Back to source list
Official
Premium
Wiz
Sync from Wiz to any destination
Publisher
cloudquery
Latest version
v4.6.0
Type
Source
Platforms
Date Published
Overview #
The CloudQuery Wiz source plugin pulls data out of Wiz Integration (WIN) platform and loads it into any supported CloudQuery destination (e.g. PostgreSQL, BigQuery, Snowflake, and more).
Authentication #
In order to fetch information from Wiz,
cloudquery needs to be authenticated and configured with valid Service Account credentials.
These are:api_endpoint_urlclient_idclient_secrettoken_url
Wiz Source Plugin Configuration Reference
Example #
This example syncs from Wiz to a Postgres destination.
The (top level) source spec section is described in the Source Spec Reference.
kind: source
# Common source-plugin configuration
spec:
name: wiz
path: cloudquery/wiz
registry: cloudquery
version: "v4.6.0"
tables:
- "*"
destinations: ["postgresql"]
# Learn more about the configuration options at https://cql.ink/wiz_source
spec:
# required parameters
api_endpoint_url: "${WIZ_API_ENDPOINT_URL}"
client_id: "${WIZ_CLIENT_ID}"
client_secret: "${WIZ_CLIENT_SECRET}"
# optional parameters
# token_url: "${WIZ_TOKEN_URL}"
# report_polling_interval: 5
# concurrency: 3
Wiz Spec #
This is the (nested) spec used by the Wiz source plugin.
api_endpoint_url(string) (required) (example:https://api.us17.app.wiz.io/graphql)API Endpoint URL for your Wiz tenant.client_id(string) (required)The Client ID used to generate authentication tokens for the Wiz API. This is generated through the Wiz platform.client_secret(string) (required)The Client Secret used to generate authentication tokens for the Wiz API. This is generated through the Wiz platform.token_url(string) (default:https://auth.app.wiz.io/oauth/token)The authentication token URL for the Wiz API.report_polling_interval(string) (default:5)Interval in seconds for polling the status of a report.concurrency(integer) (optional) (default:1000)A best effort maximum number of Go routines to use. Lower this number to reduce memory usage.scheduler(string) (optional) (default:dfs)The scheduler to use when determining the priority of resources to sync. Supported values aredfs(depth-first search),round-robin,shuffleandshuffle-queue.For more information about this, see performance tuning.table_options(map) (default:null)A set of options to override the defaults for certain tables.The format of thetable_options objectis as follows:table_options: <table_name>: <input_object>A list of<input_object>objects should be provided. The plugin will iterate through these to make multiple API calls. The following tables and default options are supported:table_options: wiz_cloud_configuration_findings: include_deleted: true status: ["OPEN", "IN_PROGRESS", "RESOLVED", "REJECTED"]
Some tables support a special table option called
time_window_size_days, which allows you to specify the window size that the sync will use to split the initial report. This is useful for large datasets where you want to limit the size, as the Wiz API may fail to generate very large reports