Aws V3 Documentation

[mk-armah]

User description

Description

This documentation is inspired by aws's documentation(s) and the underlying structure of the integration.

Added docs pages

Please also include the path for the added docs

• Resource and Property Reference (/build-your-software-catalog/sync-data-to-catalog/cloud-providers/aws-v3/resource-and-property-reference)
• Blueprint (/platform-overview/port-components/blueprint)
• ...
• ...

---

PR Type

Documentation, Enhancement

---

Description

• Restructured AWS v3 documentation from flat examples to organized resource reference

• Added comprehensive SQS Queue resource documentation with blueprint and properties

• Reorganized existing resources (S3, EC2, ECS, Organizations) into service-based structure

• Updated property tables with standardized "Availability" column (Default/Optional)

• Added support for SQS queues in Overview.md supported resources list

---

Diagram Walkthrough

flowchart LR
  A["Flat Examples Structure"] -->|Reorganize| B["Service-Based Resource Reference"]
  B --> C["Amazon SQS"]
  B --> D["Amazon S3"]
  B --> E["Amazon EC2"]
  B --> F["Amazon ECS"]
  B --> G["AWS Organizations"]
  C -->|Add| H["SQS Queue Documentation"]
  D -->|Migrate| I["S3 Bucket Reference"]
  E -->|Migrate| J["EC2 Instance Reference"]
  F -->|Migrate| K["ECS Cluster Reference"]
  G -->|Migrate| L["Organizations Account Reference"]

Loading

File Walkthrough

	Relevant files
Documentation	29 files Overview.md Add SQS Queues to supported resources                                        +1/-0      examples.md Remove old flat examples structure                                              +0/-112  aws_v3_examples.mdc Remove documentation generation rules file                              +0/-282  _category_.json Remove examples category configuration                                      +0/-4      _account_info_blueprint.mdx Remove old account info blueprint file                                      +0/-21    _account_info_port_app_config.mdx Remove old account info config file                                            +0/-17    _organizations_accounts_properties.mdx Remove old organizations properties file                                  +0/-16    _s3_bucket_properties.mdx Remove old S3 properties file                                                        +0/-15    _category_.json Create resource reference category configuration                  +4/-0      resource-and-property-reference.md Create main resource reference landing page                            +15/-0    amazon-simple-queue-service.md Add SQS service documentation with actions table                  +37/-0    _category_.json Create SQS service category configuration                                _sqs_queue_blueprint.mdx Add SQS Queue blueprint with five properties                          +56/-0    _sqs_queue_port_app_config.mdx Add SQS Queue mapping configuration                                            +31/-0    _sqs_queue_properties.mdx Add SQS Queue properties reference table                                  +37/-0    _category_.json Create S3 service category configuration                                  +4/-0      amazon-simple-storage-service.md Create S3 service documentation with actions                          +37/-0    _s3_bucket_properties.mdx Migrate S3 properties with updated table format                    +15/-0    _category_.json Create EC2 service category configuration                                +4/-0      amazon-elastic-compute-cloud.md Create EC2 service documentation with actions                        +33/-0    _ec2_instance_properties.mdx Update EC2 properties table with Availability column          +55/-55  _category_.json Create ECS service category configuration                                +4/-0      amazon-elastic-container-service.md Create ECS service documentation with actions                        +32/-0    _ecs_cluster_properties.mdx Update ECS properties table with Availability column          +22/-18  _category_.json Create AWS Organizations category configuration                    +4/-0      aws-organizations.md Create Organizations service documentation                              +33/-0    _organizations_accounts_blueprint.mdx Add unlisted frontmatter to Organizations blueprint            +4/-0      _organizations_accounts_port_app_config.mdx Add unlisted frontmatter to Organizations config                  +4/-0      _organizations_accounts_properties.mdx Create Organizations properties with Availability column  +20/-0
Miscellaneous	1 files guide-metadata.json Update guide metadata isNew flag                                                  +1/-1
Additional files	6 files _ec2_instance_blueprint.mdx [link]    _ec2_instance_port_app_config.mdx [link]    _ecs_cluster_blueprint.mdx [link]    _ecs_cluster_port_app_config.mdx [link]    _s3_bucket_blueprint.mdx [link]    _s3_bucket_port_app_config.mdx [link]

---

[qodo-merge-pro]

PR Compliance Guide 🔍

(Compliance updated until commit 107b420)

Below is a summary of compliance checks for this PR:

