Les traductions sont fournies par des outils de traduction automatique. En cas de conflit entre le contenu d'une traduction et celui de la version originale en anglais, la version anglaise prévaudra.
# AwsEcsressources dans ASFF
Voici des exemples de syntaxe ASFF ( AWS Security Finding Format) pour les `AwsEcs` ressources.
AWS Security Hub CSPM normalise les résultats provenant de diverses sources dans ASFF. Pour des informations générales sur ASFF, voir[AWS Format de recherche de sécurité (ASFF)](securityhub-findings-format.md).
## AwsEcsCluster
L'`AwsEcsCluster`objet fournit des informations sur un cluster Amazon Elastic Container Service.
L'exemple suivant montre le format ASFF ( AWS Security Finding Format) pour l'`AwsEcsCluster`objet. Pour consulter les descriptions des `AwsEcsCluster` attributs, reportez-vous [AwsEcsClusterDetails](https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_AwsEcsClusterDetails.html)à la *référence de l'AWS Security Hub API*.
**Exemple**
```
"AwsEcsCluster": {
"CapacityProviders": [],
"ClusterSettings": [
{
"Name": "containerInsights",
"Value": "enabled"
}
],
"Configuration": {
"ExecuteCommandConfiguration": {
"KmsKeyId": "kmsKeyId",
"LogConfiguration": {
"CloudWatchEncryptionEnabled": true,
"CloudWatchLogGroupName": "cloudWatchLogGroupName",
"S3BucketName": "s3BucketName",
"S3EncryptionEnabled": true,
"S3KeyPrefix": "s3KeyPrefix"
},
"Logging": "DEFAULT"
}
}
"DefaultCapacityProviderStrategy": [
{
"Base": 0,
"CapacityProvider": "capacityProvider",
"Weight": 1
}
]
}
```
## AwsEcsContainer
L'`AwsEcsContainer`objet contient des informations sur un conteneur Amazon ECS.
L'exemple suivant montre le format ASFF ( AWS Security Finding Format) pour l'`AwsEcsContainer`objet. Pour consulter les descriptions des `AwsEcsContainer` attributs, reportez-vous [AwsEcsContainerDetails](https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_AwsEcsContainerDetails.html)à la *référence de l'AWS Security Hub API*.
**Exemple**
```
"AwsEcsContainer": {
"Image": "1111111/knotejs@sha256:356131c9fef111111111111115f4ed8de5f9dce4dc3bd34bg21846588a3",
"MountPoints": [{
"ContainerPath": "/mnt/etc",
"SourceVolume": "vol-03909e9"
}],
"Name": "knote",
"Privileged": true
}
```
## AwsEcsService
L'`AwsEcsService`objet fournit des détails sur un service au sein d'un cluster Amazon ECS.
L'exemple suivant montre le format ASFF ( AWS Security Finding Format) pour l'`AwsEcsService`objet. Pour consulter les descriptions des `AwsEcsService` attributs, reportez-vous [AwsEcsServiceDetails](https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_AwsEcsServiceDetails.html)à la *référence de l'AWS Security Hub API*.
**Exemple**
```
"AwsEcsService": {
"CapacityProviderStrategy": [
{
"Base": 12,
"CapacityProvider": "",
"Weight": ""
}
],
"Cluster": "arn:aws:ecs:us-east-1:111122223333:cluster/example-ecs-cluster",
"DeploymentConfiguration": {
"DeploymentCircuitBreaker": {
"Enable": false,
"Rollback": false
},
"MaximumPercent": 200,
"MinimumHealthyPercent": 100
},
"DeploymentController": "",
"DesiredCount": 1,
"EnableEcsManagedTags": false,
"EnableExecuteCommand": false,
"HealthCheckGracePeriodSeconds": 1,
"LaunchType": "FARGATE",
"LoadBalancers": [
{
"ContainerName": "",
"ContainerPort": 23,
"LoadBalancerName": "",
"TargetGroupArn": ""
}
],
"Name": "sample-app-service",
"NetworkConfiguration": {
"AwsVpcConfiguration": {
"Subnets": [
"Subnet-example1",
"Subnet-example2"
],
"SecurityGroups": [
"Sg-0ce48e9a6e5b457f5"
],
"AssignPublicIp": "ENABLED"
}
},
"PlacementConstraints": [
{
"Expression": "",
"Type": ""
}
],
"PlacementStrategies": [
{
"Field": "",
"Type": ""
}
],
"PlatformVersion": "LATEST",
"PropagateTags": "",
"Role": "arn:aws:iam::111122223333:role/aws-servicerole/ecs.amazonaws.com/ServiceRoleForECS",
"SchedulingStrategy": "REPLICA",
"ServiceName": "sample-app-service",
"ServiceArn": "arn:aws:ecs:us-east-1:111122223333:service/example-ecs-cluster/sample-app-service",
"ServiceRegistries": [
{
"ContainerName": "",
"ContainerPort": 1212,
"Port": 1221,
"RegistryArn": ""
}
],
"TaskDefinition": "arn:aws:ecs:us-east-1:111122223333:task-definition/example-taskdef:1"
}
```
## AwsEcsTask
L'`AwsEcsTask`objet fournit des détails sur une tâche Amazon ECS.
