Compute Resources
Compute Resources are available in InsightCloudSec as the first section (tab) under the Resource landing page. These resources are related to compute functionality and include resources like app servers, instances, and elastic search instances.
Compute resources are displayed alphabetically using the InsightCloudSec normalized terminology. Hovering over an individual resource provides the CSP-specific terminology with the associated logo to help users confirm the displayed information. For example, an Autoscaling Group refers to Amazon's "Autoscaling Group", Google's "Autoscalers", and Azure's "Virtual Machine Scale Sets".
For a detailed reference of this normalized terminology check out our Resource Terminology.
Some attributes may not be included in these lists
A large number of Resource Attributes are offered for the resources outlined here. Because we are continuously expanding our supported resources the attributes and details included here can not be guaranteed to include every resource or every attribute.
If you need information about the attributes of a particular resource we are happy to help get those details for you - reach out to us through the Customer Support Portal with any questions!
Airflow Environment
Airflow Environment
Airflow Environments offers managed orchestration service for Apache Airflow - an open-source tool used to programmatically author, schedule, and monitor sequences of processes and tasks referred to as workflows.
| Attribute | Description |
|---|---|
| resource_id | The primary resource identifier that takes the form of a prefix followed by numbers and letters |
| organization_service_id | The ID of the parent organization service (cloud) |
| region_name | The region in which the Airflow Environment resides |
| name | The name of the Airflow Environment |
| arn | The ARN associated with the Airflow Environment |
| create_time | The time when this Airflow Environment was created |
| version | The version of the Airflow Environment |
| environment_class | The environment class, e.g., 'mw1.small' |
| max_workers | The maximum number of workers allowed with this Airflow Environment |
| status | The status of the Airflow Environment (e.g., available) |
| logging_configuration | A description of the logging configuration, including TaskLogs, WorkerLogs, and SchedulerLogs |
| encrypted | Denotes whether the Airflow Environment is encrypted |
| key_resource_id | The provider ID of Encryption Key (if encrypted) |
| execution_role_resource_id | The resource ID for the execution role |
| service_role_resource_id | The resource ID for the service role |
| webserver_access_mode | The webserver access mode, e.g., public only |
| webserver_url | The URL for the webserver |
| relationships | A list of resources associated with the Airflow Environment |
Apps
App Configurations
App Configurations provide a means to centrally manage application settings and feature flags.
| Attribute | Description |
|---|---|
| resource_id | The primary resource identifier that takes the form of a prefix followed by numbers and letters |
| organization_service_id | The ID of the parent organization service (cloud) |
| config_id | The provider ID for the configuration |
| name | The name of the configuration |
| resource_group | The name of the resource group the configuration is associated with |
| provisioning_state | The provisioning state of the configuration |
| region_name | The name of the region in which the configuration resides |
| sku | The pricing tier of the configuration |
| purge_protection_enabled | Indicates if purge protection is enabled for the configuration |
| public_network_access | The network access configuration of the configuration |
| automatic_network_setting | Indicates if public network access on the resource is set to the automatic setting |
| creation_date | The date the configuration was created |
| soft_delete_retention_days | The number of days the configuration will be retained if deleted |
| encrypted_with_cmk | Indicates if the configuration is encrypted using a customer key |
| identity_type | The type of identity assigned to the configuration |
| disable_local_auth | Indicates if local authentication is disabled for a configuration |
| endpoint | The endpoint of the configuration |
| private_endpoint_connections | The number of endpoints attached to the configuration |
| namespace_id | The fully qualified ID of the resource, including the resource name and resource type |
App Engine Service
An App Engine Service is a small logical component of a large app, i.e., a microservice.
| Attribute | Description |
|---|---|
| resource_id | The primary resource identifier that takes the form of a prefix followed by numbers and letters |
| organization_service_id | The ID of the parent organization service (cloud) |
| name | The name of the service |
| region_name | The name of the region in which the service resides |
| namespace_id | The fully qualified ID of the resource, including the resource name and resource type |
| service_id | The unique ID for the service |
| app_engine_status | The status of the service |
| ingress_traffic | The rules for ingress of the service |
| firewall_rules | The firewall rules for the service |
App Engine Service Version
An App Engine Service Version is a compiled version of one of your services, which can be used for rollbacks or testing.
| Attribute | Description |
|---|---|
| resource_id | The primary resource identifier that takes the form of a prefix followed by numbers and letters |
| organization_service_id | The ID of the parent organization service (cloud) |
| name | The name of the service |
| service_id | The unique ID for the service |
| namespace_id | The fully qualified ID of the resource, including the resource name and resource type |
| version_id | The unique ID for the service version |
| environment | The type of environment on which the version is deployed |
| runtime | The runtime the service version is using |
| legacy_runtime | Denotes whether the runtime is legacy |
| version_status | The status of the service version |
App Server
App Servers are the underlying virtual machines that host Azure App Services. This class inherits from TopLevelResource and has direct access to the resource’s database object.
| Attribute | Description |
|---|---|
| resource_id | The primary resource identifier that takes the form of a prefix followed by numbers and letters |
| organization_service_id | The ID of the parent organization service (cloud) |
| region_name | The region in which this App Server resides |
| app_server_id | The provider ID of the App Server |
| name | The name of the App Server |
| server_type | The type of the App Server (F1 Free, B1 Basic, S1 Standard, etc) |
| instance_count | The number of instances running this app |
| max_instance_count | The maximum number of instances for running the app |
| app_count | The number of apps running on the App Server |
| state | The state of the App Server (ready, stopped, etc) |
App Stream Fleet
An App Stream Fleet is a managed application streaming service that streams desktop applications to users.
| Attribute | Description |
|---|---|
| resource_id | The primary resource identifier that takes the form of a prefix followed by numbers and letters |
| organization_service_id | The ID of the parent organization service (cloud) |
| region_name | The region in which the App Stream Fleet resides |
| arn | The ARN associated with the App Stream Fleet |
| name | The name of the App Stream Fleet |
| image_name | The image name associated with the App Stream Fleet |
| image_arn | The ARN associated with the image for the App Stream Fleet |
| instance_type | The type of instance used by the App Stream Fleet |
| instance_flavor_resource_id | The Resource ID for the instance flavor used by the App Stream Fleet |
| fleet_type | The type of Fleet for the App Stream |
| compute_status | Status of compute resources for the App Stream Fleet |
| max_user_duration | The maximum duration (in seconds) for users |
| disconnect_timeout | The timeout (in seconds) for a user to disconnect |
| state | The state of the App Stream Fleet |
| creation_date | The date and timestamp for the creation of the App Stream Fleet |
| default_internet_access | Indicates whether default internet access is enabled for the fleet |
| domain_joined | Indicates whether the Fleet is associated with a directory domain |
| role_resource_id | The Resource ID for the role associated with the Fleet |
| stream_view | The stream view displayed to users while using the Fleet |
| platform | The platform of the Fleet |
| session_script_s3 | Describes the S3 session script |
| relationships | List of resources associated with the Fleet |
Autoscaling
Autoscaling Group
Autoscaling Groups contain a collection of Instances that share similar characteristics and are treated as a logical grouping for the purposes of instance scaling and management. The Autoscaling Group class inherits from TopLevelResource and has direct access to the resource’s database object.
