Compute Resources (M-Z)

Summaries and Attributes of InsightCloudSec Compute Resources

Compute Resources

📘

Compute Resources - Now Two Pages

Due to the enormous quantity of information contained here we have divided the content for Compute resources into two pages.

The current page contains resource information for resources in the "Compute" category, alone with their related attributes for resources (InsightCloudSec-normalized name) names beginning with the letters M through Z.

For resources beginning with the letters A through L refer to this page. Compute Resources (A-L).

Compute Resources are available in InsightCloudSec as the first section (tab) under the Resource landing page. These resources are related to compute functionality and include resources like app servers, instances, and elastic search instances.

Compute resources are displayed alphabetically using the InsightCloudSec normalized terminology. Hovering over an individual resource provides the CSP-specific terminology with the associated logo to help users confirm the displayed information. For example, an Autoscaling Group refers to Amazon's "Autoscaling Group", Google's "Autoscalers", and Azure's "Virtual Machine Scale Sets".

For a detailed reference of this normalized terminology check out our Resource Terminology.

1685

Compute Resources

🚧

A Note About Resource Attributes

A large number of Resource Attributes are offered for the resources outlined here. Because we are continuously expanding our supported resources the attributes and details included here can not be guaranteed to include every resource or every attribute.

If you need information about the attributes of a particular resource we are happy to help get those details for you - reach out to us through the Customer Support Portal with any questions!

Machine Learning Instance

Machine learning instances, e.g. Amazon Sagemaker, are fully managed machine learning services, used to build and train machine learning models through a secure and scalable environment.

AttributesDescription
resource_idThe primary resource identifier that takes the form of a prefix followed by numbers and letters
organization_service_idThe ID of the parent organization service (cloud)
region_nameThe name of the region
instance_idThe provider ID of the instance
arnThe ARN of the machine learning instance
nameThe name of the machine learning instance
instance_typeThe instance type of machine learning instance
ml_instance_typeThe machine learning type
instance_flavor_resource_idThe resource ID of the type (flavor) the instance runs on
stateThe state of the instance
subnet_idThe ID of the subnet
direct_internet_accessIndicates if the machine learning instance has direct internet access
volume_size_gbThe size of the attached volume in GB
key_resource_idThe resource ID of the encryption key, if applicable
role_resource_idThe resource ID of the associated role, if applicable
urlThe direct URL to the machine learning instance
lifecycle_configThe optional lifecycle configuration name that is associated with the machine learning instance
root_accessDenotes whether or not the machine learning instance prohibits root access
locationThe location of the machine learning instance
namespace_idThe unique composite ID of the provider ID for the machine learning instance
relationshipsList of resources associated with the machine learning instance
environmentThe environment running on the machine learning instance
environment_versionThe version of the environment running on the machine learning instance

Machine Learning Training Job

A machine learning training job is a computation task that trains a machine learning model.

AttributesDescription
resource_idThe primary resource identifier that takes the form of a prefix followed by numbers and letters
organization_service_idThe ID of the parent organization service (cloud)
region_nameThe region in which the training job resides
arnThe ARN associated with the training job
nameThe name of the training job
stateThe state of the training job
secondary_stateThe secondary state of the training job
hyper_parametersThe hyper parameters configured for the job
algorithm_specificationThe algorithm specifications configured for the job
role_resource_idThe IAM role ARN assigned to the job
input_configThe inputs configured for the job
output_configThe outputs configured for the job
resource_configThe compute resource configured for the job
instance_typeThe instance type configured for the job
instance_countThe instance count configured for the job
instance_flavor_resource_idThe resource ID of the type (flavor) the training job runs on
creation_dateThe creation date of the training job
start_timeThe start time of the training job
end_timeThe end time of the training job
enable_network_isolationDenotes whether network isolation is enabled
enable_inter_container_encryptionDenotes whether inter-container traffic encryption is enabled
enable_managed_spot_trainingDenotes whether managed spot training is enabled
training_timeDenotes the total run time in seconds for the training job
billable_timeDenotes the total billable time in seconds for the training job
key_resource_idDenotes the ID for the key configured for the training job
environment_variablesDenotes the environment variables configured for the training job
relationshipsA list of resources associated with the training job
contains_secretIndicates if the training job contains a Secret within the environment variables

MapReduce Cluster

MapReduce Clusters are Hadoop frameworks. This class inherits from TopLevelResource and has direct access to the resource's database object.

