Unterstützte Ressourcen- und Diensttypen für Multicloud in foundational CSPM

Auf dieser Seite sind die Ressourcen- und Diensttypen aufgeführt, die für Amazon Web Services (AWS) und Google Cloud Platform (GCP) in der Defender for Clouds foundational Cloud Security Posture Management (CSPM)-Ebene unterstützt werden.

In AWS unterstützte Ressourcentypen

Anbieternamespace	Name des Ressourcentyps
AccessAnalyzer	AnalyzerSummary
ApiGateway	Phase
AppSync	GraphqlApi
ApplicationAutoScaling	ScalableTarget
AutoScaling	AutoScalingGroup
AWS	Konto
AWS	AccountInRegion
CertificateManager	CertificateTags
CertificateManager	CertificateDetail
CertificateManager	CertificateSummary
CloudFormation	StackSummary
CloudFormation	StackTemplate
CloudFormation	StackInstanceSummary
CloudFormation	Stapel
CloudFormation	StackResourceSummary
CloudFront	DistributionConfig
CloudFront	DistributionSummary
CloudFront	DistributionTags
CloudTrail	EventSelector
CloudTrail	Trail
CloudTrail	TrailStatus
CloudTrail	TrailTags
CloudWatch	MetricAlarm
CloudWatch	MetricAlarmTags
CloudWatchLogs	LogGroup
CloudWatchLogs	MetricFilter
CodeBuild	Projekt
CodeBuild	Projektname
CodeBuild	SourceCredentialsInfo
ConfigService	ConfigurationRecorder
ConfigService	ConfigurationRecorderStatus
ConfigService	DeliveryChannel
DAX	Cluster
DAX	ClusterTags
DatabaseMigrationService	ReplicationInstance
DynamoDB	ContinuousBackupsDescription
DynamoDB	TableDescription
DynamoDB	TableTags
DynamoDB	TableName
EC2	Snapshot
EC2	Subnetz
EC2	Volume
EC2	VPC
EC2	VpcEndpoint
EC2	VpcPeeringConnection
EC2	Instanz
EC2	AccountAttribute
EC2	Adresse
EC2	CreateVolumePermission
EC2	EbsEncryptionByDefault
EC2	FlowLog
EC2	Abbildung
EC2	InstanceStatus
EC2	InstanceTypeInfo
EC2	NetworkAcl
EC2	NetworkInterface
EC2	Region
EC2	Reservierung
EC2	RouteTable
EC2	SecurityGroup
ECR	Abbildung
ECR	Repository
ECR	RepositoryPolicy
ECS	TaskDefinition
ECS	ServiceArn
ECS	Dienst
ECS	ClusterArn
ECS	TaskDefinitionTags
ECS	TaskDefinitionArn
EFS	FileSystemDescription
EFS	MountTargetDescription
EKS	Cluster
EKS	Nodegroup
EKS	NodegroupName
EKS	ClusterName
EMR	Cluster
ElasticBeanstalk	ConfigurationSettingsDescription
ElasticBeanstalk	EnvironmentDescription
ElasticLoadBalancing	LoadBalancerTags
ElasticLoadBalancing	LoadBalancer
ElasticLoadBalancing	LoadBalancerAttributes
ElasticLoadBalancing	LoadBalancerPolicy
ElasticLoadBalancingV2	LoadBalancerTags
ElasticLoadBalancingV2	Regel
ElasticLoadBalancingV2	TargetGroup
ElasticLoadBalancingV2	TargetHealthDescription
ElasticLoadBalancingV2	LoadBalancer
ElasticLoadBalancingV2	Listener
ElasticLoadBalancingV2	LoadBalancerAttribute
Elasticsearch	DomainInfo
Elasticsearch	DomainStatus
Elasticsearch	DomainTags
GuardDuty	DetectorId
Iam	AccountAlias
Iam	AttachedPolicyType
Iam	CredentialReport
Iam	Group
Iam	InstanceProfile
Iam	MFADevice
Iam	PasswordPolicy
Iam	ServerCertificateMetadata
Iam	SummaryMap
Iam	Benutzer
Iam	UserPolicies
Iam	VirtualMFADevice
Iam	ManagedPolicy
Iam	ManagedPolicy
Iam	AccessKeyLastUsed
Iam	AccessKeyMetadata
Iam	PolicyVersion
Iam	PolicyVersion
Intern	Iam_EntitiesForPolicy
Intern	Iam_EntitiesForPolicy
Intern	AwsSecurityConnector
KMS	KeyPolicyName
KMS	KeyRotationStatus
KMS	KeyTags
KMS	KeyPolicy
KMS	KeyMetadata
KMS	KeyListEntry
KMS	AliasListEntry
Lambda	FunctionCodeLocation
Lambda	FunctionConfiguration
Lambda	FunctionPolicy
Lambda	FunctionTags
Macie2	JobSummary
Macie2	MacieStatus
NetworkFirewall	Firewall
NetworkFirewall	FirewallMetadata
NetworkFirewall	FirewallPolicy
NetworkFirewall	FirewallPolicyMetadata
NetworkFirewall	Regelgruppe
NetworkFirewall	RuleGroupMetadata
RDS	ExportTask
RDS	DBClusterSnapshot
RDS	DBSnapshot
RDS	DBSnapshotAttributesResult
RDS	EventSubscription
RDS	DBCluster
RDS	DBInstance
RDS	DBClusterSnapshotAttributesResult
RedShift	LoggingStatus
RedShift	Parameter
Redshift	Cluster
Route53	HostedZone
Route53	ResourceRecordSet
Route53Domains	DomainSummary
S3	S3Region
S3	S3BucketTags
S3	S3Bucket
S3	BucketPolicy
S3	BucketEncryption
S3	BucketPublicAccessBlockConfiguration
S3	BucketVersioning
S3	LifecycleConfiguration
S3	PolicyStatus
S3	ReplicationConfiguration
S3	S3AccessControlList
S3	S3BucketLoggingConfig
S3Control	PublicAccessBlockConfiguration
SNS	Abonnement
SNS	Thema
SNS	TopicAttributes
SNS	TopicTags
SQS	Warteschlange
SQS	QueueAttributes
SQS	QueueTags
SageMaker	NotebookInstanceSummary
SageMaker	DescribeNotebookInstanceTags
SageMaker	DescribeNotebookInstanceResponse
SecretsManager	SecretResourcePolicy
SecretsManager	SecretListEntry
SecretsManager	DescribeSecretResponse
SimpleSystemsManagement	ParameterMetadata
SimpleSystemsManagement	ParameterTags
SimpleSystemsManagement	ResourceComplianceSummary
SimpleSystemsManagement	InstanceInformation
WAF	LoggingConfiguration
WAF	WebACL
WAF	WebACLSummary
WAFV2	ApplicationLoadBalancerForWebACL
WAFV2	WebACLSummary