| Attribute | Description |
|---|---|
| resource_id | The primary resource identifier that takes the form of a prefix followed by numbers and letters |
| organization_service_id | The ID of the parent organization service (cloud) |
| group_id | The provider ID of the autoscaling group |
| name | The name of the autoscaling group |
| arn | The ARN associated with the autoscaling group |
| create_time | The time when this autoscaling group was created |
| region_name | The region in which this autoscaling group resides |
| health_check_grace_period | The amount of time (in seconds) that the autoscaling group will wait to run the system health check, after instances have been started |
| min_size | The minimum number of instances running at all times on this autoscale group |
| max_size | The maximum number of instances that can be running at any time on this autoscale group |
| desired_capacity | The desired amount of instances running at all times in the autoscaling group |
| new_instance_protection | The instances that are protected from termination during scale in |
| default_cooldown | The amount of time the autoscaling group will wait before resuming scaling activities |
| multi_az | Denotes if the group is multi AZ |
| suspended_processes | The JSON value of suspended processes |
| vm_profile | The JSON value of the profile of the machine |
| spot_instances | Whether the autoscaling group will utilize spot instances |
| upgrade_policy | Describes the upgrade policy settings for the autoscaling group |
| launch_configuration | The launch configuration that is associated with the autoscaling group |
| launch_template | A launch template that is associated with the autoscaling group |
| warm_pool_size | The number of warm pool instances configured |
| warm_pool_instances | The type of instances in the warm pool |
| load_balancers | A list of classic load balancers that are associated with the autoscaling group |
| target_group | A list of application target groups that are associated with the autoscaling group |
| vulnerability_sources | The vulnerability source (requires IVM agent integration) |
class DivvyResource.Resources.autoscalinggroup.AutoscalingGroup(resource_id)
Bases: DivvyResource.Resources.toplevelresource.TopLevelResource
Autoscaling Group Operations
delete(user_resource_id=None)
Not now available for use.
static get_db_class()
get_instances()
Retrieve the instance members the group uses.
static get_provider_id_field()
static get_resource_type()
get_subnets()
Retrieve the subnets the group operates in.
get_supported_actions()
Retrieve all the actions which are supported by this resource.
group
handle_resource_created(user_resource_id=None, project_resource_id=None)
This should be called when a resource is created/discovered after the basic data is added to the database. This gives an opportunity for post-addition hooks (assignment to projects/groups, alerts, etc.).
handle_resource_destroyed(user_resource_id=None)
This should be called when a resource is destroyed before the basic data is removed from the database. This gives an opportunity for pre-destruction hooks (removal from projects/groups, alerts, etc.).
handle_resource_modified(resource, *args, **kwargs)
This should be called when a resource is modified after the new data has been updated in the DB session This gives an opportunity for post-modification hooks.
has_attached_instance()
Return True is instance(s) are attached to asg.
modify(max_size=None, min_size=None, user_resource_id=None)
Modify the Autoscaling group. This makes a call sot he upstream providier to change one or more properties.
name
provider_id
top_level_resource = True
Autoscaling Launch Configuration
Autoscaling Launch Configurations are templates that autoscaling groups use to launch instances.
This class inherits from TopLevelResource and has direct access to the resource's database object.
| Attribute | Description |
|---|---|
| resource_id | The primary resource identifier that takes the form of a prefix followed by numbers and letters |
| organization_service_id | The ID of the parent organization service (cloud) |
| region_name | The region the Autoscaling Launch Configuration resides in |
| image_id | The provider ID of image instances are launched from |
| name | The name of the autoscaling launch configuration |
| arn | The Amazon resource name of the autoscaling launch configuration |
| instance_type | The type of instance to launch |
| spot_price | The maximum hourly price to be paid for any spot instance launched from autoscaling launch configuration |
| identity_management_role | The role associated with the autoscaling launch configuration |
| creation_timestamp | The time autoscaling launch configuration was created |
| monitoring | Denotes if detailed monitoring is enabled on instances launched from autoscaling launch configuration (true/false) |
| kernel_id | The ID of the kernel associated with the Image |
| ram_id | The ID of the RAM disk to select |
| associate_ip | Denotes whether to assign a public IP address to each instance |
| block_storage_optimized | Denotes whether the launch configuration is optimized for I/O (true) or not (false) |
| role_resource_id | The resource ID of the role performing the autoscaling |
| user_data | The user data to make available to the launched instances using this configuration |
| sensitive_data | Indicates if the launch configuration contains sensitive data within the user data |
| contains_secret | Indicates if the launch configuration contains a Secret within the user data |
Batches
Batch Environment
An environment containing many compute nodes that can run large-scale parallel and high-performance computing batch jobs efficiently, e.g., Azure Batch Account, AWS Batch Compute Environment.
| Attribute | Description |
|---|---|
| resource_id | The primary resource identifier that takes the form of a prefix followed by numbers and letters |
| organization_service_id | The ID of the parent organization service (cloud) |
| name | The name of the Batch Environment |
| region_name | The region in which the Batch Environment resides |
| namespace_id | The fully qualified ID of the resource, including the resource name and resource type |
| state | The state of the Batch Environment |
| endpoint | The endpoint where the Batch Environment is accessible |
| public_access | Whether public access is enabled for the Batch Environment |
| allocation_type | The allocation type for the Batch Environment |
| minimum_cpus | The minimum amount of CPUs allocated for the Batch Environment |
| maximum_cpus | The maximum amount of CPUs allocated for the Batch Environment |
| storage_account_resource_id | The resource ID for the storage account associated with the Batch Environment |
| encryption | The encryption enabled for the Batch Environment |
| pool_type | The type of instance pool within the Batch Environment |
| role_resource_id | The resource identifier for the role allocated to the Batch Environment. |
Batch Pool
A group of compute nodes that is used in a batch environment to run large-scale parallel and high-performance computing batch jobs efficiently, e.g., Azure Batch Pool.
| Attribute | Description |
|---|---|
| resource_id | The primary resource identifier that takes the form of a prefix followed by numbers and letters |
| organization_service_id | The ID of the parent organization service (cloud) |
| name | The name of the Batch Pool |
| region_name | The region in which the Batch Pool resides |
| namespace_id | The fully qualified ID of the resource, including the resource name and resource type |
| environment_resource_id | The ID for the Batch Pool's parent Batch Environment |
| last_modified | The most recent time the Batch Pool was modified |
| state | The state of the Batch Pool |
| vm_size | The size of the virtual machine(s) within the Batch Pool |
| autoscaling | Whether the Batch Pool has autoscaling enabled |
| inter_node_communication | Whether the Batch Pool has internode communication enabled |
| subnet_resource_id | The resource ID of the subnet in which the Batch Pool is running, if known |
Big Data
Big Data Instance
Big Data Instances are database instances which store and process big data. An example of this type of instance is AWS Redshift. This class inherits from TopLevelResource and has direct access to the resource’s database object.
| Attribute | Description |
|---|---|
| resource_id | The primary resource identifier that takes the form of a prefix followed by numbers and letters |
| organization_service_id | The ID of the parent organization service (cloud) |
| region_name | The region that the instance resides in |
| instance_id | The provider ID of the instance |
| name | The name of the instance |
| instance_type | The type of instance |
| instance_flavor_resource_id | The resource ID of the type (flavor) this instance runs on |
| state | The state of the big data instance |
| create_time | The time the instance was created |
| availability_zone | The zone where the big data instance lives |
| endpoint_address | The FQDN of the big data instance |
| endpoint_port | The port that the big data instance listens on |
| nodes | The number of nodes in the cluster |
| version | The software version the big data instance leverages |
| allow_version_upgrade | Denotes whether the instance has automatic version upgrades enabled |
| db_name | The name of the master database |
| subnet_group_name | The database subnet group name that the instance uses |
| vpc_id | The database VPC ID that the instance uses |
| backup_retention | An integer representing the number of days that automatic snapshots are retained for |
| master_username | The username of the master user |
| encrypted | Denotes if the data stored on the instance is encrypted |
| key_resource_id | The provider ID of Encryption Key (if encrypted) |
| publicly_accessible | Denotes if the instance can be accessed over the Internet |
| access_lists | The list of associated security groups |
| instance_flavor | The returned flavor of a object which contains information on the size of the instance |
| ssl_required | Denotes if SSL is required (true/false) |
| fips_required | Denotes if FIPS compliant SSL mode is required |
| logging | Boolean value on whether a Big Data Instance is logging |
| logging_bucket | The location of the Storage Container the Big Data Instance is logging to, if known |
| parameter_groups | The parameter group(s) associated with the instance |
class DivvyResource.Resources.bigdatainstance.BigDataInstance(resource_id)
Bases: DivvyResource.Resources.toplevelresource.TopLevelResource
Big Data Instance Operations
delete(wait_for_result=True, user_resource_id=None)
Delete this resource. If wrapped in a with JobQueue() block, this will queue the deletion job to the wrapped queue, otherwise it calls immediately.
