AwsNetworkFirewall sumber daya di ASFF - AWS Security Hub

Terjemahan disediakan oleh mesin penerjemah. Jika konten terjemahan yang diberikan bertentangan dengan versi bahasa Inggris aslinya, utamakan versi bahasa Inggris.

AwsNetworkFirewall sumber daya di ASFF

Berikut ini adalah contoh sintaks AWS Security Finding Format (ASFF) untuk AwsNetworkFirewall sumber daya.

AWS Security Hub menormalkan temuan dari berbagai sumber ke dalamASFF. Untuk informasi latar belakangASFF, lihatAWS Format Pencarian Keamanan (ASFF).

AwsNetworkFirewallFirewall

AwsNetworkFirewallFirewallObjek berisi rincian tentang AWS Network Firewall firewall.

Contoh berikut menunjukkan AWS Security Finding Format (ASFF) untuk AwsNetworkFirewallFirewall objek. Untuk melihat deskripsi AwsNetworkFirewallFirewall atribut, lihat AwsNetworkFirewallFirewallDetailsdi AWS Security Hub APIReferensi.

Contoh

"AwsNetworkFirewallFirewall": { "DeleteProtection": false, "FirewallArn": "arn:aws:network-firewall:us-east-1:024665936331:firewall/testfirewall", "FirewallPolicyArn": "arn:aws:network-firewall:us-east-1:444455556666:firewall-policy/InitialFirewall", "FirewallId": "dea7d8e9-ae38-4a8a-b022-672a830a99fa", "FirewallName": "testfirewall", "FirewallPolicyChangeProtection": false, "SubnetChangeProtection": false, "SubnetMappings": [ { "SubnetId": "subnet-0183481095e588cdc" }, { "SubnetId": "subnet-01f518fad1b1c90b0" } ], "VpcId": "vpc-40e83c38" }

AwsNetworkFirewallFirewallPolicy

AwsNetworkFirewallFirewallPolicyObjek memberikan rincian tentang kebijakan firewall. Kebijakan firewall mendefinisikan perilaku firewall jaringan.

Contoh berikut menunjukkan AWS Security Finding Format (ASFF) untuk AwsNetworkFirewallFirewallPolicy objek. Untuk melihat deskripsi AwsNetworkFirewallFirewallPolicy atribut, lihat AwsNetworkFirewallFirewallPolicyDetailsdi AWS Security Hub APIReferensi.

Contoh

"AwsNetworkFirewallFirewallPolicy": { "FirewallPolicy": { "StatefulRuleGroupReferences": [ { "ResourceArn": "arn:aws:network-firewall:us-east-1:444455556666:stateful-rulegroup/PatchesOnly" } ], "StatelessDefaultActions": [ "aws:forward_to_sfe" ], "StatelessFragmentDefaultActions": [ "aws:forward_to_sfe" ], "StatelessRuleGroupReferences": [ { "Priority": 1, "ResourceArn": "arn:aws:network-firewall:us-east-1:444455556666:stateless-rulegroup/Stateless-1" } ] }, "FirewallPolicyArn": "arn:aws:network-firewall:us-east-1:444455556666:firewall-policy/InitialFirewall", "FirewallPolicyId": "9ceeda22-6050-4048-a0ca-50ce47f0cc65", "FirewallPolicyName": "InitialFirewall", "Description": "Initial firewall" }

AwsNetworkFirewallRuleGroup

AwsNetworkFirewallRuleGroupObjek memberikan rincian tentang kelompok AWS Network Firewall aturan. Kelompok aturan digunakan untuk memeriksa dan mengontrol lalu lintas jaringan. Kelompok aturan stateless berlaku untuk paket individu. Kelompok aturan stateful berlaku untuk paket dalam konteks arus lalu lintas mereka.

Grup aturan direferensikan dalam kebijakan firewall.

Contoh berikut menunjukkan AWS Security Finding Format (ASFF) untuk AwsNetworkFirewallRuleGroup objek. Untuk melihat deskripsi AwsNetworkFirewallRuleGroup atribut, lihat AwsNetworkFirewallRuleGroupDetailsdi AWS Security Hub APIReferensi.

Contoh - kelompok aturan tanpa kewarganegaraan

"AwsNetworkFirewallRuleGroup": { "Capacity": 600, "RuleGroupArn": "arn:aws:network-firewall:us-east-1:444455556666:stateless-rulegroup/Stateless-1", "RuleGroupId": "fb13c4df-b6da-4c1e-91ec-84b7a5487493", "RuleGroupName": "Stateless-1" "Description": "Example of a stateless rule group", "Type": "STATELESS", "RuleGroup": { "RulesSource": { "StatelessRulesAndCustomActions": { "CustomActions": [], "StatelessRules": [ { "Priority": 1, "RuleDefinition": { "Actions": [ "aws:pass" ], "MatchAttributes": { "DestinationPorts": [ { "FromPort": 443, "ToPort": 443 } ], "Destinations": [ { "AddressDefinition": "192.0.2.0/24" } ], "Protocols": [ 6 ], "SourcePorts": [ { "FromPort": 0, "ToPort": 65535 } ], "Sources": [ { "AddressDefinition": "198.51.100.0/24" } ] } } } ] } } } }

Contoh - kelompok aturan stateful

"AwsNetworkFirewallRuleGroup": { "Capacity": 100, "RuleGroupArn": "arn:aws:network-firewall:us-east-1:444455556666:stateful-rulegroup/tupletest", "RuleGroupId": "38b71c12-da80-4643-a6c5-03337f8933e0", "RuleGroupName": "ExampleRuleGroup", "Description": "Example of a stateful rule group", "Type": "STATEFUL", "RuleGroup": { "RuleSource": { "StatefulRules": [ { "Action": "PASS", "Header": { "Destination": "Any", "DestinationPort": "443", "Direction": "ANY", "Protocol": "TCP", "Source": "Any", "SourcePort": "Any" }, "RuleOptions": [ { "Keyword": "sid:1" } ] } ] } } }

Berikut ini adalah daftar contoh nilai yang valid untuk AwsNetworkFirewallRuleGroup atribut:

  • Action

    Nilai yang valid: PASS | DROP | ALERT

  • Protocol

    Nilai yang valid: IP TCP | UDP | ICMP | HTTP | FTP | TLS SMB | DNS | DCERPC | SSH | SMTP | IMAP | MSN | KRB5 | IKEV2 | TFTP | NTP | DHCP

  • Flags

    Nilai yang valid: FIN SYN | RST | PSH | ACK | URG | ECE | CWR

  • Masks

    Nilai yang valid: FIN SYN | RST | PSH | ACK | URG | ECE | CWR