InsightCloudSec Docs

Welcome to the InsightCloudSec Docs!

InsightCloudSec by Rapid7 (formerly DivvyCloud) is a Cloud-Native Security Platform that provides real-time analysis and automated remediation for continuous security and compliance for your multi-cloud environment.

For questions reach out to us through [email protected].

Take Me to the Docs!    Release Notes

EDH - Supported Resources (AWS)

A list of AWS Support Resources for Event-Driven Harvesting

This page includes a complete list of the AWS supported resources for Event-Drive Harvesting (EDH) as an alphabetized list of the AWS resource names.

Supported Resources

EDH Supported Resources for AWS

API Gateway Key

AppSync API

AutoScaling Groups

AutoScaling Launch Config

Backup Vault

Broker MQ Instances

Cloud Account

CloudTrail

CloudWatch/Event Bridge Event Bus

CFT

CodeBuild Project

Cognito User Pool

Database Migration Service

Directory Service

EBS Snapshots

EBS Volumes

EC2/VPC Instances

ECR

EKS/ECS/Fargate Cluster

Elastic IP Address

ElasticSearch

Encryption Keys (KMS)

Glue Data Catalog

Glue Security Configuration

HyperVisor

IAM Groups

IAM Password Policy

IAM Policies

IAM Roles

IAM Users

Identity Provider

Internet Gateways

Load Balancer

Memcache/Redis

NAT Gateways

Network Interface

Placement Group

Private Image

RDS Cluster

RDS Snapshot

RDS

RedShift

Route53

Route Tables

S3

S3 Access Point

Secret

Serverless Application Repository

SFTP Server

SNS Subscription

SNS Topic

SSH Keypairs

Security Groups and Network ACLs

Service Access Key

Subnets

SQS

Systems Manager (SSM)

VPC Endpoints

VPC Flow Logs

VPC Network Peers

VPCs

VPC Traffic Mirror Target

Workspace Instances

Supported Events

The following events are currently configured to publish to Consumers.

Resource Type:
    SupportedEvent
    
API Gateway Key:
    CreateApiKey
    DeleteApiKey
    UpdateApiKey

AutoScaling Groups:
    AttachInstances
    CreateAutoScalingGroup
    CreateOrUpdateTags
    DeleteAutoScalingGroup
    DetachInstances
    PutScalingPolicy
    SetDesiredCapacity
    SetInstanceProtection
    UpdateAutoScalingGroup
    
AutoScaling Launch Config:
    CreateLaunchConfiguration
    DeleteLaunchConfiguration
    
Backup Vault:
    CreateBackupVault
    DeleteBackupVault
    PutBackupVaultAccessPolicy

Broker MQ Instances:
    CreateBroker
    DeleteBroker
    UpdateBroker

Cloud Account:
    DeleteAccountPasswordPolicy
    DeleteAccountPublicAccessBlock
    PutAccountPublicAccessBlock
    UpdateAccountPasswordPolicy
    
CloudTrail:
    CreateTrail
    DeleteTrail
    UpdateTrail
    StopLogging
    StartLogging    

CloudWatch/Event Bridge Event Bus:
    CreateEventBus
    DeleteEventBus
    PutPermission
    RemovePermission

CFT:
    CancelUpdateStack
    CreateStack
    DeleteStack
    UpdateStack
    UpdateTerminationProtection

CodeBuild Project:
    CreateProject
    UpdateProject

Cognito User Pool:
    CreateUserPool
    DeleteUserPool
    SetUserPoolMfaConfig
    UpdateUserPool

Database Migration Service:
    CreateReplicationInstance
    DeleteReplicationInstance
    ModifyReplicationInstance
    
Directory Service:
    CreateDirectory
    CreateMicrosoftAD
    DeleteDirectory

EBS Snapshots:
    CreateSnapshot
    CreateTags
    DeleteSnapshot
    DeleteTags
    ModifyDBClusterSnapshotAttribute
    ModifyDBSnapshotAttribute
    ModifyImageAttribute
    ModifySnapshotAttribute
    ResetImageAttribute
    
EBS Volumes:
    AttachVolume
    CreateTags
    CreateVolume
    DeleteTags
    DeleteVolume
    DetachVolume
    ModifyVolume
    ModifyVolumeAttribute    
    
EC2/VPC Instances:
    AssociateIamInstanceProfile
    CreateTags
    DeleteTags
    DisassociateIamInstanceProfile
    ModifyInstanceAttribute
    MonitorInstances
    RebootInstances
    RunInstances
    StartInstances
    StopInstances
    TerminateInstances
    UnmonitorInstances

