AWS infrastructure
Current supported resource types for AWS are listed here. The listed resources are available in PKL, extractable or discoverable. If a resource is listed here it's available in our AWS.
| Type | Discoverable | Extractable | Comment |
|---|---|---|---|
| AWS::ApiGateway::ApiKey | ✅ | ✅ | |
| AWS::ApiGateway::Deployment | ✅ | ✅ | |
| AWS::ApiGateway::Method | ❌ | ✅ | |
| AWS::ApiGateway::Resource | ❌ | ✅ | |
| AWS::ApiGateway::RestApi | ✅ | ✅ | |
| AWS::ApiGateway::Stage | ✅ | ✅ | |
| AWS::ApiGateway::UsagePlan | ✅ | ✅ | |
| AWS::ApiGateway::UsagePlanKey | ✅ | ✅ | |
| AWS::CloudFront::Distribution | ❌ | ❌ | |
| AWS::DynamoDB::GlobalTable | ✅ | ✅ | |
| AWS::DynamoDB::Table | ✅ | ✅ | |
| AWS::EC2::CapacityReservation | ✅ | ✅ | |
| AWS::EC2::CapacityReservationFleet | ✅ | ✅ | |
| AWS::EC2::CarrierGateway | ✅ | ✅ | |
| AWS::EC2::ClientVpnAuthorizationRule | ❌ | ✅ | |
| AWS::EC2::ClientVpnEndpoint | ❌ | ✅ | |
| AWS::EC2::ClientVpnRoute | ❌ | ✅ | |
| AWS::EC2::ClientVpnTargetNetworkAssociation | ❌ | ✅ | |
| AWS::EC2::CustomerGateway | ✅ | ✅ | |
| AWS::EC2::DHCPOptions | ✅ | ✅ | |
| AWS::EC2::EC2Fleet | ✅ | ✅ | |
| AWS::EC2::EgressOnlyInternetGateway | ✅ | ✅ | |
| AWS::EC2::EIP | ✅ | ✅ | |
| AWS::EC2::EIPAssociation | ✅ | ✅ | |
| AWS::EC2::EnclaveCertificateIamRoleAssociation | ❌ | ✅ | |
| AWS::EC2::FlowLog | ✅ | ✅ | |
| AWS::EC2::GatewayRouteTableAssociation | ❌ | ✅ | |
| AWS::EC2::Host | ✅ | ✅ | |
| AWS::EC2::Instance | ✅ | ✅ | |
| AWS::EC2::InstanceConnectEndpoint | ✅ | ✅ | |
| AWS::EC2::InternetGateway | ✅ | ✅ | |
| AWS::EC2::IPAM | ✅ | ✅ | |
| AWS::EC2::IPAMAllocation | ✅ | ✅ | |
| AWS::EC2::IPAMPool | ✅ | ✅ | |
| AWS::EC2::IPAMPoolCidr | ✅ | ✅ | |
| AWS::EC2::IPAMResourceDiscovery | ✅ | ✅ | |
| AWS::EC2::IPAMResourceDiscoveryAssociation | ✅ | ✅ | |
| AWS::EC2::IPAMScope | ✅ | ✅ | |
| AWS::EC2::KeyPair | ✅ | ✅ | |
| AWS::EC2::LaunchTemplate | ✅ | ✅ | |
| AWS::EC2::LocalGatewayRoute | ✅ | ✅ | |
| AWS::EC2::LocalGatewayRouteTable | ✅ | ✅ | |
| AWS::EC2::LocalGatewayRouteTableVirtualInterfaceGroupAssociation | ✅ | ✅ | |
| AWS::EC2::LocalGatewayRouteTableVPCAssociation | ✅ | ✅ | |
| AWS::EC2::NatGateway | ✅ | ✅ | |
| AWS::EC2::NetworkAcl | ✅ | ✅ | |
| AWS::EC2::NetworkAclEntry | ❌ | ✅ | |
| AWS::EC2::NetworkInsightsAccessScope | ✅ | ✅ | |
| AWS::EC2::NetworkInsightsAccessScopeAnalysis | ✅ | ✅ | |