static get_db_class()
get_instance_type()
Retrieve the instance type of the resource.
static get_provider_id_field()
static get_resource_type()
get_state()
Retrieve the instance state.
get_supported_actions()
handle_resource_created(user_resource_id=None, project_resource_id=None)
This should be called when a resource is created/discovered after the basic data is added to the database. This gives an opportunity for post-addition hooks (assignment to projects/groups, alerts, etc.).
handle_resource_destroyed(user_resource_id=None, project_resource_id=None)
This should be called when a resource is destroyed before the basic data is removed from the database. This gives an opportunity for pre-destruction hooks (removal from projects/groups, alerts, etc.).
handle_resource_modified(resource, *args, **kwargs)
This should be called when a resource is modified after the new data has been updated in the DB session. This gives an opportunity for post-modification hooks.
`instance
top_level_resource = True
Big Data Serverless Namespace
A Big Data Serverless Namespace is a collection of database objects and users.
| Attribute | Description |
|---|---|
| resource_id | The primary resource identifier that takes the form of a prefix followed by numbers and letters |
| organization_service_id | The ID of the parent organization service (cloud) |
| namespace_id | The provider-specific namespace ID value |
| name | The name of the namespace resource |
| db_name | The database name associated with the namespace |
| region_name | The region in which the namespace is located |
| state | The status of the namespace |
| arn | The ARN value associated with the namespace |
| role_resource_id | Denotes the IAM role associated with the namespace |
| admin_username | Denotes the admin username associated with the namespace |
| key_resource_id | Denotes the key associated with the namespace |
| log_exports | Denotes the log export configurations for the namespace |
| creation_date | The date the namespace was created |
Big Data Serverless Workgroup
A Big Data Serverless Workgroup is a collection of compute resources.
| Attribute | Description |
|---|---|
| resource_id | The primary resource identifier that takes the form of a prefix followed by numbers and letters |
| namespace_id | The provider-specific namespace ID value |
| organization_service_id | The ID of the parent organization service (cloud) |
| workgroup_id | The ID associated with the workgroup |
| name | The name of the workgroup resource |
| region_name | The region in which the workgroup is located |
| state | The status of the workgroup |
| arn | The ARN value associated with the workgroup |
| vpc_endpoints | The count of VPC endpoints attached to the workgroup |
| creation_date | The date the workgroup was created |
| base_capacity | The base capacity of the workgroup |
| enhanced_routing | Denotes whether the workgroup has enhanced routing enabled |
| publicly_accessible | Denotes whether the workgroup is publicly accessible |
| relationships | List of resources associated with the workgroup |
Big Data Workspace
Big Data Workspace comprises data integration, data warehousing, and big data analytics functionality. An example of a Big Data Workspace is an Azure Synapse resource.
| Attribute | Description |
|---|---|
| name | The name of the workspace |
| resource_id | The primary resource identifier that takes the form of a prefix followed by numbers and letters |
| organization_service_id | The ID of the parent organization service (cloud) |
| workspace_id | The provider ID of the workspace |
| region_name | The region in which the workspace resides |
| state | The state of the big data workspace (e.g., Succeeded) |
| double_encryption_enabled | Denotes if double encryption is enabled (true/false) |
| workspace_type | The type of workspace (e.g., Normal) |
| sql_administrator_login | Login name for the SQL administrator |
| scope_enabled | Denotes whether scope is enabled (true/false) |
| public_access | Denotes whether access is public (true/false) |
Build Project
Build Project
Build Project configures how source code is built, e.g., where to obtain the code and which build environment to use.
| Attribute | Description |
|---|---|
| resource_id | The primary resource identifier that takes the form of a prefix followed by numbers and letters |
| organization_service_id | The ID of the parent organization service (cloud) |
| region_name | The region that the Build Project resides in |
| project_id | The Project ID associated with the Build Project |
| name | The name of the Build Project |
| description | The description associated with the Build Project |
| creation_date | The creation date of the Build Project |
| build_type | The type of repository that contains the source code to be built |
| privilege_mode | Denotes if the Build Project is running in privileged mode |
| cache_type | The type of cache used by the Build Project |
| encrypted | Denotes whether the Build Project is encrypted or not |
| role_resource_id | The Resource ID of the associated service Role, if applicable |
| key_resource_id | The Resource ID of the encryption key, if applicable |
| network_resource_id | The Resource ID of the associated VPC, if applicable |
| logging_bucket | The details of the bucket where logs are being sent, if applicable |
| log_group_name | The logging group name, if applicable |
| arn | The Amazon Resource Name (ARN) of the Build Project |
| build_image | The image the Build Project is using |
| clear_text_credentials | Indicates if the Build Project contains credentials in clear text |
| contains_secret | Indicates if the Build Project contains a secret |
Cache
Cache Database Cluster
A Cache Database Cluster is an in-memory database service that provides fast performance and durability, e.g., AWS MemoryDB.
| Attribute | Description |
|---|---|
| resource_id | The primary resource identifier that takes the form of a prefix followed by numbers and letters |
| organization_service_id | The ID of the parent organization service (cloud) |
| region_name | The region in which the Cache Database Cluster resides |
| name | The name of the Cache Database Cluster |
| description | Text description for the Cache Database Cluster |
| state | The state of the Cache Database Cluster |
| number_of_shards | The number of shards in the cluster |
| multi_az | Denotes if the cluster can be in multiple availability zones |
| endpoint_address | The fully-qualified domain name for the Cache Database Cluster |
| endpoint_port | The port that the Cache Database Cluster listens on |
| instance_type | The type of instance being used to host Cache Database Cluster |
| engine_version | The version of the engine currently installed |
| nodes | The number of nodes in the cluster |
| parameter_group | The name of the parameter group associated with the Cache Database Cluster |
| subnet_group | The subnet associated with the Cache Database Cluster |
| transit_encryption | Boolean value indicating if transit encryption is enabled |
| key_resource_id | The resource ID of the associated encryption key |
| arn | The ARN associated with the Cache Database Cluster |
| backup_retention | An integer representing the number of days that automatic snapshots are retained for |
| auto_minor_upgrades | Denotes if this instance automatically takes minor upgrades or not |
Cache Instance
Memcache Instances are managed systems with one or more caching technologies installed, e.g., Redis. Examples of this would be AWS Elasticache and Azure Redis. This class inherits from TopLevelResource and has direct access to the resource's database object.
