Terjemahan disediakan oleh mesin penerjemah. Jika konten terjemahan yang diberikan bertentangan dengan versi bahasa Inggris aslinya, utamakan versi bahasa Inggris.
# AwsEc2 sumber daya di ASFF
Berikut ini adalah contoh sintaks AWS Security Finding Format (ASFF) untuk `AwsEc2` sumber daya.
AWS Security Hub CSPM menormalkan temuan dari berbagai sumber menjadi ASFF. Untuk informasi latar belakang tentang ASFF, lihat[AWS Format Pencarian Keamanan (ASFF)](securityhub-findings-format.md).
## AwsEc2ClientVpnEndpoint
`AwsEc2ClientVpnEndpoint`Objek memberikan informasi tentang AWS Client VPN titik akhir. Titik akhir Client VPN adalah sumber daya yang Anda buat dan konfigurasikan untuk mengaktifkan dan mengelola sesi VPN klien. Ini adalah titik terminasi untuk semua sesi VPN klien.
Contoh berikut menunjukkan AWS Security Finding Format (ASFF) untuk `AwsEc2ClientVpnEndpoint` objek. Untuk melihat deskripsi `AwsEc2ClientVpnEndpoint` atribut, lihat [AwsEc2ClientVpnEndpointDetails](https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_AwsEc2ClientVpnEndpointDetails.html)di *Referensi AWS Security Hub API*.
**Contoh**
```
"AwsEc2ClientVpnEndpoint": {
"AuthenticationOptions": [
{
"MutualAuthentication": {
"ClientRootCertificateChainArn": "arn:aws:acm:us-east-1:123456789012:certificate/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111"
},
"Type": "certificate-authentication"
}
],
"ClientCidrBlock": "10.0.0.0/22",
"ClientConnectOptions": {
"Enabled": false
},
"ClientLoginBannerOptions": {
"Enabled": false
},
"ClientVpnEndpointId": "cvpn-endpoint-00c5d11fc4729f2a5",
"ConnectionLogOptions": {
"Enabled": false
},
"Description": "test",
"DnsServer": ["10.0.0.0"],
"ServerCertificateArn": "arn:aws:acm:us-east-1:123456789012:certificate/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111",
"SecurityGroupIdSet": [
"sg-0f7a177b82b443691"
],
"SelfServicePortalUrl": "https://self-service.clientvpn.amazonaws.com/endpoints/cvpn-endpoint-00c5d11fc4729f2a5",
"SessionTimeoutHours": 24,
"SplitTunnel": false,
"TransportProtocol": "udp",
"VpcId": "vpc-1a2b3c4d5e6f1a2b3",
"VpnPort": 443
}
```
## AwsEc2Eip
`AwsEc2Eip`Objek memberikan informasi tentang alamat IP Elastis.
Contoh berikut menunjukkan AWS Security Finding Format (ASFF) untuk `AwsEc2Eip` objek. Untuk melihat deskripsi `AwsEc2Eip` atribut, lihat [AwsEc2EipDetails](https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_AwsEc2EipDetails.html)di *Referensi AWS Security Hub API*.
**Contoh**
```
"AwsEc2Eip": {
"InstanceId": "instance1",
"PublicIp": "192.0.2.04",
"AllocationId": "eipalloc-example-id-1",
"AssociationId": "eipassoc-example-id-1",
"Domain": "vpc",
"PublicIpv4Pool": "anycompany",
"NetworkBorderGroup": "eu-central-1",
"NetworkInterfaceId": "eni-example-id-1",
"NetworkInterfaceOwnerId": "777788889999",
"PrivateIpAddress": "192.0.2.03"
}
```
## AwsEc2Instance
`AwsEc2Instance`Objek memberikan detail tentang instans Amazon EC2.
Contoh berikut menunjukkan AWS Security Finding Format (ASFF) untuk `AwsEc2Instance` objek. Untuk melihat deskripsi `AwsEc2Instance` atribut, lihat [AwsEc2InstanceDetails](https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_AwsEc2InstanceDetails.html)di *Referensi AWS Security Hub API*.