ECR:
    CreateRepository
    DeleteLifecyclePolicy
    DeleteRepository
    DeleteRepositoryPolicy
    PutLifecyclePolicy
    SetRepositoryPolicy
    
EKS/ECS/Fargate Cluster:
    CreateCluster
    DeleteCluster
    UpdateClusterConfig
    UpdateClusterVersion

Elastic IP Addresses:
    AllocateAddress
    
ElasticSearch:
    CreateElasticsearchDomain
    DeleteElasticsearchDomain
    UpgradeElasticsearchDomain
    UpdateElasticsearchDomainConfig
    
Encryption Keys (KMS):
    CreateKey
    DisableKey
    DisableKeyRotation
    EnableKey
    EnableKeyRotation
    PutKeyPolicy
    TagResource
    UntagResource
    UpdateKeyDescription
    
Glue Data Catalog:
    DeleteResourcePolicy
    PutResourcePolicy
    PutDataCatalogEncryptionSettings
    
Glue Security Configuration:
    CreateSecurityConfiguration
    DeleteSecurityConfiguration

HyperVisor:
    AllocateHosts
    ModifyHosts
    ReleaseHosts
    
IAM Groups:
    AttachGroupPolicy
    CreateGroup
    DeleteGroup
    DeleteGroupPolicy
    DetachGroupPolicy
    PutGroupPolicy
    
IAM Password Policy:
    DeleteAccountPasswordPolicy
    DeleteAccountPublicAccessBlock
    PutAccountPublicAccessBlock
    UpdateAccountPasswordPolicy    

IAM Policies:
    CreatePolicy
    CreatePolicyVersion
    CreateSAMLProvider
    DeleteAccountPasswordPolicy
    DeleteAccountPublicAccessBlock
    DeletePolicy
    DeletePolicyVersion
    DeleteSAMLProvider
    PutAccountPublicAccessBlock
    UpdateAccountPasswordPolicy

IAM Roles:
    AttachRolePolicy
    ConsoleLogin
    CreateRole
    DeleteRole
    DeleteRolePermissionsBoundary
    DeleteRolePolicy
    DetachRolePolicy
    PutRolePermissionsBoundary
    PutRolePolicy
    TagRole
    UntagRole
    UpdateAssumeRolePolicy
    
IAM Users:
    AddUserToGroup
    AttachUserPolicy
    ConsoleLogin
    CreateLoginProfile
    CreateUser
    CreateVirtualMFADevice
    DeactivateMFADevice
    DeleteLoginProfile
    DeleteUser
    DeleteUserPolicy
    DeleteVirtualMFADevice
    DetachUserPolicy
    EnableMFADevice
    PutUserPolicy
    RemoveUserFromGroup
    TagUser
    UntagUser
    UpdateUser
    
Identity Provider:
    CreateSAMLProvider
    DeleteSAMLProvider
    
Internet Gateways:
    AttachInternetGateway
    CreateInternetGateway
    DeleteInternetGateway
    DetachInternetGateway
    
Load Balancer:
    AddTags
    ApplySecurityGroupsToLoadBalancer
    AttachLoadBalancerToSubnets
    CreateLoadBalancer
    CreateLoadBalancerListeners
    DeleteLoadBalancer
    DeleteLoadBalancerListeners
    DeregisterInstancesFromLoadBalancer
    DetachLoadBalancerFromSubnets
    ModifyLoadBalancerAttributes
    RegisterInstancesWithLoadBalancer
    RemoveTags
    SetSecurityGroups
    SetSubnets
    
Memcached/Redis:
    CreateCacheCluster
    CreateReplicationGroup
    DeleteCacheCluster
    DeleteReplicationGroup
    ModifyCacheCluster
    ModifyReplicationGroup
    RebootCacheCluster
    
NAT Gateways:
    CreateNatGateway
    DeleteNatGateway
    
Network Interface:
    CreateNetworkInterface
    DeleteNetworkInterface
    ModifyNetworkInterfaceAttribute
    
Placement Group:
    CreatePlacementGroup
    DeletePlacementGroup
    
Private Image:
    CreateImage
    DeregisterImage
    ImportImage
    RegisterImage
   
    
RDS Cluster:
    CreateDBCluster
    DeleteDBCluster
    ModifyDBCluster
    StartDBCluster
    StopDBCluster
    
RDS Snapshot:
    AddTagsToResource
    CreateDBClusterSnapshot
    CreateDBSnapshot
    DeleteDBClusterSnapshot
    DeleteDBSnapshot
    RemoveTagsFromResource
    
RDS:
    AddTagsToResource
    CreateDBInstance
    CreateDBInstanceReadReplica
    DeleteDBInstance
    ModifyDBInstance
    RebootDBInstance
    RemoveTagsFromResource
    StartDBInstance
    StopDBInstance
    
