External Findings

The External Finding resource has methods to send findings from an external source to CloudGuard, for entities in cloud accounts that are onboarded to CloudGuard. These findings are recorded in CloudGuard along with findings discovered by CloudGuard (internal findings).

The resource has methods to send findings (in bulk), archive them in CloudGuard, or delete them from CloudGuard. Archived findings remain as records in CloudGuard, and are searchable. Deleted findings are permanently removed.

Findings are sent to CloudGuard as a bulk list, using the POST method. The response includes a list of findings from the list that were rejected by CloudGuard, along with the reason.

Resource Types

The table below shows the codes for the different entity types.

Entity type	Description
sg	Security Groups
elb	Classic Load Balancer
vpc	VPC
subnet	Subnet
nacl	Network ACLs
dbInstance	RDS DB Instances
vpcEndpoint	VPC Endpoints
vpcPeeringConnection	VPC Peering
lambda	AWS Lambda
cloudTrail	AWS CloudTrail
cloudWatch	CloudWatch
s3Bucket	S3 Buckets
appLB	Application Load Balancer
volume	EBS Volumes
redshift	Redshift
vpcFlowLog	VPC Flow Logs
configuration	Configuration Recorder
snsSubscription	AWS::SNS::Subscription
directConnect	AWS Direct Connect
vpnGateway	VpnGateway
efs	Amazon Elastic File System
internetGateway	Internet Gateways
routeTable	Route Tables
elastiCache	Amazon ElastiCache
ecsCluster	ECS Clusters
inspector	Inspector
networkInterface	Elastic Network Interfaces
ecsTaskDefinition	Amazon ECS Task Definitions
route53	Route 53
kinesisStream	Kinesis Data Streams
acmCertificate	AWS Certificate Manager
dynamoDbTable	DynamoDB table
ec2Image	Amazon Machine Images
wafRegional	AWS WAF Regional
vpnConnection	VPN Connections
ecsTask	ECS Task Definitions
CustomerGateway	Customer Gateway
elasticIp	Elastic IP Addresses
GuardDutyDetector	Amazon GuardDuty detector.
Ec2Instance	EC2
ApiGateway	API Gateway
kms	Kms

Resource Types

See also