Supported resource and service types for multicloud in foundational CSPM
This page lists the resource and service types that are supported for Amazon Web Services (AWS) and Google Cloud Platform (GCP) in Defender for Cloud’s foundational Cloud Security Posture Management (CSPM) tier.
Resource types supported in AWS
Provider Namespace | Resource Type Name |
---|---|
AccessAnalyzer | AnalyzerSummary |
ApiGateway | Stage |
AppSync | GraphqlApi |
ApplicationAutoScaling | ScalableTarget |
AutoScaling | AutoScalingGroup |
AWS | Account |
AWS | AccountInRegion |
CertificateManager | CertificateTags |
CertificateManager | CertificateDetail |
CertificateManager | CertificateSummary |
CloudFormation | StackSummary |
CloudFormation | StackTemplate |
CloudFormation | StackInstanceSummary |
CloudFormation | Stack |
CloudFormation | StackResourceSummary |
CloudFront | DistributionConfig |
CloudFront | DistributionSummary |
CloudFront | DistributionTags |
CloudTrail | EventSelector |
CloudTrail | Trail |
CloudTrail | TrailStatus |
CloudTrail | TrailTags |
CloudWatch | MetricAlarm |
CloudWatch | MetricAlarmTags |
CloudWatchLogs | LogGroup |
CloudWatchLogs | MetricFilter |
CodeBuild | Project |
CodeBuild | ProjectName |
CodeBuild | SourceCredentialsInfo |
ConfigService | ConfigurationRecorder |
ConfigService | ConfigurationRecorderStatus |
ConfigService | DeliveryChannel |
DAX | Cluster |
DAX | ClusterTags |
DatabaseMigrationService | ReplicationInstance |
DynamoDB | ContinuousBackupsDescription |
DynamoDB | TableDescription |
DynamoDB | TableTags |
DynamoDB | TableName |
EC2 | Snapshot |
EC2 | Subnet |
EC2 | Volume |
EC2 | VPC |
EC2 | VpcEndpoint |
EC2 | VpcPeeringConnection |
EC2 | Instance |
EC2 | AccountAttribute |
EC2 | Address |
EC2 | CreateVolumePermission |
EC2 | EbsEncryptionByDefault |
EC2 | FlowLog |
EC2 | Image |
EC2 | InstanceStatus |
EC2 | InstanceTypeInfo |
EC2 | NetworkAcl |
EC2 | NetworkInterface |
EC2 | Region |
EC2 | Reservation |
EC2 | RouteTable |
EC2 | SecurityGroup |
ECR | Image |
ECR | Repository |
ECR | RepositoryPolicy |
ECS | TaskDefinition |
ECS | ServiceArn |
ECS | Service |
ECS | ClusterArn |
ECS | TaskDefinitionTags |
ECS | TaskDefinitionArn |
EFS | FileSystemDescription |
EFS | MountTargetDescription |
EKS | Cluster |
EKS | Nodegroup |
EKS | NodegroupName |
EKS | ClusterName |
EMR | Cluster |
ElasticBeanstalk | ConfigurationSettingsDescription |
ElasticBeanstalk | EnvironmentDescription |
ElasticLoadBalancing | LoadBalancerTags |
ElasticLoadBalancing | LoadBalancer |
ElasticLoadBalancing | LoadBalancerAttributes |
ElasticLoadBalancing | LoadBalancerPolicy |
ElasticLoadBalancingV2 | LoadBalancerTags |
ElasticLoadBalancingV2 | Rule |
ElasticLoadBalancingV2 | TargetGroup |
ElasticLoadBalancingV2 | TargetHealthDescription |
ElasticLoadBalancingV2 | LoadBalancer |
ElasticLoadBalancingV2 | Listener |
ElasticLoadBalancingV2 | LoadBalancerAttribute |
Elasticsearch | DomainInfo |
Elasticsearch | DomainStatus |
Elasticsearch | DomainTags |
GuardDuty | DetectorId |
Iam | AccountAlias |
Iam | AttachedPolicyType |
Iam | CredentialReport |
Iam | Group |
Iam | InstanceProfile |
Iam | MFADevice |
Iam | PasswordPolicy |
Iam | ServerCertificateMetadata |
Iam | SummaryMap |
Iam | User |
Iam | UserPolicies |
Iam | VirtualMFADevice |
Iam | ManagedPolicy |
Iam | ManagedPolicy |
Iam | AccessKeyLastUsed |
Iam | AccessKeyMetadata |
Iam | PolicyVersion |
Iam | PolicyVersion |
Internal | Iam_EntitiesForPolicy |
Internal | Iam_EntitiesForPolicy |
Internal | AwsSecurityConnector |
KMS | KeyPolicyName |
KMS | KeyRotationStatus |
KMS | KeyTags |
KMS | KeyPolicy |
KMS | KeyMetadata |
KMS | KeyListEntry |
KMS | AliasListEntry |
Lambda | FunctionCodeLocation |
Lambda | FunctionConfiguration |
Lambda | FunctionPolicy |
Lambda | FunctionTags |
Macie2 | JobSummary |
Macie2 | MacieStatus |
NetworkFirewall | Firewall |
NetworkFirewall | FirewallMetadata |
NetworkFirewall | FirewallPolicy |
NetworkFirewall | FirewallPolicyMetadata |
NetworkFirewall | RuleGroup |