| AWS::EC2::NetworkInsightsAnalysis | ✅ | ✅ | |
| AWS::EC2::NetworkInsightsPath | ✅ | ✅ | |
| AWS::EC2::NetworkInterface | ✅ | ✅ | |
| AWS::EC2::NetworkInterfaceAttachment | ✅ | ✅ | |
| AWS::EC2::NetworkInterfacePermission | ❌ | ✅ | |
| AWS::EC2::NetworkPerformanceMetricSubscription | ✅ | ✅ | |
| AWS::EC2::PlacementGroup | ✅ | ✅ | |
| AWS::EC2::PrefixList | ❌ | ❌ | |
| AWS::EC2::Route | ❌ | ✅ | |
| AWS::EC2::RouteTable | ✅ | ✅ | |
| AWS::EC2::SecurityGroup | ✅ | ✅ | |
| AWS::EC2::SecurityGroupEgress | ✅ | ✅ | |
| AWS::EC2::SecurityGroupIngress | ✅ | ✅ | |
| AWS::EC2::SecurityGroupVpcAssociation | ✅ | ✅ | |
| AWS::EC2::SnapshotBlockPublicAccess | ✅ | ✅ | |
| AWS::EC2::SpotFleet | ✅ | ✅ | |
| AWS::EC2::Subnet | ✅ | ✅ | |
| AWS::EC2::SubnetCidrBlock | ✅ | ✅ | |
| AWS::EC2::SubnetNetworkAclAssociation | ✅ | ✅ | |
| AWS::EC2::SubnetRouteTableAssociation | ✅ | ✅ | |
| AWS::EC2::TrafficMirrorFilter | ✅ | ✅ | |
| AWS::EC2::TrafficMirrorFilterRule | ✅ | ✅ | |
| AWS::EC2::TrafficMirrorSession | ✅ | ✅ | |
| AWS::EC2::TrafficMirrorTarget | ✅ | ✅ | |
| AWS::EC2::TransitGateway | ✅ | ✅ | |
| AWS::EC2::TransitGatewayAttachment | ✅ | ✅ | |
| AWS::EC2::TransitGatewayConnect | ✅ | ✅ | |
| AWS::EC2::TransitGatewayMulticastDomain | ✅ | ✅ | |
| AWS::EC2::TransitGatewayMulticastDomainAssociation | ✅ | ✅ | |
| AWS::EC2::TransitGatewayMulticastGroupMember | ✅ | ✅ | |
| AWS::EC2::TransitGatewayMulticastGroupSource | ✅ | ✅ | |
| AWS::EC2::TransitGatewayPeeringAttachment | ✅ | ✅ | |
| AWS::EC2::TransitGatewayRoute | ✅ | ✅ | |
| AWS::EC2::TransitGatewayRouteTable | ✅ | ✅ | |
| AWS::EC2::TransitGatewayRouteTableAssociation | ✅ | ✅ | |
| AWS::EC2::TransitGatewayRouteTablePropagation | ✅ | ✅ | |
| AWS::EC2::TransitGatewayVpcAttachment | ✅ | ✅ | |
| AWS::EC2::VerifiedAccessEndpoint | ✅ | ✅ | |
| AWS::EC2::VerifiedAccessGroup | ✅ | ✅ | |
| AWS::EC2::VerifiedAccessInstance | ✅ | ✅ | |
| AWS::EC2::VerifiedAccessTrustProvider | ✅ | ✅ | |
| AWS::EC2::Volume | ✅ | ✅ | |
| AWS::EC2::VolumeAttachment | ✅ | ✅ | |
| AWS::EC2::VPC | ✅ | ✅ | |
| AWS::EC2::VPCBlockPublicAccessExclusion | ✅ | ✅ | |
| AWS::EC2::VPCBlockPublicAccessOptions | ❌ | ✅ | |
| AWS::EC2::VPCCidrBlock | ❌ | ✅ | |
| AWS::EC2::VPCDHCPOptionsAssociation | ✅ | ✅ | |
| AWS::EC2::VPCEndpoint | ✅ | ✅ | |
| AWS::EC2::VPCEndpointConnectionNotification | ✅ | ✅ | |
