CloudQuery

Back to source list
wiz
Official
Premium

Wiz

Sync from Wiz to any destination

Publisher

cloudquery

Latest version

v4.4.3

Type

Source

Platforms

Date Published

Overview #

The CloudQuery Wiz source plugin pulls data out of Wiz Integration (WIN) platform and loads it into any supported CloudQuery destination (e.g. PostgreSQL, BigQuery, Snowflake, and more).

Authentication #

In order to fetch information from Wiz, cloudquery needs to be authenticated and configured with valid Service Account credentials. These are:
  • api_endpoint_url
  • client_id
  • client_secret
  • token_url

Wiz Source Plugin Configuration Reference

Example #

This example syncs from Wiz to a Postgres destination. The (top level) source spec section is described in the Source Spec Reference.
kind: source
# Common source-plugin configuration
spec:
  name: wiz
  path: cloudquery/wiz
  registry: cloudquery
  version: "v4.4.3"
  tables:
    - "*"
  destinations: ["postgresql"]

  # Learn more about the configuration options at https://cql.ink/wiz_source
  spec:
    # required parameters
    api_endpoint_url: "${WIZ_API_ENDPOINT_URL}"
    client_id: "${WIZ_CLIENT_ID}"
    client_secret: "${WIZ_CLIENT_SECRET}"
    
    # optional parameters
    # token_url: "${WIZ_TOKEN_URL}"
    # report_polling_interval: 5
    # concurrency: 3

Wiz Spec #

This is the (nested) spec used by the Wiz source plugin.
  • api_endpoint_url (string) (required) (example: https://api.us17.app.wiz.io/graphql)
    API Endpoint URL for your Wiz tenant.
  • client_id (string) (required)
    The Client ID used to generate authentication tokens for the Wiz API. This is generated through the Wiz platform.
  • client_secret (string) (required)
    The Client Secret used to generate authentication tokens for the Wiz API. This is generated through the Wiz platform.
  • token_url (string) (default: https://auth.app.wiz.io/oauth/token)
    The authentication token URL for the Wiz API.
  • report_polling_interval (string) (default: 5)
    Interval in seconds for polling the status of a report.
  • concurrency (integer) (optional) (default: 1000)
    A best effort maximum number of Go routines to use. Lower this number to reduce memory usage.
  • scheduler (string) (optional) (default: dfs)
    The scheduler to use when determining the priority of resources to sync. Supported values are dfs (depth-first search), round-robin, shuffle and shuffle-queue.
    For more information about this, see performance tuning.
  • table_options (map) (default: null)
    A set of options to override the defaults for certain tables.
    The format of the table_options object is as follows:
    table_options:
      <table_name>:
        <input_object>
    A list of <input_object> objects should be provided. The plugin will iterate through these to make multiple API calls. The following tables and default options are supported:
    table_options:
      wiz_cloud_configuration_findings:
        include_deleted: true
        status: ["OPEN", "IN_PROGRESS", "RESOLVED", "REJECTED"]


