Sensitive data types: Credentials - Amazon Simple Notification Service
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Sensitive data types: Credentials

The following table lists and describes the types of credentials that Amazon SNS can detect using managed data identifiers.

Detection type Managed data identifier ID Keyword required Countries and regions
Amazon secret access key AwsSecretKey aws_secret_access_key, credentials, secret access key, secret key, set-awscredential

Any

OpenSSH private key OpenSshPrivateKey No

Any

PGP private key PgpPrivateKey No

Any

Public-Key Cryptography Standard (PKCS) private key PkcsPrivateKey No

Any

PuTTY private key PuttyPrivateKey No

Any

Data identifier ARNs for credential data types

The following lists the Amazon Resource Names (ARNs) for the data identifiers that you can add to your data protection policies.

Credential data identifier ARNs
arn:aws-cn:dataprotection::aws:data-identifier/AwsSecretKey
arn:aws-cn:dataprotection::aws:data-identifier/OpenSshPrivateKey
arn:aws-cn:dataprotection::aws:data-identifier/PgpPrivateKey
arn:aws-cn:dataprotection::aws:data-identifier/PkcsPrivateKey
arn:aws-cn:dataprotection::aws:data-identifier/PuttyPrivateKey