Resource Type Definitions
Definitions of InsightCloudSec Normalized Terminology for Your Cloud Infrastructure
The following table provides an alphabetized list with brief definitions of the InsightCloudSec normalized terminology for all resources, services, utilities, or functions that make up your cloud infrastructure. Resource types are organized into six categories: Compute, Containers, Storage, Network, Identity and Management, and Machine Learning & AI.
You can read more about the details of the specific resource types on their individual pages as follows:
- Compute Resources
- Container Resources
- Storage Resources
- Network Resources
- Identity & Management Resources
- Machine Learning & AI Resources
Resource Type Definitions
| Resource Type | Description | Category |
|---|---|---|
| Access List | Used to protect and ingress/egress traffic to cloud resources (Security Groups/NACLs) | Network |
| Access List Flow Log | Allows users to log information about IP traffic flowing through a Network Security Group | Network |
| Access List Rule | Ingress/Egress traffic rules for Security Groups/NACLs | Network |
| Access Analyzer | Identifies security risks through unintended access to your resources and data by identifying resources or roles that are shared with an external entity (AWS IAM Access Analyzer) | Identity & Management |
| Activity Log Alert | Monitors a resource by checking its logs for a new event that matches defined conditions (Azure Activity Log Alert) | Identity & Management |
| Airflow Environment | Managed orchestration for Apache Airflow to programmatically author, schedule, and monitor sequences of processes and tasks (AWS Managed Airflow Environment, GCP Cloud Composer) | Compute |
| API Access Key | Used to make programmatic calls to Cloud Provider’s API (Azure Application Credentials, AWS IAM User Access Key, GCP Service Account Key) | Identity & Management |
| API Accounting Config | Logs and tracks all calls made to the provider API (AWS CloudTrail, GCP Logs Storage) | Identity & Management |
| API Key Usage Plan | A usage plan that specifies who can access various API endpoints and methods as well as target request rates (AWS API Key Usage Plan) | Network |
| App Configuration | Provide a means to centrally manage application settings and feature flags (Azure App Configuration) | Compute |
| App Run Service | Managed services that simplify deploying containerized web applications and APIs quickly at scale with little to no experience (AWS App Runner, GCP Cloud Run) | Containers |
| App Server | Defines the region of the physical server where your app will be hosted and the amount of storage, RAM, and CPU the physical servers will have (Azure App Service Plan) | Compute |
| App Stream Fleet | Managed application streaming service that streams desktop applications to users (AWS AppStream 2.0) | Compute |
| Application Gateway | Facilitates the creation, use, and management of APIs at any scale (AWS API Gateway, Azure API Management Service) | Network |
| Application Gateway Domain | Allows the creation, use, and naming of custom domain name (AWS API Gateway Domain) | Network |
| Application Key | Generates API keys (AWS Gateway Key) | Network |
| Application Stage | Sets up a stage, a named reference to a deployment, which can be used to manage and optimize the deployment (AWS API Gateway Stage) | Network |
| Artifact Registry | Stores artifacts and build dependencies in one central location (GCP Artifact Registry) | Containers |
| Automation Account | Orchestrate cloud-based automation tasks for you, including operating system and configuration updates, to ensure consistent management across your cloud environments (Azure Automation Account) | Machine Learning & AI |
| Autoscaling Group | Collection of instances used for scaling and management | Compute |
| Autoscaling Launch Configuration | Configuration for autoscaling groups (min, max, etc.) | Compute |
| Azure Policy | Helps businesses enforce and assess standards and compliance at scale (Azure Policy) | Identity & Management |
| Backend Services | Configuration for load balancing services (GCP Load Balancer Backend Services) | Network |
| Backup Gateway | A template that connects a backup service to a hypervisor, enabling interactive backup and restoration (AWS Backup Gateway) | Storage |
| Backup Vault | Container for organizing your backups | Storage |
| Bastion Host | Part of a service that allows seamless and secure connection to your virtual machines (Azure Bastion Host) | Network |
| Batch Environment | An environment containing many compute nodes that can run large-scale parallel and high-performance computing batch jobs efficiently (AWS Batch Compute Environment, Azure Batch Account) | Compute |