Security Compliance
🟢	No security concerns identified No security vulnerabilities detected by AI analysis. Human verification advised for critical code.
Ticket Compliance
⚪	🎫 No ticket provided Create ticket/issue
Codebase Duplication Compliance
⚪	Codebase context is not defined Follow the guide to enable codebase context checks.
Custom Compliance
⚪	Generic: Comprehensive Audit Trails Objective: To create a detailed and reliable record of critical system actions for security analysis and compliance. Status: No runtime logs: The PR adds documentation-only content and does not introduce or modify application code that would implement audit logging for critical actions, so compliance cannot be confirmed from this diff. Referred Code # AWS resource and property reference Welcome to the reference guide for AWS resource, actions and properties, as supported by AWS CloudFormation and used in Port integrations. ## Supported resource types Explore detailed documentation for each AWS resource and action available for integration. For each resource type, you will find information about supported actions, required permissions, and usage best practices. Resource type identifiers follow a standardized format, allowing you to easily recognize and reference each AWS entity: service-provider::service-name::data-type-name For example, an EC2 instance is identified as: AWS::EC2::Instance Refer to the sidebar or the list below to navigate to individual resource reference pages where you will find actionable integration details, sample configurations, and official AWS documentation links. ... (clipped 102 lines)
	Generic: Meaningful Naming and Self-Documenting Code Objective: Ensure all identifiers clearly express their purpose and intent, making code self-documenting Status: Non-code docs: The changes are documentation and configuration examples; no production identifiers or code constructs were added to validate naming conventions. Referred Code <details> <summary><b>SQS Queue mapping configuration (click to expand)</b></summary> ```yaml showLineNumbers - kind: AWS::SQS::Queue selector: query: 'true' port: entity: mappings: identifier: .Properties.QueueArn title: .Properties.QueueUrl | split("/") | .[-1] blueprint: '"sqsQueue"' properties: arn: .Properties.QueueArn region: .__ExtraContext.Region queueUrl: .Properties.QueueUrl approximateNumberOfMessages: .Properties.ApproximateNumberOfMessages visibilityTimeout: .Properties.VisibilityTimeout messageRetentionPeriod: .Properties.MessageRetentionPeriod sqsManagedSseEnabled: .Properties.SqsManagedSseEnabled ... (clipped 7 lines)
	Generic: Robust Error Handling and Edge Case Management Objective: Ensure comprehensive error handling that provides meaningful context and graceful degradation Status: No error logic: The PR only adds/edits markdown and MDX documentation without executable error handling paths, so robustness of error handling cannot be assessed. Referred Code Port integrations use a [YAML mapping block](/build-your-software-catalog/customize-integrations/configure-mapping#configuration-structure) to ingest data from the third-party api into Port. The mapping makes use of the [JQ JSON processor](https://stedolan.github.io/jq/manual/) to select, modify, concatenate, transform and perform other operations on existing fields and values from the integration API. :::info Property naming conventions The AWS Hosted by Port integration returns all resource properties in **PascalCase** (for example: `Arn`, `BucketName`, `CreationDate`). When writing mappings and JQ expressions, reference properties using PascalCasing as shown in the examples below. ::: ### Default mapping configuration This is the default mapping configuration you get after installing AWS Hosted by Port. <details> <summary><b>Default mapping configuration (click to expand)</b></summary> ```yaml showLineNumbers deleteDependentEntities: true createMissingRelatedEntities: true enableMergeEntity: true resources: - kind: AWS::Account::Info selector: ... (clipped 73 lines)
