Additional details about a resource related to a finding.
To provide the details, use the object that corresponds to the resource type. For
example, if the resource type is AwsEc2Instance
, then you use the
object to provide the details.
If the type-specific object does not contain all of the fields you want to populate,
then you use the Other
object to populate those additional fields.
You also use the Other
object to populate the details when the selected
type does not have a corresponding object.
- AwsAmazonMqBroker
Provides details about AWS AppSync message broker. A message broker allows software applications and components to communicate using various programming languages, operating systems, and formal messaging protocols.
Type: AwsAmazonMqBrokerDetails object
Required: No
- AwsApiGatewayRestApi
Provides information about a REST API in version 1 of Amazon API Gateway.
Type: AwsApiGatewayRestApiDetails object
Required: No
- AwsApiGatewayStage
Provides information about a version 1 Amazon API Gateway stage.
Type: AwsApiGatewayStageDetails object
Required: No
- AwsApiGatewayV2Api
Provides information about a version 2 API in Amazon API Gateway.
Type: AwsApiGatewayV2ApiDetails object
Required: No
- AwsApiGatewayV2Stage
Provides information about a version 2 stage for Amazon API Gateway.
Type: AwsApiGatewayV2StageDetails object
Required: No
- AwsAppSyncGraphQlApi
Provides details about an AWS AppSync Graph QL API, which lets you query multiple databases, microservices, and APIs from a single GraphQL endpoint.
Type: AwsAppSyncGraphQlApiDetails object
Required: No
- AwsAthenaWorkGroup
Provides information about an Amazon Athena workgroup. A workgroup helps you separate users, teams, applications, or workloads. It also helps you set limits on data processing and track costs.
Type: AwsAthenaWorkGroupDetails object
Required: No
- AwsAutoScalingAutoScalingGroup
Details for an autoscaling group.
Type: AwsAutoScalingAutoScalingGroupDetails object
Required: No
- AwsAutoScalingLaunchConfiguration
Provides details about a launch configuration.
Type: AwsAutoScalingLaunchConfigurationDetails object
Required: No
- AwsBackupBackupPlan
Provides details about an AWS Backup backup plan.
Type: AwsBackupBackupPlanDetails object
Required: No
- AwsBackupBackupVault
Provides details about an AWS Backup backup vault.
Type: AwsBackupBackupVaultDetails object
Required: No
- AwsBackupRecoveryPoint
Provides details about an AWS Backup backup, or recovery point.
Type: AwsBackupRecoveryPointDetails object
Required: No
- AwsCertificateManagerCertificate
Provides details about an AWS Certificate Manager certificate.
Type: AwsCertificateManagerCertificateDetails object
Required: No
- AwsCloudFormationStack
Details about an AWS CloudFormation stack. A stack is a collection of AWS resources that you can manage as a single unit.
Type: AwsCloudFormationStackDetails object
Required: No
- AwsCloudFrontDistribution
Details about a CloudFront distribution.
Type: AwsCloudFrontDistributionDetails object
Required: No
- AwsCloudTrailTrail
Provides details about a CloudTrail trail.
Type: AwsCloudTrailTrailDetails object
Required: No
- AwsCloudWatchAlarm
Details about an Amazon CloudWatch alarm. An alarm allows you to monitor and receive alerts about your AWS resources and applications across multiple Regions.
Type: AwsCloudWatchAlarmDetails object
Required: No
- AwsCodeBuildProject
Details for an AWS CodeBuild project.
Type: AwsCodeBuildProjectDetails object
Required: No
- AwsDmsEndpoint
Provides details about an AWS Database Migration Service (AWS DMS) endpoint. An endpoint provides connection, data store type, and location information about your data store.
Type: AwsDmsEndpointDetails object
Required: No
- AwsDmsReplicationInstance
Provides details about an AWS DMS replication instance. DMS uses a replication instance to connect to your source data store, read the source data, and format the data for consumption by the target data store.
Type: AwsDmsReplicationInstanceDetails object
Required: No
- AwsDmsReplicationTask
Provides details about an AWS DMS replication task. A replication task moves a set of data from the source endpoint to the target endpoint.