RedShift:
    AuthorizeSnapshotAccess
    BatchDeleteClusterSnapshots
    CreateCluster
    CreateClusterSnapshot
    CreateTags
    DeleteCluster
    DeleteClusterSnapshot
    DeleteTags
    DisableLogging
    EnableLogging
    ModifyCluster
    RebootCluster
    ResizeCluster
    RevokeSnapshotAccess

Route53:
    CreateHostedZone
    DeleteHostedZone

Route Tables:
    AssociateRouteTable
    CreateRoute
    CreateRouteTable
    DeleteRoute
    DeleteRouteTable
    DisassociateRouteTable
    ReplaceRoute
    ReplaceRouteTableAssociation
    
S3:
    CreateBucket
    DeleteBucket
    DeleteBucketEncryption
    DeleteBucketPolicy
    DeleteBucketPublicAccessBlock
    DeleteBucketTagging
    DeleteBucketWebsite
    PutBucketAcl
    PutBucketEncryption
    PutBucketLogging
    PutBucketPolicy
    PutBucketPublicAccessBlock
    PutBucketTagging
    PutBucketVersioning
    PutBucketWebsite
    
S3 Access Point:
    CreateAccessPoint
    DeleteAccessPoint
    DeleteAccessPointPolicy
    PutAccessPointPolicy

Secret:
    CancelRotateSecret
    CreateSecret
    DeleteSecret
    PutSecretValue
    RotateSecret
    TagResource
    UntagResource
    UpdateSecret

Serverless Application Repository:
    CreateApplication
    DeleteApplication
    PutApplicationPolicy
    UpdateApplication

SFTP Server:
    CreateServer
    CreateUser
    DeleteServer
    DeleteUser
    StartServer
    StopServer
    UpdateServer
    UpdateUser

SNS Subscription:
    SetSubscriptionAttributes
    Unsubscribe   
    
SNS Topic:
    CreateTopic
    DeleteTopic
    SetTopicAttributes
    TagQueue
    UntagQueue
    
SSH Keypairs:
    CreateKeyPair
    DeleteKeyPair
    ImportKeyPair
    
Security Groups and Network ACLs:
    AuthorizeSecurityGroupEgress
    AuthorizeSecurityGroupIngress
    CreateNetworkAcl
    CreateNetworkAclEntry
    CreateSecurityGroup
    CreateTags
    DeleteNetworkAcl
    DeleteNetworkAclEntry
    DeleteSecurityGroup
    DeleteTags
    ReplaceNetworkAclAssociation
    ReplaceNetworkAclEntry
    RevokeSecurityGroupEgress
    RevokeSecurityGroupIngress
    UpdateSecurityGroupRuleDescriptionsEgress
    UpdateSecurityGroupRuleDescriptionsIngress
    
Service Access Key:
    CreateAccessKey
    DeleteAccessKey
    UpdateAccessKey
    
Subnets:
    CreateSubnet
    CreateTags
    DeleteSubnet
    DeleteTags
    
SQS:
    AddPermission
    CreateQueue
    DeleteQueue
    RemovePermission
    SetQueueAttributes
    
Systems Manager (SSM) Agent:
    StartSession
    
VPC Endpoints:
    AcceptVpcEndpointConnections
    CreateVpcEndpoint
    CreateVpcEndpointServiceConfiguration
    DeleteVpcEndpoint
    DeleteVpcEndpointServiceConfigurations
    ModifyVpcEndpoint
    ModifyVpcEndpointServiceConfiguration
    ModifyVpcEndpointServicePermissions
    RejectVpcEndpointConnections

VPC Flow Logs:
    CreateFlowLogs
    DeleteFlowLogs
    
VPC Network Peer:
    AcceptVpcPeeringConnection
    CreateVpcPeeringConnection
    DeleteVpcPeeringConnection            
    RejectVpcPeeringConnection    

VPCs:
    AssociateDhcpOptions
    AssociateVpcCidrBlock
    CreateTags
    CreateVpc
    DeleteTags
    DeleteVpc
    DisassociateVpcCidrBlock
    
VPC Traffic Mirror Targets:
    CreateTrafficMirrorTarget
    DeleteTrafficMirrorTarget

Workspaces: 
    CreateWorkspaces
    ModifyWorkspaceProperties
    RebootWorkspaces
    StartWorkspaces
    StopWorkspaces
    TerminateWorkspaces

Updated 2 days ago

EDH - Supported Resources (AWS)


A list of AWS Support Resources for Event-Driven Harvesting

Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.