Skip to main content

Supported Resources

Supported Resource Types

Below is a list of all AWS resource types (asset types) that CloudYali currently supports.

Global AWS Resources

Resource TypeTag Support
AWS::IAM::AccessKey
AWS::IAM::AccountPasswordPolicy
AWS::IAM::Group
AWS::IAM::InstanceProfile
AWS::IAM::OpenIDConnectProvider
AWS::IAM::Policy
AWS::IAM::Role
AWS::IAM::SAMLProvider
AWS::IAM::SSHPublicKey
AWS::IAM::ServerCertificate
AWS::IAM::ServiceSpecificCredential
AWS::IAM::User
AWS::IAM::VirtualMFADevice
AWS::Route53Domains::Domain
AWS::Route53Domains::Operation
AWS::S3::Bucket

Regional AWS Resources

Resource TypeTag Support
AWS::ACM::Certificate
AWS::ACMPCA::CertificateAuthority
AWS::APIGateway::ApiKey
AWS::APIGateway::BasePathMapping
AWS::APIGateway::ClientCertificate
AWS::APIGateway::Deployment
AWS::APIGateway::DomainName
AWS::APIGateway::Model
AWS::APIGateway::RequestValidator
AWS::APIGateway::Resource
AWS::APIGateway::RestApi
AWS::APIGateway::Stage
AWS::APIGateway::UsagePlan
AWS::APIGateway::VpcLink
AWS::Amplify::App
AWS::Amplify::BackendEnvironment
AWS::Amplify::DomainAssociation
AWS::Amplify::Webhook
AWS::AutoScaling::AutoScalingGroup
AWS::AutoScaling::AutoScalingInstance
AWS::AutoScaling::LaunchConfiguration
AWS::AutoScaling::LifecycleHook
AWS::AutoScaling::NotificationConfiguration
AWS::AutoScaling::Policy
AWS::AutoScaling::ScalingActivity
AWS::AutoScaling::ScheduledAction
AWS::CloudFront::Distribution
AWS::CloudTrail::PublicKey
AWS::CloudTrail::Trail
AWS::CloudWatch::Dashboard
AWS::CloudWatch::InsightRule
AWS::CloudWatchLogs::Destination
AWS::CloudWatchLogs::ExportTask
AWS::CloudWatchLogs::LogGroup
AWS::CloudWatchLogs::MetricFilter
AWS::CloudWatchLogs::Query
AWS::CloudWatchLogs::QueryDefinition
AWS::CloudWatchLogs::ResourcePolicy
AWS::CloudWatchLogs::SubscriptionFilter
AWS::CognitoIdentityProvider::Group
AWS::CognitoIdentityProvider::IdentityProvider
AWS::CognitoIdentityProvider::User
AWS::CognitoIdentityProvider::UserPool
AWS::CognitoSync::IdentityPoolUsage
AWS::DirectoryService::ConditionalForwarder
AWS::DirectoryService::Directory
AWS::DirectoryService::EventTopic
AWS::DirectoryService::LogSubscription
AWS::DirectoryService::Snapshot
AWS::DirectoryService::Trust
AWS::DynamoDB::Backup
AWS::DynamoDB::GlobalTable
AWS::DynamoDB::Table
AWS::DynamoDBStreams::Stream
AWS::EC2::AccountAttribute
AWS::EC2::Address
AWS::EC2::CarrierGateway
AWS::EC2::ClientVpnEndpoint
AWS::EC2::CoipPool
AWS::EC2::CustomerGateway
AWS::EC2::DhcpOption
AWS::EC2::EgressOnlyInternetGateway
AWS::EC2::ElasticGpus
AWS::EC2::Fleet
AWS::EC2::FlowLog
AWS::EC2::Host
AWS::EC2::Image
AWS::EC2::Instance
AWS::EC2::InternetGateway
AWS::EC2::KeyPair
AWS::EC2::LaunchTemplate
AWS::EC2::LocalGateway
AWS::EC2::LocalGatewayRouteTable
AWS::EC2::NatGateway
AWS::EC2::NetworkAcl
AWS::EC2::NetworkInterface
AWS::EC2::ReservedInstance
AWS::EC2::RouteTable
AWS::EC2::SecurityGroup
AWS::EC2::Snapshot
AWS::EC2::SnapshotAttribute
AWS::EC2::Subnet
AWS::EC2::TransitGateway
AWS::EC2::TransitGatewayPeeringAttachment
AWS::EC2::TransitGatewayVpcAttachment
AWS::EC2::Volume
AWS::EC2::Vpc
AWS::EC2::VpcEndpoint
AWS::EC2::VpcEndpointConnection
AWS::EC2::VpcEndpointService
AWS::EC2::VpcPeeringConnection
AWS::EC2::VpnConnection
AWS::EC2::VpnGateway
AWS::ECR::Repository
AWS::ECRPublic::Registry
AWS::ECRPublic::Repository
AWS::ECS::CapacityProvider
AWS::ECS::Cluster
AWS::EFS::AccessPoint
AWS::EFS::FileSystem
AWS::ELB::LoadBalancer
AWS::ELB::LoadBalancerPolicy
AWS::ELBV2::Listener
AWS::ELBV2::LoadBalancer
AWS::ELBV2::Rule
AWS::ELBV2::TargetGroup