Type: AwsDmsReplicationTaskDetails object
Required: No
- AwsDynamoDbTable
Details about a DynamoDB table.
Type: AwsDynamoDbTableDetails object
Required: No
- AwsEc2ClientVpnEndpoint
Provides details about an AWS Client VPN endpoint. A Client VPN endpoint is the resource that you create and configure to enable and manage client VPN sessions. It's the termination point for all client VPN sessions.
Type: AwsEc2ClientVpnEndpointDetails object
Required: No
- AwsEc2Eip
Details about an Elastic IP address.
Type: AwsEc2EipDetails object
Required: No
- AwsEc2Instance
Details about an EC2 instance related to a finding.
Type: AwsEc2InstanceDetails object
Required: No
- AwsEc2LaunchTemplate
Specifies the properties for creating an Amazon Elastic Compute Cloud (Amazon EC2) launch template.
Type: AwsEc2LaunchTemplateDetails object
Required: No
- AwsEc2NetworkAcl
Details about an EC2 network access control list (ACL).
Type: AwsEc2NetworkAclDetails object
Required: No
- AwsEc2NetworkInterface
Details for an EC2 network interface.
Type: AwsEc2NetworkInterfaceDetails object
Required: No
- AwsEc2RouteTable
Provides details about a route table. A route table contains a set of rules, called routes, that determine where to direct network traffic from your subnet or gateway.
Type: AwsEc2RouteTableDetails object
Required: No
- AwsEc2SecurityGroup
Details for an EC2 security group.
Type: AwsEc2SecurityGroupDetails object
Required: No
- AwsEc2Subnet
Details about a subnet in Amazon EC2.
Type: AwsEc2SubnetDetails object
Required: No
- AwsEc2TransitGateway
Details about an Amazon EC2 transit gateway that interconnects your virtual private clouds (VPC) and on-premises networks.
Type: AwsEc2TransitGatewayDetails object
Required: No
- AwsEc2Volume
Details for an Amazon EC2 volume.
Type: AwsEc2VolumeDetails object
Required: No
- AwsEc2Vpc
Details for an Amazon EC2 VPC.
Type: AwsEc2VpcDetails object
Required: No
- AwsEc2VpcEndpointService
Details about the service configuration for a VPC endpoint service.
Type: AwsEc2VpcEndpointServiceDetails object
Required: No
- AwsEc2VpcPeeringConnection
Details about an Amazon EC2 VPC peering connection. A VPC peering connection is a networking connection between two VPCs that enables you to route traffic between them privately.
Type: AwsEc2VpcPeeringConnectionDetails object
Required: No
- AwsEc2VpnConnection
Details about an Amazon EC2 VPN connection.
Type: AwsEc2VpnConnectionDetails object
Required: No
- AwsEcrContainerImage
Information about an Amazon ECR image.
Type: AwsEcrContainerImageDetails object
Required: No
- AwsEcrRepository
Information about an Amazon Elastic Container Registry repository.
Type: AwsEcrRepositoryDetails object
Required: No
- AwsEcsCluster
Details about an Amazon ECS cluster.
Type: AwsEcsClusterDetails object
Required: No
- AwsEcsContainer
Provides information about a Docker container that's part of a task.
Type: AwsEcsContainerDetails object
Required: No
- AwsEcsService
Details about a service within an ECS cluster.
Type: AwsEcsServiceDetails object
Required: No
- AwsEcsTask
Details about a task in a cluster.
Type: AwsEcsTaskDetails object
Required: No
- AwsEcsTaskDefinition
Details about a task definition. A task definition describes the container and volume definitions of an Amazon Elastic Container Service task.
Type: AwsEcsTaskDefinitionDetails object
Required: No
- AwsEfsAccessPoint
Details about an Amazon EFS access point. An access point is an application-specific view into an EFS file system that applies an operating system user and group, and a file system path, to any file system request made through the access point.
Type: AwsEfsAccessPointDetails object
Required: No
- AwsEksCluster
Details about an Amazon EKS cluster.
Type: AwsEksClusterDetails object
Required: No
- AwsElasticBeanstalkEnvironment
Details about an Elastic Beanstalk environment.