**Contoh**
```
"AwsEc2Instance": {
"IamInstanceProfileArn": "arn:aws:iam::123456789012:instance-profile/AdminRole",
"ImageId": "ami-1234",
"IpV4Addresses": [ "1.1.1.1" ],
"IpV6Addresses": [ "2001:db8:1234:1a2b::123" ],
"KeyName": "my_keypair",
"LaunchedAt": "2018-05-08T16:46:19.000Z",
"MetadataOptions": {
"HttpEndpoint": "enabled",
"HttpProtocolIpv6": "enabled",
"HttpPutResponseHopLimit": 1,
"HttpTokens": "optional",
"InstanceMetadataTags": "disabled",
},
"Monitoring": {
"State": "disabled"
},
"NetworkInterfaces": [
{
"NetworkInterfaceId": "eni-e5aa89a3"
}
],
"SubnetId": "subnet-123",
"Type": "i3.xlarge",
"VpcId": "vpc-123"
}
```
## AwsEc2LaunchTemplate
`AwsEc2LaunchTemplate`Objek berisi detail tentang template peluncuran Amazon Elastic Compute Cloud yang menentukan informasi konfigurasi instance.
Contoh berikut menunjukkan AWS Security Finding Format (ASFF) untuk `AwsEc2LaunchTemplate` objek. Untuk melihat deskripsi `AwsEc2LaunchTemplate` atribut, lihat [AwsEc2LaunchTemplateDetails](https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_AwsEc2LaunchTemplateDetals.html)di *Referensi AWS Security Hub API*.
**Contoh**
```
"AwsEc2LaunchTemplate": {
"DefaultVersionNumber": "1",
"ElasticGpuSpecifications": ["string"],
"ElasticInferenceAccelerators": ["string"],
"Id": "lt-0a16e9802800bdd85",
"ImageId": "ami-0d5eff06f840b45e9",
"LatestVersionNumber": "1",
"LaunchTemplateData": {
"BlockDeviceMappings": [{
"DeviceName": "/dev/xvda",
"Ebs": {
"DeleteonTermination": true,
"Encrypted": true,
"SnapshotId": "snap-01047646ec075f543",
"VolumeSize": 8,
"VolumeType:" "gp2"
}
}],
"MetadataOptions": {
"HttpTokens": "enabled",
"HttpPutResponseHopLimit" : 1
},
"Monitoring": {
"Enabled": true,
"NetworkInterfaces": [{
"AssociatePublicIpAddress" : true,
}],
"LaunchTemplateName": "string",
"LicenseSpecifications": ["string"],
"SecurityGroupIds": ["sg-01fce87ad6e019725"],
"SecurityGroups": ["string"],
"TagSpecifications": ["string"]
}
```
## AwsEc2NetworkAcl
`AwsEc2NetworkAcl`Objek berisi rincian tentang daftar kontrol akses jaringan Amazon EC2 (ACL).
Contoh berikut menunjukkan AWS Security Finding Format (ASFF) untuk `AwsEc2NetworkAcl` objek. Untuk melihat deskripsi `AwsEc2NetworkAcl` atribut, lihat [AwsEc2NetworkAclDetails](https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_AwsEc2NetworkAclDetails.html)di *Referensi AWS Security Hub API*.
**Contoh**
```
"AwsEc2NetworkAcl": {
"IsDefault": false,
"NetworkAclId": "acl-1234567890abcdef0",
"OwnerId": "123456789012",
"VpcId": "vpc-1234abcd",
"Associations": [{
"NetworkAclAssociationId": "aclassoc-abcd1234",
"NetworkAclId": "acl-021345abcdef6789",
"SubnetId": "subnet-abcd1234"
}],
"Entries": [{
"CidrBlock": "10.24.34.0/23",
"Egress": true,
"IcmpTypeCode": {
"Code": 10,
"Type": 30
},
"Ipv6CidrBlock": "2001:DB8::/32",
"PortRange": {
"From": 20,
"To": 40
},
"Protocol": "tcp",
"RuleAction": "allow",
"RuleNumber": 100
}]
}
```
## AwsEc2NetworkInterface
`AwsEc2NetworkInterface`Objek menyediakan informasi tentang antarmuka jaringan Amazon EC2.