| Batch Pool | A group of compute nodes that is used in a batch environment to run large-scale parallel and high-performance computing batch jobs efficiently (Azure Batch Pool) | Compute |
| Big Data Instance | Big data/data warehouse instances (AWS Redshift) | Compute |
| Big Data Serverless Namespace | A collection of Big Data database objects and users (AWS Redshift Serverless Namespace) | Compute |
| Big Data Serverless Workgroup | A collection of Big Data compute resources (AWS Redshift Serverless Workgroup) | Compute |
| Big Data Snapshot | Point-in-time back up of a big data instance | Storage |
| Big Data Workspace | Analytics service that combines data integration, data warehousing, and big data analytics (Azure Synapse) | Compute |
| Bot Service | Provide an interactive experience, for example a virtual assistant or support for your website, built off of your data (Azure Bot Service) | Machine Learning & AI |
| Build Project | Integration service for compiling source code, running tests, and producing deployable software packages (AWS CodeBuild) | Compute |
| Business Intelligence Subscription | Service that connects and combines data sources for cloud to create a single data dashboard for easier user management (AWS QuickSight) | Identity & Management |
| Cache Database Cluster | A Cache Database Cluster is an in-memory database service that provides fast performance and durability (AWS MemoryDB) | Compute |
| Cache Instance | Memory cache instance (AWS ElastiCache, Redis, etc.) | Compute |
| Cache Snapshot | Point-in-time backup of Redis cluster (AWS ElastiCache Snapshot, Alibaba Cloud Redis Snapshot) | Storage |
| Cassandra Table | Managed, efficient, and reliable Apache Cassandra-based database services (AWS Keyspaces) | Storage |
| Cloud Access Point | A feature to simplify managing data access at scale for applications using shared data sets (AWS S3 Access Point) | Identity & Management |
| Cloud Account | Secure, world-wide storage and retrieval of any amount of data at any time | Identity & Management |
| Cloud Advisor Check | A recommendation guide that analyzes your configuration and usage (AWS Trusted Advisor) | Identity & Management |
| Cloud Alarm | Notification on events from a Content Delivery Network (AWS Cloudwatch Events) | Identity & Management |
| Cloud App | Application to manage application objects (definition of the application) that allows services to understand how to issue tokens to the application based on settings. (Azure App Registration) | Identity & Management |
| Cloud Credentials | A set of credentials (or API key) used to access applications or services within your environment. | Identity & Management |
| Cloud Dataset | Top-level containers for organizing and controlling access to tables and views (GCP BigQuery Dataset) | Storage |
| Cloud Domain Group | A virtual group of all accounts created in an organization's master account (GCP Domain Groups) | Identity & Management |
| Cloud Domain User | Cloud Identity User able to manage across your entire domain (GCP Only) | Identity & Management |
| Cloud Event Bus | A serverless event bus that facilitates connecting applications together using data from your own (SaaS or other) applications or services (AWS EventBridge) | Identity & Management |
| Cloud Event Rule | A Cloud Event Rule matches incoming Cloud Alarms ("events") and routes them to targets for processing (AWS CloudWatch Rule) | Identity & Management |
| Cloud Global Access Point | A global endpoint for routing storage container request traffic between regions (AWS S3 Multi-Region Access Point) | Storage |
| Cloud Group | A cloud provider group within an organization service | Identity & Management |
| Cloud Limit | Limits placed on amount of services available for cloud provider accounts | Identity & Management |
| Cloud Log Destination | A physical resource that enables you to subscribe to a stream of log events (AWS CloudWatch Logs Destination) | Identity & Management |
| Cloud Outpost | Managed service for hybrid cloud | Identity & Management |
| Cloud Policy | A policy that will gave specific permissions to Cloud Users, Groups or Roles (AWS IAM) | Identity & Management |
| Cloud Region | Where cloud resources are located | Identity & Management |
| Cloud Resource Group | Used for related resources (e.g., Azure Resource Group) | Identity & Management |
| Cloud Role | A cloud provider role within an organization service | Identity & Management |
| Cloud Service Cost | Cost associated with cloud provider services | Identity & Management |
| Cloud User | A cloud user account used to access the provider console/API (AWS IAM) | Identity & Management |
