Are Ubuntu snaps confined by apparmor?

A while ago i read a post on this forum that Apparmor only confines a few processes and apps on Ubuntu linux - Firefox, Thunderbird, rsyslog and a couple of more.
Does that mean other apps installed as snaps are not confined and thus there is no sandbox for them, even though they are installed as snaps?

This isn’t an area I have any expertise, but here are some links and excerpts that might be helpful:

From Snap Security Policies:

Confinement and isolation mechanisms

When a snap is installed, its metadata is examined and is used to derive AppArmor profiles, Seccomp filters and device cgroup rules, alongside traditional permissions. This combination provides strong application confinement and isolation.

AppArmor

AppArmor profiles are generated for each command. These have the appropriate security label and command-specific AppArmor rules to mediate file access, application execution, Linux capabilities, mount, ptrace, IPC, signals, coarse-grained networking.

As already mentioned, each command runs under an app-specific default policy that may be extended through declared interfaces which are expressed in the metadata as plugs and slots. AppArmor policy violations in strict mode snaps will be denied access, and typically have errno set to EACCES. The violation will typically be logged.

From Snap Confinement:

There are two levels of snap confinement for published snaps:

• Strict Used by the majority of snaps. Strictly confined snaps run in complete isolation, up to a minimal access level that’s deemed always safe. Consequently, strictly confined snaps can not access files, network, processes or any other system resource without requesting specific access via an interface (see below).
• Classic Allows access to the system’s resources in much the same way traditional packages do. To safeguard against abuse, publishing a classic snap requires manual approval, and installation requires the --classic command line argument.

Strict confinement uses security features of the Linux kernel, including AppArmor, seccomp and namespaces, to prevent applications and services accessing the wider system.