AwsOpenSearchService 中的资源 ASFF - AWS Security Hub

本文属于机器翻译版本。若本译文内容与英语原文存在差异,则一律以英文原文为准。

AwsOpenSearchService 中的资源 ASFF

以下是AwsOpenSearchService资源 AWS 的安全调查结果格式 (ASFF) 语法的示例。

AWS Security Hub 将来自各种来源的发现标准化为ASFF。有关背景信息ASFF,请参阅AWS 安全调查结果格式 (ASFF)

AwsOpenSearchServiceDomain

AwsOpenSearchServiceDomain对象包含有关亚马逊 OpenSearch 服务域的信息。

以下示例显示了AwsOpenSearchServiceDomain对象 AWS 的安全调查结果格式 (ASFF)。要查看AwsOpenSearchServiceDomain属性的描述,请参阅 “AWS Security Hub API参考AwsOpenSearchServiceDomainDetails中的。

示例

"AwsOpenSearchServiceDomain": { "AccessPolicies": "IAM_Id", "AdvancedSecurityOptions": { "Enabled": true, "InternalUserDatabaseEnabled": true, "MasterUserOptions": { "MasterUserArn": "arn:aws:iam::123456789012:user/third-master-use", "MasterUserName": "third-master-use", "MasterUserPassword": "some-password" } }, "Arn": "arn:aws:Opensearch:us-east-1:111122223333:somedomain", "ClusterConfig": { "InstanceType": "c5.large.search", "InstanceCount": 1, "DedicatedMasterEnabled": true, "ZoneAwarenessEnabled": false, "ZoneAwarenessConfig": { "AvailabilityZoneCount": 2 }, "DedicatedMasterType": "c5.large.search", "DedicatedMasterCount": 3, "WarmEnabled": true, "WarmCount": 3, "WarmType": "ultrawarm1.large.search" }, "DomainEndpoint": "https://es-2021-06-23t17-04-qowmgghud5vofgb5e4wmi.eu-central-1.es.amazonaws.com", "DomainEndpointOptions": { "EnforceHTTPS": false, "TLSSecurityPolicy": "Policy-Min-TLS-1-0-2019-07", "CustomEndpointCertificateArn": "arn:aws:acm:us-east-1:111122223333:certificate/bda1bff1-79c0-49d0-abe6-50a15a7477d4", "CustomEndpointEnabled": true, "CustomEndpoint": "example.com" }, "DomainEndpoints": { "vpc": "vpc-endpoint-h2dsd34efgyghrtguk5gt6j2foh4.us-east-1.es.amazonaws.com" }, "DomainName": "my-domain", "EncryptionAtRestOptions": { "Enabled": false, "KmsKeyId": "1a2a3a4-1a2a-3a4a-5a6a-1a2a3a4a5a6a" }, "EngineVersion": "7.1", "Id": "123456789012", "LogPublishingOptions": { "IndexSlowLogs": { "CloudWatchLogsLogGroupArn": "arn:aws:logs:us-east-1:111122223333:log-group:/aws/aes/domains/es-index-slow-logs", "Enabled": true }, "SearchSlowLogs": { "CloudWatchLogsLogGroupArn": "arn:aws:logs:us-east-1:111122223333:log-group:/aws/aes/domains/es-slow-logs", "Enabled": true }, "AuditLogs": { "CloudWatchLogsLogGroupArn": "arn:aws:logs:us-east-1:111122223333:log-group:/aws/aes/domains/es-slow-logs", "Enabled": true } }, "NodeToNodeEncryptionOptions": { "Enabled": true }, "ServiceSoftwareOptions": { "AutomatedUpdateDate": "2022-04-28T14:08:37.000Z", "Cancellable": false, "CurrentVersion": "R20210331", "Description": "There is no software update available for this domain.", "NewVersion": "OpenSearch_1.0", "UpdateAvailable": false, "UpdateStatus": "COMPLETED", "OptionalDeployment": false }, "VpcOptions": { "SecurityGroupIds": [ "sg-2a3a4a5a" ], "SubnetIds": [ "subnet-1a2a3a4a" ], } }