| Attribute | Description |
|---|---|
| resource_id | The primary resource identifier that takes the form of a prefix followed by numbers and letters |
| organization_service_id | The ID of the parent organization service (cloud) |
| instance_type | The type of instance |
| region_name | The region that the instance resides in |
| instance_id | The provider ID of the instance |
| name | The name of the instance |
| instance_flavor_resource_id | The resource ID of the type (flavor) this is instance runs on |
| state | The state the instance is in (ready/available/normal/running) |
| availibilty_zone | The availability zone this instance runs in |
| endpoint_address | The FQDN of the instance |
| endpoint_port | The port that the instance listens on |
| engine | The engine that the database uses (redis/memcached) |
| engine_version | The install version of the engine |
| backup_retention | The integer representing the number of days that automatic snapshots are retained for |
| nodes | The number of nodes |
| create_time | The time the instance was created |
| at_rest_encryption_enabled | Denotes if at rest encryption is enabled (true/false) |
| transit_encryption_enabled | Denotes if transit encryption is enabled (true/false) |
| auth_token_enabled | Denotes if AuthToken is enabled (true/false) |
| auth_token_last_modified | The last time the AuthToken was modified |
| auto_minor_version_upgrade | Denotes whether automatic minor version upgrading is enabled for the cluster |
| reserved_ip_range | The range of IP addresses reserved |
| network_resource_id | The provider ID of network this instance is in |
| key_resource_id | The ID of the encryption key used to encrypt this Instance |
| replication_group_id | The ID of the associated replication group, if applicable |
| automatic_failover | Denotes if automatic failover is enabled |
| namespace_id | The fully qualified ID of the resource, including the resource name and resource type |
| public_network_access | Denotes if public network access to this Cache Instance is enabled |
| relationships | List of relationships between the Cache Instance and other services |
Connect Instance
Connect Instance
Connect instances provide virtual call center capabilities to your customers.
| Attribute | Description |
|---|---|
| resource_id | The primary resource identifier that takes the form of a prefix followed by numbers and letters |
| organization_service_id | The ID of the parent organization service (cloud) |
| region_name | The region in which the Connect Instance resides. |
| alias | The user-provided alias |
| namespace_id | The namespace ID for the Connect Instance |
| instance_id | The provider-specific ID value |
| id_management_type | Identity management type of the instance |
| status | The status of the instance |
| role_resource_id | The role used by the instance |
| inbound_enabled | Denotes if inbound calls are enabled |
| outbount_enabled | Denotes if outbound calls are enabled |
| create_time | The time the instance was created |
| enabled_features | List of enabled features for the connect instance |
| feature_configuration | The feature configuration object for the connect instance |
Database
Database
Databases that reside within database instances. This class inherits from TopLevelResource and has direct access to the resource’s database object.
| Attribute | Description |
|---|---|
| resource_id | The primary resource identifier that takes the form of a prefix followed by numbers and letters |
| organization_service_id | The ID of the parent organization service (cloud) |
| region_name | The region that the database resides in |
| database_id | The provider ID of the database |
| name | The name of the database |
| instance_resource_id | The provider ID of the associated instance |
| collation | The implemented collation set for the database |
| character_set | The character set of the database |
| create_time | The creation time of the database |
| encrypted | The encryption status of the database |
| key_resource_id | The provider ID of the encryption key, if applicable |
| database_type | The underlying database type |
class DivvyResource.Resources.database.Database(resource_id)
Bases: DivvyResource.Resources.toplevelresource.TopLevelResource
Database Operations
database
delete(user_resource_id=None)
Delete this resource. If wrapped in a with JobQueue() block, this will queue the deletion job to the wrapped queue, otherwise it calls immediately.
static get_db_class()
static get_provider_id_field()
static get_resource_type()
get_state()
Retrieve the route state.
get_supported_actions()
handle_resource_created(user_resource_id=None, project_resource_id=None)
This should be called when a resource is created/discovered after the basic data is added to the database. This gives an opportunity for post-addition hooks (assignment to groups, alerts, etc.).
top_level_resource = True
Database Cluster
A database cluster is one or more database instances connected together to simulate a single system. This class inherits from TopLevelResource and has direct access to the resource’s database object.
| Attribute | Description |
|---|---|
| resource_id | The primary resource identifier that takes the form of a prefix followed by numbers and letters |
| organization_service_id | The ID of the parent organization service (cloud) |
| region_name | The region that the cluster resides in |
| create_time | The time the cluster was created |
| cluster_id | The provider ID of the cluster |
| db_name | The name of the master database |
| db_subnet_group | The subnet group associated with the DB cluster |
| state | The state that the cluster is in (available, stopped, etc) |
| earliest_restorable_time | The earliest time to which a database can be restored with point-in-time restore |
| latest_restorable_time | The latest time to which a database can be restored with point-in-time restore. |
| endpoint | The connection endpoint for the primary instance of the DB cluster |
| multi_az | Denotes whether or not the cluster is set up for high availability and is distributed across multiple zones |
| availability_zones | The zone(s) where the cluster lives |
| engine | The engine that the database uses (mysql, neptune, docdb, etc.) |
| engine_version | The version of the engine |
| port | The port that the database engine is listening on |
| backup_retention | The number of days for which automatic DB snapshots are retained |
| db_cluster_resource_id | The resource ID of the cluster |
| namespace_id | ARN (Amazon Resource Name) of the cluster |
| deletion_protection | Denotes if deletion protection is enabled on the cluster |
| read_replica | Denotes if the cluster is a read replica |
| parameter_group | The name of the DB cluster parameter group for the DB cluster |
| option_groups | The option group(s) associated with the database cluster |
| storage_encrypted | Boolean denoting if the cluster is encrypted |
| key_resource_id | The encryption Key for the cluster (if applicable) |
| capacity | The current capacity of the cluster |
| min_capacity | The minimum capacity of the cluster |
| max_capacity | The maximum capacity of the cluster |
| master_username | The master username for the cluster |
| iam_authentication | Boolean value indicating whether IAM authentication is used |
| enabled_logging_types | The list of the currently enabled logging levels, if applicable (e.g. audit, error, general) |
| stream_name | The name of the data stream used for the database activity stream |
| stream_key_id | The key ID used for encrypting messages in the database activity stream |
| stream_mode | The mode for the database activity stream |
| stream_status | The status of the database activity stream |
| copy_tags_to_snapshot | Denotes whether or not the database is configured to copy tags to snapshots |
| enhanced_monitoring | Denotes whether or not the database is configured for enhanced monitoring |
| maintenance_actions | The maintenance actions associated with the cluster |
| preferred_maintenance_window | The preferred window of time in which maintenance should be performed |
| preferred_backup_window | The preferred window of time in which a backup should be created |
| relationships | A list of resources associated with the cluster |
Database Event Subscription
Database event subscriptions allow notifications when events within an event category occur.
| Attribute | Description |
|---|---|
| resource_id | The primary resource identifier that takes the form of a prefix followed by numbers and letters |
| organization_service_id | The ID of the parent organization service (cloud) |
| region_name | The region where the event subscription instance resides |
| event_subscription_id | The numerical ID InsightCloudSec assigns each Event Subscription |
| status | The status of the Subscription |
| enabled | Denotes whether the Subscription is enabled or not |
| topic_resource_id | The Resource ID of the Subscription Topic |
| namespace_id | The ARN of the Subscription |
| source_type | The Source type |
| source_ids | ID's of the Source(s) |
| categories | Categories of the Subscription |
| created_time | The time of creation |
Database Instance
Database Instances are managed systems with one or more relational database management software components installed. Examples of this include: AWS RDS, Azure SQL, and Google Cloud SQL. This class inherits from TopLevelResource and has direct access to the resource’s database object.