AttributesDescription
resource_idThe primary resource identifier that takes the form of a prefix followed by numbers and letters
organization_service_idThe ID of the parent organization service (cloud)
region_nameThe name of the region
cluster_idThe provider given ID of the cluster
nameThe name of the cluster
statusThe status of the cluster
create_timeThe creation time of the cluster
availability_zoneThe availability zone where cluster
network_resource_idThe resource ID of the associated network
subnet_resource_idThe resource ID of the associated subnet
total_node_countThe total node count
master_node_countThe master node count
applicationThe application of the cluster
role_resource_idThe resource ID of the role
release_labelThe software release of the cluster
security_configThe security configuration that is associated with the cluster
security_config_resource_idThe resource ID of the security configuration
logging_uriThe S3 location for storing logs
image_creation_dateThe date the image this cluster is based on was created
bootstrap_actionsThe list of bootstrap actions associated with the cluster
internal_ip_onlyDenotes whether the cluster permits connections from internal IP addresses only
termination_protectionDenotes if the MapReduce cluster has termination protection enabled
visible_to_all_usersDenotes if the MapReduce cluster is visible to all users
public_dnsThe public DNS value for the MapReduce cluster
key_resource_idThe provider ID of Encryption Key (if encrypted)

Message Broker Instance

Message Broker Instance is a managed broker instance that makes it easier to set up and operate message brokers in the cloud, such as Amazon MQ.

AttributesDescription
resource_idThe primary resource identifier that takes the form of a prefix followed by numbers and letters
organization_service_idThe ID of the parent organization service (cloud)
region_nameThe name of the region
instance_idThe provider ID
nameThe user-defined name of the instance
instance_typeThe type of instance deployed
stateThe current instance state
arnThe ARN of the instance
endpoint_addressThe FQDN of the instance
engineThe software engine running on the instance
engine_versionThe software version of the engine
nodesNumber of instance nodes deployed
create_timeThe creation time of the instance
publicly_accessibleBoolean value denoting if the instance is publicly accessible
audit_logsBoolean value denoting if the instance has audit level logging enabled
general_logsBoolean value denoting if the instance has general logging enabled
key_resource_idThe resource ID of the key used for encryption, if applicable

Message Queue

Message Queues are message queuing services, such as AWS SQS. This class inherits from TopLevelResource and has direct access to the resource’s database object.

AttributesDescription
resource_idThe primary resource identifier that takes the form of a prefix followed by numbers and letters
organization_service_idThe ID of the parent organization service (cloud)
urlThe URL of the message queue
nameThe name of the message queue
region_nameThe region the queue is in
message_countThe number of messages in the queue
messages_delayed_countThe number of delayed messages in the queue
messages_not_visible_countThe number of messages that are not deleted or timed out
creation_timestampThe time the queue was created
last_modifiedThe most recent time the queue was modified
delayThe number of seconds of the default delay of the queue
max_sizeThe maximum size in bytes a message can be
retention_periodThe length of time in seconds that a message is kept
policyThe policy of the queue (JSON)
arnThe Amazon Resource Name of the queue
trusted_accountsThe list of trusted accounts for this Message Queue
redrive_policyThe parameters for dead-letter queue functionality
server_side_encryptionDenotes whether server side encryption is enabled on the queue
queue_typeType of queue, example FIFO, standard, etc.
deduplicationIndicates whether deduplication is enabled for the queue
key_resource_idThe resource ID of encryption key for the queue
key_reuse_periodThe length of time in seconds that the data key can be reused to encrypt or decrypt messages
visibility_timeoutThe visibility timeout for the queue
receive_message_wait_timeThe length of time in seconds the queue waits for a message to arrive

class DivvyResource.Resources.messagequeue.MessageQueue(resource_id)
Bases: DivvyResource.Resources.toplevelresource.TopLevelResource

Message Queue Operations

get_date_created()

static get_db_class()

static get_provider_id_field()

static get_resource_type()

get_supported_actions()

handle_resource_created(user_resource_id=None, project_resource_id=None)
This should be called when a resource is created/discovered after the basic data is added to the database. This gives an opportunity for post-addition hooks (assignment to groups, alerts, etc.).

handle_resource_destroyed(user_resource_id=None)
This should be called when a resource is destroyed before the basic data is removed from the database. This gives an opportunity for pre-destruction hooks (removal from groups, alerts, etc.).

handle_resource_modified(resource, *args, **kwargs)
This should be called when a resource is modified after the new data has been updated in teh DB session. This gives an opportunity for post-modification hooks.

message_queue

message_queue_id

top_level_resource = True

Notification Subscription

Subscription-based notifications (AWS SNS, GCP Pub/Sub. This class inherits from TopLevelResource and has direct access to the resource’s database object.

