本文属于机器翻译版本。若本译文内容与英语原文存在差异,则一律以英文原文为准。
AwsIam
以下是AwsIam资源 AWS 的安全调查结果格式的示例。
AwsIamAccessKey
该AwsIamAccessKey对象包含与调查结果相关的IAM访问密钥的详细信息。
以下示例显示了AwsIamAccessKey对象 AWS 的安全调查结果格式 (ASFF)。要查看AwsIamAccessKey属性的描述,请参阅 “AWS Security Hub API参考” AwsIamAccessKeyDetails中的。
示例
"AwsIamAccessKey": { "AccessKeyId": "string", "AccountId": "string", "CreatedAt": "string", "PrincipalId": "string", "PrincipalName": "string", "PrincipalType": "string", "SessionContext": { "Attributes": { "CreationDate": "string", "MfaAuthenticated": boolean }, "SessionIssuer": { "AccountId": "string", "Arn": "string", "PrincipalId": "string", "Type": "string", "UserName": "string" } }, "Status": "string" }
AwsIamGroup
该AwsIamGroup对象包含有关IAM群组的详细信息。
以下示例显示了AwsIamGroup对象 AWS 的安全调查结果格式 (ASFF)。要查看AwsIamGroup属性的描述,请参阅 “AWS Security Hub API参考” AwsIamGroupDetails中的。
示例
"AwsIamGroup": { "AttachedManagedPolicies": [ { "PolicyArn": "arn:aws:iam::aws:policy/ExampleManagedAccess", "PolicyName": "ExampleManagedAccess", } ], "CreateDate": "2020-04-28T14:08:37.000Z", "GroupId": "AGPA4TPS3VLP7QEXAMPLE", "GroupName": "Example_User_Group", "GroupPolicyList": [ { "PolicyName": "ExampleGroupPolicy" } ], "Path": "/" }
AwsIamPolicy
该AwsIamPolicy对象表示IAM权限策略。
以下示例显示了AwsIamPolicy对象 AWS 的安全调查结果格式 (ASFF)。要查看AwsIamPolicy属性的描述,请参阅 “AWS Security Hub API参考” AwsIamPolicyDetails中的。
示例
"AwsIamPolicy": { "AttachmentCount": 1, "CreateDate": "2017-09-14T08:17:29.000Z", "DefaultVersionId": "v1", "Description": "Example IAM policy", "IsAttachable": true, "Path": "/", "PermissionsBoundaryUsageCount": 5, "PolicyId": "ANPAJ2UCCR6DPCEXAMPLE", "PolicyName": "EXAMPLE-MANAGED-POLICY", "PolicyVersionList": [ { "VersionId": "v1", "IsDefaultVersion": true, "CreateDate": "2017-09-14T08:17:29.000Z" } ], "UpdateDate": "2017-09-14T08:17:29.000Z" }
AwsIamRole
该AwsIamRole对象包含有关IAM角色的信息,包括该角色的所有策略。
以下示例显示了AwsIamRole对象 AWS 的安全调查结果格式 (ASFF)。要查看AwsIamRole属性的描述,请参阅 “AWS Security Hub API参考” AwsIamRoleDetails中的。
示例
"AwsIamRole": { "AssumeRolePolicyDocument": "{'Version': '2012-10-17','Statement': [{'Effect': 'Allow','Action': 'sts:AssumeRole'}]}", "AttachedManagedPolicies": [ { "PolicyArn": "arn:aws:iam::aws:policy/ExamplePolicy1", "PolicyName": "Example policy 1" }, { "PolicyArn": "arn:aws:iam::444455556666:policy/ExamplePolicy2", "PolicyName": "Example policy 2" } ], "CreateDate": "2020-03-14T07:19:14.000Z", "InstanceProfileList": [ { "Arn": "arn:aws:iam::333333333333:ExampleProfile", "CreateDate": "2020-03-11T00:02:27Z", "InstanceProfileId": "AIPAIXEU4NUHUPEXAMPLE", "InstanceProfileName": "ExampleInstanceProfile", "Path": "/", "Roles": [ { "Arn": "arn:aws:iam::444455556666:role/example-role", "AssumeRolePolicyDocument": "", "CreateDate": "2020-03-11T00:02:27Z", "Path": "/", "RoleId": "AROAJ52OTH4H7LEXAMPLE", "RoleName": "example-role", } ] } ], "MaxSessionDuration": 3600, "Path": "/", "PermissionsBoundary": { "PermissionsBoundaryArn": "arn:aws:iam::aws:policy/AdministratorAccess", "PermissionsBoundaryType": "PermissionsBoundaryPolicy" }, "RoleId": "AROA4TPS3VLEXAMPLE", "RoleName": "BONESBootstrapHydra-OverbridgeOpsFunctionsLambda", "RolePolicyList": [ { "PolicyName": "Example role policy" } ] }
AwsIamUser
AwsIamUser 对象提供有关用户的信息。
以下示例显示了AwsIamUser对象 AWS 的安全调查结果格式 (ASFF)。要查看AwsIamUser属性的描述,请参阅 “AWS Security Hub API参考” AwsIamUserDetails中的。
示例
"AwsIamUser": { "AttachedManagedPolicies": [ { "PolicyName": "ExamplePolicy", "PolicyArn": "arn:aws:iam::aws:policy/ExampleAccess" } ], "CreateDate": "2018-01-26T23:50:05.000Z", "GroupList": [], "Path": "/", "PermissionsBoundary" : { "PermissionsBoundaryArn" : "arn:aws:iam::aws:policy/AdministratorAccess", "PermissionsBoundaryType" : "PermissionsBoundaryPolicy" }, "UserId": "AIDACKCEVSQ6C2EXAMPLE", "UserName": "ExampleUser", "UserPolicyList": [ { "PolicyName": "InstancePolicy" } ] }
