Service Encryption Keys

Service Encryption Keys are used within organization services. They are used to encrypt data stored within file systems, e.g., Volumes and Shared File Systems, object-level storage, e.g., Storage Containers, back-ups, e.g., Snapshots, and other services, e.g., API Accounting Config. This class inherits from Resource and has direct access to the resource’s database object. The following attributes are directly accessible:

attr organization_service_id:
 The ID of the parent organization service (cloud)
attr key_id:The provider id for the key
attr name:The name of the key
attr region_name:
 The Service Region where they key is located
attr arn:The Amazon Resource Name (ARN) of the encryption key
attr description:
 A description of the encryption key
attr state:The state of the key, e.g., enabled
attr resource_count:
 The number of resources using the encryption key
attr create_date:
 The date the key was created
attr scheduled_deletion_date:
 The date the key is scheduled for deletion, if any
attr key_rotation:
 Whether key rotation is enabled or disabled
attr enabled:Whether the key is enabled or not
attr resource_id:
 The primary resource identifier that takes the form of a prefix followed by numbers and letters
class DivvyResource.Resources.serviceencryptionkey.ServiceEncryptionKey(resource_id)

Bases: DivvyResource.Resources.resource.Resource

Describes a cloud provider access key within a organization service


Retrieve the time from the provider that this resource was created (if available).

static get_db_class()
static get_provider_id_field()

Retrieve the dependencies for a particular resources. This is an override of the parent function because we need to reverse the order on our resource lookups.


Returns the ID of the access key as there is no name

static get_resource_name_field()

Overrides parent function and returns the description field of this resource. This is required because not all resource types have a field explicitly called name.

static get_resource_type()

Retrieve all the actions which are supported by this resource.

handle_resource_created(user_resource_id=None, project_resource_id=None)

This should be called when a resource is created/discovered after the basic data is added to the database. This gives an opportunity for post-addition hooks (assignment to groups, alerts, etc)


This should be called when a resource is destroyed before the basic data is removed from the database. This gives an opportunity for pre-destruction hooks (removal from groups, alerts, etc)

handle_resource_modified(resource, *args, **kwargs)

This should be called when a resource is modified after the new data has been updated in the DB session This gives an opportunity for post-modification hooks