Welcome to the DivvyCloud Docs!

DivvyCloud is a Cloud Security Posture Management (CSPM) platform that provides real-time analysis and automated remediation across leading cloud and container technologies.

For questions about documentation reach out to us [email protected]

Take Me to the Docs!    Release Notes


Now that you have visibility of your resources, and an understanding of them using insights, you are ready to take action with . Bots are automated programs that execute those actions. Bots are composed of scope, filters, and actions.





Scope specifies the resources the bot will evaluate; the bot will only evaluate resources within the scope of clouds or resource groups you choose.

A scope may confine the bot to act on resources of a certain type or resources contained within specific resource groups or cloud accounts.


Filters define the conditions specifying what a bot should act upon. There are numerous filters included within the BotFactory; you can also define custom filters.

A filter confines the bot to act only on scoped resources meeting specific conditions, such as the tags the resource has (or does not have), or whether ports are (or are not) open.


Actions specify what a bot does. Actions are executed for a single resource at a time. When a bot possesses multiple actions, the actions are executed in order. There are numerous actions included with BotFactory; you can also define custom actions.

An action may delete a resource, start or stop an instance, or send an email containing information about the evaluated resource.

Creating a Bot


Understand Resources and Insights

Make sure you have a good understanding of resources and insights before creating your first bot. Review your understanding of Resources, and Insights.

  1. Go to the BotFactory page (under Automation on the left-side menu) and click on Create Bot.

BotFactory Landing Page - Create Bot

  1. Give your bot a name and description. Select its category (security, compliance, best practices, curation, or miscellaneous).

Create a Bot - Workflow

  1. Define the SCOPE of your bot by selecting the appropriate resource types, badges, and clouds/resource groups.


Scoping Multiple Resource Types

You may select multiple resource types for the scope of your bot, but be aware that some filters and actions support only certain types of resources. You will only be able to choose bot actions which support all resource types scoped.

Resource Types - Use the search box to select one or more resource types. Note that selecting multiple resource types can impact the available conditions/actions.

Badges - Use the search box to select one or more badges. Unless the "Must have all badges" checkbox is set, any cloud with one or more badges specified will be included in the scope. If "Must have all badges" is checked, only clouds with all specified badges will be included in the scope.

Cloud/Groups - Use the search box to select one or more clouds or resource groups.

  1. Define the CONDITIONS of your bot by selecting the appropriate FILTERS. You can add multiple filters/conditions.


Bot Filters

Bots may have more than one filter. If a bot has more than one filter, resources are matched only if they match all of the bot’s filters.

Selecting Filters for Your Bot

  1. Define the ACTIONS your bot should take.

Defining Actions for Your Bot


Bot Actions

Bots may have more than one action. If a bot has more than one action, those actions are executed in series, i.e., the topmost action executes first and when it is finished, the following action is executed, and so on until the list of actions has been fully traversed.

Bots may also have specific actions for resources that match all of their filters as well as actions for those that do not.



Certain actions have the ability to use Jinja2 templating in the message body. This enables bot authors to insert a variety of useful data about resources into the message. To learn more click here.

  1. Choose WHEN TO RUN your bot.
    The basic options for running your bot are Reactive and Scheduled. You may choose one or more of these options.

Choosing When Your Bot Will Run

The bot will take action as a reaction to changes detected by harvesting. These changes are:

  • Resource Created - a new resource appears in a cloud account already connected to DivvyCloud, or any resource is discovered within a cloud account newly connected to DivvyCloud.
  • Resource Modified - a resource in an already-connected cloud account changes, e.g., you up-size or down-size an instance.
  • Resource Tags Modified - a resource's tags are modified.
  • Resource Destroyed - an existing resource is destroyed.


To Run Your Bot Immediately

Bots are created in a paused state. This is done to allow you to review your bot first--a DivvyCloud best practice--before running your bot.

You can review your bot using the Bot Overview window (see Overview of Your Bot below). When you are ready to run your bot, go to the Bot Listing tab, and select 'Resume' from the action hamburger next to the name of your bot. Then return to the action hamburger and select 'Ondemand Scan'.

The bot will take action according to a recurring schedule, as you specify:

  • No Schedule
  • Hourly
  • Daily
  • Weekly
  • Monthly.
    For example, you can specify that the bot should run at nightly shutdown by selecting Daily and then specifying the time of nightly shutdown.
  1. Save your bot. Click Save to finish creating your bot. After you save the bot, you will be returned to the BotFactory main page. From here, click on your newly created bot to review the bot's settings.


Bot Example: Resource Group Curation

A best practices action is resource group curation. Resource groups simplify cloud automation, management, and permissions at scale. End-users can leverage DivvyCloud curation capabilities to automatically add/remove resources to these groups. Learn more about resource group curation.

Creating a Bot from an Insight

You can also create bots from existing insights. You can pre-populate the Conditions and the Resource Type for your new bot by using an existing bot with those same attributes.

Creating a Bot From an Insight

  1. Go to the Insights page from the navigation menu; select the insight you want to leverage for your new bot.
  2. Click on the to the left of the insight name.
  3. Read the warning message displayed (see below).
  4. Complete the definition of your bot as you normally would.


