.9 Redshift.10 Redshift.11 |
AWS::Redshift::ClusterParameterGroup |
Redshift.2 |
|
AWS::Redshift::ClusterSnapshot |
Redshift.13 |
|
AWS::Redshift::ClusterSubnetGroup |
Redshift.14 Redshift.16 |
|
AWS::Redshift::EventSubscription |
Redshift.12 |
|
Amazon Route 53 | AWS::Route53::HostedZone |
Route53.2 |
AWS::Route53::HealthCheck |
Route53.1 |
|
Amazon Simple Storage Service(Amazon S3) | AWS::S3::AccessPoint |
S3.19 |
AWS::S3::AccountPublicAccessBlock |
S3.2 S3.3 |
|
AWS::S3::Bucket |
S3.2 S3.3 S3.5 S3.6 S3.7 S3.8 S3.9 S3.10 S3.11 S3.12 S3.13 S3.14 S3.15 S3.17 S3.20 |
|
AWS::S3::MultiRegionAccessPoint |
S3.24 |
|
亚马逊 SageMaker AI | AWS::SageMaker::NotebookInstance
|
SageMaker2. SageMaker3. |
Amazon Secrets Manager | AWS::SecretsManager::Secret
|
SecretsManager1. SecretsManager2. SecretsManager5. |
Amazon Service Catalog | AWS::ServiceCatalog::Portfolio
|
ServiceCatalog1. |
亚马逊简单电子邮件服务(亚马逊SES) | AWS::SES::ConfigurationSet
|
SES2. |
AWS::SES::ContactList
|
SES1. |
|
亚马逊简单通知服务(亚马逊SNS) | AWS::SNS::Topic
|
SNS1. SNS3. SNS4. |
亚马逊简单队列服务(亚马逊SQS) | AWS::SQS::Queue
|
SQS1. SQS2. |
Amazon Step Functions | AWS::StepFunctions::StateMachine
|
StepFunctions1. |
AWS::StepFunctions::Activity
|
StepFunctions2. |
|
Amazon Transfer Family | AWS::Transfer::Workflow
|
Transfer.1 |
Amazon WAF | AWS::WAF::Rule |
WAF.6 |
AWS::WAF::RuleGroup |
WAF.7 |
|
AWS::WAF::WebACL |
WAF1. WAF.8 |
|
AWS::WAFRegional::Rule |
WAF2. |
|
AWS::WAFRegional::RuleGroup |
WAF3. |
|
AWS::WAFRegional::WebACL |
WAF4. |
|
AWS::WAFv2::RuleGroup |
WAF.12 |
|
AWS::WAFv2::WebACL |
WAF.10 WAF.11 |
|
Amazon WorkSpaces | AWS::WorkSpaces::WorkSpace |
WorkSpaces1. WorkSpaces2. |
FSBP标准版所需资源
为了让 Security Hub 准确报告已启用的 Amazon 基础安全最佳实践 v1.0.0 (FSBP) 更改触发的使用 Amazon Config 规则的控件的发现,您必须将这些资源记录在中。 Amazon Config有关此标准的更多信息,请参阅 Amazon 基础安全最佳实践 v1.0.0 () 标准 FSBP。
服务 | 所需的 资源 |
---|---|
亚马逊API网关 |
|
Amazon AppSync |
|
Amazon Backup |
|
Amazon Certificate Manager (ACM) |
|
Amazon CloudFormation |
|
Amazon CloudFront |
|
Amazon CodeBuild |
|
Amazon Cognito |
|
Amazon DataSync |
|
Amazon Database Migration Service (Amazon DMS) |
|
Amazon DynamoDB |
|
亚马逊 S EC2 ystems Manager (SSM) |
|
亚马逊弹性计算云 (EC2) |
|
Amazon A EC2 uto Scaling |
|
亚马逊弹性容器注册表(亚马逊ECR) |
|
亚马逊弹性容器服务(亚马逊ECS) |
|
亚马逊 Elastic File System(亚马逊EFS) |
|
Amazon EKS |
|
ElasticBeanstalk |
|
Elastic Load Balancing |
|
ElasticSearch |
|
Amazon Glue |
|
Amazon Identity and Access Management (IAM) |
|
Amazon Kinesis |
|
Amazon Key Management Service (Amazon KMS) |
|
Amazon Lambda |
|
Amazon MSK |
|
Amazon Network Firewall |
|
亚马逊 OpenSearch 服务 |
|