AttributeDescription
resource_idThe primary resource identifier that takes the form of a prefix followed by numbers and letters
organization_service_idThe ID of the parent organization service (cloud)
region_nameThe region where the subscription resides
subscription_idThe provider ID for the subscription
arnThe Amazon resource name for the subscription
nameThe name of the subscription
topic_resource_idThe parent topic of the subscription
protocolThe delivery protocol of the subscription
endpointThe delivery destination of the subscription
filter_policyThe filter policy JSON assigned to the subscription
confirmation_authenticatedDenotes the subscription's confirmation was authenticated (true/false)
pending_confirmationDenotes if the message is pending confirmation (true/false)
raw_message_deliveryDenotes if raw message delivery is enabled (true/false)
ack_deadline_secondsThe deadline (in seconds) for how long to acknowledge messages
retain_acked_messagesDenotes whether acknowledged messages are retained (true/false)
message_retention_secondsDenotes (in seconds) how long to retain messages for
invalid_jsonDenotes if the subscription contains invalid JSON

Notification Topic

Topic to use when delivering notifications. This class inherits from TopLevelResource and has direct access to the resource’s database object.

AttributeDescription
resource_idThe primary resource identifier that takes the form of a prefix followed by numbers and letters
organization_service_idThe ID of the parent organization service (cloud)
region_nameThe region where the topic resides
arnThe Amazon resource name for the topic
nameThe name of the topic
display_nameThe display name to use for a Notification Topic
policyThe JSON of access policy associated with this topic
effective_delivery_policyThe JSON of the delivery policy associated with this topic, including retry information
trusted_accountsThe JSON value of accounts trusted by the instance
publicDenotes if the topic is public
pending_subscriptionsThe number of subscriptions that are pending
confirmed_subscriptionsThe number of subscriptions that are confirmed
deleted_subscriptionsThe number of subscriptions that are deleted
key_resource_idThe resource ID of the key used for encryption, if applicable

Private Image

Private Images provide protected information that is required to launch an instance. This class inherits from TopLevelResource and has direct access to the resource’s database object.

AttributesDescription
resource_idThe primary resource identifier that takes the form of a prefix followed by numbers and letters
organization_service_idThe ID of the parent organization service (cloud)
image_idThe ID of the image
nameThe name of the image
root_device_typeThe original device type (ebs, snapshot, etc)
architectureThe architecture type (e.g. x86_64, x86_32)
min_ramThe Integer representing the minimum memory required for use of this image
min_diskThe Integer representing the minimum disk space required for use of this image
stateThe state of this private image
descriptionText description of this image
region_nameThe region in which this image was taken
platformThe platform the image was taken on (linux/windows)
block_device_mappingThe information regarding this image
virtualization_typeDenotes the virtualization type (paravirtual [PV] or hardware virtual machine [HVM])
product_codeThe product code (25 digit alphanumeric code identifying the private image)
product_code_typeThe product code type (marketplace, none)
creation_dateThe date the Image was created
is_publicDenotes if the image is public (true/false)
instance_resource_idThe resource ID of the instance associated with this private image, if known
encryptedDenotes if the image is encrypted

class DivvyResource.Resources.privateimage.PrivateImage(resource_id)
Bases: DivvyResource.Resources.toplevelresource.TopLevelResource

Private Image Operations

delete(user_resource_id=None)
Delete this resource. If wrapped in a with JobQueue() block, this will queue the deletion job to the wrapped queue, otherwise it calls immediately.

get_date_created()
Retrieve the time from the provider that this resource was created (if available).

static get_db_class()

get_parent_resource_id()

static get_provider_id_field()

static get_resource_type()

get_supported_actions()

handle_resource_created(user_resource_id=None, project_resource_id=None)
This should be called when a resource is created/discovered after the basic data is added to the database. This gives an opportunity for post-addition hooks (assignment to projects/groups, alerts, etc.).

handle_resource_destroyed(user_resource_id=None)
This should be called when a resource is destroyed before the basic data is removed from the database. This gives an opportunity for pre-destruction hooks (removal from projects/groups, alerts, etc.).

handle_resource_modified(resource, *args, **kwargs)
This should be called when a resource is modified after the new data has been updated in the DB session This gives an opportunity for post-modification hooks.

image

image_id

top_level_resource = True

Reserved Instance

Reserved Instances are guaranteed available virtual private servers with compute capacity reservations of a specific type and location. Examples include AWS Reserved Instances and Azure pre-paid Virtual Machines. There is no analog in GCE, where pricing changes retroactively based upon usage. This class inherits from TopLevelResource and has direct access to the resource’s database object.