| Cluster Role | A representation of a non-namespaced set of permissions (Kubernetes Cluster Role) | Containers |
| Clusters | Runs the Kubernetes management infrastructure (AWS EKS, GCP GKE, Azure Kubernetes Service, Alibaba Kubernetes Clusters) | Containers |
| Code Repository | A secure, managed source code service that hosts private Git repositories (AWS CodeCommit) | Identity & Management |
| Cognitive Search | Uses artificial intelligence to identify and explore large amounts of content (Azure Cognitive Search) | Machine Learning & AI |
| Cold Storage | Deep archive storage (AWS Glacier) | Storage |
| Computer Vision | Uses artificial intelligence to provide insights from image and video content (Azure Computer Vision) | Machine Learning & AI |
| Config | Config provides details into the resources in your account, including information on configuration, relationships between resources, and how those both configuration and relationships change over time (AWS Config) | Identity & Management |
| Config Map | An API object used to store key-value pairs (Kubernetes Config Map) | Containers |
| Connect Instance | Provides virtual call center capabilities to your customers (AWS Amazon Connect) | Compute |
| Container Image | Assists in storing, managing, and deploying Docker container images (AWS Container Image (ECR), Azure Container Image, GCP Container Image) | Containers |
| Container Instances | Assists in running Kubernetes without standing up or maintaining own Kubernetes control plane (AWS Container Instance (EKS), MS Azure Container Instance) | Containers |
| Container Node Group | Auto scaling groups containing compute instances that are managed by the parent cluster (AWS EKS Node Group) | Containers |
| Container Registry | Docker container registry assisting developers in storing, managing, and deploying Docker container images (AWS Container Registry (ECR), Azure Container Registry) | Containers |
| Container Service | A container service is a scalable and fast container management service that makes it simple to manage all the containers within a cluster (ECS Service) | Containers |
| Containers | Manages container services (AWS Container (ECS)) | Containers |
| Content Delivery Network | A service that securely delivers data (AWS CloudFront, Azure CDN Profile, GCP Cloud CDN) | Network |
| Content Moderator | Provides automated image, text, and video moderation (Azure Content Moderator) | Machine Learning & AI |
| Control Plane | The container orchestration layer that exposes the API and interfaces to manage containers and their lifecycle (Kubernetes Control Plane) | Containers |
| Cron Jobs | A templated Kubernetes Job that runs on a repeating schedule (Kubernetes Cron Job) | Containers |
| DaemonSet | An overarching template that ensures the appropriate Kubernetes nodes are running a copy of a Pod (Kubernetes DaemonSet) | Containers |
| Data Analytics Workspace | Interactive query service for data analytics (AWS Athena) | Storage |
| Data Factory | Managed, serverless data integration (Azure Data Factory GCP Data Fusion) | Storage |
| Data Lake Storage | Enterprise-wide hyper-scale repository for big data analytic workloads (Azure Data Lake Storage Gen1) | Storage |
| Data Stream | The transfer of data at a steady high-speed rate (AWS Kinesis) | Storage |
| Data Sync Task | Tasks associated with online data transfer (AWS DataSync Task) | Storage |
| Database | Relational database service (GCP Cloud SQL, Azure SQL Database/Dedicated SQL Pool) | Compute |
| Database Cluster | One or more DB instances and a cluster volume that manages the data for those instances (AWS RDS Aurora Cluster, Neptune, Document DB) | Compute |
| Database Event Subscription | Allow notifications when events within an event category occur (AWS RDS Event Subscription) | Compute |
| Database Instance | Database instance (RDS, CloudDatabase, etc.) | Compute |
| Database Migration Endpoint | Database Migration Services use this information to connect to a data store and migrate data from a source endpoint to a target endpoint (AWS DMS Endpoint) | Network |
| Database Migration Instance | Migrates on-premises database to the cloud (AWS Database Migration Service (DMS)) | Storage |
| Database Proxy | Simplifies connection management by handling network traffic between client applications and the database (AWS RDS Database Proxy) | Storage |
| Database Snapshot | Point-in-time backup of a database instance | Storage |
| Databricks Workspace | Collaborative analytics platform based on Apache Spark (Azure Databricks Workspace) | Storage |
| Dataflow Job | Unified stream and batch data processing job (GCP Dataflow Job) | Compute |