NetworkFirewall | RuleGroupMetadata |
RDS | ExportTask |
RDS | DBClusterSnapshot |
RDS | DBSnapshot |
RDS | DBSnapshotAttributesResult |
RDS | EventSubscription |
RDS | DBCluster |
RDS | DBInstance |
RDS | DBClusterSnapshotAttributesResult |
RedShift | LoggingStatus |
RedShift | Parameter |
Redshift | Cluster |
Route53 | HostedZone |
Route53 | ResourceRecordSet |
Route53Domains | DomainSummary |
S3 | S3Region |
S3 | S3BucketTags |
S3 | S3Bucket |
S3 | BucketPolicy |
S3 | BucketEncryption |
S3 | BucketPublicAccessBlockConfiguration |
S3 | BucketVersioning |
S3 | LifecycleConfiguration |
S3 | PolicyStatus |
S3 | ReplicationConfiguration |
S3 | S3AccessControlList |
S3 | S3BucketLoggingConfig |
S3Control | PublicAccessBlockConfiguration |
SNS | Subscription |
SNS | Topic |
SNS | TopicAttributes |
SNS | TopicTags |
SQS | Queue |
SQS | QueueAttributes |
SQS | QueueTags |
SageMaker | NotebookInstanceSummary |
SageMaker | DescribeNotebookInstanceTags |
SageMaker | DescribeNotebookInstanceResponse |
SecretsManager | SecretResourcePolicy |
SecretsManager | SecretListEntry |
SecretsManager | DescribeSecretResponse |
SimpleSystemsManagement | ParameterMetadata |
SimpleSystemsManagement | ParameterTags |
SimpleSystemsManagement | ResourceComplianceSummary |
SimpleSystemsManagement | InstanceInformation |
WAF | LoggingConfiguration |
WAF | WebACL |
WAF | WebACLSummary |
WAFV2 | ApplicationLoadBalancerForWebACL |
WAFV2 | WebACLSummary |
Resource types supported in GCP
Provider Namespace | Resource Type Name |
---|---|
ApiKeys | Key |
ArtifactRegistry | Image |
ArtifactRegistry | Repository |
ArtifactRegistry | RepositoryPolicy |
Bigquery | Dataset |
Bigquery | DatasetData |
Bigquery | Table |
Bigquery | TablePolicy |
Bigquery | TablesData |
CloudKMS | CryptoKey |
CloudKMS | CryptoKeyPolicy |
CloudKMS | KeyRing |
CloudKMS | KeyRingPolicy |
CloudResourceManager | Project |
CloudResourceManager | Ancestor |
CloudResourceManager | AncestorPolicy |
CloudResourceManager | EffectiveOrgPolicy |
CloudResourceManager | Folder |
CloudResourceManager | FolderPolicy |
CloudResourceManager | Organization |
CloudResourceManager | OrganizationPolicy |
CloudResourceManager | Policy |
Compute | Instance |
Compute | BackendService |
Compute | BackendService |
Compute | Disk |
Compute | EffectiveFirewalls |
Compute | Firewall |
Compute | ForwardingRule |
Compute | GlobalForwardingRule |
Compute | InstanceGroup |
Compute | InstanceGroupInstance |
Compute | InstanceGroupManager |
Compute | InstanceGroupManager |
Compute | InstanceTemplate |
Compute | MachineType |
Compute | ManagedInstance |
Compute | ManagedInstance |
Compute | Network |
Compute | NetworkEffectiveFirewalls |
Compute | Project |
Compute | SslPolicy |
Compute | Subnetwork |
Compute | TargetHttpProxy |
Compute | TargetHttpsProxy |
Compute | TargetPool |
Compute | TargetSslProxy |
Compute | TargetTcpProxy |
Compute | UrlMap |
Container | Cluster |
Dns | ManagedZone |
Dns | Policy |
IAM | OrganizationRole |
IAM | ProjectRole |
IAM | Role |
IAM | ServiceAccount |
IAM | ServiceAccountKey |
Internal | GcpSecurityConnector |
Logging | AncestorLogSink |
Logging | LogEntry |
Logging | LogMetric |
Logging | LogSink |
Monitoring | AlertPolicy |
OsConfig | OSPolicyAssignment |
OsConfig | OSPolicyAssignmentReport |
SQLAdmin | DatabaseInstance |
SecretManager | Secret |
SecretManager | SecretPolicy |
Storage | Bucket |
Storage | BucketPolicy |
Learn More
- Review the features supported in Azure cloud environments for information on commercial and national cloud coverage.
- Watch Predict future security incidents! Cloud Security Posture Management with Microsoft Defender.
- Learn about security standards and recommendations.
- Learn about secure score.
Tilbakemeldinger
https://aka.ms/ContentUserFeedback.
Kommer snart: Gjennom 2024 faser vi ut GitHub Issues som tilbakemeldingsmekanisme for innhold, og erstatter det med et nytt system for tilbakemeldinger. Hvis du vil ha mer informasjon, kan du se:Send inn og vis tilbakemelding for