Note: This list may change in the future, pending changes on AWS or as we add support for more resource types.
Service | Resource Types |
---|---|
Access Analyzer | aws.access-analyzer-finding |
Account | aws.account |
ACM | aws.acm-certificate |
API Gateway | aws.apigw-domain-name aws.rest-account aws.rest-api aws.rest-client-certificate aws.rest-resource aws.rest-stage aws.rest-vpclink |
API Gateway v2 | aws.apigwv2 aws.apigwv2-stage |
AppFlow | aws.app-flow |
App Mesh | aws.appmesh-mesh aws.appmesh-virtualgateway aws.appmesh-virtualnode |
AppStream | aws.appstream-fleet aws.appstream-stack |
AppSync | aws.graphql-api |
Athena | aws.athena-capacity-reservation aws.athena-data-catalog aws.athena-named-query aws.athena-work-group |
Auto Scaling | aws.asg aws.launch-config aws.scaling-policy |
AWS Backup | aws.backup-plan aws.backup-vault |
AWS Batch | aws.batch-compute aws.batch-definition aws.batch-queue |
Bedrock | aws.bedrock-custom-model aws.bedrock-customization-job |
Bedrock Agent | aws.bedrock-agent aws.bedrock-knowledge-base |
AWS Budgets | aws.budget |
Cloud Directory | aws.cloud-directory |
CloudFormation | aws.cfn |
CloudFront | aws.distribution aws.origin-access-control aws.streaming-distribution |
CloudHSM | aws.hsm aws.hsm-client aws.hsm-hapg |
CloudHSM v2 | aws.cloudhsm-backup aws.cloudhsm-cluster |
CloudSearch | aws.cloudsearch |
CloudTrail | aws.cloudtrail |
CloudWatch | aws.alarm aws.cloudwatch-dashboard aws.composite-alarm aws.insight-rule |
CodeArtifact | aws.artifact-domain aws.artifact-repo |
CodeBuild | aws.codebuild aws.codebuild-credential |
CodeCommit | aws.codecommit |
CodeDeploy | aws.codedeploy-app aws.codedeploy-deployment aws.codedeploy-group |
CodePipeline | aws.codepipeline |
Cognito Identity | aws.identity-pool |
Cognito Identity Provider | aws.user-pool |
AWS Config | aws.config-recorder aws.config-rule |
Amazon Connect | aws.connect-instance |
Connect Campaigns | aws.connect-campaign |
Data Pipeline | aws.datapipeline |
DataSync | aws.datasync-agent aws.datasync-task |
DAX | aws.dax |
Device Farm | aws.devicefarm-project |
Direct Connect | aws.directconnect |
Application Discovery Service | aws.appdiscovery-agent |
DLM | aws.dlm-policy |
DMS | aws.dms-endpoint aws.dms-instance aws.dms-replication-task |
Directory Service | aws.directory |
DynamoDB | aws.dynamodb-backup aws.dynamodb-table |
DynamoDB Streams | aws.dynamodb-stream |
EC2 | aws.ami aws.customer-gateway aws.ebs aws.ebs-snapshot aws.ec2 aws.ec2-capacity-reservation aws.ec2-host |
ECR | aws.ecr aws.ecr-image |
ECS | aws.ecs aws.ecs-container-instance aws.ecs-service aws.ecs-task aws.ecs-task-definition |
EFS | aws.efs aws.efs-mount-target |
EKS | aws.eks aws.eks-nodegroup |
ElastiCache | aws.cache-cluster aws.cache-snapshot aws.cache-subnet-group aws.elasticache-group aws.elasticache-user |
Elastic Beanstalk | aws.elasticbeanstalk aws.elasticbeanstalk-environment |
ELB | aws.elb |
ELBv2 | aws.app-elb aws.app-elb-target-group |
EMR | aws.emr aws.emr-security-configuration |
EMR Serverless | aws.emr-serverless-app |
Elasticsearch Service | aws.elasticsearch aws.elasticsearch-reserved |
EventBridge | aws.event-bus aws.event-rule aws.event-rule-target |
Kinesis Firehose | aws.firehose |
FIS | aws.fis-experiment aws.fis-template |
FSx | aws.fsx aws.fsx-backup |
GameLift | aws.gamelift-build aws.gamelift-fleet |
S3 Glacier | aws.glacier |
Global Accelerator | aws.globalaccelerator |
AWS Glue | aws.glue-catalog aws.glue-classifier aws.glue-connection aws.glue-crawler aws.glue-database aws.glue-dev-endpoint aws.glue-job |
GuardDuty | aws.guardduty-finding |
AWS Health | aws.health-event |