| DDoS Protection | Distributed Denial of Service (DDoS) protection service that safeguards applications running in the cloud (AWS Shield, Azure DDoS Protection) | Network |
| Delivery Stream | Load streaming data into data stores and analytics tools (AWS Firehose) | Storage |
| Deployments/Tasks | Works with container tasks (AWS Container Task (ECS)) | Containers |
| Diagnostic Settings | Configuration profile that enables sending platform metrics and logs to various destinations (Azure Diagnostic Settings) | Identity & Management |
| Direct Connect | Establishes dedicated network from your premises to the cloud (AWS Direct Connect, GCP Cloud Interconnect, Azure Express Route Circuit) | Network |
| Directory Service | Collection of services for managing users and devices on a network (e.g., Azure AD) | Identity & Management |
| Distributed Table | NoSQL database table (AWS DynamoDB) | Compute |
| Distributed Table Cluster | In-memory cache for Distributed Tables (DynamoDB DAX) | Compute |
| DLP Job | An individual data loss prevention (DLP) scan (GCP DLP Inspection Job) | Compute |
| DNS Domain | For managing domain names in a Domain Name System (DNS) (AWS Route53 Domain, GCP Cloud Domains) | Identity & Management |
| DNS Zone | Used to store DNS records for name public/private name resolution (AWS Route53) | Network |
| Elastic Cluster | A database cluster that allows you to scale your workload's throughput (AWS Elastic Cluster) | Storage |
| Elasticsearch Instance | A restful search and analytics engine (AWS Elasticsearch) | Compute |
| Elasticsearch Serverless Collection | A serverless for OpenSearch Service for running large-scale search and analytics workloads without managing clusters (Amazon OpenSearch Serverless) | Compute |
| Email Service Config | Groups of rules applied to the verified identities that are used to send email through a cloud email service (Amazon SES Configuration Set) | Compute |
| Email Service Domain | A cloud-based email sending service (AWS SES) | Compute |
| Email Service Rule | Email Service Rules inform how to handle incoming email by executing an specified list of actions (AWS SES Rule) | Compute |
| Encryption Key | A master key used to encrypt cloud volumes, databases and more (AWS KMS) | Identity & Management |
| Encryption Key Vault | Secure key management (GCP Cloud KMS Keyring, Azure Key Vault) | Identity & Management |
| ETL Data Catalog | An index to the location, schema, and runtime metrics of your data; supports extract, transform, and load (ETL) service (AWS Glue Data Catalog) | Storage |
| ETL Database | Extract, transform, load (ETL) databases are used to organize metadata for holistic ETL services (AWS Glue Database) | Storage |
| ETL Security Configuration | A set of security properties that can be used by your extract, transform, and load (ETL) service (AWS Glue Security Configuration) | Storage |
| Event Grid Topic | Acts as a receiving endpoint for a collection of related events (Azure Event Grid Topic) | Compute |
| Event Grid Subscription | An event topic that is sent to an endpoint for handling and consumption (Azure Event Grid Subscription) | Compute |
| Federated Group | Azure Groups that have federated access to AWS SSO via Azure AD (Federated Azure AD Group). See Resources for details | Identity & Management |
| Federated User | Azure Users that have federated access to AWS SSO via Azure AD (Federated Azure AD User). See Resources for details | Identity & Management |
| File Share | A cloud storage service that provides on-premises access to cloud storage (AWS NFS/SMB File Gateway Share) | Storage |
| Forwarding Rules | Manage frontend configuration of a load balancer (GCP Load Balancer Forwarding Rules, Azure Load Balancing Rules) | Network |
| Gatekeeper Constraint | Inform the system that a ConstraintTemplate needs to be enforced and how to enforce the template (Kubernetes Constraint) | Containers |
| Gatekeeper ConstraintTemplate | Describe the policies that enforce a constraint as well as the schema of the constraint (Kubernetes ConstraintTemplate) | Containers |
| Global Load Balancer | A global, scalable entry-point that uses a global edge network to create web applications (e.g., Azure Front Door, AWS Global Accelerator) | Network |
| GraphQL API | GraphQL manages services that improve performance, support real-time updates, and make connecting to secure datasources easy. An example of this type of resource is AWS AppSync API. | Storage |
| HSM Cluster | A hardware security module (HSM) cluster providers users with an easy way to generate and manage encryption keys within a cloud service provider (CSP) environment (e.g., AWS CloudHSM). | Compute |