Contoh berikut menunjukkan AWS Security Finding Format (ASFF) untuk `AwsEc2NetworkInterface` objek. Untuk melihat deskripsi `AwsEc2NetworkInterface` atribut, lihat [AwsEc2NetworkInterfaceDetails](https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_AwsEc2NetworkInterfaceDetails.html)di *Referensi AWS Security Hub API*.
**Contoh**
```
"AwsEc2NetworkInterface": {
"Attachment": {
"AttachTime": "2019-01-01T03:03:21Z",
"AttachmentId": "eni-attach-43348162",
"DeleteOnTermination": true,
"DeviceIndex": 123,
"InstanceId": "i-1234567890abcdef0",
"InstanceOwnerId": "123456789012",
"Status": 'ATTACHED'
},
"SecurityGroups": [
{
"GroupName": "my-security-group",
"GroupId": "sg-903004f8"
},
],
"NetworkInterfaceId": 'eni-686ea200',
"SourceDestCheck": false
}
```
## AwsEc2RouteTable
`AwsEc2RouteTable`Objek memberikan informasi tentang tabel rute Amazon EC2.
Contoh berikut menunjukkan AWS Security Finding Format (ASFF) untuk `AwsEc2RouteTable` objek. Untuk melihat deskripsi `AwsEc2RouteTable` atribut, lihat [AwsEc2RouteTableDetails](https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_AwsEc2RouteTableDetails.html)di *Referensi AWS Security Hub API*.
**Contoh**
```
"AwsEc2RouteTable": {
"AssociationSet": [{
"AssociationSet": {
"State": "associated"
},
"Main": true,
"RouteTableAssociationId": "rtbassoc-08e706c45de9f7512",
"RouteTableId": "rtb-0a59bde9cf2548e34",
}],
"PropogatingVgwSet": [],
"RouteTableId": "rtb-0a59bde9cf2548e34",
"RouteSet": [
{
"DestinationCidrBlock": "10.24.34.0/23",
"GatewayId": "local",
"Origin": "CreateRouteTable",
"State": "active"
},
{
"DestinationCidrBlock": "10.24.34.0/24",
"GatewayId": "igw-0242c2d7d513fc5d3",
"Origin": "CreateRoute",
"State": "active"
}
],
"VpcId": "vpc-0c250a5c33f51d456"
}
```
## AwsEc2SecurityGroup
`AwsEc2SecurityGroup`Objek tersebut menggambarkan grup keamanan Amazon EC2.
Contoh berikut menunjukkan AWS Security Finding Format (ASFF) untuk `AwsEc2SecurityGroup` objek. Untuk melihat deskripsi `AwsEc2SecurityGroup` atribut, lihat [AwsEc2SecurityGroupDetails](https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_AwsEc2SecurityGroupDetails.html)di *Referensi AWS Security Hub API*.
**Contoh**
```
"AwsEc2SecurityGroup": {
"GroupName": "MySecurityGroup",
"GroupId": "sg-903004f8",
"OwnerId": "123456789012",
"VpcId": "vpc-1a2b3c4d",
"IpPermissions": [
{
"IpProtocol": "-1",
"IpRanges": [],
"UserIdGroupPairs": [
{
"UserId": "123456789012",
"GroupId": "sg-903004f8"
}
],
"PrefixListIds": [
{"PrefixListId": "pl-63a5400a"}
]
},
{
"PrefixListIds": [],
"FromPort": 22,
"IpRanges": [
{
"CidrIp": "203.0.113.0/24"
}
],
"ToPort": 22,
"IpProtocol": "tcp",
"UserIdGroupPairs": []
}
]
}
```
## AwsEc2Subnet
`AwsEc2Subnet`Objek memberikan informasi tentang subnet di Amazon EC2.
