AwsElb resources in ASFF
The following are examples of the AWS Security Finding Format (ASFF) syntax for AwsElb
resources.
AWS Security Hub normalizes findings from various sources into ASFF. For background information about ASFF, see AWS Security Finding Format (ASFF).
AwsElbLoadBalancer
The AwsElbLoadBalancer
object contains details about a Classic Load Balancer.
The following example shows the AWS Security Finding Format (ASFF) for the
AwsElbLoadBalancer
object. To view descriptions of
AwsElbLoadBalancer
attributes, see AwsElbLoadBalancerDetails in the
AWS Security Hub API Reference.
Example
"AwsElbLoadBalancer": { "AvailabilityZones": ["us-west-2a"], "BackendServerDescriptions": [ { "InstancePort": 80, "PolicyNames": ["doc-example-policy"] } ], "CanonicalHostedZoneName": "Z3DZXE0EXAMPLE", "CanonicalHostedZoneNameID": "my-load-balancer-444455556666.us-west-2.elb.amazonaws.com", "CreatedTime": "2020-08-03T19:22:44.637Z", "DnsName": "my-load-balancer-444455556666.us-west-2.elb.amazonaws.com", "HealthCheck": { "HealthyThreshold": 2, "Interval": 30, "Target": "HTTP:80/png", "Timeout": 3, "UnhealthyThreshold": 2 }, "Instances": [ { "InstanceId": "i-example" } ], "ListenerDescriptions": [ { "Listener": { "InstancePort": 443, "InstanceProtocol": "HTTPS", "LoadBalancerPort": 443, "Protocol": "HTTPS", "SslCertificateId": "arn:aws:iam::444455556666:server-certificate/my-server-cert" }, "PolicyNames": ["ELBSecurityPolicy-TLS-1-2-2017-01"] } ], "LoadBalancerAttributes": { "AccessLog": { "EmitInterval": 60, "Enabled": true, "S3BucketName": "amzn-s3-demo-bucket", "S3BucketPrefix": "doc-example-prefix" }, "ConnectionDraining": { "Enabled": false, "Timeout": 300 }, "ConnectionSettings": { "IdleTimeout": 30 }, "CrossZoneLoadBalancing": { "Enabled": true }, "AdditionalAttributes": [{ "Key": "elb.http.desyncmitigationmode", "Value": "strictest" }] }, "LoadBalancerName": "example-load-balancer", "Policies": { "AppCookieStickinessPolicies": [ { "CookieName": "", "PolicyName": "" } ], "LbCookieStickinessPolicies": [ { "CookieExpirationPeriod": 60, "PolicyName": "my-example-cookie-policy" } ], "OtherPolicies": [ "my-PublicKey-policy", "my-authentication-policy", "my-SSLNegotiation-policy", "my-ProxyProtocol-policy", "ELBSecurityPolicy-2015-03" ] }, "Scheme": "internet-facing", "SecurityGroups": ["sg-example"], "SourceSecurityGroup": { "GroupName": "my-elb-example-group", "OwnerAlias": "444455556666" }, "Subnets": ["subnet-example"], "VpcId": "vpc-a01106c2" }
AwsElbv2LoadBalancer
The AwsElbv2LoadBalancer
object provides information about a load
balancer.
The following example shows the AWS Security Finding Format (ASFF) for the
AwsElbv2LoadBalancer
object. To view descriptions of
AwsElbv2LoadBalancer
attributes, see AwsElbv2LoadBalancerDetails in the
AWS Security Hub API Reference.
Example
"AwsElbv2LoadBalancer": { "AvailabilityZones": { "SubnetId": "string", "ZoneName": "string" }, "CanonicalHostedZoneId": "string", "CreatedTime": "string", "DNSName": "string", "IpAddressType": "string", "LoadBalancerAttributes": [ { "Key": "string", "Value": "string" } ], "Scheme": "string", "SecurityGroups": [ "string" ], "State": { "Code": "string", "Reason": "string" }, "Type": "string", "VpcId": "string" }