| Hypervisor | A hypervisor/dedicated host responsible for housing compute instances | Compute |
| Identity Provider | Creates, maintains, and manages identity information, providing authentication (SAML, AD) | Identity & Management |
| Ingress | Exposes HTTP and HTTPS routes from outside a Kubernetes cluster to services within the cluster (Kubernetes Ingress) | Containers |
| Instance | Compute instance (EC2, CloudServers, etc.) | Compute |
| Internet Gateway | A logical connection between a network and the internet | Network |
| Jobs | A Kubernetes Job creates and executes a specified number of Pods until they successfully terminate (Kubernetes Job) | Containers |
| K8S Secret | An object that contains a small amount of sensitive data that must be kept confidential (Kubernetes Secret) | Containers |
| Language Service | Provides natural language capabilities via an API (Azure Language Service) | Machine Learning & AI |
| Launch Template | Contains configuration information for an instance so that it can be launched in a consistently reproducible way (Launch Template) | Compute |
| Lightsail | Provides compute, storage, and networking capacity and capabilities for websites and web applications in the cloud (AWS Lightsail) | Compute |
| Load Balancer | Used in multi-tier apps to distribute load across a variety of compute instances | Network |
| Logic App | Integration platform as a service that promotes scale and portability while offering critical workflow automation from a workspace of any size (Azure Logic App) | Compute |
| Log Analytics Workspace | Container used for storing and analyzing log data and configuration (Azure Log Analytics Workspace) | Identity & Management |
| Log Group | Group of Event logs within a Log Stream (e.g., AWS CloudWatch Log Groups) | Identity & Management |
| Lookout Project | Lookout Projects (e.g., Amazon Lookout) comprise three facets: Metrics, Equipment, and Vision. Lookout Metrics finds root causes for anomalies in data. Lookout Equipment monitors physical equipment for abnormal behavior and potential failures. Lookout Vision finds visual defects in industrial products, like missing components, physical damage, irregularities, and defects. | Identity & Management |
| LUIS API | Allows your applications to understand commands from your users using natural language processing (Azure LUIS API) | Machine Learning & AI |
| Machine Learning Instance | Prepare and processes data, trains and deploys machine learning models. | Machine Learning & AI |
| Machine Learning Training Job | A computation task that trains a machine learning model (AWS SageMaker Training Job) | Machine Learning & AI |
| MapReduce Cluster | A programming model for processing and generating large data sets (Hadoop) | Compute |
| Message Broker Instance | Managed message broker service (AWS MQ) | Compute |
| Message Queue | Message queuing services (AWS SQS) | Compute |
| Message Queue Namespace | Groups message queues and publish-subscribe topics under one namespace (Azure Service Bus) | Compute |
| Mutating Webhook Configuration | A configuration for a mutating webhook admission controller (Kubernetes Mutating Webhook Controller) | Containers |
| Namespace | A virtual cluster backed by a physical cluster; typically, there are several distinct namespaces on a single physical cluster (Kubernetes Namespace) | Containers |
| NAT Gateway | Enables instances in a private network to forward traffic to the Internet | Network |
| Network | Logically isolated virtual environment within a Cloud Provider (AWS VPC) | Network |
| Network Address Group | Provides visibility into defined network address prefixes (AWS Managed Prefix List, Azure IP Group) | Network |
| Network Endpoint | Enables private connection of your VPC to cloud services | Network |
| Network Endpoint Service | Enables you to privately connect your VPC to supported provider services (AWS VPC Endpoint Services, Azure Private Link Service) | Network |
| Network Firewall | A managed, cloud-based network-security service that protects network resources (Azure Firewall) | Network |
| Network Firewall Rule | Firewall rules including:NAT rules, network rules, and applications rules. (Azure Firewall Rule) | Network |
| Network Firewall Rule List | Firewall rule collections processed according to the rule type in priority order. (Azure Firewall Rule Collection) | Network |
| Network Flow Log | Stores configuration and delivery info regarding traffic flows in a cloud network | Network |
| Network Interface | Virtual interfaces that can allow communication between networks/subnets | Network |
| Network Peer | Interconnects two private networks | Network |