Contoh berikut menunjukkan AWS Security Finding Format (ASFF) untuk `AwsEc2Subnet` objek. Untuk melihat deskripsi `AwsEc2Subnet` atribut, lihat [AwsEc2SubnetDetails](https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_AwsEc2SubnetDetails.html)di *Referensi AWS Security Hub API*.
**Contoh**
```
AwsEc2Subnet: {
"AssignIpv6AddressOnCreation": false,
"AvailabilityZone": "us-west-2c",
"AvailabilityZoneId": "usw2-az3",
"AvailableIpAddressCount": 8185,
"CidrBlock": "10.0.0.0/24",
"DefaultForAz": false,
"MapPublicIpOnLaunch": false,
"OwnerId": "123456789012",
"State": "available",
"SubnetArn": "arn:aws:ec2:us-west-2:123456789012:subnet/subnet-d5436c93",
"SubnetId": "subnet-d5436c93",
"VpcId": "vpc-153ade70",
"Ipv6CidrBlockAssociationSet": [{
"AssociationId": "subnet-cidr-assoc-EXAMPLE",
"Ipv6CidrBlock": "2001:DB8::/32",
"CidrBlockState": "associated"
}]
}
```
## AwsEc2TransitGateway
`AwsEc2TransitGateway`Objek ini memberikan detail tentang gateway transit Amazon EC2 yang menghubungkan cloud pribadi virtual (VPC) dan jaringan lokal Anda.
Berikut ini adalah contoh `AwsEc2TransitGateway` temuan dalam AWS Security Finding Format (ASFF). Untuk melihat deskripsi `AwsEc2TransitGateway` atribut, lihat [AwsEc2TransitGatewayDetails](https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_AwsEc2TransitGatewayDetails.html)di *Referensi AWS Security Hub API*.
**Contoh**
```
"AwsEc2TransitGateway": {
"AmazonSideAsn": 65000,
"AssociationDefaultRouteTableId": "tgw-rtb-099ba47cbbea837cc",
"AutoAcceptSharedAttachments": "disable",
"DefaultRouteTableAssociation": "enable",
"DefaultRouteTablePropagation": "enable",
"Description": "sample transit gateway",
"DnsSupport": "enable",
"Id": "tgw-042ae6bf7a5c126c3",
"MulticastSupport": "disable",
"PropagationDefaultRouteTableId": "tgw-rtb-099ba47cbbea837cc",
"TransitGatewayCidrBlocks": ["10.0.0.0/16"],
"VpnEcmpSupport": "enable"
}
```
## AwsEc2Volume
`AwsEc2Volume`Objek memberikan detail tentang volume Amazon EC2.
Contoh berikut menunjukkan AWS Security Finding Format (ASFF) untuk `AwsEc2Volume` objek. Untuk melihat deskripsi `AwsEc2Volume` atribut, lihat [AwsEc2VolumeDetails](https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_AwsEc2VolumeDetails.html)di *Referensi AWS Security Hub API*.
**Contoh**
```
"AwsEc2Volume": {
"Attachments": [
{
"AttachTime": "2017-10-17T14:47:11Z",
"DeleteOnTermination": true,
"InstanceId": "i-123abc456def789g",
"Status": "attached"
}
],
"CreateTime": "2020-02-24T15:54:30Z",
"Encrypted": true,
"KmsKeyId": "arn:aws:kms:us-east-1:111122223333:key/wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY",
"Size": 80,
"SnapshotId": "",
"Status": "available"
}
```
## AwsEc2Vpc
`AwsEc2Vpc`Objek tersebut memberikan detail tentang VPC Amazon EC2.
Contoh berikut menunjukkan AWS Security Finding Format (ASFF) untuk `AwsEc2Vpc` objek. Untuk melihat deskripsi `AwsEc2Vpc` atribut, lihat [AwsEc2VpcDetails](https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_AwsEc2VpcDetails.html)di *Referensi AWS Security Hub API*.