Licenses #

The following tools / packages are used in this plugin:
NameLicense
github.com/99designs/gqlgen/graphqlMIT
github.com/Yamashou/gqlgencMIT
github.com/adrg/xdgMIT
github.com/apache/arrow-go/v18Apache-2.0
github.com/apache/arrow/go/v13Apache-2.0
github.com/apapsch/go-jsonmerge/v2MIT
github.com/aws/aws-sdk-go-v2Apache-2.0
github.com/aws/aws-sdk-go-v2/configApache-2.0
github.com/aws/aws-sdk-go-v2/credentialsApache-2.0
github.com/aws/aws-sdk-go-v2/feature/ec2/imdsApache-2.0
github.com/aws/aws-sdk-go-v2/internal/configsourcesApache-2.0
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2Apache-2.0
github.com/aws/aws-sdk-go-v2/internal/iniApache-2.0
github.com/aws/aws-sdk-go-v2/internal/sync/singleflightBSD-3-Clause
github.com/aws/aws-sdk-go-v2/service/internal/accept-encodingApache-2.0
github.com/aws/aws-sdk-go-v2/service/internal/presigned-urlApache-2.0
github.com/aws/aws-sdk-go-v2/service/licensemanagerApache-2.0
github.com/aws/aws-sdk-go-v2/service/marketplacemeteringApache-2.0
github.com/aws/aws-sdk-go-v2/service/ssoApache-2.0
github.com/aws/aws-sdk-go-v2/service/ssooidcApache-2.0
github.com/aws/aws-sdk-go-v2/service/stsApache-2.0
github.com/aws/smithy-goApache-2.0
github.com/aws/smithy-go/internal/sync/singleflightBSD-3-Clause
github.com/bahlo/generic-list-goBSD-3-Clause
github.com/buger/jsonparserMIT
github.com/cenkalti/backoff/v4MIT
github.com/cloudquery/cloudquery-api-goMPL-2.0
github.com/cloudquery/plugin-pb-goMPL-2.0
github.com/cloudquery/plugin-sdk/v2/internal/globMIT
github.com/cloudquery/plugin-sdk/v2/schemaMIT
github.com/cloudquery/plugin-sdk/v2/typesMPL-2.0
github.com/cloudquery/plugin-sdk/v4MPL-2.0
github.com/cloudquery/plugin-sdk/v4/globMIT
github.com/cloudquery/plugin-sdk/v4/scalarMIT
github.com/davecgh/go-spew/spewISC
github.com/ghodss/yamlMIT
github.com/go-logr/logrApache-2.0
github.com/go-logr/stdrApache-2.0
github.com/goccy/go-jsonMIT
github.com/golang/mock/gomockApache-2.0
github.com/google/flatbuffers/goApache-2.0
github.com/google/uuidBSD-3-Clause
github.com/grpc-ecosystem/go-grpc-middleware/v2/interceptorsApache-2.0
github.com/grpc-ecosystem/grpc-gateway/v2BSD-3-Clause
github.com/hashicorp/go-cleanhttpMPL-2.0
github.com/hashicorp/go-retryablehttpMPL-2.0
github.com/invopop/jsonschemaMIT
github.com/jszwec/csvutilMIT
github.com/klauspost/compressApache-2.0
github.com/klauspost/compress/internal/snaprefBSD-3-Clause
github.com/klauspost/compress/zstd/internal/xxhashMIT
github.com/mailru/easyjsonMIT
github.com/mattn/go-colorableMIT
github.com/mattn/go-isattyMIT
github.com/oapi-codegen/runtimeApache-2.0
github.com/pierrec/lz4/v4BSD-3-Clause
github.com/pmezard/go-difflib/difflibBSD-3-Clause
github.com/rs/zerologMIT
github.com/samber/loMIT
github.com/santhosh-tekuri/jsonschema/v6Apache-2.0
github.com/sosodev/durationMIT
github.com/spf13/cobraApache-2.0
github.com/spf13/pflagBSD-3-Clause
github.com/stretchr/testifyMIT
github.com/thoas/go-funkMIT
github.com/vektah/gqlparser/v2MIT
github.com/wk8/go-ordered-map/v2Apache-2.0
github.com/zeebo/xxh3BSD-2-Clause
go.opentelemetry.io/auto/sdkApache-2.0
go.opentelemetry.io/otelApache-2.0
go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploghttpApache-2.0
go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttpApache-2.0
go.opentelemetry.io/otel/exporters/otlp/otlptraceApache-2.0
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttpApache-2.0
go.opentelemetry.io/otel/logApache-2.0
go.opentelemetry.io/otel/metricApache-2.0
go.opentelemetry.io/otel/sdkApache-2.0
go.opentelemetry.io/otel/sdk/logApache-2.0
go.opentelemetry.io/otel/sdk/metricApache-2.0
go.opentelemetry.io/otel/traceApache-2.0
go.opentelemetry.io/proto/otlpApache-2.0
golang.org/x/expBSD-3-Clause
golang.org/x/netBSD-3-Clause
golang.org/x/oauth2BSD-3-Clause
golang.org/x/syncBSD-3-Clause
golang.org/x/sysBSD-3-Clause
golang.org/x/textBSD-3-Clause
golang.org/x/time/rateBSD-3-Clause
golang.org/x/xerrorsBSD-3-Clause
google.golang.org/genproto/googleapis/api/httpbodyApache-2.0
google.golang.org/genproto/googleapis/rpc/statusApache-2.0
google.golang.org/grpcApache-2.0
google.golang.org/protobufBSD-3-Clause
gopkg.in/yaml.v2Apache-2.0
gopkg.in/yaml.v3MIT



© 2025 CloudQuery, Inc. All rights reserved.