Service Encryption Keys

Service Encryption Keys are used within organization services. They are used to encrypt data stored within file systems, e.g., Volumes and Shared File Systems, object-level storage, e.g., Storage Containers, back-ups, e.g., Snapshots, and other services, e.g., API Accounting Config. This class inherits from Resource and has direct access to the resource’s database object. The following attributes are directly accessible:

attr organization_service_id:
 The ID of the parent organization service (cloud)
attr key_id:The provider id for the key
attr name:The name of the key
attr region_name:
 The Service Region where they key is located
attr arn:The Amazon Resource Name (ARN) of the encryption key
attr description:
 A description of the encryption key
attr state:The state of the key, e.g., enabled
attr resource_count:
 The number of resources using the encryption key
attr create_date:
 The date the key was created
attr scheduled_deletion_date:
 The date the key is scheduled for deletion, if any
attr key_rotation:
 Whether key rotation is enabled or disabled
attr enabled:Whether the key is enabled or not
attr resource_id:
 The primary resource identifier that takes the form of a prefix followed by numbers and letters
class DivvyResource.Resources.serviceencryptionkey.ServiceEncryptionKey(resource_id)

Bases: DivvyResource.Resources.resource.Resource

Describes a cloud provider access key within a organization service

encryption_key
get_date_created()

Retrieve the time from the provider that this resource was created (if available).

static get_db_class()
get_db_pk()
static get_provider_id_field()
get_resource_dependencies()

Retrieve the dependencies for a particular resources. This is an override of the parent function because we need to reverse the order on our resource lookups.

get_resource_name()

Returns the ID of the access key as there is no name

static get_resource_name_field()

Overrides parent function and returns the description field of this resource. This is required because not all resource types have a field explicitly called name.

static get_resource_type()
get_supported_actions()

Retrieve all the actions which are supported by this resource.

handle_resource_created(user_resource_id=None, project_resource_id=None)

This should be called when a resource is created/discovered after the basic data is added to the database. This gives an opportunity for post-addition hooks (assignment to groups, alerts, etc)

handle_resource_destroyed(user_resource_id=None)

This should be called when a resource is destroyed before the basic data is removed from the database. This gives an opportunity for pre-destruction hooks (removal from groups, alerts, etc)

handle_resource_modified(resource, *args, **kwargs)

This should be called when a resource is modified after the new data has been updated in the DB session This gives an opportunity for post-modification hooks