| AWS::EC2::VPCEndpointService | ✅ | ✅ | |
| AWS::EC2::VPCEndpointServicePermissions | ✅ | ✅ | |
| AWS::EC2::VPCGatewayAttachment | ✅ | ✅ | |
| AWS::EC2::VPCPeeringConnection | ✅ | ✅ | |
| AWS::EC2::VPNConnection | ✅ | ✅ | |
| AWS::EC2::VPNConnectionRoute | ✅ | ✅ | |
| AWS::EC2::VPNGateway | ✅ | ✅ | |
| AWS::EC2::VPNGatewayRoutePropagation | ❌ | ✅ | |
| AWS::ECR::PullThroughCacheRule | ✅ | ✅ | |
| AWS::ECR::RegistryPolicy | ✅ | ✅ | |
| AWS::ECR::ReplicationConfiguration | ✅ | ✅ | |
| AWS::ECR::Repository | ✅ | ✅ | |
| AWS::ECR::RepositoryCreationTemplate | ✅ | ✅ | |
| AWS::ECS::CapacityProvider | ❌ | ✅ | |
| AWS::ECS::ClusterCapacityProviderAssociations | ✅ | ✅ | |
| AWS::ECS::Cluster | ✅ | ✅ | |
| AWS::ECS::PrimaryTaskSet | ❌ | ✅ | |
| AWS::ECS::Service | ✅ | ✅ | |
| AWS::ECS::TaskDefinition | ✅ | ✅ | |
| AWS::ECS::TaskSet | ✅ | ✅ | |
| AWS::EFS::AccessPoint | ✅ | ✅ | |
| AWS::EFS::FileSystem | ✅ | ✅ | |
| AWS::EFS::MountTarget | ✅ | ✅ | |
| AWS::EKS::Cluster | ✅ | ✅ | |
| AWS::EKS::Nodegroup | ✅ | ✅ | |
| AWS::ElasticBeanstalk::Application | ✅ | ✅ | |
| AWS::ElasticBeanstalk::ApplicationVersion | ✅ | ✅ | |
| AWS::ElasticBeanstalk::ConfigurationTemplate | ✅ | ✅ | |
| AWS::ElasticBeanstalk::Environment | ✅ | ✅ | |
| AWS::ElasticLoadBalancingV2::Listener | ✅ | ✅ | |
| AWS::ElasticLoadBalancingV2::ListenerCertificate | ❌ | ✅ | |
| AWS::ElasticLoadBalancingV2::ListenerRule | ❌ | ✅ | |
| AWS::ElasticLoadBalancingV2::LoadBalancer | ✅ | ✅ | |
| AWS::ElasticLoadBalancingV2::TargetGroup | ✅ | ✅ | |
| AWS::ElasticLoadBalancingV2::TrustStore | ✅ | ✅ | |
| AWS::ElasticLoadBalancingV2::TrustStoreRevocation | ✅ | ✅ | |
| AWS::IAM::AccessKey | ❌ | ✅ | |
| AWS::IAM::Group | ✅ | ✅ | |
| AWS::IAM::GroupPolicy | ❌ | ✅ | |
| AWS::IAM::InstanceProfile | ✅ | ✅ | |
| AWS::IAM::ManagedPolicy | ❌ | ✅ | |
| AWS::IAM::OIDCProvider | ✅ | ✅ | |
| AWS::IAM::Policy | ❌ | ✅ | |
| AWS::IAM::Role | ✅ | ✅ | |
| AWS::IAM::RolePolicy | ✅ | ✅ | |
| AWS::IAM::SAMLProvider | ✅ | ✅ | |
| AWS::IAM::ServerCertificate | ✅ | ✅ | |
| AWS::IAM::ServiceLinkedRole | ❌ | ✅ | |
| AWS::IAM::User | ❌ | ❌ | |
| AWS::IAM::UserPolicy | ❌ | ✅ | |
| AWS::IAM::UserToGroupAddition | ❌ | ✅ | |
| AWS::IAM::VirtualMFADevice | ❌ | ❌ | |
| AWS::KMS::Key | ❌ | ❌ | |
| AWS::KMS::Alias | ❌ | ✅ | |
| AWS::Lambda::CodeSigningConfig | ✅ | ✅ | |