AWS::ElastiCache::CacheCluster
AWS::ElastiCache::CacheParameterGroup
AWS::ElastiCache::CacheSecurityGroup
AWS::ElastiCache::CacheSubnetGroup
AWS::ElastiCache::GlobalReplicationGroup
AWS::ElastiCache::ReplicationGroup
AWS::ElastiCache::ReservedCacheNode
AWS::ElastiCache::ServiceUpdate
AWS::ElastiCache::Snapshot
AWS::ElastiCache::UpdateAction
AWS::ElastiCache::User
AWS::ElastiCache::UserGroup
AWS::EventBridge::Archive
AWS::EventBridge::EventBus
AWS::EventBridge::EventSource
AWS::EventBridge::Replay
AWS::EventBridge::Rule
AWS::EventBridge::TargetsByRule
AWS::Glacier::Vault
AWS::Inspector::AssessmentRun
AWS::Inspector::AssessmentTarget
AWS::Inspector::AssessmentTemplate
AWS::Inspector::EventSubscription
AWS::Inspector::Finding
AWS::KMS::CustomKeyStore
AWS::KMS::Key
AWS::Kinesis::Stream
AWS::Lambda::Alias
AWS::Lambda::CodeSigningConfig
AWS::Lambda::EventSourceMapping
AWS::Lambda::Function
AWS::Lambda::FunctionEventInvokeConfig
AWS::Lambda::Layer
AWS::Lambda::LayerVersion
AWS::Lambda::ProvisionedConcurrencyConfig
AWS::Macie2::Bucket
AWS::Macie2::Invitation
AWS::Macie2::Member
AWS::Macie2::UsageStatistic
AWS::Macie::MemberAccount
AWS::Macie::S3Resource
AWS::Neptune::DBCluster
AWS::Neptune::DBClusterParameterGroup
AWS::Neptune::DBClusterSnapshot
AWS::Neptune::DBInstance
AWS::Neptune::DBParameterGroup
AWS::Neptune::DBSubnetGroup
AWS::Neptune::Event
AWS::Neptune::EventSubscription
AWS::Neptune::PendingMaintenanceAction
AWS::RDS::AccountAttribute
AWS::RDS::Certificate
AWS::RDS::CustomAvailabilityZone
AWS::RDS::DBCluster
AWS::RDS::DBClusterEndpoint
AWS::RDS::DBClusterParameterGroup
AWS::RDS::DBClusterSnapshot
AWS::RDS::DBInstance
AWS::RDS::DBInstanceAutomatedBackup
AWS::RDS::DBParameterGroup
AWS::RDS::DBProxy
AWS::RDS::DBProxyTarget
AWS::RDS::DBProxyTargetGroup
AWS::RDS::DBSecurityGroup
AWS::RDS::DBSnapshot
AWS::RDS::DBSubnetGroup
AWS::RDS::Event
AWS::RDS::EventSubscription
AWS::RDS::ExportTask
AWS::RDS::GlobalCluster
AWS::RDS::OptionGroup
AWS::RDS::PendingMaintenanceAction
AWS::RDS::ReservedDBInstance
AWS::Redshift::Cluster
AWS::Redshift::ClusterParameterGroup
AWS::Redshift::ClusterSecurityGroup
AWS::Redshift::ClusterSnapshot
AWS::Redshift::ClusterSubnetGroup
AWS::Redshift::Event
AWS::Redshift::EventSubscription
AWS::Redshift::HsmClientCertificate
AWS::Redshift::HsmConfiguration
AWS::Redshift::ReservedNode
AWS::Redshift::SnapshotSchedule
AWS::Route53::HealthCheck
AWS::Route53::HostedZone
AWS::Route53::QueryLoggingConfig
AWS::Route53::ReusableDelegationSet
AWS::Route53::TrafficPolicy
AWS::Route53::TrafficPolicyInstance
AWS::Route53Resolver::ResolverEndpoint
AWS::Route53Resolver::ResolverQueryLogConfig
AWS::Route53Resolver::ResolverQueryLogConfigAssociation
AWS::Route53Resolver::ResolverRule
AWS::Route53Resolver::ResolverRuleAssociation
AWS::S3::BucketInventoryConfiguration
AWS::SFN::Activity
AWS::SFN::StateMachine
AWS::SNS::PlatformApplication
AWS::SNS::Subscription
AWS::SNS::Topic
AWS::SQS::Queue
AWS::SSM::Activation
AWS::SSM::Association
AWS::SSM::AutomationExecution
AWS::SSM::Command
AWS::SSM::CommandInvocation
AWS::SSM::ComplianceItem
AWS::SSM::ComplianceSummary
AWS::SSM::Document
AWS::SSM::MaintenanceWindow
AWS::SSM::Parameter
AWS::SSM::PatchBaseline
AWS::SSM::PatchGroup
AWS::SSM::ResourceComplianceSummary
AWS::SSM::ResourceDataSync
AWS::SecretsManager::Secret
AWS::WAF::ByteMatchSet
AWS::WAF::GeoMatchSet
AWS::WAF::IPSet
AWS::WAF::RegexMatchSet
AWS::WAF::RegexPatternSet
AWS::WAF::Rule
AWS::WAF::RuleGroup
AWS::WAF::SizeConstraintSet
AWS::WAF::SqlInjectionMatchSet
AWS::WAF::WebACL
AWS::WAF::XssMatchSet