Dig Mode has been tested against the following services and APIs. Cloudtrail API requests attempt lookups using the ARN and/or resource ID value. (Note: GovCloud regions are not supported in BOYD v1.0.1.)
Dig Mode Supported APIs
| Product Code | Config | API |
|---|---|---|
| AWS Amplify – app | ✓ | get_app |
| AWS Certificate Manager – acm | ✓ | describe_certificate |
| AWS Certificate Manager – acm_pca | ✓ | describe_certificate_authority |
| AWS CloudFormation – stack | describe_stacks | |
| Amazon CloudFront – distribution | ✓ | get_distribution |
| Amazon CloudFront – function | ✓ | get_function |
| AmazonCloudWatch – flow-log | ✓ | describe_flow_logs |
| AmazonCloudWatch – instance | ✓ | describe_instances |
| AmazonCloudWatch – logs | describe_log_groups | |
| CodeBuild – project | batch_get_projects | |
| AWS CodePipeline – codepipeline | ✓ | get_pipeline |
| Amazon DynamoDB – table | ✓ | describe_table |
| Amazon Elastic Compute Cloud – instance | ✓ | describe_instances |
| Amazon Elastic Compute Cloud – nat | ✓ | describe_nat_gateways |
| Amazon Elastic Compute Cloud – snapshot | describe_snapshots | |
| Amazon Elastic Compute Cloud – volume | ✓ | describe_volumes |
| Amazon EC2 Container Registry (ECR) – repository | ✓ | describe_repositories |
| Amazon Elastic Container Registry Public – public-repository | ✓ | describe_tasks |
| Amazon EFS – file-system | describe_file_systems | |
| Amazon ES – es-domain | describe_elasticsearch_domain | |
| Amazon ElastiCache – cache-cluster | describe_cache_clusters | |
| AWS Glue – crawler | get_crawler | |
| AWS Glue – database | ✓ | get_database |
| AWS Glue – table | ||
| AWS Glue – job | ✓ | get_job |
| Amazon Inspector – instance | ✓ | list_findings |
| Amazon Inspector – lambda | ✓ | list_findings |
| Amazon Kinesis – kinesis | describe_stream | |
| Amazon Kinesis Firehose – firehose | describe_delivery_stream | |
| AWS Key Management Service – key | ✓ | describe_key |
| Amazon Neptune – neptune-db | describe_db_instances | |
| Amazon SageMaker – notebook-instance | ✓ | describe_notebook_instance |
| Amazon Virtual Private Cloud – client-vpn-enpdoint | describe_client_vpn_endpoints | |
| Amazon Virtual Private Cloud – eip | ✓ | describe_addresses |
| Amazon Virtual Private Cloud – network_interface | ✓ | describe_network_interfaces |
| Amazon Virtual Private Cloud – transit-gateway-attachment | describe_transit_gateway_attachments | |
| Amazon Virtual Private Cloud – vpc-endpoint | ✓ | describe_vpc_endpoints |
| Elastic Load Balancing – loadbalancerv2_app | ✓ | describe_load_balancers |
| Elastic Load Balancing – loadbalancerv2_net | ✓ | describe_load_balancers |
| Elastic Load Balancing – loadbalancer | ✓ | describe_load_balancers |
| AWS Lambda – function | ✓ | get_function |
| Amazon QuickSight – quicksight-user | describe_user | |
| Amazon RDS – db | describe_db_instances | |
| Amazon RDS – cluster | describe_db_clusters | |
| Amazon RDS – cluster-snapshot | describe_db_cluster_snapshots | |
| Amazon Route 53 – healthcheck | ✓ | get_health_check |
| Amazon Route 53 – hostedzone | ✓ | get_hosted_zone |
| Amazon Simple Storage Service – bucket | ✓ | |
| AWS Secrets Manager – secret | ✓ | describe_secret |
| Amazon Simple Notification Service | ✓ | |
| AWS WAF – wafv1-webacl | ✓ | |
| AWS WAF – wafv1-webacl+rule | ✓ | |
| AWS WAF – wafv1-regional-webacl | ✓ | |
| AWS WAF – wafv1-regional-webacl+rule | ✓ | |
| AWS WAF – wafv2-regional-webacl | ✓ | |
| AWS WAF – wafv2-global-webacl | ✓ |