Supported AWS resources for Snyk Cloud
Snyk Cloud scans the following Amazon Web Services resource types:
  • aws_accessanalyzer_analyzer
  • aws_account_alternate_contact
  • aws_acm_certificate
  • aws_acmpca_certificate_authority
  • aws_ami
  • aws_api_gateway_authorizer
  • aws_api_gateway_client_certificate
  • aws_api_gateway_deployment
  • aws_api_gateway_domain_name
  • aws_api_gateway_request_validator
  • aws_api_gateway_resource
  • aws_api_gateway_rest_api
  • aws_api_gateway_stage
  • aws_api_gateway_usage_plan
  • aws_api_gateway_vpc_link
  • aws_apigatewayv2_api
  • aws_apigatewayv2_api_mapping
  • aws_apigatewayv2_authorizer
  • aws_apigatewayv2_deployment
  • aws_apigatewayv2_domain_name
  • aws_apigatewayv2_integration
  • aws_apigatewayv2_integration_response
  • aws_apigatewayv2_model
  • aws_apigatewayv2_route
  • aws_apigatewayv2_route_response
  • aws_apigatewayv2_stage
  • aws_apigatewayv2_vpc_link
  • aws_athena_workgroup
  • aws_autoscaling_group
  • aws_autoscaling_lifecycle_hook
  • aws_autoscaling_policy
  • aws_autoscaling_schedule
  • aws_cloudformation_stack
  • aws_cloudformation_stack_set
  • aws_cloudfront_distribution
  • aws_cloudtrail
  • aws_cloudwatch_dashboard
  • aws_cloudwatch_event_rule
  • aws_cloudwatch_event_target
  • aws_cloudwatch_log_destination
  • aws_cloudwatch_log_destination_policy
  • aws_cloudwatch_log_group
  • aws_cloudwatch_log_metric_filter
  • aws_cloudwatch_log_resource_policy
  • aws_cloudwatch_log_subscription_filter
  • aws_cloudwatch_metric_alarm
  • aws_cognito_identity_provider
  • aws_cognito_resource_server
  • aws_cognito_user_group
  • aws_cognito_user_pool
  • aws_cognito_user_pool_client
  • aws_cognito_user_pool_domain
  • aws_config_aggregate_authorization
  • aws_config_config_rule
  • aws_config_configuration_aggregator
  • aws_config_configuration_recorder
  • aws_config_configuration_recorder_status
  • aws_config_delivery_channel
  • aws_customer_gateway
  • aws_db_event_subscription
  • aws_db_instance
  • aws_db_option_group
  • aws_db_parameter_group
  • aws_db_snapshot
  • aws_db_subnet_group
  • aws_directory_service_conditional_forwarder
  • aws_directory_service_directory
  • aws_docdb_cluster
  • aws_docdb_cluster_instance
  • aws_docdb_cluster_snapshot
  • aws_dynamodb_table
  • aws_ebs_volume
  • aws_ecr_lifecycle_policy
  • aws_ecr_repository
  • aws_ecs_cluster
  • aws_ecs_service
  • aws_ecs_task
  • aws_ecs_task_definition
  • aws_efs_file_system
  • aws_efs_mount_target
  • aws_egress_only_internet_gateway
  • aws_eip
  • aws_eks_cluster
  • aws_elasticache_cluster
  • aws_elasticache_parameter_group
  • aws_elasticache_replication_group
  • aws_elasticsearch_domain
  • aws_elb
  • aws_flow_log
  • aws_glacier_vault
  • aws_glue_catalog_database
  • aws_glue_catalog_table
  • aws_glue_connection
  • aws_glue_crawler
  • aws_glue_job
  • aws_glue_security_configuration
  • aws_glue_trigger
  • aws_glue_workflow
  • aws_guardduty_detector
  • aws_guardduty_member
  • aws_iam_access_key
  • aws_iam_account_password_policy
  • aws_iam_credential_report
  • aws_iam_group
  • aws_iam_group_membership
  • aws_iam_group_policy
  • aws_iam_group_policy_attachment
  • aws_iam_instance_profile
  • aws_iam_openid_connect_provider
  • aws_iam_policy
  • aws_iam_role
  • aws_iam_role_policy
  • aws_iam_role_policy_attachment
  • aws_iam_saml_provider
  • aws_iam_user