亚马逊 Relational Database Service(亚马逊RDS) |
|
Amazon Redshift |
|
Amazon Route 53 |
|
Amazon Simple Storage Service(Amazon S3) |
|
亚马逊 SageMaker AI |
|
亚马逊简单通知服务(亚马逊SNS) |
|
亚马逊简单队列服务(亚马逊SQS) |
|
Amazon Secrets Manager |
|
Amazon Step Functions |
|
Amazon WAF |
|
Amazon WorkSpaces |
|
CIS Amazon 基金会基准测试所需的资源
要对适用于互联网安全中心 (CIS) Amazon Foundations Benchmark 的已启用控件进行安全检查,Security Hub 要么按照保护 Amazon Web Services
有关此标准的更多信息,请参阅 CIS Amazon 基金会基准。
CISv3.0.0 所需的资源
为使 Security Hub 能够准确报告已启用 CIS v3.0.0 且使用 Amazon Config 规则的变更触发控件的发现结果,您必须将这些资源记录在中。 Amazon Config
服务 | 所需的 资源 |
---|---|
亚马逊弹性计算云(亚马逊EC2) |
|
Amazon Identity and Access Management (IAM) |
|
亚马逊 Relational Database Service(亚马逊RDS) |
|
Amazon Simple Storage Service(Amazon S3) |
|
CISv1.4.0 所需的资源
为使 Security Hub 能够准确报告已启用 CIS v1.4.0 且使用 Amazon Config 规则的变更触发控件的发现,您必须将这些资源记录在中。 Amazon Config
服务 | 所需的 资源 |
---|---|
亚马逊弹性计算云 (EC2) |
|
Amazon Identity and Access Management (IAM) |
|
亚马逊 Relational Database Service(亚马逊RDS) |
|
Amazon Simple Storage Service(Amazon S3) |
|
1.2.0 CIS 版所需的资源
为使 Security Hub 能够准确报告已启用 CIS v1.2.0 的使用 Amazon Config 规则的变更触发控件的发现,您必须将这些资源记录在中。 Amazon Config
服务 | 所需的 资源 |
---|---|
亚马逊弹性计算云 (EC2) |
|
Amazon Identity and Access Management (IAM) |
|
NISTSP 800-53 修订版 5 所需的资源
为了让 Security Hub 准确报告已启用的美国国家标准与技术研究院 (NIST) SP 800-53 Rev. 5 使用 Amazon Config 规则的变更触发控件的调查结果,您必须将这些资源记录在中。 Amazon Config您只需要记录已触发计划类型变更的控件的资源即可。有关此标准的更多信息,请参阅 NISTSP 800-53 Rev. 5 在 Security Hub。
服务 | 所需的 资源 |
---|---|
亚马逊API网关 |
|
Amazon AppSync |
|
Amazon Backup |
|
Amazon Certificate Manager (ACM) |
|
Amazon CloudFormation |
|
Amazon CloudFront |
|
Amazon CloudWatch |
|
Amazon CodeBuild |
|
Amazon Database Migration Service (Amazon DMS) |
|
Amazon DynamoDB |
|
亚马逊弹性计算云 (EC2) |
|
Amazon A EC2 uto Scaling |
|
亚马逊弹性容器注册表(亚马逊ECR) |
|
亚马逊弹性容器服务(亚马逊ECS) |
|
亚马逊 Elastic File System(亚马逊EFS) |
|
Amazon EKS |
|
ElasticBeanstalk |
|
Elastic Load Balancing |
|
ElasticSearch |
|
Amazon EventBridge |
|
Amazon Identity and Access Management (IAM) |
|
Amazon Key Management Service (Amazon KMS) |
|
Amazon Kinesis |
|
Amazon Lambda |
|
Amazon MSK |
|
Amazon MQ |
|
Amazon Network Firewall |
|
亚马逊 OpenSearch 服务 |
|
亚马逊 Relational Database Service(亚马逊RDS) |
|
Amazon Redshift |
|
Amazon Route 53 |
|
Amazon Simple Storage Service(Amazon S3) |
|
Amazon Service Catalog |
|
亚马逊简单通知服务(亚马逊SNS) |
|
亚马逊简单队列服务(亚马逊SQS) |
|
亚马逊 S EC2 ystems Manager (SSM) |
|
亚马逊 SageMaker AI |
|
Amazon Secrets Manager |
|
Amazon WAF |
|
PCIDSSv3.2.1 所需的资源
为使 Security Hub 能够准确报告使用 Amazon Config 规则的已启用的支付卡行业数据安全标准 (PCIDSS) 控件的调查结果,您必须将这些资源记录在中 Amazon Config。有关此标准的更多信息,请参阅 PCIDSS在 Security Hub 中。