	Generic: Secure Error Handling Objective: To prevent the leakage of sensitive system information through error messages while providing sufficient detail for internal debugging. Status: No user errors: Documentation changes do not expose runtime user-facing error messages; secure error handling cannot be evaluated from this diff. Referred Code # AWS Lambda import LambdaFunctionBlueprint from './aws-lambda-function/_lambda_function_blueprint.mdx' import LambdaFunctionConfig from './aws-lambda-function/_lambda_function_port_app_config.mdx' ## AWS::Lambda::Function The following example demonstrates how to ingest your AWS Lambda functions to Port. #### Lambda Function supported actions The table below summarizes the available actions for ingesting AWS Lambda Function resources in Port: | Action | Description | Type | Required AWS Permission | |---------------------------|-----------------------------------------------------------------------------------------------------------|----------|-------------------------| | [ListFunctionsAction](https://docs.aws.amazon.com/lambda/latest/api/API_ListFunctions.html) | Discover all Lambda functions across your AWS account. | Default | `lambda:ListFunctions` | | [ListTagsAction](https://docs.aws.amazon.com/lambda/latest/api/API_ListTags.html) | Retrieve tags for each function. | Optional | `lambda:ListTags` | ::::info Optional Properties Note ... (clipped 10 lines)
	Generic: Secure Logging Practices Objective: To ensure logs are useful for debugging and auditing without exposing sensitive information like PII, PHI, or cardholder data. Status: No logging shown: The PR provides mappings and blueprints in documentation but does not include application logging statements to verify secure logging practices. Referred Code <details> <summary><b>ECS Service mapping configuration (click to expand)</b></summary> ```yaml showLineNumbers resources: - kind: AWS::ECS::Service selector: query: 'true' port: entity: mappings: identifier: .Properties.ServiceArn title: .Properties.ServiceName blueprint: '"ecsService"' properties: serviceName: .Properties.ServiceName serviceArn: .Properties.ServiceArn clusterArn: .Properties.ClusterArn taskDefinition: .Properties.TaskDefinition desiredCount: .Properties.DesiredCount runningCount: .Properties.RunningCount ... (clipped 8 lines)
	Generic: Security-First Input Validation and Data Handling Objective: Ensure all data inputs are validated, sanitized, and handled securely to prevent vulnerabilities Status: No input paths: The PR adds documentation and configuration examples without executable input handling, so validation, sanitization, and authorization measures cannot be verified from the diff. Referred Code ## Actions **Actions** define the set of API operations performed to discover and fetch resources within your AWS environment. These actions are mapped directly to AWS API calls—for example, `DescribeInstances` for EC2 or `ListBuckets` for S3—which determine the resource data that Port can ingest and keep up to date. :::caution Ensure required AWS permissions are granted Each action requires specific AWS IAM permissions. Your integration’s AWS credentials must have these permissions; otherwise, the action will not succeed and its data will not be available in Port. ::: ### How Actions Map to AWS Operations Each Port-supported resource type comes with a set of actions that align with AWS's official API operations. For instance: - For **Amazon S3 Buckets**, the `ListBucketsAction` leverages the [ListBuckets API](https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListBuckets.html), and additional actions like `GetBucketTaggingAction` or `GetBucketEncryptionAction` invoke their respective AWS endpoints. - For **EC2 Instances**, `DescribeInstancesAction` maps to the [DescribeInstances API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInstances.html) and brings in detailed instance configuration. These mappings ensure that only the properties available from the selected AWS actions are ingested into your Port catalog. ### Enabling and Customizing Actions With Port, you have full control over which AWS resource properties are discovered and ingested into your catalog by specifying the actions to use for each resource type. Actions define what data you collect and the AWS permissions required. ... (clipped 62 lines)