AttributeDescription
resource_idThe primary resource identifier that takes the form of a prefix followed by numbers and letters
organization_service_idThe ID of the parent organization service (cloud)
reservation_idThe cloud-assigned ID of the reservation
reservation_typeThe type of reservation, e.g., compute, database
type_idThe ID of the type of reservation
region_nameThe region where the reservation exists
zoneThe availability zone where the reservation exists
offering_classThe class of reservation, e.g., standard or convertible
offering_typeThe type of instance included in the reservation
stateThe state of the reservation, e.g., whether it is active, pending modification, or retired
startThe start time of the reservation
expirationThe expiration of the reservation
durationThe duration of the reservation, e.g., 1 year
usage_priceThe monthly price of the reservation, if not fully paid in advance
fixed_priceThe upfront price of the reservation
instance_countThe number of instances in the reservation
product_descriptionThe tenancy of the reservation, e.g., whether instances are physically or virtually isolated
scopeThe scope of the reservation, i.e., whether it is region-wide or specific to an availability zone

class DivvyResource.Resources.instancereservation.InstanceReservation(resource_id)
Bases: DivvyResource.Resources.toplevelresource.TopLevelResource

Reserved Instance Operations

static get_db_class()

static get_provider_id_field()

get_resource_name()
Reserved instances are not named by the user. We return the reservation ID here.

static get_resource_name_field()

static get_resource_type()

handle_resource_created(user_resource_id=None, project_resource_id=None)
This is called when a resource is created/discovered after initial data harvesting. It provides an opportunity for post-addition hooks (assignment to groups, alerts, etc.).

handle_resource_destroyed(user_resource_id=None)
This is called when a resource is destroyed and before removal from the database. It provides an opportunity for pre-destruction hooks (removal from groups, alerts, etc.).

handle_resource_modified(resource, *args, **kwargs)
This is called when a resource is modified after the new data has been updated in the DB session. It provides an opportunity for post-modification hooks.

instance_reservation

reservation_id

top_level_resource = True

Search Cluster

Search Clusters are managed, scalable search solutions. This class inherits from TopLevelResource and has direct access to the resource's database object.

AttributeDescription
resource_idThe primary resource identifier that takes the form of a prefix followed by numbers and letters
organization_service_idThe ID of the parent organization service (cloud)
region_nameThe region that the cluster resides in
cluster_idThe provider ID of the search cluster
arnThe Amazon Resource Name of the cluster
nameThe name of this search cluster
statusThe status of this cluster (Creating, active, etc)
instance_typeThe type of instances that are in the cluster
instance_flavor_resource_idThe resource ID of the instance flavor of the instances in the cluster
instance_countThe number of instances in the cluster
search_endpointThe endpoint for requesting search results from a cluster
document_endpointThe service endpoint for updating documents in a cluster
multi_azBoolean value of whether or not the cluster has multi-availability enabled
service_policyThe JSON of access policy associated with this cluster
transit_encryptionDenotes if the cluster has transit encryption enabled

Search Index

A scalable, integrated search service that enables search for unstructured data using natural language. Returns specific answers for an experience similar to human interaction. (e.g. AWS Kendra Index).

AttributeDescription
resource_idThe primary resource identifier that takes the form of a prefix followed by numbers and letters
organization_service_idThe ID of the parent organization service (cloud)
region_nameThe region where the index is deployed
index_idThe ID for the index
nameThe name of the index
descriptionThe description associated with this index
arnThe Amazon resource name for the index
editionIndicates whether the index is the enterprise or developer edition
statusThe status of the index
key_resource_idThe provider ID of the encryption key, if applicable
date_createdThe date the index was created
date_modifiedThe date the index was last modified
storage_capacity_unitsThe document storage capacity for the index
query_capacity_unitsThe query capacity (queries per second) for the index
user_context_policyThe user context policy assigned to this index

Serverless Application

A Serverless Application is a managed repository for serverless applications (e.g. AWS Serverless Application Repository). It enables the storage and sharing of reusable applications for ease in deployment of serverless architecture.

AttributeDescription
resource_idThe primary resource identifier that takes the form of a prefix followed by numbers and letters
organization_service_idThe ID of the parent organization service (cloud)
region_nameThe region where the application is deployed
nameThe name of the serverless application
namespace_idThe ARN of the serverless application
descriptionThe description associated with this serverless application
create_timeThe creation time of the application
authorThe creator of the application
home_page_urlThe optional field, directing users to an applications homepage (e.g. an external GitHub page)
spdx_license_idThe Software Data Package Exchange (SPDX) license applied to this application
labelsA set of user defined tags applied to the application
policyThe IAM policy associated with this application
trusted_accountsThe list of any accounts with a trust relationship with this application, if applicable
public_accessDenotes if this application is publicly accessible

Serverless Function

A Serverless Function is a compute service that runs code in response to events and automatically manages the compute resources required by that code. An example is AWS Lambda. This class inherits from TopLevelResource and has direct access to the resource's database object.

