Sensitive data types: Credentials
The following table lists and describes the types of credentials that Amazon SNS can detect using managed data identifiers.
Detection type | Managed data identifier ID | Keyword required | Countries and regions |
---|---|---|---|
Amazon secret access key | AwsSecretKey | aws_secret_access_key, credentials, secret access key, secret key, set-awscredential |
Any |
OpenSSH private key | OpenSshPrivateKey | No |
Any |
PGP private key | PgpPrivateKey | No |
Any |
Public-Key Cryptography Standard (PKCS) private key | PkcsPrivateKey | No |
Any |
PuTTY private key | PuttyPrivateKey | No |
Any |
Data identifier ARNs for credential data types
The following lists the Amazon Resource Names (ARNs) for the data identifiers that you can add to your data protection policies.
Credential data identifier ARNs |
---|
arn:aws-cn:dataprotection::aws:data-identifier/AwsSecretKey |
arn:aws-cn:dataprotection::aws:data-identifier/OpenSshPrivateKey |
arn:aws-cn:dataprotection::aws:data-identifier/PgpPrivateKey |
arn:aws-cn:dataprotection::aws:data-identifier/PkcsPrivateKey |
arn:aws-cn:dataprotection::aws:data-identifier/PuttyPrivateKey |