Compliance status legend

🟢 - Fully Compliant
🟡 - Partial Compliant
🔴 - Not Compliant
⚪ - Requires Further Human Verification
🏷️ - Compliance label

---

Previous compliance checks

Compliance check up to commit 06c6050

Security Compliance
🟢	No security concerns identified No security vulnerabilities detected by AI analysis. Human verification advised for critical code.
Ticket Compliance
⚪	🎫 No ticket provided Create ticket/issue
Codebase Duplication Compliance
⚪	Codebase context is not defined Follow the guide to enable codebase context checks.
Custom Compliance
🟢	Generic: Meaningful Naming and Self-Documenting Code Objective: Ensure all identifiers clearly express their purpose and intent, making code self-documenting Status: Passed
	Generic: Secure Error Handling Objective: To prevent the leakage of sensitive system information through error messages while providing sufficient detail for internal debugging. Status: Passed
	Generic: Secure Logging Practices Objective: To ensure logs are useful for debugging and auditing without exposing sensitive information like PII, PHI, or cardholder data. Status: Passed
⚪	Generic: Comprehensive Audit Trails Objective: To create a detailed and reliable record of critical system actions for security analysis and compliance. Status: No runtime code: The PR adds documentation and metadata only, with no executable code paths where critical actions could be logged, so audit trail compliance cannot be assessed from this diff. Referred Code - `SQS Queues`: Queue information including attributes, policies, and configuration details.
	Generic: Robust Error Handling and Edge Case Management Objective: Ensure comprehensive error handling that provides meaningful context and graceful degradation Status: Config only: Only documentation and configuration snippets were added without executable logic, so error handling and edge case management cannot be evaluated from this diff. Referred Code resources: - kind: AWS::SQS::Queue selector: query: 'true' port: entity: mappings: identifier: .QueueUrl title: .QueueName blueprint: sqsQueue properties: queueName: .QueueName queueUrl: .QueueUrl queueArn: .QueueArn fifoQueue: .FifoQueue visibilityTimeout: .VisibilityTimeout relations: awsAccount: .awsAccount </details></details></td></tr> <tr><td><details> <summary><strong>Generic: Security-First Input Validation and Data Handling</strong></summary><br> **Objective:** Ensure all data inputs are validated, sanitized, and handled securely to prevent <br>vulnerabilities<br> **Status:** <br><a href='https://github.com/port-labs/port-docs/pull/2960/files#diff-cdae5b29379a8b63d3ecb8d94a5012ac3ab5848d6f15401ddb3e9f4c308ef473R8-R51'><strong>Docs config only</strong></a>: The changes are documentation and example configuration without input-handling code paths, <br>so validation, authz, and secure data handling cannot be determined from this diff.<br> <details open><summary>Referred Code</summary> ```txt ```json showLineNumbers { "identifier": "sqsQueue", "title": "SQS Queue", "icon": "AWS", "description": "This blueprint represents an AWS SQS queue in our software catalog", "schema": { "properties": { "queueName": { "type": "string", "title": "Queue Name" }, "queueUrl": { "type": "string", "title": "Queue URL", "format": "url" }, "queueArn": { "type": "string", "title": "Queue ARN" }, ... (clipped 23 lines)

[aws-amplify-eu-west-1]

This pull request is automatically being deployed by Amplify Hosting (learn more).

Access this pull request here: https://pr-2960.d2ngvl90zqbob8.amplifyapp.com

[sivanel97]

/review

[qodo-merge-pro]

Persistent suggestions updated to latest commit dfd275d

[sivanel97]

/improve

[qodo-merge-pro]

Persistent suggestions updated to latest commit dfd275d

[sivanel97]

Left some comments as examples.

Mostly the capitalization is a bit off, only the first letter in the headers and titles should be capitalized.

And also suggested a new placement for the reference link in the tables in each resource page.

[sivanel97]

Suggested change

	#### EC2 Instance Supported Actions
	#### EC2 instance supported actions

[sivanel97]

Suggested change

	<summary><b>EC2 Instance Blueprint (Click to expand)</b></summary>
	<summary><b>EC2 instance blueprint (click to expand)</b></summary>

All headers should have a capital letter only for the first word :)

[sivanel97]

Suggested change

	<summary><b>EC2 Instance Mapping Configuration (Click to expand)</b></summary>
	<summary><b>EC2 instance mapping configuration (click to expand)</b></summary>

same :)

[sivanel97]

Suggested change

	<summary><b>ECS Cluster Blueprint (Click to expand)</b></summary>
	<summary><b>ECS cluster blueprint (click to expand)</b></summary>

same here and in the other instances

[sivanel97]

Suggested change

	# AWS Resource and Property Reference
	# AWS resource and property reference

[mk-armah]

This is fine

[sivanel97]

Suggested change

	"label": "Amazon Relational Database Service",
	"label": "Amazon relational database service",

[mk-armah]

Its a bit tough comprehending this because the casing are actually trademarks of the resource types .
AWS deliberately presents them this way, making a bit unusual if its looked at some other way, I don't know if you get me

[mk-armah]

For example

[sivanel97]

Suggested change

	# Amazon Relational Database Service
	# Amazon relational database service

[mk-armah]

Here, because its a deliberate trademark name, you can see that the sentence after it were all in the right casing (lower case) except the Amazon Relational Database Service

[sivanel97]

These links don't seem to work.

https://docs.aws.amazon.com/rds/latest/APIReference/API_DescribeDBInstances.html

[sivanel97]

Suggested change

	| **DescribeClustersAction** | Discover ECS clusters and retrieve detailed configuration data. [Reference](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_DescribeClusters.html) | Default | `ecs:ListClusters`, `ecs:DescribeClusters` |
	| [**DescribeClustersAction**](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_DescribeClusters.html) | Discover ECS clusters and retrieve detailed configuration data. | Default | `ecs:ListClusters`, `ecs:DescribeClusters` |

Maybe the reference link can be attached to the action name itself? It just seems a bit odd at the end of the description to have "Reference". WDYT?

[sivanel97]

LGTM