L'exemple suivant montre le format ASFF ( AWS Security Finding Format) pour l'`AwsEcsTask`objet. Pour consulter les descriptions des `AwsEcsTask` attributs, reportez-vous [AwsEcsTask](https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_AwsEcsTaskDetails.html)à la *référence de l'AWS Security Hub API*.
**Exemple**
```
"AwsEcsTask": {
"ClusterArn": "arn:aws:ecs:us-west-2:123456789012:task/MyCluster/1234567890123456789",
"CreatedAt": "1557134011644",
"Group": "service:fargate-service",
"StartedAt": "1557134011644",
"StartedBy": "ecs-svc/1234567890123456789",
"TaskDefinitionArn": "arn:aws:ecs:us-west-2:123456789012:task-definition/sample-fargate:2",
"Version": 3,
"Volumes": [{
"Name": "string",
"Host": {
"SourcePath": "string"
}
}],
"Containers": {
"Image": "1111111/knotejs@sha256:356131c9fef111111111111115f4ed8de5f9dce4dc3bd34bg21846588a3",
"MountPoints": [{
"ContainerPath": "/mnt/etc",
"SourceVolume": "vol-03909e9"
}],
"Name": "knote",
"Privileged": true
}
}
```
## AwsEcsTaskDefinition
L'`AwsEcsTaskDefinition`objet contient des détails sur la définition d'une tâche. Une définition de tâche décrit les définitions de conteneur et de volume d'une tâche Amazon Elastic Container Service.
L'exemple suivant montre le format ASFF ( AWS Security Finding Format) pour l'`AwsEcsTaskDefinition`objet. Pour consulter les descriptions des `AwsEcsTaskDefinition` attributs, reportez-vous [AwsEcsTaskDefinitionDetails](https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_AwsEcsTaskDefinitionDetails.html)à la *référence de l'AWS Security Hub API*.
**Exemple**
```
"AwsEcsTaskDefinition": {
"ContainerDefinitions": [
{
"Command": ['ruby', 'hi.rb'],
"Cpu":128,
"Essential": true,
"HealthCheck": {
"Command": ["CMD-SHELL", "curl -f http://localhost/ || exit 1"],
"Interval": 10,
"Retries": 3,
"StartPeriod": 5,
"Timeout": 20
},
"Image": "tongueroo/sinatra:latest",
"Interactive": true,
"Links": [],
"LogConfiguration": {
"LogDriver": "awslogs",
"Options": {
"awslogs-group": "/ecs/sinatra-hi",
"awslogs-region": "ap-southeast-1",
"awslogs-stream-prefix": "ecs"
},
"SecretOptions": []
},
"MemoryReservation": 128,
"Name": "web",
"PortMappings": [
{
"ContainerPort": 4567,
"HostPort":4567,
"Protocol": "tcp"
}
],
"Privileged": true,
"StartTimeout": 10,
"StopTimeout": 100,
}
],
"Family": "sinatra-hi",
"NetworkMode": "host",
"RequiresCompatibilities": ["EC2"],
"Status": "ACTIVE",
"TaskRoleArn": "arn:aws:iam::111122223333:role/ecsTaskExecutionRole",
}
```