| Attribute | Description |
|---|---|
| resource_id | The primary resource identifier that takes the form of a prefix followed by numbers and letters |
| organization_service_id | The ID of the parent organization service (cloud) |
| instance_type | The type of instance |
| region_name | The region that the instance resides in |
| instance_id | The provider ID of the instance |
| name | The name of the instance |
| instance_flavor_resource_id | The resource ID of the type (flavor) this is instance runs on |
| state | The state that the instance is in |
| endpoint_address | The FQDN of the instance |
| endpoint_port | The port that the instance listens on |
| engine | The engine that the database uses, e.g., mysq |
| engine_version | The install version of the engine |
| storage_size | The size in gigabytes allocated to the instance |
| max_storage_size | The maximum size (in gigabytes) of the instance |
| storage_autoscaling | Denotes whether the instance is configured to autoscale its storage size |
| storage_type | The storage type that is used |
| db_name | The name of the master database |
| backup_retention | An integer representing the number of days that automatic snapshots are retained |
| latest_restorable_time | The latest restorable time of the instance |
| multi_az | Denotes whether or not this system is set up for high availability and is distributed across multiple zones |
| license | The type of license associated with this instance |
| master_username | The username of the master user |
| create_time | The time this instance was created |
| encrypted | Denotes if the data stored on the instance is encrypted |
| encryption_type | The type of encryption enabled on the instance |
| transit_encryption | Boolean value indicating if transit encryption is enabled |
| publicly_accessible | Denotes if the instance can be accessed over the Internet |
| reserved | Boolean value indicating if this is a reserved Database Instance type |
| key_resource_id | The resource ID of the associated encryption key, if applicable |
| read_replica | Denotes if the instance is a read replica |
| network_resource_id | The Resource ID of the associated network, if known |
| auto_minor_upgrades | Denotes if this instance automatically takes minor upgrades |
| users | The user information, if known |
| deletion_protection | Denotes if this database enforces deletion protection |
| database_cluster_resource_id | The Resource ID of the associated database cluster, if applicable |
| iam_authentication | Denotes if this database enforces IAM authentication |
| enabled_logging_types | The enabled logging types for the database |
| ca_cert | The CA certificate associated with this database |
| managed_instance | Denotes whether or not the database is managed by the CSP |
| minimal_tls_version | The TLS version configured on the database instance |
| parameter_groups | The parameter group(s) associated with the database instance |
| option_groups | The option group(s) associated with the database instance |
| flags | The enabled logging types for the database instance |
| public_network_access | Public network access information for the database instance (if publicly accessible) |
| private_endpoint_connections | Boolean indicating if private endpoint connections are enabled for the database instance |
| namespace_id | The unique composite ID of the provider ID for the database instance |
| maintenance_actions | The maintenance actions associated with the database instance |
| preferred_maintenance_window | The preferred maintenance window (in days of the week & time hours/minutes) for the database instance |
| preferred_backup_window | The preferred backup creation window (in time hours/minutes) for the database instance |
| copy_tags_to_snapshot | Denotes whether or not the database is configured to copy tags to snapshots |
| enhanced_monitoring | Denotes whether or not the database is configured for enhanced monitoring |
| flexible | Indicates if the database instance is flexible |
| relationships | List of relationships between the database instance and other services |
| backup_retention_enabled | Denotes whether backup retention is enabled |
| performance_insights_enabled | Denotes whether performance insights are enabled |
class DivvyResource.Resources.databaseinstance.DatabaseInstance(resource_id)
Bases: DivvyResource.Resources.toplevelresource.TopLevelResource
Database Instance Operations
db_instance
delete(wait_for_result=True, user_resource_id=None)
Delete this resource. If wrapped in a with JobQueue() block, this will queue the deletion job to the wrapped queue, otherwise it calls immediately.
get_date_created()
Retrieve the time from the provider that this resource was created (if available).
static get_db_class()
get_instance_type()
Retrieve the instance type of the resource.
static get_provider_id_field()
static get_resource_type()
get_snapshots()
Retrieve a list of db objects for snapshots created within from this database instance (if any).
get_state()
Retrieve the database instance state.
get_supported_actions()
handle_resource_created(user_resource_id=None, project_resource_id=None)
This should be called when a resource is created/discovered after the basic data is added to the database. This gives an opportunity for post-addition hooks (assignment to groups, alerts, etc.).
handle_resource_destroyed(user_resource_id=None)
This should be called when a resource is destroyed before the basic data is removed from the database. This gives an opportunity for pre-destruction hooks (removal from projects/groups, alerts, etc.).
handle_resource_modified(resource, *args, **kwargs)
This should be called when a resource is modified after the new data has been updated in the DB session. This gives an opportunity for post-modification hooks.
top_level_resource = True
Dataflow Job
Dataflow Job
Unified stream and batch data processing job.
| Attribute | Description |
|---|---|
| resource_id | The primary resource identifier that takes the form of a prefix followed by numbers and letters |
| organization_service_id | The ID of the parent organization service (cloud) |
| job_id | The ID for the job |
| name | The name for the job |
| type | The type of job |
| state | The state of the job |
| current_state_time | The duration the job has been in its current state |
| default_service_account | The default service account associated with the job |
| public_worker_ips | The public worker IP addresses associated with the job |
| shuffle_mode | The type of shuffle mode currently enabled for the job |
| region_name | The region in which the job resides |
| job_metadata | Metadata associated with the job |
| create_time | The time the job was created |
| start_time | The time the job started |
Distributed table
Distributed Table
Distributed Tables are NoSQL database tables. This class inherits from TopLevelResource and has direct access to the resource’s database object.
| Attribute | Description |
|---|---|
| resource_id | The primary resource identifier that takes the form of a prefix followed by numbers and letters |
| organization_service_id | The ID of the parent organization service (cloud) |
| table_id | The provider ID of the distributed table |
| region_name | The region that this table resides in |
| name | The name of this distributed table |
| status | The status of this table (Creating, active, etc.) |
| size | The size in bytes of the table |
| arn | The Amazon Resource Name of this table |
| encryption_at_rest | Boolean value of whether or not this table is encrypted at rest |
| item_count | The count of how many items are in this table |
| create_time | The time when this distributed table was created |
| read_capacity | The maximum number of strongly consistent reads consumed per second |
| write_capacity | The maximum number of writes consumed per second |
| stream_specification | Boolean value denoting whether or not this table has stream specification enabled |
| replicated_regions | The regions where read-replicas exist |
| automated_backups | Denotes if automated backups are enabled |
| publicly_accessible | Denotes if the instance can be accessed over the Internet |
| default_consistency_level | The default consistency level for the table |
| key_resource_id | The Resource ID of the associated encryption key, if known |
| table_class | The configured class for the table |
| billing_mode | The billing mode enabled for the table |
| termination_protection | Denotes whether the distributed table has termination protection enabled |
| minimal_tls_version | The minimum Transport Layer Security (TLS) version for the distributed table |
class DivvyResource.Resources.distributedtable.DistributedTable(resource_id)
Bases: DivvyResource.Resources.toplevelresource.TopLevelResource
Distributed Table Operations
delete(user_resource_id=None)
Delete this resource. If wrapped with a JobQueue() block, this will queue the deletion job to the wrapped queue, otherwise it calls immediately.
distributed_table
distributed_table_id
get_date_created()
static get_db_class()
static get_provider_id_field()
static get_resource_type()
get_supported_actions()
handle_resource_created(user_resource_id=None, project_resource_id=None)
This should be called when a resource is created/discovered after the basic data is added to the database. This gives an opportunity for post-addition hooks (assignment to groups, alerts, etc.).
handle_resource_destroyed(user_resource_id=None)
This should be called when a resource is destroyed before the basic data is removed from the database. This gives an opportunity for pre-destruction hooks (removal from groups, alerts, etc.).
handle_resource_modified(resource, *args, **kwargs)
This should be called when a resource is modified after the new data has been updated in the DB session. This gives an opportunity for post-modification hooks.
top_level_resource = True
Distributed Table Cluster
Distributed Table Clusters are fully managed, highly available, in-memory cache for Distributed Tables. This class inherits from TopLevelResource and has direct access to the resource’s database object.