| Network Policy | A policy that controls traffic flow at a given IP address or port for a Pod (Kubernetes Network Policy) | Containers |
| Notification Subscription | Subscription-based notifications (AWS SNS, GCP Pub/Sub) | Compute |
| Notification Topic | Topic to use when delivering notifications | Compute |
| Open AI | Allows you to apply advanced coding and language models to your own use cases (Azure Open AI) | Machine Learning & AI |
| Persistent Volume | A provisioned piece of storage in a Kubernetes cluster with a lifecycle independent of any Pod that uses the persistent volume (Kubernetes Persistent Volume) | Containers |
| Personalizer | Assists in providing a unique, relevant experience for each of your users (Azure Personalizer) | Machine Learning & AI |
| Pod Security Policies | (Kubernetes Pod Security Policy) | Containers |
| Pods | Kubernetes Pod | Containers |
| Private Image | Private/shared image which can be used to create a compute instance | Compute |
| Private Subnet | Private logical subdivision of a network | Network |
| Public IP | Elastic/Floating IP addresses which allow communication over the Internet | Network |
| Query Log Config | Enables DNS query resolution across entire hybrid cloud (AWS Route53Resolver Configuration) | Network |
| Recommendation | Machine-generated product and resource usage optimizations (GCP Project Recommendations) | Compute |
| Recommendation Finding | Important patterns and details about your resource usage (GCP Project Insights) | Compute |
| Recycle Bin Rule | Assists in preventing accidental deletion of snapshots using custom retention rules and recovery (AWS Recycle Bin Rule) | Storage |
| ReplicaSet | A template that maintains a stable set of specified number of identical (replica) Pods (Kubernetes ReplicaSet) | Containers |
| Reserved Instance | Guaranteed, available virtual private servers (AWS RIs, Azure Pre-Paid Instances) | Compute |
| Role | A representation of a set of permissions to a specified namespace (Kubernetes Role) | Containers |
| Route | Used to determine where network traffic from your subnet or gateway is directed (AWS Route, Azure Route) | Network |
| Route Table | Used to store routes | Network |
| Search Cluster | A cluster of Elasticsearch Instances | Compute |
| Search Index | A highly accurate intelligent search service for unstructured data using natural language. | Compute |
| Secret | Confidential or secure data (AWS Secret) | Identity & Management |
| Secure File Transfer | Allows secure transfer of files using SFTP protocol (AWS SFTP Server) | Storage |
| Security Posture | Assists in assessing and strengthening your security across multi-cloud and hybrid environments (Azure Advisor Recommendations) | Identity & Management |
| Serverless Application | Framework for building serverless applications (AWS Serverless Application) | Compute |
| Serverless Function | A compute service that runs code in respose to events | Compute |
| Serverless Layer | A package of libraries and dependencies that can be used with Serverless Functions (AWS Lambda Layer) | Compute |
| Service Account | A special account that provides an identity for processes that run inside of a Pod (Kubernetes Service Account) | Containers |
| Service Control Policy | A type of policy to manage your application (AWS Service Control Policy) | Identity & Management |
| Service Detector | Threat detection service (AWS GuardDuty Detector, Microsoft Defender for Cloud) | Identity & Management |
| Service Fabric Cluster | A cluster that orchestrates highly available and durable micro services at scale (Azure Service Fabric Cluster) | Containers |
| Service Health Event | Personalized communications about how the overall health of the CSP itself may be affecting your environment, including visibility into resource issues, upcoming changes, and important notifications (AWS Health Dashboard) | |
| Services | (Kubernetes Service) | Containers |
| Shared File System | Scalable volumes that can be shared between multiple instances (eg: AWS EFS) | Storage |
| Shared Gallery | Shared Image Gallery (Azure) to build structure around images | Compute |
| Shared Gallery Image | Image definitions for logical version grouping | Compute |
| Shared Gallery Image Version | Image versioning, as used in environments | Compute |
| Sink | A Stackdriver Sink controls how logs are routed throughout your environment (GCP Stackdriver Sink, AWS CloudWatch Observability Sink Link) | Identity & Management |
| Site-to-Site VPN | Enable access to your remote network from your VPC (AWS Site-to-Site VPN (VPC), GCP VPN Tunnel) | Network |
| Snapshot | Point-in-time backups of volumes | Storage |
| Spanner | A globally-distributed, and synchronously-replicated database (GCP Spanner, AWS Aurora Global Database) | Storage |