**Contoh**
```
"AwsEc2Vpc": {
"CidrBlockAssociationSet": [
{
"AssociationId": "vpc-cidr-assoc-0dc4c852f52abda97",
"CidrBlock": "192.0.2.0/24",
"CidrBlockState": "associated"
}
],
"DhcpOptionsId": "dopt-4e42ce28",
"Ipv6CidrBlockAssociationSet": [
{
"AssociationId": "vpc-cidr-assoc-0dc4c852f52abda97",
"CidrBlockState": "associated",
"Ipv6CidrBlock": "192.0.2.0/24"
}
],
"State": "available"
}
```
## AwsEc2VpcEndpointService
`AwsEc2VpcEndpointService`Objek berisi rincian tentang konfigurasi layanan untuk layanan titik akhir VPC.
Contoh berikut menunjukkan AWS Security Finding Format (ASFF) untuk `AwsEc2VpcEndpointService` objek. Untuk melihat deskripsi `AwsEc2VpcEndpointService` atribut, lihat [AwsEc2VpcEndpointServiceDetails](https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_AwsEc2VpcEndpointServiceDetails.html)di *Referensi AWS Security Hub API*.
**Contoh**
```
"AwsEc2VpcEndpointService": {
"ServiceType": [
{
"ServiceType": "Interface"
}
],
"ServiceId": "vpce-svc-example1",
"ServiceName": "com.amazonaws.vpce.us-east-1.vpce-svc-example1",
"ServiceState": "Available",
"AvailabilityZones": [
"us-east-1"
],
"AcceptanceRequired": true,
"ManagesVpcEndpoints": false,
"NetworkLoadBalancerArns": [
"arn:aws:elasticloadbalancing:us-east-1:444455556666:loadbalancer/net/my-network-load-balancer/example1"
],
"GatewayLoadBalancerArns": [],
"BaseEndpointDnsNames": [
"vpce-svc-04eec859668b51c34.us-east-1.vpce.amazonaws.com"
],
"PrivateDnsName": "my-private-dns"
}
```
## AwsEc2VpcPeeringConnection
`AwsEc2VpcPeeringConnection`Objek memberikan rincian tentang koneksi jaringan antara dua VPC.
Contoh berikut menunjukkan AWS Security Finding Format (ASFF) untuk `AwsEc2VpcPeeringConnection` objek. Untuk melihat deskripsi `AwsEc2VpcPeeringConnection` atribut, lihat [AwsEc2VpcPeeringConnectionDetails](https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_AwsEc2VpcPeeringConnectionDetails.html)di *Referensi AWS Security Hub API*.
**Contoh**
```
"AwsEc2VpcPeeringConnection": {
"AccepterVpcInfo": {
"CidrBlock": "10.0.0.0/28",
"CidrBlockSet": [{
"CidrBlock": "10.0.0.0/28"
}],
"Ipv6CidrBlockSet": [{
"Ipv6CidrBlock": "2002::1234:abcd:ffff:c0a8:101/64"
}],
"OwnerId": "012345678910",
"PeeringOptions": {
"AllowDnsResolutionFromRemoteVpc": true,
"AllowEgressFromLocalClassicLinkToRemoteVpc": false,
"AllowEgressFromLocalVpcToRemoteClassicLink": true
},
"Region": "us-west-2",
"VpcId": "vpc-i123456"
},
"ExpirationTime": "2022-02-18T15:31:53.161Z",
"RequesterVpcInfo": {
"CidrBlock": "192.168.0.0/28",
"CidrBlockSet": [{
"CidrBlock": "192.168.0.0/28"
}],
"Ipv6CidrBlockSet": [{
"Ipv6CidrBlock": "2002::1234:abcd:ffff:c0a8:101/64"
}],
"OwnerId": "012345678910",
"PeeringOptions": {
"AllowDnsResolutionFromRemoteVpc": true,
"AllowEgressFromLocalClassicLinkToRemoteVpc": false,
"AllowEgressFromLocalVpcToRemoteClassicLink": true
},
"Region": "us-west-2",
"VpcId": "vpc-i123456"
},
"Status": {
"Code": "initiating-request",
"Message": "Active"
},
"VpcPeeringConnectionId": "pcx-1a2b3c4d"
}
```