AttributeDescription
resource_idThe primary resource identifier that takes the form of a prefix followed by numbers and letters
organization_service_idThe ID of the parent organization service (cloud)
region_nameThe region that the serverless function resides in
nameThe name of the serverless function
provider_idThe cloud provider supplied ID
descriptionThe description of the serverless function
network_resource_idThe resource ID of the parent (network)
code_sizeThe size of your serverless function code in bytes
memory_size_mbThe memory size of your serverless function in MB
timeoutThe timeout or limit of the serverless function
runtimeThe time this serverless function is set to run
versionThe version this serverless function is running on
last_modifiedThe time the serverless function was last modified
role_resource_idThe resource ID of the role associated with the serverless function, if applicable
key_resource_idThe resource ID of the encryption key associated with the serverless function, if applicable
web_app_resource_idThe resource ID of the web application associated with the serverless function, if applicable
configThe serverless function configuration, if known
enabledBoolean value indicating if event source mapping is enabled
environment_variable_countTotal count of the number of environment variables
environment_variablesThe function's environment variables
publicly_accessibleDenotes if the function can be accessed over the Internet
policyThe policy attached to this serverless function
trusted_accountsThe list of any accounts with a trust relationship with this function, if applicable
tracing_enabledDenotes if AWS X-Ray tracing is enabled
http_triggerHTTP-based resource used to trigger the lambda function
code_sha256The SHA256 hash of the function's deployment package
revision_idThe identifier for the latest updated revision of the function or alias
namespace_idThe unique composite ID of the provider ID for the serverless function
contains_secretIndicates if the serverless function contains a Secret within the environment variables
layersThe list of layer ARNs used by the function
package_typeThe type of deployment package
imageThe container image used by the function
url_configThe URL config for the function
snap_startWhether SnapStart is enabled for the function

class DivvyResource.Resources.serverlessfunction.ServerlessFunction(resource_id)
Bases: DivvyResource.Resources.toplevelresource.TopLevelResource

Serverless Function Operations

delete(user_resource_id=None)

static get_db_class()

static get_provider_id_field()

static get_resource_type()

get_supported_actions()

handle_resource_created(user_resource_id=None, project_resource_id=None)
This should be called when a resource is created/discovered after the basic data is added to the database. This gives an opportunity for post-addition hooks (assignment to projects/groups, alerts, etc.).

handle_resource_destroyed(user_resource_id=None)
This should be called when a resource is destroyed before the basic data is removed from the database. This gives an opportunity for pre-destruction hooks (removal from projects/groups, alerts, etc.).

handle_resource_modified(resource, *args, **kwargs)
This should be called when a resource is modified after the new data has been updated in the DB session. This gives an opportunity for post-modification hooks.

instance

top_level_resource = True

Serverless Layer

A Serverless Layer is a package of libraries and dependencies that can be used with Serverless Functions. An example is AWS Lambda Layer.

AttributeDescription
resource_idThe primary resource identifier that takes the form of a prefix followed by numbers and letters
organization_service_idThe ID of the parent organization service (cloud)
region_nameThe region where the serverless layer resides
nameThe name for the serverless layer
arnThe ARN associated with the serverless layer
versionThe version for the serverless layer
descriptionA description of the serverless layer
runtimesThe runtimes included with the serverless layer
architecturesThe architecture used to run the serverless layer
policyThe access policy attached to the serverless layer
publicIndicates if the serverless layer is public
trusted_accountsThe list of trusted accounts for the serverless layer
created_dateThe date the serverless layer was created

Shared Gallery

Shared Galleries, or Shared Image Gallery in Azure, is a service that helps you build structure and organization around your images and includes capabilities like versioning, grouping, and replication across regions.

AttributeDescription
resource_idThe primary resource identifier that takes the form of a prefix followed by numbers and letters
organization_service_idThe ID of the parent organization service (cloud)
region_nameThe region where the shared gallery resides
nameThe name of the shared gallery
gallery_idThe resource ID for the shared gallery
unique_nameThe unique name of the shared gallery; this name is generated automatically by the cloud service provider
stateThe state of the shared gallery
namespace_idThe fully qualified ID of the resource, including the resource name and resource type

Shared Gallery Image

Shared Gallery Image, or Image Definition in Azure, includes definitions for a logical grouping for versions of an image.

AttributeDescription
resource_idThe primary resource identifier that takes the form of a prefix followed by numbers and letters
organization_service_idThe ID of the parent organization service (cloud)
region_nameThe region where the shared gallery image resides
nameThe name of the shared gallery image
image_idThe image ID
os_typeOperating system type (Windows, Linux)
os_stateOperating system state (generalized, specialized)
gallery_resource_idThe resource ID for the shared gallery image
vm_generationThe VM generated from the image versions created from the shared gallery image
publisherThe publisher of the image; used in conjunction with offer and sku to uniquely identify the image
offerThe offer for the image; used in conjunction with publisher and sku to uniquely identify the image
skuThe sku for the image; used in conjunction with publisher and offer to uniquely identify the image
stateThe state of the shared gallery image
namespace_idThe fully qualified ID of the resource, including the resource name and resource type

Shared Gallery Image Version

Shared Gallery Image Version, or Azure Image Version, is what you use to create a VM (in Azure this is a Linux virtual machine). You can have multiple versions of an image as needed for your environment.