| Speech Services | Encapsulates several different speech-related features including text-to-speech, speech-to-text, translation, and speaker recognition (Azure Speech Services) | Machine Learning & AI |
| SSH Key Pair | Public and Private keys associated with a cloud provider within an organization service | Identity & Management |
| SSL Certificate | A certificate bound to a load balancer to facilitate secure client/server communication | Identity & Management |
| SSL Certificate Authority | Issues digital certificates to help identify websites, people, and devices (AWS Certificate Manager, GCP Certificate Authority Service) | Identity & Management |
| SSM Document | A script or document written in JSON or YAML that provides instructions to the Systems Manager for how to interact with your managed instances (Systems Manager (SSM) Document) | Compute |
| Stack Template | Infrastructure as code (CloudFormation Templates) | Compute |
| StatefulSet | An API object used to managed stateful applications (Kubernetes StatefulSet) | Containers |
| Step Function | A serverless orchestration service that lets you combine functions and other services to build applications. (AWS Step Function State Machine) | Compute |
| Storage Account | Contains all Azure storage data objects (Azure Storage Account) | Storage |
| Storage Container | Object storage (S3, Cloud Storage, Blob Storage, etc.) | Storage |
| Storage Gateway | Securely connect on-premises software applications with cloud-based storage (AWS Storage Gateway) | Storage |
| Storage Sync Service | Assists with centralizing your file shares while also enabling high availability and recovery (Azure Storage Sync Service) | Storage |
| Stored Parameters | Secure storage for configuration data as parameter values (AWS Systems Manager Parameter Store Parameter) | Storage |
| Stream Instance | Streaming data service (AWS MSK Instance) | Compute |
| Streaming Application | Allows you to query, transform, and analyze streaming data in real time (AWS Kinesis Analytics Application) | Compute |
| Target Proxies | Load balancing component that routes incoming requests to a URL map, terminates connection to the user (GCP Load Balancer Target Proxies) | Network |
| Task Definitions | Task Definitions are required to run Docker containers within container management services in the cloud (AWS ECS Task Definition) | Container |
| Template Spec | A resource type that simplifies both storing and sharing a template (Azure Template Specs) | Compute |
| Threat Findings | Threat detection service (AWS GuardDuty/Macie) | Identity & Management |
| Timeseries Database | Timeseries databases store and analyze trillions of events daily for internet of things (IoT) and operational applications (Amazon Timestream) | Storage |
| Traffic Manager | A Traffic Manager is a DNS-based network traffic load balancer, distributing network traffic evenly across your environment (Azure Traffic Manager) | Network |
| Traffic Mirror Target | An elastic network interface or a network load balancer (AWS VPC Traffic Mirror Targets) | Network |
| Transcoding Pipeline | A queue that manages media transcoding jobs (AWS Elastic Transcoder Pipeline) | Compute |
| Transcription Job | A job that provides speech-to-text transcriptions for a wide variety of use cases, e.g., AWS Transcription Job | Compute |
| Transit Gateway | Service enabling connection of VPCs and on-premises networks to a single gateway (AWS Transit Gateway) | Network |
| Translator | Provides machine translation via an API (Azure Translator) | Machine Learning & AI |
| URL Map | A set of rules for routing incoming HTTP(S) requests to specific services (GCP URL Map) | Network |
| User Pool | Allows your users to sign in to your web or mobile app (AWS Cognito User Pool) | Identity & Management |
| Validating Webhook Configuration | A configuration for a validating webhook admission controller (Kubernetes Validated Webhook Configuration) | Containers |
| Video Stream | Service to stream live video from devices to the cloud (AWS Kinesis Video Stream) | Storage |
| Virtual Private Gateway | Private virtual interface for one or more connections. | Network |
| Volume | Network attached storage (EBS, Virtual Disks, etc.) | Storage |
| Web App | Service providing app hosting (AWS Elastic Beanstalk Environment, Azure App Service) | Compute |
| Web App Group | Service for deploying and scaling web applications and services (AWS Elastic Beanstalk Application) | Compute |
| Web Application Firewall | Web application security (AWS Application Firewall (WAF), WAFv2) | Network |
| Workspace | Virtual desktops (AWS Workspaces) | Compute |
Updated 7 months ago