Type: AwsElasticBeanstalkEnvironmentDetails object
Required: No
- AwsElasticsearchDomain
Details for an Elasticsearch domain.
Type: AwsElasticsearchDomainDetails object
Required: No
- AwsElbLoadBalancer
Contains details about a Classic Load Balancer.
Type: AwsElbLoadBalancerDetails object
Required: No
- AwsElbv2LoadBalancer
Details about a load balancer.
Type: AwsElbv2LoadBalancerDetails object
Required: No
- AwsEventSchemasRegistry
A schema defines the structure of events that are sent to Amazon EventBridge. Schema registries are containers for schemas. They collect and organize schemas so that your schemas are in logical groups.
Type: AwsEventSchemasRegistryDetails object
Required: No
- AwsEventsEndpoint
Provides details about an Amazon EventBridge global endpoint. The endpoint can improve your application’s availability by making it Regional-fault tolerant.
Type: AwsEventsEndpointDetails object
Required: No
- AwsEventsEventbus
Provides details about Amazon EventBridge event bus for an endpoint. An event bus is a router that receives events and delivers them to zero or more destinations, or targets.
Type: AwsEventsEventbusDetails object
Required: No
- AwsGuardDutyDetector
Provides details about an Amazon GuardDuty detector. A detector is an object that represents the GuardDuty service. A detector is required for GuardDuty to become operational.
Type: AwsGuardDutyDetectorDetails object
Required: No
- AwsIamAccessKey
Details about an IAM access key related to a finding.
Type: AwsIamAccessKeyDetails object
Required: No
- AwsIamGroup
Contains details about an IAM group.
Type: AwsIamGroupDetails object
Required: No
- AwsIamPolicy
Details about an IAM permissions policy.
Type: AwsIamPolicyDetails object
Required: No
- AwsIamRole
Details about an IAM role.
Type: AwsIamRoleDetails object
Required: No
- AwsIamUser
Details about an IAM user.
Type: AwsIamUserDetails object
Required: No
- AwsKinesisStream
Details about an Amazon Kinesis data stream.
Type: AwsKinesisStreamDetails object
Required: No
- AwsKmsKey
Details about an AWS KMS key.
Type: AwsKmsKeyDetails object
Required: No
- AwsLambdaFunction
Details about a Lambda function.
Type: AwsLambdaFunctionDetails object
Required: No
- AwsLambdaLayerVersion
Details for a Lambda layer version.
Type: AwsLambdaLayerVersionDetails object
Required: No
- AwsMskCluster
Provides details about an Amazon Managed Streaming for Apache Kafka (Amazon MSK) cluster.
Type: AwsMskClusterDetails object
Required: No
- AwsNetworkFirewallFirewall
Details about an AWS Network Firewall firewall.
Type: AwsNetworkFirewallFirewallDetails object
Required: No
- AwsNetworkFirewallFirewallPolicy
Details about an AWS Network Firewall firewall policy.
Type: AwsNetworkFirewallFirewallPolicyDetails object
Required: No
- AwsNetworkFirewallRuleGroup
Details about an AWS Network Firewall rule group.
Type: AwsNetworkFirewallRuleGroupDetails object
Required: No
- AwsOpenSearchServiceDomain
Details about an Amazon OpenSearch Service domain.
Type: AwsOpenSearchServiceDomainDetails object
Required: No
- AwsRdsDbCluster
Details about an Amazon RDS database cluster.
Type: AwsRdsDbClusterDetails object
Required: No
- AwsRdsDbClusterSnapshot
Details about an Amazon RDS database cluster snapshot.
Type: AwsRdsDbClusterSnapshotDetails object
Required: No
- AwsRdsDbInstance
Details about an Amazon RDS database instance.
Type: AwsRdsDbInstanceDetails object
Required: No
- AwsRdsDbSecurityGroup
Details about an Amazon RDS DB security group.
Type: AwsRdsDbSecurityGroupDetails object
Required: No
- AwsRdsDbSnapshot
Details about an Amazon RDS database snapshot.
Type: AwsRdsDbSnapshotDetails object
Required: No
- AwsRdsEventSubscription
Details about an RDS event notification subscription.
Type: AwsRdsEventSubscriptionDetails object
Required: No
- AwsRedshiftCluster
Contains details about an Amazon Redshift cluster.