AttributeDescription
resource_idThe primary resource identifier that takes the form of a prefix followed by numbers and letters
organization_service_idThe ID of the parent organization service (cloud)
region_nameThe region where the shared gallery image version resides
nameThe name of the shared gallery image version
version_idThe version ID
gallery_image_resource_idThe resource ID for the associated gallery image
publishing_profileThe publishing profile for the gallery image version, including end of life date, timestamp for when the version is published, the number of replicas of the image version per region, etc.
storage_profileThe storage profile of the gallery image version, including a list of data disk images, the operating disk image, etc.
source_typeCan specify a disk url, snapshot url, or user image
source_resource_idCan specify a disk url, snapshot url, or user image
stateThe state of the shared image gallery version
published_dateThe date the shared gallery image version was published
namespace_idThe fully qualified ID of the resource, including the resource name and resource type

SSM Document

A script or document written in JSON or YAML that provides instructions to the Systems Manager for how to interact with your managed instances, e.g., AWS Systems Manager (SSM) Document.

AttributeDescription
resource_idThe primary resource identifier that takes the form of a prefix followed by numbers and letters
organization_service_idThe ID of the parent organization service (cloud)
region_nameThe region in which the SSM Document resides
document_idThe unique ID for the SSM Document
document_versionThe version of the SSM Document
nameThe name of the SSM Document
document_version_nameThe name for the version of the SSM Document
document_typeThe type of SSM Document (Session, Command, Automation, etc.)
document_formatThe format for the SSM Document (JSON, YAML, TEXT)
schema_versionThe schema version for the SSM Document
target_typeThe kinds of resources the SSM Document can run on
review_statusThe current status of the review on the SSM Document
authorThe author of the SSM Document
platform_typesThe list of OSes that are compatible with the SSM Document
create_timeTimestamp for when the SSM Document was created
contentThe content of the SSM Document

Stack Template

Stack Templates, such as AWS Cloud Formation Templates, allow you to code your infrastructure from scratch and deploy from there. This class inherits from Resource and has direct access to the resource’s database object.

AttributeDescription
resource_idThe primary resource identifier that takes the form of a prefix followed by numbers and letters
organization_service_idThe ID of the parent organization service (cloud)
region_nameThe region where the stack template resides
stack_idThe provider ID of the stack template
nameThe name of the stack template
descriptionThe description of the stack template
stateThe state of the stack template (CREATE_COMPLETE, ROLLBACK_IN_PROGRESS, etc.)
termination_protectionDenotes if termination protection is enabled
create_dateThe date and time the stack template was created
update_dateThe date and time the stack template was updated
delete_dateThe date and time the stack template was deleted
templateJSON field of the stack template
drift_statusIndicates whether the stack's configuration differs from its template configuration, a.k.a. it has drifted
contains_secretIndicates if the stack template contains a Secret within environment variables

Step Function

A Step Function (e.g., AWS Step Function State Machine) is a serverless orchestration service that lets you combine functions and other services to build applications and view an application’s workflow as a series of event-driven steps.

AttributeDescription
resource_idThe primary resource identifier that takes the form of a prefix followed by numbers and letters
organization_service_idThe ID of the parent organization service (cloud)
region_nameThe region where the step function is deployed
nameThe display name of the step function
statusThe status (active/inactive) of the step function
typeThe type of the step function, if applicable
definitionThe definition of the step function
arnThe Amazon resource name associated with the step function
role_nameThe name of the role associated with the step function
role_resource_idThe Resource ID of the associated service Role, if applicable
create_timeThe creation time of the step function
logging_enabledThe status of logging for the step function (enabled/disabled)
logging_configurationDefines what execution history events are logged and where they are logged.
tracing_enabledThe status of tracing for the step function (e.g., AWS X-Ray tracing)

Stream Instance

A Stream Instance is a streaming data service built to offer streaming data pipelines and applications. This compute function makes it easy to continuously collect, process, and deliver streaming data, e.g. Amazon MSK.

