China Cloud Support Reference

Supported China Cloud Services and Policies for InsightCloudSec

For InsightCloudSec customers interested in details about the support of cloud services within China, we have created this section of our documentation to organize all China-specific details.

AWS China Support

Policies

InsightCloudSec uses some of the policies found on AWS Policies to securely harvest data from your AWS China account(s).

Supported Deployment Regions

InsightCloudSec can only be deployed in AWS. For self-hosted customers, InsightCloudSec can be exclusively deployed/hosted in AWS China, if you so choose. For SaaS customers, see SaaS/Hosted Customers - Getting Started Guide for more information.

Supported Resources

Listed below are all of the AWS China services (and their components) supported by InsightCloudSec. For resource support, in general if a resource is supported by InsightCloudSec, we support it in any region in which the CSP provides the resource. If you have questions related to AWS or specific services and their support, contact us through the Customer Support Portal.

API Gateway (Key, Stage)
Amazon DocumentDB
Amazon Keyspaces
Amazon SageMaker (Notebook, Training job)
Amazon Redshift (Serverless Namespace, Serverless Workgroup, Snapshot)
Amazon Transcription
Athena (Workgroup)
AWS Auto Scaling (Group, Launch Configurations)
AWS Backup (Vault)
AWS Glue (Data Catalog, Database, Security Configuration)
AWS Organizations (Consolidated Bill, Service Control Policy)
AWS Transfer Family (SFTP Server)
Batch (Compute Environment)
Certificate Manager (Private Certificate Authority)
CloudFormation (Templates)
CloudFront
CloudSearch (Cluster)
CloudTrail
CloudWatch (Alarm, Log Group, Rule, EventBridge event bus)
CodeBuild (Project)
Database Migration Service (Endpoint, Replication Instance)
Direct Connect
Directory Service
DynamoDB (Accelerator (DAX))
EC2 (Amazon EBS Snapshot, Amazon EBS Volume, Dedicated Instance, Instance, Launch Template, Reserved Instance, Resource/Service Limit/Quota, Savings Plans, SSH Key Pairs)
EFS
Elastic Beanstalk (Application, Environment)
Elastic Container Registry (Container Image, Container Registry)
Elastic Container Service/Fargate (Cluster, Container, Container Task)
Elastic Kubernetes Service (Cluster, Container Instance, Node Group)
Elastic Load Balancer (Application Load Balancer, Gateway Load Balancer, Network Load Balancer)
ElastiCache (Snapshot)
EMR
FSx
IAM (Access Analyzer, Cloud Account, Group, Policy (Customer Managed), Role, IAM/ACM SSL Certificate, User, User Access Key)
Key Management Service
Kinesis (Data Firehose)
Kinesis Video Stream
Lambda (Layer)
MSK (Instance)
Neptune
OpenSearch Service
RDS (Aurora, Cluster, Event Subscription, Instance, Snapshot)
Region
Route 53 (DNS Zone, Domain)
S3 (Access Point, Multi-Region Access Point)
S3 Glacier
SAML Identity Provider
Secrets Manager (Secret)
Serverless Application Repository
Simple Queue Service
Simple Notification Service (Subscription, Topic)
Step Function State Machine
Storage Gateway
Systems Manager (Document)
Trusted Advisor
VPC (Elastic IP, Elastic Network Interface (ENI), Endpoint Service, Endpoint/PrivateLink, Flow Log, Internet Gateway, Managed Prefix List, NACL/Security Group, NACL/Security Group Rules, NAT Gateway, Peer, Route, Route Table, Site-to-Site VPN, Subnet, Traffic Mirror Target, Transit Gateway, Virtual Private Gateway)
WAF
WorkSpaces (Instances)