本文属于机器翻译版本。若本译文内容与英语原文存在差异,则一律以英文原文为准。
AwsNetworkFirewall
下面是示例如下Amazon的安全查找格式AwsNetworkFirewall资源。
AwsNetworkFirewallFirewall
这些区域有:AwsNetworkFirewallFirewall对象包含有关Amazon Network Firewall防火墙。
以下示例显示获取的结果显示提的结果显示AmazonSecurity Finding 格式 (ASFF)AwsNetworkFirewallFirewallobject 查看以下内容的描述AwsNetworkFirewallFirewall属性,请参阅AwsNetworkFirewallFirewallDetails在里面Amazon Security HubAPI 参考.
示例
"AwsNetworkFirewallFirewall": { "DeleteProtection": false, "FirewallArn": "arn:aws:network-firewall:us-east-1:024665936331:firewall/testfirewall", "FirewallPolicyArn": "arn:aws:network-firewall:us-east-1:444455556666:firewall-policy/InitialFirewall", "FirewallId": "dea7d8e9-ae38-4a8a-b022-672a830a99fa", "FirewallName": "testfirewall", "FirewallPolicyChangeProtection": false, "SubnetChangeProtection": false, "SubnetMappings": [ { "SubnetId": "subnet-0183481095e588cdc" }, { "SubnetId": "subnet-01f518fad1b1c90b0" } ], "VpcId": "vpc-40e83c38" }
AwsNetworkFirewallFirewallPolicy
这些区域有:AwsNetworkFirewallFirewallPolicy对象提供有关防火墙策略的详细信息。防火墙策略定义网络防火墙的行为。
以下示例显示获取的结果显示提的结果显示AmazonSecurity Finding 格式 (ASFF)AwsNetworkFirewallFirewallPolicyobject 查看以下内容的描述AwsNetworkFirewallFirewallPolicy属性,请参阅AwsNetworkFirewallFirewallPolicyDetails在里面Amazon Security HubAPI 参考.
示例
"AwsNetworkFirewallFirewallPolicy": { "FirewallPolicy": { "StatefulRuleGroupReferences": [ { "ResourceArn": "arn:aws:network-firewall:us-east-1:444455556666:stateful-rulegroup/PatchesOnly" } ], "StatelessDefaultActions": [ "aws:forward_to_sfe" ], "StatelessFragmentDefaultActions": [ "aws:forward_to_sfe" ], "StatelessRuleGroupReferences": [ { "Priority": 1, "ResourceArn": "arn:aws:network-firewall:us-east-1:444455556666:stateless-rulegroup/Stateless-1" } ] }, "FirewallPolicyArn": "arn:aws:network-firewall:us-east-1:444455556666:firewall-policy/InitialFirewall", "FirewallPolicyId": "9ceeda22-6050-4048-a0ca-50ce47f0cc65", "FirewallPolicyName": "InitialFirewall", "Description": "Initial firewall" }
AwsNetworkFirewallRuleGroup
这些区域有:AwsNetworkFirewallRuleGroup对象提供有关Amazon Network Firewall规则组。规则组用于检查和控制网络流量。无状态规则组适用于单个数据包。有状态规则组适用于数据包的流量上下文。
防火墙策略中引用了规则组。
以下示例显示了AmazonSecurity Finding 格式 (ASFF)AwsNetworkFirewallRuleGroupobject 查看以下内容的描述AwsNetworkFirewallRuleGroup属性,请参阅AwsNetworkFirewallRuleGroupDetails在里面Amazon Security HubAPI 参考.
示例-无状态规则组
"AwsNetworkFirewallRuleGroup": { "Capacity": 600, "RuleGroupArn": "arn:aws:network-firewall:us-east-1:444455556666:stateless-rulegroup/Stateless-1", "RuleGroupId": "fb13c4df-b6da-4c1e-91ec-84b7a5487493", "RuleGroupName": "Stateless-1" "Description": "Example of a stateless rule group", "Type": "STATELESS", "RuleGroup": { "RulesSource": { "StatelessRulesAndCustomActions": { "CustomActions": [], "StatelessRules": [ { "Priority": 1, "RuleDefinition": { "Actions": [ "aws:pass" ], "MatchAttributes": { "DestinationPorts": [ { "FromPort": 443, "ToPort": 443 } ], "Destinations": [ { "AddressDefinition": "192.0.2.0/24" } ], "Protocols": [ 6 ], "SourcePorts": [ { "FromPort": 0, "ToPort": 65535 } ], "Sources": [ { "AddressDefinition": "198.51.100.0/24" } ] } } } ] } } } }
示例-有状态的规则组
"AwsNetworkFirewallRuleGroup": { "Capacity": 100, "RuleGroupArn": "arn:aws:network-firewall:us-east-1:444455556666:stateful-rulegroup/tupletest", "RuleGroupId": "38b71c12-da80-4643-a6c5-03337f8933e0", "RuleGroupName": "ExampleRuleGroup", "Description": "Example of a stateful rule group", "Type": "STATEFUL", "RuleGroup": { "RuleSource": { "StatefulRules": [ { "Action": "PASS", "Header": { "Destination": "Any", "DestinationPort": "443", "Direction": "ANY", "Protocol": "TCP", "Source": "Any", "SourcePort": "Any" }, "RuleOptions": [ { "Keyword": "sid:1" } ] } ] } } }
以下是以下的有效值示例列表AwsNetworkFirewallRuleGroup属性:
Action有效值:
PASS|DROP|ALERTProtocol有效值:
IP|TCP|UDP|ICMP|HTTP|FTP|TLS|SMB|DNS|DCERPC|SSH|SMTP|IMAP|MSN|KRB5|IKEV2|TFTP|NTP|DHCPFlags有效值:
FIN|SYN|RST|PSH|ACK|URG|ECE|CWRMasks有效值:
FIN|SYN|RST|PSH|ACK|URG|ECE|CWR