IAM | aws.iam-certificate aws.iam-group aws.iam-oidc-provider aws.iam-policy aws.iam-profile aws.iam-role aws.iam-saml-provider |
Inspector2 | aws.inspector2-finding |
IoT | aws.iot |
MSK | aws.kafka aws.kafka-config |
Kendra | aws.kendra |
Kinesis | aws.kinesis |
Kinesis Analytics | aws.kinesis-analytics |
Kinesis Analytics v2 | aws.kinesis-analyticsv2 |
Kinesis Video | aws.kinesis-video |
KMS | aws.kms aws.kms-key |
Lake Formation | aws.datalake-location |
Lambda | aws.lambda aws.lambda-layer |
Amazon Lex | aws.lex-bot |
Amazon Lex v2 | aws.lexv2-bot |
Lightsail | aws.lightsail-db aws.lightsail-elb aws.lightsail-instance |
CloudWatch Logs | aws.log-destination aws.log-group aws.log-metric |
Machine Learning | aws.ml-model |
Mail Manager | aws.ses-ingress-endpoint |
MemoryDB | aws.memorydb aws.memorydb-acl aws.memorydb-snapshot aws.memorydb-subnet-group aws.memorydb-user |
Amazon MQ | aws.message-broker aws.message-config |
MWAA | aws.airflow |
Network Firewall | aws.firewall |
Network Manager | aws.networkmanager-core aws.networkmanager-device aws.networkmanager-global aws.networkmanager-link aws.networkmanager-site |
OpenSearch Serverless | aws.opensearch-serverless |
OpsWorks | aws.opswork-stack |
OpsWorks CM | aws.opswork-cm |
Organizations | aws.org-account aws.org-policy aws.org-unit |
OpenSearch Ingestion | aws.opensearch-ingestion |
Payment Cryptography | aws.payment-cryptography-key |
Pinpoint | aws.pinpoint-app |
QLDB | aws.qldb |
QuickSight | aws.quicksight-account aws.quicksight-group aws.quicksight-user |
RDS | aws.rds aws.rds-cluster aws.rds-cluster-param-group aws.rds-cluster-snapshot aws.rds-param-group aws.rds-proxy aws.rds-reserved |
Redshift | aws.redshift aws.redshift-reserved aws.redshift-snapshot aws.redshift-subnet-group |
Route 53 | aws.healthcheck aws.hostedzone aws.rrset |
Route 53 Recovery Control Config | aws.recovery-cluster aws.recovery-control-panel |
Route 53 Recovery Readiness | aws.readiness-check |
Route 53 Domains | aws.r53domain |
Route 53 Resolver | aws.resolver-logs |
S3 | aws.s3 aws.s3-directory |
S3 Control | aws.s3-access-point aws.s3-access-point-multi aws.s3-storage-lens |
SageMaker | aws.sagemaker-auto-ml-job aws.sagemaker-cluster aws.sagemaker-compilation-job aws.sagemaker-data-quality-job-definition aws.sagemaker-domain aws.sagemaker-endpoint aws.sagemaker-endpoint-config |
SimpleDB | aws.simpledb |
Secrets Manager | aws.secrets-manager |
Security Hub | aws.securityhub-finding |
Serverless Application Repository | aws.serverless-app |
Service Quotas | aws.service-quota aws.service-quota-request |
Service Catalog | aws.catalog-portfolio aws.catalog-product |
AWS Cloud Map | aws.servicediscovery-namespace |
SES | aws.ses-configuration-set aws.ses-receipt-rule-set |
SES v2 | aws.ses-configuration-set-v2 aws.ses-dedicated-ip-pool aws.ses-email-identity |
AWS Shield | aws.shield-attack aws.shield-protection |
Snowball | aws.snowball aws.snowball-cluster |
SNS | aws.sns aws.sns-subscription |
SQS | aws.sqs |
SSM | aws.ops-item aws.ssm-activation aws.ssm-data-sync aws.ssm-document aws.ssm-managed-instance aws.ssm-parameter aws.ssm-patch-group |
Step Functions | aws.sfn-activity aws.step-machine |
Storage Gateway | aws.storage-gateway |
AWS Support | aws.advisor-check aws.support-case |
SWF | aws.swf-domain |
Timestream InfluxDB | aws.timestream-influxdb |
Timestream Write | aws.timestream-database aws.timestream-table |
AWS Transfer | aws.transfer-server aws.transfer-user |
WAF | aws.waf |
WAF Regional | aws.waf-regional |
WAFv2 | aws.wafv2 |
WorkSpaces | aws.workspaces aws.workspaces-bundle aws.workspaces-directory aws.workspaces-image |
WorkSpaces Web | aws.workspaces-web |
X-Ray | aws.xray-group aws.xray-rule |
VPC | aws.vpc |