  • aws_iam_user_policy
  • aws_iam_user_policy_attachment
  • aws_inspector_assessment_target
  • aws_inspector_assessment_template
  • aws_instance
  • aws_internet_gateway
  • aws_key_pair
  • aws_kinesis_firehose_delivery_stream
  • aws_kinesis_stream
  • aws_kms_alias
  • aws_kms_grant
  • aws_kms_key
  • aws_lambda_alias
  • aws_lambda_event_source_mapping
  • aws_lambda_function
  • aws_lambda_permission
  • aws_launch_configuration
  • aws_launch_template
  • aws_lb
  • aws_lb_listener
  • aws_lb_listener_rule
  • aws_lb_target_group
  • aws_load_balancer_backend_server_policy
  • aws_load_balancer_listener_policy
  • aws_load_balancer_policy
  • aws_macie_member_account_association
  • aws_macie_s3_bucket_association
  • aws_media_store_container
  • aws_media_store_container_policy
  • aws_nat_gateway
  • aws_neptune_cluster
  • aws_neptune_cluster_instance
  • aws_neptune_cluster_snapshot
  • aws_network_acl
  • aws_network_interface
  • aws_organizations_organization
  • aws_organizations_policy
  • aws_placement_group
  • aws_ram_principal_association
  • aws_ram_resource_association
  • aws_ram_resource_share
  • aws_rds_cluster
  • aws_rds_cluster_instance
  • aws_rds_cluster_parameter_group
  • aws_redshift_cluster
  • aws_redshift_parameter_group
  • aws_redshift_subnet_group
  • aws_route53_delegation_set
  • aws_route53_health_check
  • aws_route53_query_log
  • aws_route53_record
  • aws_route53_zone
  • aws_route53_zone_association
  • aws_route_table
  • aws_route_table_association
  • aws_s3_account_public_access_block
  • aws_s3_bucket
  • aws_s3_bucket_inventory
  • aws_s3_bucket_metric
  • aws_s3_bucket_notification
  • aws_s3_bucket_policy
  • aws_s3_bucket_public_access_block
  • aws_sagemaker_endpoint
  • aws_sagemaker_endpoint_configuration
  • aws_sagemaker_model
  • aws_sagemaker_notebook_instance
  • aws_sagemaker_notebook_instance_lifecycle_configuration
  • aws_secretsmanager_secret
  • aws_security_group
  • aws_sfn_state_machine
  • aws_sns_topic
  • aws_sns_topic_subscription
  • aws_spot_fleet_request
  • aws_sqs_queue
  • aws_ssm_activation
  • aws_ssm_association
  • aws_ssm_document
  • aws_ssm_maintenance_window
  • aws_ssm_maintenance_window_target
  • aws_ssm_maintenance_window_task
  • aws_ssm_parameter
  • aws_ssm_patch_baseline
  • aws_ssm_patch_group
  • aws_ssm_resource_data_sync
  • aws_subnet
  • aws_vpc
  • aws_vpc_dhcp_options
  • aws_vpc_dhcp_options_association
  • aws_vpc_endpoint
  • aws_vpc_endpoint_connection_notification
  • aws_vpc_endpoint_service
  • aws_vpc_ipv4_cidr_block_association
  • aws_vpc_peering_connection
  • aws_vpn_connection
  • aws_vpn_connection_route
  • aws_vpn_gateway
  • aws_waf_web_acl
  • aws_wafregional_byte_match_set
  • aws_wafregional_geo_match_set
  • aws_wafregional_rate_based_rule
  • aws_wafregional_regex_match_set
  • aws_wafregional_regex_pattern_set
  • aws_wafregional_rule
  • aws_wafregional_rule_group
  • aws_wafregional_size_constraint_set
  • aws_wafregional_sql_injection_match_set
  • aws_wafregional_web_acl
  • aws_wafregional_xss_match_set
  • aws_wafv2_regex_pattern_set
  • aws_wafv2_rule_group
  • aws_wafv2_web_acl
  • aws_wafv2_web_acl_association
  • aws_wafv2_web_acl_logging_configuration
  • aws_workspaces_directory
  • aws_workspaces_ip_group
  • aws_workspaces_workspace
  • aws_elastic_beanstalk_application
Export as PDF
Copy link
Edit on GitHub