| Attribute | Description |
|---|---|
| organization_service_id | The ID of the parent organization service (cloud) |
| region_name | The region is which the distributed table cluster resides |
| name | The name of the distributed table cluster |
| description | The optional description associated with the distributed table cluster |
| creation_timestamp | The creation time of the distributed table cluster |
| node_count | The number of nodes in this cluster |
| node_ids | The JSON value of node IDs |
| instance_type | The type of instance the distributed table cluster is attached to |
| instance_flavor_resource_id | The flavor of instance used by the distributed table cluster |
| network_resource_id | The network provider ID of the distributed table cluster |
| parameter_group | The parameter group for the distributed table cluster |
| maintenance_window | The maintenance window for the distributed table cluster |
| status | The status of the distributed table cluster |
| endpoint_address | The endpoint address for the distributed table cluster |
| endpoint_port | The endpoint port for the distributed table cluster |
| arn | The Amazon Resource Name of the distributed table cluster |
| availability_zones | The availability zone(s) of the distributed table cluster |
| role_resource_id | The Role provider ID for the distributed table cluster |
| encrypted | Denotes whether the cluster supports at rest encryption |
| transit_encryption | Denotes whether the cluster supports in transit encryption |
class DivvyResource.Resources.distributedtablecluster.DistributedTableCluster(resource_id)
Bases: DivvyResource.Resources.toplevelresource.TopLevelResource
Distributed Table Cluster Operations
distributed_table_cluster
get_date_created()
static get_db_class()
static get_provider_id_field()
static get_resource_type()
get_status()
get_supported_actions()
top_level_resource = True
DLP Job
DLP Job
DLP Jobs are individual data loss prevention (DLP) scans.
| Attribute | Description |
|---|---|
| resource_id | The primary resource identifier that takes the form of a prefix followed by numbers and letters |
| organization_service_id | The ID of the parent organization service (cloud) |
| job_id | The unique ID for the job |
| name | The name of the job |
| type | The type of the job |
| state | The current state of the job |
| region_name | The name of the region in which the job resides |
| trigger_name | The name of the trigger for the job |
| info_types | The list of information types that the job detects |
| min_likelihood | The required level of confidence that scanned data is of a certain information type |
| deidentify_template | The name of the de-identify template used to anonymize results |
| actions | The list of actions taken upon job completion |
| findings | List of information types found during the job |
| create_time | The create time for the job |
| start_time | The start time for the job |
| end_time | The end time for the job |
| namespace_id | The unique composite ID of the provider ID for the resource |
Elasticsearch
Elasticsearch
Elasticsearch Instance
An Elasticsearch Instance (AWS OpenSearch) is a restful search and analytics engine. This class inherits from TopLevelResource and has direct access to the resource’s database object.
| Attribute | Description |
|---|---|
| resource_id | The primary resource identifier that takes the form of a prefix followed by numbers and letters |
| organization_service_id | The ID of the parent organization service (cloud) |
| instance_type | The type of the elasticsearch instance |
| region_name | The region where this elasticsearch instance resides |
| instance_id | The provider ID of the elasticsearch instance |
| name | The name of this elasticsearch instance |
| instance_flavor_resource_id | The resource ID of the type (flavor) this is instance runs on |
| network_resource_id | The resource ID of the parent (network) |
| state | The state of this elasticsearch instance |
| endpoint | The location where you can access your elasticsearch instance |
| version | The version of elasticsearch this instance is using |
| nodes | The number of nodes in this elasticsearch cluster |
| policy | The JSON of the access policy attached to this elasticsearch instance |
| at_rest_encryption_enabled | Denotes if encryption is enabled on the elasticsearch instance |
| trusted_accounts | The trusted accounts that can interact with the queue |
| public_access | Denotes if the instance is publicly accessible |
| node_to_node_encryption | The encrypted communication between nodes |
| transit_encryption | The Enforcement of SSL communication between the client/server |
| tls_security_policy | The TLS security policy used |
| key_resource_id | The resource ID of the encryption key, if applicable |
| zone_awareness_enabled | Denotes whether availability zone awareness is enabled |
| warm_enabled | Denotes whether warm storage is enabled |
| advanced_security_options | JSON of advanced security options configuration for the Elasticsearch Instance |
| availability_zones | The number of availability zones the resource will use |
| unknown_accounts | List of unknown accounts that can interact with the Elasticsearch instance |
| service_software_current_version | Denotes the current service software version |
| service_software_new_version | Denotes the latest service software version |
| service_software_upgrade_eligible | Denotes whether the Elasticsearch instance is eligible for a software upgrade and has not scheduled to upgrade yet |
| service_software_update_status | Denotes status of a service software version update |
class DivvyResource.Resources.elasticsearchinstance.ElasticsearchInstance(resource_id)
Bases: DivvyResource.Resources.toplevelresource.TopLevelResource
Elasticsearch Instance Operations
delete(wait_for_result=True, user_resource_id=None)
Delete this resource. If wrapped in a with JobQueue() block, this will queue the deletion job to the wrapped queue, otherwise it calls immediately.
static get_db_class()
get_instance_type()
Retrieve the instance type of the resource.
static get_provider_id_field()
static get_resource_type()
get_state()
Retrieve the instance state.
get_supported_actions()
handle_resource_created(user_resource_id=None, project_resource_id=None)
This should be called when a resource is created/discovered after the basic data is added to the database. This gives an opportunity for post-addition hooks (assignment to projects/groups, alerts, etc.).
handle_resource_destroyed(user_resource_id=None)
This should be called when a resource is destroyed before the basic data is removed from the database. This gives an opportunity for pre-destruction hooks (removal from projects/groups, alerts, etc.).
handle_resource_modified(resource, *args, **kwargs)
This should be called when a resource is modified after the new data has been updated in the DB session This gives an opportunity for post-modification hooks.
instance
top_level_resource = True
Elasticsearch Serverless Collection
Serverless option for OpenSearch Service for running large-scale search and analytics workloads without managing clusters. (For example: AWS OpenSearch Serverless).
| Attribute | Description |
|---|---|
| resource_id | The primary resource identifier that takes the form of a prefix followed by numbers and letters |
| organization_service_id | The ID of the parent organization service (cloud) |
| collection_id | The provider-specific collection id value |
| name | The collection name |
| state | The state of the collection |
| type | The collection type |
| description | The collection description |
| collection_endpoint | The collection endpoint |
| dashboard_endpoint | The collection dashboard endpoint |
| public_access | Denotes if the collection is accessible over the Internet |
| policy | The policy associated with the collection |
| network_policy | The network policy associated with the collection |
| encryption_policy | The encryption policy associated with the collection |
| key_resource_id | The KMS key that the collection is associated with (optional) |
| creation_date | The time when the collection was created |
Email Service Config
Email Service Configs are groups of rules applied to the verified identities that are used to send email through a cloud email service.
| Attribute | Description |
|---|---|
| resource_id | The primary resource identifier that takes the form of a prefix followed by numbers and letters |
| organization_service_id | The ID of the parent organization service (cloud) |
| name | The name of the configuration |
| region_name | The region in which the configuration resides |
| destinations | The list of destinations where emails will be sent |
| tls_enforced | Determines if the incoming email is required to be delivered over a connection encrypted with TLS |
| sending_enabled | Denotes if email sending is enabled |
| arn | The provider-specific ID for the email configuration set |
Email Service Domain
Email Service Domains are identity domains within cloud email services. This class inherits from TopLevelResource and has direct access to the resource's database object.
