Terjemahan disediakan oleh mesin penerjemah. Jika konten terjemahan yang diberikan bertentangan dengan versi bahasa Inggris aslinya, utamakan versi bahasa Inggris.
AwsEcs
Berikut ini adalah contoh Format Pencarian AWS Keamanan untuk AwsEcs sumber daya.
AwsEcsCluster
AwsEcsClusterObjek ini memberikan detail tentang kluster Amazon Elastic Container Service.
Contoh berikut menunjukkan AWS Security Finding Format (ASFF) untuk AwsEcsCluster objek. Untuk melihat deskripsi AwsEcsCluster atribut, lihat AwsEcsClusterDetailsdi Referensi AWS Security Hub API.
Contoh
"AwsEcsCluster": { "CapacityProviders": [], "ClusterSettings": [ { "Name": "containerInsights", "Value": "enabled" } ], "Configuration": { "ExecuteCommandConfiguration": { "KmsKeyId": "kmsKeyId", "LogConfiguration": { "CloudWatchEncryptionEnabled": true, "CloudWatchLogGroupName": "cloudWatchLogGroupName", "S3BucketName": "s3BucketName", "S3EncryptionEnabled": true, "S3KeyPrefix": "s3KeyPrefix" }, "Logging": "DEFAULT" } } "DefaultCapacityProviderStrategy": [ { "Base": 0, "CapacityProvider": "capacityProvider", "Weight": 1 } ] }
AwsEcsContainer
AwsEcsContainerObjek berisi detail tentang wadah Amazon ECS.
Contoh berikut menunjukkan AWS Security Finding Format (ASFF) untuk AwsEcsContainer objek. Untuk melihat deskripsi AwsEcsContainer atribut, lihat AwsEcsContainerDetailsdi Referensi AWS Security Hub API.
Contoh
"AwsEcsContainer": { "Image": "1111111/knotejs@sha256:356131c9fef111111111111115f4ed8de5f9dce4dc3bd34bg21846588a3", "MountPoints": [{ "ContainerPath": "/mnt/etc", "SourceVolume": "vol-03909e9" }], "Name": "knote", "Privileged": true }
AwsEcsService
AwsEcsServiceObjek memberikan rincian tentang layanan dalam cluster Amazon ECS.
Contoh berikut menunjukkan AWS Security Finding Format (ASFF) untuk AwsEcsService objek. Untuk melihat deskripsi AwsEcsService atribut, lihat AwsEcsServiceDetailsdi Referensi AWS Security Hub API.
Contoh
"AwsEcsService": { "CapacityProviderStrategy": [ { "Base": 12, "CapacityProvider": "", "Weight": "" } ], "Cluster": "arn:aws:ecs:us-east-1:111122223333:cluster/example-ecs-cluster", "DeploymentConfiguration": { "DeploymentCircuitBreaker": { "Enable": false, "Rollback": false }, "MaximumPercent": 200, "MinimumHealthyPercent": 100 }, "DeploymentController": "", "DesiredCount": 1, "EnableEcsManagedTags": false, "EnableExecuteCommand": false, "HealthCheckGracePeriodSeconds": 1, "LaunchType": "FARGATE", "LoadBalancers": [ { "ContainerName": "", "ContainerPort": 23, "LoadBalancerName": "", "TargetGroupArn": "" } ], "Name": "sample-app-service", "NetworkConfiguration": { "AwsVpcConfiguration": { "Subnets": [ "Subnet-example1", "Subnet-example2" ], "SecurityGroups": [ "Sg-0ce48e9a6e5b457f5" ], "AssignPublicIp": "ENABLED" } }, "PlacementConstraints": [ { "Expression": "", "Type": "" } ], "PlacementStrategies": [ { "Field": "", "Type": "" } ], "PlatformVersion": "LATEST", "PropagateTags": "", "Role": "arn:aws:iam::111122223333:role/aws-servicerole/ecs.amazonaws.com/ServiceRoleForECS", "SchedulingStrategy": "REPLICA", "ServiceName": "sample-app-service", "ServiceArn": "arn:aws:ecs:us-east-1:111122223333:service/example-ecs-cluster/sample-app-service", "ServiceRegistries": [ { "ContainerName": "", "ContainerPort": 1212, "Port": 1221, "RegistryArn": "" } ], "TaskDefinition": "arn:aws:ecs:us-east-1:111122223333:task-definition/example-taskdef:1" }
AwsEcsTask
AwsEcsTaskObjek memberikan detail tentang tugas Amazon ECS.
Contoh berikut menunjukkan AWS Security Finding Format (ASFF) untuk AwsEcsTask objek. Untuk melihat deskripsi AwsEcsTask atribut, lihat AwsEcsTaskdi Referensi AWS Security Hub API.
Contoh
"AwsEcsTask": { "ClusterArn": "arn:aws:ecs:us-west-2:123456789012:task/MyCluster/1234567890123456789", "CreatedAt": "1557134011644", "Group": "service:fargate-service", "StartedAt": "1557134011644", "StartedBy": "ecs-svc/1234567890123456789", "TaskDefinitionArn": "arn:aws:ecs:us-west-2:123456789012:task-definition/sample-fargate:2", "Version": 3, "Volumes": [{ "Name": "string", "Host": { "SourcePath": "string" } }], "Containers": { "Image": "1111111/knotejs@sha256:356131c9fef111111111111115f4ed8de5f9dce4dc3bd34bg21846588a3", "MountPoints": [{ "ContainerPath": "/mnt/etc", "SourceVolume": "vol-03909e9" }], "Name": "knote", "Privileged": true } }
AwsEcsTaskDefinition
AwsEcsTaskDefinitionObjek berisi rincian tentang definisi tugas. Definisi tugas menjelaskan definisi kontainer dan volume tugas Amazon Elastic Container Service.
Contoh berikut menunjukkan AWS Security Finding Format (ASFF) untuk AwsEcsTaskDefinition objek. Untuk melihat deskripsi AwsEcsTaskDefinition atribut, lihat AwsEcsTaskDefinitionDetailsdi Referensi AWS Security Hub API.
Contoh
"AwsEcsTaskDefinition": { "ContainerDefinitions": [ { "Command": ['ruby', 'hi.rb'], "Cpu":128, "Essential": true, "HealthCheck": { "Command": ["CMD-SHELL", "curl -f http://localhost/ || exit 1"], "Interval": 10, "Retries": 3, "StartPeriod": 5, "Timeout": 20 }, "Image": "tongueroo/sinatra:latest", "Interactive": true, "Links": [], "LogConfiguration": { "LogDriver": "awslogs", "Options": { "awslogs-group": "/ecs/sinatra-hi", "awslogs-region": "ap-southeast-1", "awslogs-stream-prefix": "ecs" }, "SecretOptions": [] }, "MemoryReservation": 128, "Name": "web", "PortMappings": [ { "ContainerPort": 4567, "HostPort":4567, "Protocol": "tcp" } ], "Privileged": true, "StartTimeout": 10, "StopTimeout": 100, } ], "Family": "sinatra-hi", "NetworkMode": "host", "RequiresCompatibilities": ["EC2"], "Status": "ACTIVE", "TaskRoleArn": "arn:aws:iam::111122223333:role/ecsTaskExecutionRole", }