Type: AwsRedshiftClusterDetails object
Required: No
- AwsRoute53HostedZone
Provides details about an Amazon Route 53 hosted zone, including the four name servers assigned to the hosted zone. A hosted zone represents a collection of records that can be managed together, belonging to a single parent domain name.
Type: AwsRoute53HostedZoneDetails object
Required: No
- AwsS3AccessPoint
Provides details about an Amazon Simple Storage Service (Amazon S3) access point. S3 access points are named network endpoints that are attached to S3 buckets that you can use to perform S3 object operations.
Type: AwsS3AccessPointDetails object
Required: No
- AwsS3AccountPublicAccessBlock
Details about the Amazon S3 Public Access Block configuration for an account.
Type: AwsS3AccountPublicAccessBlockDetails object
Required: No
- AwsS3Bucket
Details about an S3 bucket related to a finding.
Type: AwsS3BucketDetails object
Required: No
- AwsS3Object
Details about an S3 object related to a finding.
Type: AwsS3ObjectDetails object
Required: No
- AwsSageMakerNotebookInstance
Provides details about an Amazon SageMaker AI notebook instance.
Type: AwsSageMakerNotebookInstanceDetails object
Required: No
- AwsSecretsManagerSecret
Details about a Secrets Manager secret.
Type: AwsSecretsManagerSecretDetails object
Required: No
- AwsSnsTopic
Details about an SNS topic.
Type: AwsSnsTopicDetails object
Required: No
- AwsSqsQueue
Details about an SQS queue.
Type: AwsSqsQueueDetails object
Required: No
- AwsSsmPatchCompliance
Provides information about the state of a patch on an instance based on the patch baseline that was used to patch the instance.
Type: AwsSsmPatchComplianceDetails object
Required: No
- AwsStepFunctionStateMachine
Provides details about an AWS Step Functions state machine, which is a workflow consisting of a series of event-driven steps.
Type: AwsStepFunctionStateMachineDetails object
Required: No
- AwsWafRateBasedRule
Details about a rate-based rule for global resources.
Type: AwsWafRateBasedRuleDetails object
Required: No
- AwsWafRegionalRateBasedRule
Details about a rate-based rule for Regional resources.
Type: AwsWafRegionalRateBasedRuleDetails object
Required: No
- AwsWafRegionalRule
Details about an AWS WAF rule for Regional resources.
Type: AwsWafRegionalRuleDetails object
Required: No
- AwsWafRegionalRuleGroup
Details about an AWS WAF rule group for Regional resources.
Type: AwsWafRegionalRuleGroupDetails object
Required: No
- AwsWafRegionalWebAcl
Details about an AWS WAF web access control list (web ACL) for Regional resources.
Type: AwsWafRegionalWebAclDetails object
Required: No
- AwsWafRule
Details about an AWS WAF rule for global resources.
Type: AwsWafRuleDetails object
Required: No
- AwsWafRuleGroup
Details about an AWS WAF rule group for global resources.
Type: AwsWafRuleGroupDetails object
Required: No
- AwsWafv2RuleGroup
Details about an AWS WAFv2 rule group.
Type: AwsWafv2RuleGroupDetails object
Required: No
- AwsWafv2WebAcl
Details about an AWS WAFv2 web Access Control List (ACL).
Type: AwsWafv2WebAclDetails object
Required: No
- AwsWafWebAcl
Details for an AWS WAF web ACL.
Type: AwsWafWebAclDetails object
Required: No
- AwsXrayEncryptionConfig
Information about the encryption configuration for AWS X-Ray.
Type: AwsXrayEncryptionConfigDetails object
Required: No
- Container
Details about a container resource related to a finding.
Type: ContainerDetails object
Required: No
- Other
Details about a resource that are not available in a type-specific details object. Use the
object in the following cases.-
The type-specific object does not contain all of the fields that you want to populate. In this case, first use the type-specific object to populate those fields. Use the
object to populate the fields that are missing from the type-specific object. -
The resource type does not have a corresponding object. This includes resources for which the type is
Type: String to string map
Key Pattern:
Value Pattern:
Required: No
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following: