AWS Resources

aws.account.alternateContact

AWS Account alternate contact

aws.acm

AWS Certificate Manager resource (for assessing the configuration of AWS Certificate Manager)

aws.acm.certificate

AWS Certificate Manager Certificate resource (provides an object representing an individual ACM certificate)

aws.apigateway

Amazon API Gateway

aws.apigateway.restapi

Amazon API Gateway REST API

aws.apigateway.stage

Amazon API Gateway REST API stages

aws.applicationAutoscaling

AWS Application Auto Scaling

aws.applicationAutoscaling.target

AWS Application Auto Scaling target

aws.autoscaling

AWS Auto Scaling

aws.backup.vaultRecoveryPoint

aws.autoscaling.group

AWS Auto Scaling group

AWS Backup

AWS Backup vault

AWS Backup vault recovery point

aws.cloudfront

Amazon CloudFront

aws.cloudfront.distribution

Amazon CloudFront distribution

aws.cloudfront.distribution.origin

Amazon CloudFront distribution origin

aws.cloudfront.function

Amazon CloudFront function

aws.cloudtrail

AWS CloudTrail

aws.cloudtrail.trail

AWS CloudTrail trail

aws.cloudwatch

Amazon CloudWatch

aws.cloudwatch.loggroup

Amazon CloudWatch log group

aws.cloudwatch.loggroup.metricsfilter

Amazon CloudWatch log group metrics filter

aws.cloudwatch.metric

Amazon CloudWatch metric

aws.cloudwatch.metric.datapoint

Amazon CloudWatch metric datapoint

aws.cloudwatch.metricdimension

Amazon CloudWatch metric dimension

aws.cloudwatch.metricsalarm

Amazon CloudWatch metrics alarm

aws.cloudwatch.metricstatistics

Amazon CloudWatch metric statistics

aws.codebuild

AWS CodeBuild for building and testing code

aws.codebuild.project

AWS CodeBuild project

aws.codedeploy

AWS CodeDeploy

aws.codedeploy.application

AWS CodeDeploy Application

aws.codedeploy.deployment

AWS CodeDeploy Deployment

18 fields

aws.codedeploy.deploymentGroup

AWS CodeDeploy Deployment Group

18 fields

aws.config

AWS Config

aws.config.deliverychannel

AWS Config delivery channel

aws.config.recorder

AWS Config recorder

aws.config.rule

AWS Config rule

aws.dms

AWS Database Migration Service (DMS)

1 field

aws.dynamodb

Amazon DynamoDB

aws.dynamodb.export

Amazon DynamoDB Export

aws.dynamodb.globaltable

Amazon DynamoDB global table

aws.dynamodb.limit

Amazon DynamoDB limits

aws.dynamodb.table

Amazon DynamoDB table

17 fields

aws.ec2

Amazon EC2

22 fields

aws.ec2.eip

Amazon Elastic IP (EIP)

aws.ec2.image

Amazon EC2 image (AMI)

aws.ec2.instance.device

aws.ec2.instance

Amazon EC2 instance

38 fields

Amazon EC2 instance block device

aws.ec2.internetgateway

Amazon EC2 internet gateway

Amazon EC2 key pair

Amazon EC2 network ACL

aws.ec2.networkacl.association

aws.ec2.networkacl.entry

Amazon EC2 network ACL entry

aws.ec2.networkacl.entry.portrange

Amazon EC2 network ACL entry port range

aws.ec2.networkinterface

AWS EC2 network interface

14 fields

aws.ec2.securitygroup

Amazon EC2 security group

aws.ec2.securitygroup.ippermission

Amazon EC2 security group IP permission

aws.ec2.snapshot

Amazon EC2 (EBS) snapshot

aws.ec2.vgwtelemetry

Amazon EC2 VPN tunnel telemetry

aws.ec2.volume

Amazon EC2 (EBS) volume

14 fields

aws.ec2.vpnconnection

Amazon EC2 VPN connection

aws.ecr

AWS Elastic Container Registry (ECR)

aws.ecr.image

AWS Elastic Container Registry image

aws.ecr.repository

AWS Elastic Container Registry repository

aws.ecs

Amazon Elastic Container Service (ECS)

Amazon ECS cluster

Amazon ECS container

AWS ECS container instance

aws.ecs.task

Amazon ECS task

aws.efs

AWS Elastic File System (EFS) service

aws.efs.filesystem

AWS Elastic File System (EFS) file system

aws.eks

Amazon Elastic Kubernetes Service (EKS)

Amazon EKS add-on

Amazon EKS cluster

Amazon EKS managed node group

aws.elasticache

Amazon ElastiCache

aws.elasticache.cluster

Amazon ElastiCache cluster

28 fields

aws.elasticache.serverlessCache

Amazon ElastiCache serverless cache

aws.elb

AWS Elastic Load Balancing

aws.elb.loadbalancer

AWS Elastic Load Balancing load balancer

16 fields

aws.elb.targetgroup

AWS Elastic Load Balancer (ELB) Target Group

17 fields

aws.emr

Amazon EMR

aws.emr.cluster

Amazon EMR cluster

aws.es

AWS Elasticsearch service

aws.es.domain

Amazon Elasticsearch service domain

aws.guardduty

Amazon GuardDuty for threat detection

aws.guardduty.detector

Amazon GuardDuty detector

aws.guardduty.finding

AWS Guard Duty finding

aws.iam

AWS service to create and manage permissions for users and groups

26 fields

aws.iam.accessanalyzer

aws.iam.accessAnalyzer

AWS IAM Access Analyzer resource (for assessing the configuration of AWS IAM Access Analyzer)

aws.iam.accessanalyzer.analyzer

AWS IAM Access Analyzer resource (provides an object representing an individual AWS IAM Access Analyzer configuration)

aws.iam.accessanalyzer.analyzer

AWS IAM Access Analyzer resource (provides an object representing an individual AWS IAM Access Analyzer configuration)

aws.iam.accessanalyzer.finding

AWS IAM Access Analyzer finding

aws.iam.group

AWS IAM group

aws.iam.instanceProfile

AWS IAM instance profile

aws.iam.loginProfile

AWS IAM login profile for a user

1 field

aws.iam.oidcProvider

AWS IAM OpenID Connect (OIDC) identity provider

aws.iam.policy

AWS IAM policy

14 fields

aws.iam.policyversion

AWS IAM policy version

aws.iam.role

AWS IAM role

aws.iam.samlProvider

AWS IAM SAML 2.0 identity provider

aws.iam.user

AWS IAM user

aws.iam.usercredentialreportentry

Entry in AWS IAM credential report

23 fields

aws.iam.virtualmfadevice

AWS IAM virtual MFA device

aws.inspector

Amazon Inspector

aws.inspector.coverage

Amazon Inspector environment coverage

aws.inspector.coverage.image

Amazon Inspector container image coverage group

aws.inspector.coverage.instance

Amazon Inspector instance coverage group

aws.inspector.coverage.repository

Amazon Inspector container registry coverage group

aws.kms

AWS Key Management Service (KMS)

aws.kms.key

AWS Key Management Service (KMS) key

aws.lambda

AWS Lambda

aws.lambda.function

AWS Lambda function

aws.macie

Amazon Macie

aws.macie.classificationJob

Amazon Macie classification job

aws.macie.customDataIdentifier

Amazon Macie custom data identifier

Amazon Macie finding

Amazon Macie session

Amazon Neptune

aws.neptune.cluster

Amazon Neptune cluster

30 fields

aws.neptune.instance

Amazon Neptune instance

30 fields

aws.organization

AWS Organization resource

aws.rds

Amazon Relational Database Service (RDS)

aws.rds.backupsetting

Amazon RDS Backup Setting

aws.rds.clusterParameterGroup

Amazon RDS cluster parameter groups

aws.rds.dbcluster

Amazon RDS database cluster

43 fields

aws.rds.dbinstance

Amazon RDS database instance

44 fields

aws.rds.parameterGroup

Amazon RDS parameter groups

aws.rds.parameterGroup.parameter

aws.rds.pendingMaintenanceAction

Amazon RDS pending maintenance action

Amazon RDS snapshot

Amazon Redshift

aws.redshift.cluster

Amazon Redshift cluster

25 fields

aws.s3

Amazon S3 cloud object storage

aws.s3.bucket

Amazon S3 bucket

21 fields

aws.s3.bucket.corsrule

Amazon S3 bucket CORS rule

aws.s3.bucket.grant

Amazon S3 bucket grant

aws.s3.bucket.policy

Amazon S3 bucket policy

aws.s3control

Amazon S3 bucket control

1 field

aws.sagemaker

AWS SageMaker

aws.sagemaker.endpoint

AWS SageMaker endpoint

aws.sagemaker.notebookinstance

AWS SageMaker notebook instance

aws.sagemaker.notebookinstancedetails

AWS SageMaker notebook instance details

aws.secretsmanager

AWS Secrets Manager

aws.secretsmanager.secret

AWS Secrets Manager secret

aws.securityhub

AWS Security Hub

aws.securityhub.hub

AWS Security Hub hub

aws.sns

AWS Simple Notification Service (SNS)

aws.sns.subscription

AWS Simple Notification Service (SNS) subscription

aws.sns.topic

AWS Simple Notification Service (SNS) topic

aws.sqs

Amazon Simple Queue Service (SQS)

aws.sqs.queue

Amazon Simple Queue Service (SQS) Queue

aws.timestream.liveanalytics

aws.ssm

Amazon Systems Manager

Amazon SSM instance

Amazon SSM parameter

Amazon Timestream for LiveAnalytics

aws.timestream.liveanalytics.database

Amazon Timestream for LiveAnalytics database

aws.timestream.liveanalytics.table

Amazon Timestream for LiveAnalytics table

aws.vpc

Amazon Virtual Private Cloud (VPC)

24 fields

aws.vpc.endpoint

Amazon Virtual Private Cloud (VPC) endpoint

aws.vpc.flowlog

Amazon Virtual Private Cloud (VPC) flow log

aws.vpc.natgateway

Amazon VPC NAT Gateway

aws.vpc.natgateway.address

Amazon VPC NAT gateway address

aws.vpc.peeringConnection

Amazon VPC Peering Connection

aws.vpc.peeringConnection.peeringVpc

Amazon VPC Peering Connection Peering VPC

aws.vpc.routetable

Amazon Virtual Private Cloud (VPC) route table

aws.vpc.routetable.association

Amazon Virtual Private Cloud (VPC) route table association

aws.vpc.serviceEndpoint

Amazon VPC Service Endpoint

aws.vpc.subnet

Amazon Virtual Private Cloud (VPC) subnet

aws.waf

Amazon WAF v2

Amazon WAF v2 ACL

Amazon WAF IP set (defining IP Ranges)

aws.waf.rule

Amazon WAF rule

aws.waf.rule.action

Action that happens if a rule statement matches

aws.waf.rule.fieldtomatch

Field to match

20 fields

aws.waf.rule.fieldtomatch.body

Body of the field to match

aws.waf.rule.fieldtomatch.cookie

Cookie of the field to match

aws.waf.rule.fieldtomatch.headerorder

Order of headers of the field to match

aws.waf.rule.fieldtomatch.headers

Headers

aws.waf.rule.fieldtomatch.headers.matchpattern

Pattern to match

aws.waf.rule.fieldtomatch.ja3fingerprint

JA3 fingerprint

aws.waf.rule.fieldtomatch.jsonbody

Request body as JSON

aws.waf.rule.fieldtomatch.jsonbody.matchpattern

Pattern to match

aws.waf.rule.fieldtomatch.singleheader

Single header of the field to match

aws.waf.rule.fieldtomatch.singlequeryargument

Single query argument

aws.waf.rule.statement.andstatement

aws.waf.rule.statement

33 fields

Rule statement that matches if all of the rule statements inside it match

aws.waf.rule.statement.bytematchstatement

Rule statement that matches a specified sequence of bytes

aws.waf.rule.statement.geomatchstatement

Rule statement that checks for requests from certain countries

aws.waf.rule.statement.ipsetreferencestatement

Rule statement that checks for requests from IP addresses defined in an IPSet

aws.waf.rule.statement.ipsetreferencestatement.ipsetforwardedipconfig

aws.waf.rule.statement.labelmatchstatement

aws.waf.rule.statement.managedrulegroupstatement

Rule statement that is managed by AWS

aws.waf.rule.statement.notstatement

Rule statement that negates another rule statement

aws.waf.rule.statement.orstatement

Rule statement that matches if one of the rule statements inside it matches

aws.waf.rule.statement.ratebasedstatement

Rule statement that matches at a certain rate of requests (rate limiting)

0 fields

aws.waf.rule.statement.regexmatchstatement

Rule statement that matches a specified regex pattern

aws.waf.rule.statement.regexpatternsetreferencestatement

Rule statement that checks for a regex pattern defined in a regex pattern set

aws.waf.rule.statement.rulegroupreferencestatement

Rule statement that refers to a group of rules

aws.waf.rule.statement.sizeconstraintstatement

Rule statement that checks the size of the specified field

aws.waf.rule.statement.sqlimatchstatement

Statement that matches SQLI attacks

aws.waf.rule.statement.xssmatchstatement

Statement that matches XSS attacks

aws.waf.rulegroup

Amazon WAF v2 RuleGroup