In GCP unterstützte Ressourcentypen

Anbieternamespace	Name des Ressourcentyps
ApiKeys	Schlüssel
ArtifactRegistry	Abbildung
ArtifactRegistry	Repository
ArtifactRegistry	RepositoryPolicy
Bigquery	Dataset
Bigquery	DatasetData
Bigquery	Tabelle
Bigquery	TablePolicy
Bigquery	TablesData
CloudKMS	CryptoKey
CloudKMS	CryptoKeyPolicy
CloudKMS	KeyRing
CloudKMS	KeyRingPolicy
CloudResourceManager	Projekt
CloudResourceManager	Ancestor
CloudResourceManager	AncestorPolicy
CloudResourceManager	EffectiveOrgPolicy
CloudResourceManager	Ordner
CloudResourceManager	FolderPolicy
CloudResourceManager	Organisation
CloudResourceManager	OrganizationPolicy
CloudResourceManager	Policy
Compute	Instanz
Compute	BackendService
Compute	BackendService
Compute	Datenträger
Compute	EffectiveFirewalls
Compute	Firewall
Compute	ForwardingRule
Compute	GlobalForwardingRule
Compute	InstanceGroup
Compute	InstanceGroupInstance
Compute	InstanceGroupManager
Compute	InstanceGroupManager
Compute	InstanceTemplate
Compute	MachineType
Compute	ManagedInstance
Compute	ManagedInstance
Compute	Netzwerk
Compute	NetworkEffectiveFirewalls
Compute	Projekt
Compute	SslPolicy
Compute	Subnetwork
Compute	TargetHttpProxy
Compute	TargetHttpsProxy
Compute	TargetPool
Compute	TargetSslProxy
Compute	TargetTcpProxy
Compute	UrlMap
Container	Cluster
Dns	ManagedZone
Dns	Policy
IAM (IAM)	OrganizationRole
IAM (IAM)	ProjectRole
IAM (IAM)	Role
IAM (IAM)	ServiceAccount
IAM (IAM)	ServiceAccountKey
Intern	GcpSecurityConnector
Logging	AncestorLogSink
Logging	LogEntry
Logging	LogMetric
Logging	LogSink
Überwachung	AlertPolicy
OsConfig	OSPolicyAssignment
OsConfig	OSPolicyAssignmentReport
SQLAdmin	DatabaseInstance
SecretManager	Geheimnis
SecretManager	SecretPolicy
Storage	Bucket
Storage	BucketPolicy

Weitere Informationen

• Überprüfen Sie die in Azure-Cloudumgebungen unterstützte Features für weitere Informationen zur kommerziellen und nationalen Cloudabdeckung.
• Schauen Sie sich Folgendes an: Zukünftige Sicherheitsvorfälle vorhersagen! Cloud Security Posture Management mit Microsoft Defender.
• Weitere Informationen über Sicherheitsstandards und Empfehlungen.
• Weitere Informationen über die Sicherheitsbewertung.