AttributeDescription
resource_idThe primary resource identifier that takes the form of a prefix followed by numbers and letters
organization_service_idThe ID of the parent organization service (cloud)
region_nameThe region where the instance is deployed
instance_idThe ID of the instance
nameThe name of the instance
arnThe Amazon resource name of the stream instance
instance_typeThe type of instance being deployed
instance_flavor_resource_idThe Resource ID of the instance flavor being used
stateThe current state of the instance
volume_size_gbThe size of the attached volume, in GB
key_resource_idThe resource ID of the key used for encryption, if known
client_encryptionThe type of encryption being used on this instance
cluster_encryptionBoolean value indicating if cluster encryption is enabled
enhanced_monitoringThe level of monitoring for the MSK cluster. The possible values are DEFAULT, PER_BROKER, and PER_TOPIC_PER_BROKER.
nodesThe number of nodes in the cluster
stream_versionThe current version of the stream
connect_stringThe connection string to use to connect to the Apache ZooKeeper cluster.
create_timeThe creation time of the instance
loggingJSON string denoting the logging enabled for the stream instance (if any)

Template Spec

A template spec is a resource type that simplifies both storing and sharing a template.

AttributeDescription
resource_idThe primary resource identifier that takes the form of a prefix followed by numbers and letters
organization_service_idThe ID of the parent organization service (cloud)
template_idThe provider ID for the template spec, including name and version
template_nameThe name of the template spec. Multiple template specs may share a name
version_nameThe version name for the template spec
resource_groupThe name of the resource group that the template will launch resources into
version_descriptionThe description for this version of the template
region_nameThe region in which the template spec resides
template_resource_typesA list of the resource types the template spec will deploy
templateThe template used to deploy resources
contains_secretDenotes whether the default value for any of the parameters contain a secret
namespace_idThe unique composite ID of the provider ID for the resource

Transcoding Pipeline

A queue that manages media transcoding jobs, e.g., an AWS Elastic Transcoder Pipeline.

AttributeDescription
resource_idThe primary resource identifier that takes the form of a prefix followed by numbers and letters
organization_service_idThe ID of the parent organization service (cloud)
region_nameThe region in which this pipeline resides
pipeline_idThe ID for the pipeline
nameThe name of the pipeline
statusThe status of the pipeline
arnThe ARN associated with the pipeline
key_resource_idThe provider ID of Encryption Key (if encrypted)
role_resource_idThe Resource ID of the associated service Role, if applicable
output_bucketThe output bucket used by this pipeline
input_bucketThe input bucket used by this pipeline
content_configContent configuration for jobs submitted to this pipeline
thumbnail_configThumbnail configuration for jobs submitted to this pipeline
notificationsNotifications this pipeline sends upon job status changes

Transcription Job

A job that provides speech-to-text transcriptions for a wide variety of use cases, e.g., AWS Transcription Job.

AttributeDescription
resource_idThe primary resource identifier that takes the form of a prefix followed by numbers and letters
organization_service_idThe ID of the parent organization service (cloud)
region_nameThe region in which the Transcription Job resides
nameThe name of the Transcription Job
job_typeThe type of Transcription Job
arnThe ARN associated with the Transcription Job
statusThe status of the Transcription Job
language_codeThe language code for the Transcription Job
media_formatThe media format used for the Transcription Job
failure_reasonIf the Transcription Job failed, the reason for doing so
creation_timeTimestamp for when the Transcription Job was created
start_timeTimestamp for when the Transcription Job was started
completion_timeTimestamp for when the Transcription Job was completed (if successful)
content_redactionDescribes the content redaction settings for the Transcription Job
output_data_locationLocation for the Transcription Job's output
input_data_locationLocation for the Transcription Job's input
input_bucket_resource_idThe resource ID for the Transcription Job's input bucket
output_bucket_resource_idThe resource ID for the Transcription Job's output bucket
public_bucketIndicates whether the bucket is public

Web App

A Web App is a compute function in the form of an application. Web Apps are conceptually similar to a folder, containing environments, versions, and configs that allow users to quickly build, deploy, and scale web apps using popular frameworks in containers or running on any OS. For example Azure App Service, or an AWS Elastic Beanstalk Environment.