| AWS::Lambda::EventInvokeConfig | ✅ | ✅ | |
| AWS::Lambda::EventSourceMapping | ✅ | ✅ | |
| AWS::Lambda::Function | ✅ | ✅ | |
| AWS::Lambda::Alias | ✅ | ✅ | |
| AWS::Lambda::LayerVersion | ❌ | ✅ | |
| AWS::Lambda::LayerVersionPermission | ❌ | ✅ | |
| AWS::Lambda::Permission | ❌ | ✅ | |
| AWS::Lambda::Url | ✅ | ✅ | |
| AWS::Lambda::Version | ✅ | ✅ | |
| AWS::Logs::LogGroup | ✅ | ✅ | |
| AWS::RDS::CustomDBEngineVersion | ✅ | ✅ | |
| AWS::RDS::DBCluster | ✅ | ✅ | |
| AWS::RDS::DBClusterParameterGroup | ✅ | ✅ | |
| AWS::RDS::DBInstance | ✅ | ✅ | |
| AWS::RDS::DBParameterGroup | ✅ | ✅ | |
| AWS::RDS::DBProxy | ✅ | ✅ | |
| AWS::RDS::DBProxyEndpoint | ✅ | ✅ | |
| AWS::RDS::DBProxyTargetGroup | ✅ | ✅ | |
| AWS::RDS::DBSecurityGroup | ❌ | ✅ | |
| AWS::RDS::DBSecurityGroupIngress | ❌ | ✅ | |
| AWS::RDS::DBShardGroup | ✅ | ✅ | |
| AWS::RDS::DBSubnetGroup | ✅ | ✅ | |
| AWS::RDS::EventSubscription | ✅ | ✅ | |
| AWS::RDS::GlobalCluster | ✅ | ✅ | |
| AWS::RDS::Integration | ✅ | ✅ | |
| AWS::RDS::OptionGroup | ✅ | ✅ | |
| AWS::Route53::CidrCollection | ✅ | ✅ | |
| AWS::Route53::DNSSEC | ✅ | ✅ | |
| AWS::Route53::HealthCheck | ✅ | ✅ | |
| AWS::Route53::HostedZone | ✅ | ✅ | |
| AWS::Route53::KeySigningKey | ✅ | ✅ | |
| AWS::Route53::RecordSet | ✅ | ✅ | |
| AWS::Route53::RecordSetGroup | ❌ | ✅ | |
| AWS::S3::AccessGrant | ❌ | ✅ | |
| AWS::S3::AccessGrantsInstance | ❌ | ✅ | |
| AWS::S3::AccessGrantsLocation | ❌ | ✅ | |
| AWS::S3::Bucket | ✅ | ✅ | |
| AWS::S3::BucketPolicy | ✅ | ✅ | |
| AWS::S3::MultiRegionAccessPoint | ✅ | ✅ | |
| AWS::S3::MultiRegionAccessPointPolicy | ❌ | ✅ | |
| AWS::S3::AccessPoint | ✅ | ✅ | |
| AWS::S3::StorageLens | ✅ | ✅ | |
| AWS::S3::StorageLensGroup | ✅ | ✅ | |
| AWS::SageMaker::Domain | ✅ | ✅ | This resource creates an EFS system - AutoHomeEFS - which will need to be manually removed prior to successfully destroying the domain. |
| AWS::SageMaker::Endpoint | ❌ | ✅ | |
| AWS::SageMaker::ModelPackageGroup | ❌ | ✅ | |
| AWS::SageMaker::UserProfile | ✅ | ✅ | |
| AWS::SecretsManager::ResourcePolicy | ✅ | ✅ | |
| AWS::SecretsManager::RotationSchedule | ✅ | ✅ | |
| AWS::SecretsManager::Secret | ✅ | ✅ | |
| AWS::SecretsManager::SecretTargetAttachment | ❌ | ✅ | |
| AWS::SQS::Queue | ✅ | ✅ | |
| AWS::SQS::QueueInlinePolicy | ❌ | ✅ | |
| AWS::SQS::QueuePolicy | ❌ | ✅ |