Creating Multiple Bots From the Same Insight

Warning! Use caution when creating multiple bots from the same insight so as not to have them perform the same actions on the same resources.

Configuration Required! Bots created from insights require scope and actions be set. By pressing "SUBMIT", a bot will be created with defaults based on the insight you selected; you will be prompted to edit it.

Managing Bots

Once you have successfully set up a bot (or bots), you can locate and manage them using a number of DivvyCloud-provided displays and tools, including Listing, Overview (of your bot), History, Scheduled Events, Non-Compliant Resources, and Audit. In addition, selecting the "Show My Bots" checkbox will filter all Bots to only display those you have created.

Searching for and Managing Bots


You can access a listing of your bots by choosing BotFactory from the navigation menu. The Listing page should be the default view; you can also select the Listing tab at the top of the page. On this page you can use the action hamburger (to the left of each listed bot) to execute the life-cycle actions shown in the table below:

Life-cycle Actions


On-demand Scan

Runs a scan against all known resources within the configured scope. Typically this action is useful when you want to retroactively audit and enforce policy.


Allows you to make changes to bot properties, e.g., its filters/actions, schedule, and hookpoints. NOTE: if you reconfigure a bot, it will change to paused state. You will need to Resume the bot to change its state to Running. Reconfigure will not allow you to change bot scope. If you want to change bot scope, copy the bot and apply the new scope to the new bot.


Suspends a running bot. Typically this is done on newly created bots or bots that you want to suspend for maintenance.


Transitions a paused/suspended bot to a running state. Any hookpoints and schedules configured will be used as the bot’s execution point.


Permanently disables a bot. The bot’s history and metadata is retained, but scheduled events and noncompliance data are purged.


Copies the configuration of one bot to another. This action is useful when only changes to bot scope are needed.

Update Information

Allows you to make changes to information about the bot, e.g., its name, description, or category, etc., without affecting the bot’s state.

Trigger Harvest

Allows you to enqueue a re-harvest for selected resources, facilitating testing of bot filters against changes in the accounts.

Save as Template

Allows you to create a bot template from which you can create new bots simply and consistently.

Version History

Allows you to activate a version of your Bot. New Bot versions are created by default if any modifications are made to the Bot.

Clicking on the name of a bot (in blue) will open an additional page of information specific to that bot:

Overview of Your Bot

Once you click on the name of your bot from the Listing page, the Overview page opens, providing you with granular detail about your bot.

Info & Settings

The Info and Settings section displays:

  • Name of bot creator
  • Bot description
  • Bot category - categories include Security, Optimization, Best Practices, Curation, and Miscellaneous
  • Bot current state - current states can be Running, Paused, Archived, or Scanning (see the table below for details)
  • Active Hookpoints - the number of reactive states of the bot (Resource Created, Resource Modified, Resource Tags Modified, Resource Destroyed)
  • Schedule Enabled - shows whether bot has a recurring execution scheduled

State of Bot



The bot is operational and functioning on select hookpoints and/or schedule.


The bot is in a suspended state and is not taking action. This state is typically found on newly created bots and/or bots that are in development.


The bot is no longer in use, but is kept for historical/auditing purposes.


The bot is currently performing a retroactive scan of the configured scope.

Lifecycle Actions


Viewing & Changing Life-cycle Actions

Bot life-cycle actions are controlled using the Actions button on the Info & Settings panel of the Overview page. These same life-cycle actions can be changed by selecting the hamburger menu next to each bot's name on the BotFactory Listing page. (See the table of bot life-cycle actions above.)

Viewing & Changing Bot Life-cycle Actions from the Overview Page


  • Displays the different actions that your bot takes and the history of the last 5 evaluations.

Bot Configuration

  • Displays the JSON configuration of your bot; you can copy this for another bot template.


  • Displays the particular clouds, resource groups, or badges you are using for your bot's scope.

Targeting Resource Types

  • Displays the types of resources your bot is targeting.


The History tab for a bot selected from the BotFactory Listing page displays the log history when the bot runs Reactive to events and/or each resource when the bot runs as Batch or Scheduled. The history shows the context of the harvester (e.g., on-demand), the number of resources to which the bot was scoped, the number of matched actions and resources, and whether any errors were found.

Scheduled Events

The Scheduled Events tab displays the events or actions that are scheduled for the bot.

Non-Compliant Resources

The Non-Compliant Resources tab displays the resources that the bot has identified as non-compliant.


The Audit tab displays a log (an API trail) of actions your selected bot has taken.
A green check for the status code indicates the action was successful; a red x indicates the action failed. In the latter case, you can click on the red x to view more information concerning the failed action.

The audit will also show who ("Name") initiated the action and the type of action executed, e.g., 'get compliance counts', 'edit', or 'validate permissions' (found in the '"Path" portion of the audit).


If your Bot is not working, you can investigate the logs for more information via the Logs tab.


Viewing All API Activity

Domain Admins can view a similar audit trail as shown above for all active bots from the System Administration page, API Activity tab. The audit shown above is for the single bot selected from the BotFactory listing.

Updated 15 days ago


Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.