| Attribute | Description |
|---|---|
| resource_id | The primary resource identifier that takes the form of a prefix followed by numbers and letters |
| organization_service_id | The ID of the parent organization service (cloud) |
| region_name | The region where the Email Service Domain resides |
| name | The name of the Email Service Domain |
| verification_status | Specifies whether or not the Domain is verified; you can only send email from verified domains |
| dkim_status | Denotes the current status of DKIM for the domain; statuses include PENDING, SUCCESS, FAILED, TEMPORARY_FAILURE, NOT_STARTED |
| dkim_enabled | Denotes if DKIM signing is enabled or not |
| policies | A map of policy names to policies |
| mail_from_domain | The name of a domain that an email identity uses as a custom MAIL FROM domain |
| mail_from_status | The status of the MAIL FROM domain. Values include PENDING, SUCCESS, FAILED, TEMPORARY_FAILURE |
| forwarding_enabled | Denotes if feedback forwarding configuration is enabled or not |
| bounce_topic | The SNS topic for Bounce events, if applicable |
| complaint_topic | The SNS topic for Complaint events, if applicable |
| delivery_topic | The SNS topic for Delivery events, if applicable |
| identity_type | The identity type |
Email Service Rule
Email Service Rules are part of Rule sets and inform how to handle incoming email by executing an specified list of actions.
| Attribute | Description |
|---|---|
| resource_id | The primary resource identifier that takes the form of a prefix followed by numbers and letters |
| organization_service_id | The ID of the parent organization service (cloud) |
| region_name | The name of the region in which the rule resides |
| name | The name of the email service rule |
| rule_set_name | The name of the rule set the rule is associated with |
| enabled | Denotes whether the rule is enabled |
| scan_enabled | Denotes whether the messages this rule is applied to are scanned for viruses and spam |
| tls_enforced | Denotes if the incoming email is required to be delivered over a connection encrypted with TLS |
| recipients | Domains and email addresses the rule applies to |
| actions | List of actions to perform on messages |
Event Grid
Event Grid
Event Grid Subscription
Event Grid subscriptions listen for events created by associated topics and send them to the configured endpoint.
| Attribute | Description |
|---|---|
| resource_id | The primary resource identifier that takes the form of a prefix followed by numbers and letters |
| organization_service_id | The ID of the parent organization service (cloud) |
| name | The name of the topic |
| resource_group | The name of the resource group that the topic will be associated with |
| provisioning_state | The provisioning state of the topic |
| topic | The name of the topic associated with the subscription |
| destination_id | The unique ID for the destination object |
| destination_type | The type of destination |
| event_delivery_schema | The event delivery schema for the subscription |
| expiration_time | The expiration time for the subscription |
| subscription_id | The unique ID for the subscription |
| namespace_id | The provider-specific namespace ID value |
| destination_resource_id | The unique ID for the destination resource |
| source_resource_id | The unique ID for the source resource |
Event Grid System Topic
Event Grid system topics represent one or more events published by Azure services.
| Attribute | Description |
|---|---|
| resource_id | The primary resource identifier that takes the form of a prefix followed by numbers and letters |
| organization_service_id | The ID of the parent organization service (cloud) |
| name | The name of the topic |
| resource_group | The name of the resource group that the topic will be associated with |
| provisioning_state | The provisioning state of the topic |
| topic_id | The ID of the topic |
| topic_type | The type of the topic |
| region_name | The region in which the topic resides |
| namespace_id | The provider-specific namespace ID value |
Event Grid Topic
Event Grid topics act as a receiving endpoint for a collection of related events.
| Attribute | Description |
|---|---|
| resource_id | The primary resource identifier that takes the form of a prefix followed by numbers and letters |
| organization_service_id | The ID of the parent organization service (cloud) |
| name | The name of the topic |
| resource_group | The name of the resource group that the topic will be associated with |
| provisioning_state | The provisioning state of the topic |
| public_network_access | The network access configuration of the topic |
| topic_id | The ID of the topic |
| region_name | The region in which the topic resides |
| namespace_id | The provider-specific namespace ID value |
HSM Cluster
HSM Cluster
A hardware security module (HSM) cluster providers users with an easy way to generate and manage encryption keys within a cloud service provider (CSP) environment.
| Attribute | Description |
|---|---|
| resource_id | The primary resource identifier that takes the form of a prefix followed by numbers and letters |
| organization_service_id | The ID of the parent organization service (cloud) |
| region_name | The region where the cluster is deployed |
| cluster_id | The provider ID for the cluster |
| creation_time | The timestamp for when the cluster was created |
| status | The status of the cluster |
| backup_retention | The backup retention in days of the cluster |
| network_resource_id | The private network that the cluster is associated with |
| hsm_count | Total number of instances in the cluster |
| hsms | Information about hardware security modules within the cluster |
| relationships | Information about the cluster's relationships |
Hypervisor
Hypervisor
Hypervisors are responsible for housing virtual machines/instances. This resource inherits from Resource and has direct access to the resource’s database object.
| Attribute | Description |
|---|---|
| resource_id | The primary resource identifier that takes the form of a prefix followed by numbers and letters |
| organization_service_id | The ID of the parent organization service (cloud) |
| region_name | The region where the hypervisor lives |
| hypervisor_id | The provider ID of the hypervisor |
| name | The name of the hypervisor |
| address | The IP address of the hypervisor |
| port | The port the hypervisor listens on |
| hypervisor_type | The type of hypervisor |
| hypervisor_version | The hypervisor version |
| state | The lifecycle state of the hypervisor |
| availability_zone | The availability zone where the hypervisor lives |
| instances | The list of instances running on this hypervisor |
| time_configuration | The JSON value of the time configuration for the hypervisor |
class DivvyResource.Resources.hypervisor.Hypervisor(resource_id)
Bases: DivvyResource.Resources.toplevelresource.TopLevelResource
Hypervisor Operations
static get_db_class()
static get_provider_id_field()
get_resource_dependencies()
Retrieve the dependencies for a particular resources. For hypervisors we also need to include datastores which requires flipping the ResourceLink relationship.
static get_resource_type()
get_supported_actions()
Retrieve all the actions which are supported by this resource.
handle_resource_created(user_resource_id=None, project_resource_id=None)
This should be called when a resource is created/discovered after the basic data is added to the database. This gives an opportunity for post-addition hooks (assignment to groups, alerts, etc.).
handle_resource_destroyed(user_resource_id=None)
This should be called when a resource is destroyed before the basic data is removed from the database. This gives an opportunity for pre-destruction hooks (removal from groups, alerts, etc.).
handle_resource_modified(resource, *args, **kwargs)
This should be called when a resource is modified after the new data has been updated in the DB session. This gives an opportunity for post-modification hooks.
hypervisor
hypervisor_id
top_level_resource = True
Instance
Instance
Compute Instances are virtual private servers. Examples of include AWS EC2 and Azure Virtual Machines. This class inherits from TopLevelResource and has direct access to the resource’s database object.