服务 | 所需的 资源 |
---|---|
Amazon CodeBuild |
|
亚马逊弹性计算云 (EC2) |
|
Amazon A EC2 uto Scaling |
|
Amazon Identity and Access Management (IAM) |
|
Amazon Lambda |
|
亚马逊 OpenSearch 服务 |
|
亚马逊 Relational Database Service(亚马逊RDS) |
|
Amazon Redshift |
|
Amazon Simple Storage Service(Amazon S3) |
|
亚马逊 S EC2 ystems Manager (SSM) |
|
资源标签标准 Amazon 版所需的资源
Amazon 资源标签标准中的所有控件都是变更触发的,并使用 Amazon Config 规则。为了让 Security Hub 准确报告这些控件的调查结果,您必须在中记录以下资源 Amazon Config。您只需要记录已触发计划类型变更的控件的资源即可。有关此标准的更多信息,请参阅 Amazon 资源标签标准。
服务 | 所需的 资源 |
---|---|
Amazon AppSync |
|
Amazon Athena |
|
Amazon Certificate Manager (ACM) |
|
Amazon Backup (Amazon Backup) |
|
Amazon CloudFormation |
|
Amazon CloudFront |
|
Amazon CloudTrail |
|
Amazon CodeArtifact |
|
Amazon Detective |
|
Amazon Database Migration Service (Amazon DMS) |
|
Amazon DynamoDB |
|
亚马逊弹性计算云 (EC2) |
|
Amazon A EC2 uto Scaling |
|
亚马逊弹性容器注册表(亚马逊ECR) |
|
亚马逊弹性容器服务(亚马逊ECS) |
|
亚马逊 Elastic File System(亚马逊EFS) |
|
亚马逊 Elastic Kubernetes Service(亚马逊)EKS |
|
Amazon Elastic Beanstalk (Elastic Beanstalk) |
|
ElasticSearch |
|
Amazon EventBridge |
|
Amazon Global Accelerator |
|
Amazon Glue |
|
Amazon GuardDuty |
|
Amazon Identity and Access Management (IAM) |
|
Amazon Identity and Access Management Access Analyzer (IAM访问分析器) |
|
Amazon IoT |
|
Amazon Kinesis |
|
Amazon Lambda |
|
Amazon MQ |
|
Amazon Network Firewall |
|
亚马逊 OpenSearch 服务 |
|
Amazon Relational Database Service |
|
Amazon Redshift |
|
Amazon Route 53 |
|
Amazon Secrets Manager |
|
亚马逊简单电子邮件服务(亚马逊SES) |
|
亚马逊简单通知服务(亚马逊SNS) |
|
亚马逊简单队列服务(亚马逊SQS) |
|
Amazon Step Functions |
|
Amazon Transfer Family |
|
服务管理标准所需的资源: Amazon Control Tower
为了让 Security Hub 准确报告已启用的服务管理标准:使用 Amazon Config 规则的 Amazon Control Tower 变更触发控件的发现,您必须在中 Amazon Config记录以下资源。有关此标准的更多信息,请参阅 服务管理标准: Amazon Control Tower。
服务 | 所需的 资源 |
---|---|
亚马逊API网关 |
|
Amazon Certificate Manager (ACM) |
|
Amazon CodeBuild |
|
Amazon DynamoDB |
|
亚马逊弹性计算云 (EC2) |
|
Amazon A EC2 uto Scaling |
|
亚马逊弹性容器注册表(亚马逊ECR) |
|
亚马逊弹性容器服务(亚马逊ECS) |
|
亚马逊 Elastic File System(亚马逊EFS) |
|
Amazon EKS |
|
ElasticBeanstalk |
|
Elastic Load Balancing |
|
ElasticSearch |
|
Amazon Identity and Access Management (IAM) |
|
Amazon Key Management Service (Amazon KMS) |
|
Amazon Kinesis |
|
Amazon Lambda |
|
Amazon Network Firewall |
|
亚马逊 OpenSearch 服务 |
|
亚马逊 Relational Database Service(亚马逊RDS) |
|
Amazon Redshift |
|
Amazon Simple Storage Service(Amazon S3) |
|
亚马逊简单通知服务(亚马逊SNS) |
|
亚马逊简单队列服务(亚马逊SQS) |
|
亚马逊 S EC2 ystems Manager (SSM) |
|
Amazon Secrets Manager |
|
Amazon WAF |
|