AttributeDescription
resource_idThe primary resource identifier that takes the form of a prefix followed by numbers and letters
organization_service_idThe ID of the parent organization service (cloud)
region_nameThe region where the web app is deployed
web_app_idThe cloud provider ID for the web app
web_app_group_resource_idThe resource ID of the web app group, if applicable
nameThe name of the web app
app_server_resource_idThe resource ID of the application server, if applicable
app_typeThe application type
deployment_slotBoolean value indicating if the web app is currently deployed
web_app_parent_resource_idThe resource ID of the parent web app, if applicable
platformThe platform architecture the web app is deployed on
network_resource_idThe resource ID of the associated network, if applicable
subnet_resource_idThe resource ID of the associated subnet, if known
default_hostnameThe default hostname used by the web app, if applicable
ip_addressThe IP address of the web app
https_requiredBoolean value indicating if this web app requires HTTPS protocol.
remote_debugging_enabledBoolean value indicating if remote debugging is enabled
web_sockets_enabledBoolean value indicating if web sockets are enabled
always_onBoolean value indicating if the web app is in an always on state
scm_typeDescribes the source control management type, if known
ftp_stateLists the current File Transfer state of the app
http2_enabledBoolean value indicating if HTTP2 is enabled
net_framework_versionThe NET Framework version of the app, if applicable
php_versionThe PHP version of the app, if applicable
python_versionThe Python version of the app, if applicable
java_versionThe Java version of the app, if applicable
java_containerThe Java container used by the app, if applicable
java_container_versionThe Java container version used by the app, if applicable
runtimesThe software running on the web app (AWS only)
stateThe current state of the application
authentication_requiredDenotes if the web app requires authentication or not
automatic_patchingIndicates if the web app has automatic patching enabled
client_certificatesThe number of client certificates, if known
managed_identityBoolean value indicating if the web app is utilizing managed identity
corsDescribes the CORS settings for the web app
role_resource_idThe resource ID of the role associated with the web app, if applicable
last_modifiedThe time the web app was last modified, if known
minimal_tls_versionThe lowest TLS version allowed for the Web App
domain_configThe configuration for the Web App's domain
possible_outbound_ip_addressesThe list of possible outbound IP addresses allowed for the Web App
outbound_ip_addressesThe list of current outbound IP addresses used for the Web App
private_endpoint_connectionsBoolean indicating if private endpoint connections are enabled for the Web App

Web App Group

A Webb App Group is an application that serves as a container for the environments to run a web app, e.g. an AWS Elastic Beanstalk Application.

AttributeDescription
resource_idThe primary resource identifier that takes the form of a prefix followed by numbers and letters
organization_service_idThe ID of the parent organization service (cloud)
web_app_group_idThe provider ID of the web app group
nameThe name of the web app group
region_nameThe region where the web app group is deployed
arnThe Amazon resource name of the web app group
descriptionThe description field of the web app group
creation_timestampThe creation time of the group, if known

Workspace

Workspaces are virtual desktops, such as AWS Workspaces. This class inherits from TopLevelResource and has direct access to the resource’s database object.

AttributeDescription
resource_idThe primary resource identifier that takes the form of a prefix followed by numbers and letters
organization_service_idThe ID of the parent organization service (cloud)
region_nameThe region that the workspace resides in
workspace_idThe ID of the workspace
nameThe name of the workspace
directory_resource_idThe provider ID of the workspace
user_nameThe username for the workspace user
ip_addressThe IP address of workspace
stateThe state of workspace (available, stopped, etc.)
bundle_resource_idThe provider ID of the workspace bundle
subnetsThe subnets associated to the workspace
error_messageThe error message for the workspace
error_codeThe error code for the workspace
computer_nameThe computer name given to the workspace
volume_encryption_keyThe encryption key for the volume of the workspace
user_volume_encryption_enabledDenotes if user volume encryption is enabled
root_volume_encryption_enabledDenotes if root volume encryption is enabled
running_modeThe running mode for workspace (always_on, auto_stop, etc.)
auto_stop_timeoutThe auto stop timeout for workspace in minutes
root_volume_sizeRoot volume size of workspace in GiB
user_volume_sizeThe user volume size of workspace in Gib
compute_typeThe compute type of the workspace (standard, graphics, etc.)
connection_state_check_timeThe last time when the connection state was checked
connection_stateThe current state of the connection to the workspace
last_connected_user_timeThe time a user was last connected

class DivvyResource.Resources.workspace.Workspace(resource_id)
Bases: DivvyResource.Resources.toplevelresource.TopLevelResource

Workspace Operations

delete(user_resource_id=None)

get_compute_type()

static get_db_class()

static get_provider_id_field()

static get_resource_type()

get_supported_actions()
Retrieve all the actions which are supported by this resource. Restricts actions by resource state.

handle_resource_created(user_resource_id=None, project_resource_id=None)
This should be called when a resource is created/discovered after the basic data is added to the database. This gives an opportunity for post-addition hooks (assignment to projects/groups, alerts, etc.).

handle_resource_destroyed(user_resource_id=None)
This should be called when a resource is destroyed before the basic data is removed from the database. This gives an opportunity for pre-destruction hooks (removal from projects/groups, alerts, etc.).

handle_resource_modified(*args, **kwargs)
This should be called when a resource is modified after the new data has been updated in the DB session This gives an opportunity for post-modification hooks.

organization_service_id

reboot()

rebuild()

region_name

start()

stop()

top_level_resource = True

workspace

workspace_id