| Attributes | Description |
|---|---|
| resource_id | The primary resource identifier that takes the form of a prefix followed by numbers and letters |
| instance_id | The provider ID of the instance |
| organization_service_id | The ID of the parent organization service (cloud) |
| instance_type | The type of instance |
| instance_flavor_resource_id | The resource ID of the type (flavor) this is instance runs on |
| state | The state that the instance is in |
| state_transition_reason | The reason the instance is in its current state |
| name | The name of the instance |
| region_name | The region that the instance resides in |
| availability_zone | The availability zone where this instance runs |
| launch_time | The time the instance was launched (started) |
| create_time | The time the instance was created |
| platform | The platform the system runs on (linux/windows) |
| root_device_type | Denotes the root device storage type |
| root_device_name | The name of the root device |
| image_id | The ID of the image used to create this instance |
| key_name | The name of the key pair used for this instance |
| public_ip_address | The public IP address of this instance |
| private_ip_address | The private IP address of this instance |
| role_resource_id | The resource ID of the role associated with the instance |
| role_name | The name of the role associated with the instance |
| tenancy | Type of tenancy: dedicated or default |
| reserved | Denotes if the instance is reserved or not |
| network_resource_id | The list of attached network interfaces |
| termination_protection | Denotes whether or not the instance has termination protection enabled |
| project_wide_ssh | Denotes if the instance has project wide SSH enabled |
| connecting_serial_ports | Denotes if the instance has connecting serial ports |
| ip_forwarding | Denotes if the instance has IP forwarding enabled |
| spot_instance | Denotes if the instance is a spot instance or not |
| detailed_monitoring | Denotes if detailed monitoring is enabled |
| hibernation_supported | Denotes if this instance supports hibernation or not |
| subnet_resource_id | The resource ID of the subnet in which the instance is running, if known |
| aws_instance_metadata_service_config | The AWS instance metadata service config map |
| shielded_config | The shielded instance configuration map |
| enable_os_login | If the OS Login capability is enabled on the instance |
| jit_access_policy | The Just-in-time access policy map |
| architecture | The structural PC architecture for the instance |
| instance_group | The group that the instance is part of |
| outpost_resource_id | If enabled, ID for the Outpost resource associated with the instance |
| object_id | The object ID for the instance |
| ssm_last_accessed | The timestamp for when the instance was last accessed by the Systems Manager |
| ssm_last_accessed_by | The role ARN that used the Systems Manager to access the instance |
| secondary_private_ip_addresses | The secondary private IP address of this instance |
| secondary_public_ip_addresses | The secondary public IP address of this instance |
| namespace_id | The ID for the instance's namespace |
| contains_secret | Indicates if the instance contains a Secret within user data |
| parent_resource_id | Indicates the parent resource ID if the instance is part of an autoscaling group |
| confidential_computing | Denotes if confidential computing is enabled |
| relationships | A list of resources associated with the instance |
| nsg_attached | Denotes if a Network Security Group is attached to the instance |
| image_name | The name of the image associated with the instance |
class DivvyResource.Resources.instance.Instance(resource_id)
Bases: DivvyResource.Resources.toplevelresource.TopLevelResource
Instance Operations
add_instance_to_app(name)
Add instance to App
delete(user_resource_id=None, force_delete=False, wait_for_result=True)
Delete this resource. If wrapped in a with JobQueue() block, this will queue the deletion job to the wrapped queue, otherwise it calls immediately.
Parameters: force_delete – If set this will work around termination protection (if the cloud supports it). An example of this is AWS.
Returns: bool
get_aggregate_cost()
Retrieve monthly cost and sum the attached volumes in order to factor into total costs.
get_attached_ips()
Retrieve all ip addresses - public and private - associated with this instance.
get_attached_network_interfaces()
Retrieve a list of db object for interfaces which are attached to this instance (if any). DEPRECATED - Used instance.network_interfaces.
get_attached_networks()
Retrieve all networks this instance is attached to.
get_attached_private_ips()
Retrieve private ip addresses which are attached to this instance (if any).
get_attached_public_ips()
Retrieve public ip objects which are attached to this instance (if any).
get_attached_volumes()
Retrieve a list of db object for volumes which are attached to this instance (if any).
get_availability_zone()
Retrieve the name of the availability zone.
get_date_created()
Retrieve the time from the provider that this resource was created. By default this will return the beginning date of epoch if no such create time exists.
static get_db_class()
get_image()
Retrieve the image that the instance uses. If the instance was deleted upstream or if we have not harvested it yet then this could return None.
get_image_id()
Retrieve the image ID of the resource.
get_image_name()
Retrieve the image name that the instance uses. If the instance was deleted upstream or if we have not harvested it yet then this could return None.
get_instance_type()
Retrieve the instance type of the resource.
get_primary_network_interface_id()
Return the network interface attached to eth0 (device index 0).
static get_provider_id_field()
get_resource_dependencies()
Retrieve the dependencies for a particular resources. This is an override of the parent function because we need to reverse the order on our resource lookups.
static get_resource_type()
get_security_groups()
Retrieve security groups which are associated with this instance.
get_supported_actions()
Retrieve all the actions which are supported by this resource.
Restricts actions by resource state.
handle_resource_created(user_resource_id=None, project_resource_id=None)
This should be called when a resource is created/discovered after the basic data is added to the database. This gives an opportunity for post-addition hooks (assignment to projects/groups, alerts, etc.).
handle_resource_destroyed(user_resource_id=None)
This should be called when a resource is destroyed before the basic data is removed from the database. This gives an opportunity for pre-destruction hooks (removal from projects/groups, alerts, etc.).
handle_resource_modified(resource, *args, **kwargs)
This should be called when a resource is modified after the new data has been updated in the DB session. This gives an opportunity for post-modification hooks.
instance
instance_id
is_attached_to_asg()
Return True if instance is attached to Auto Scale Group.
organization_service_id
pause()
Pause this instance. It is wrapped in a with JobQueue() block, this will queue the stop job to the wrapped queue.
region_name
remove_instance_from_app()
Remove instance from app.
restart()
Restart this instance. It is wrapped in a with JobQueue() block, this will queue the stop job to the wrapped queue.
resume()
Restart this instance. It is wrapped in a with JobQueue() block, this will queue the stop job to the wrapped queue.
shelve()
Stop this instance. It is wrapped in a with JobQueue() block, this will queue the stop job to the wrapped queue.
start()
Start this instance. It is wrapped in a with JobQueue() block, this will queue the stop job to the wrapped queue.
stop()
Stop this instance. It is wrapped in a with JobQueue() block, this will queue the stop job to the wrapped queue.
suspend()
Suspend this instance. It is wrapped in a with JobQueue() block, this will queue the stop job to the wrapped queue.
top_level_resource = True
unpause()
Unpause this instance. It is wrapped in a with JobQueue() block, this will queue the stop job to the wrapped queue.
unshelve()
Stop this instance. It is wrapped in a with JobQueue() block, this will queue the stop job to the wrapped queue.
uses_simple_networking()
Determine whether this instance supports only instance-based simple networking. i.e. EC2-classic networking or nova-network.
Launch Template
Launch Template
A launch template contains configuration information for an instance so that it can be launched in a consistently reproducible way.
| Attributes | Description |
|---|---|
| resource_id | The primary resource identifier that takes the form of a prefix followed by numbers and letters |
| organization_service_id | The ID of the parent organization service (cloud) |
| region_name | The region where the launch template is located |
| image_id | The provider ID for the launch template |
| name | The name of the launch template |
| description | A description for the launch template |
| instance_type | The type of instance in the launch template |
| instance_flavor_resource_id | The provider resource ID for the instance flavor |
| identity_management_role | The identity management role associated with the instance |
| role_resource_id | The resource ID for the role associated with the launch template |
| creation_timestamp | The timestamp for when the launch template was created |
| monitoring | Denotes whether detailed monitoring is enabled |
| kernel_id | The ID for the kernel associated with the machine image |
| ram_id | The ID of the RAM disk associated with the machine image |
| associate_ip | Indicates whether to assign a public IP to each instance associated with the launch template |
| contains_secret | Indicates if the launch template contains a Secret within the user data |
| user_data | The user data to make available to the launched instances using this template |
| block_storage_optimized | Indicates whether the instance is optimized for block storage |
| version | The version of the launch template |
| relationships | Any relationships associated with the launch template |
Logic App
Logic App
Integration platform as a service that promotes scale and portability while offering critical workflow automation from a workspace of any size.
| Attributes | Description |
|---|---|
| resource_id | The primary resource identifier that takes the form of a prefix followed by numbers and letters |
| organization_service_id | The ID of the parent organization service (cloud) |
| region_name | The name of the region |
| app_id | The cloud provider ID for the Logic App |
| name | The name for the Logic App |
| state | The current state of the Logic App |
| create_time | Timestamp for when the Logic App was created |
| changed_time | Timestamp for when the Logic App was last modified |
| access_endpoint | URL used to access the Logic App |
| connectors | List of connectors enabled for the Logic App |
| plan | The type of plan for the Logic App |
| web_app_resource_id | The web app resource ID associated with the Logic App |
Lightsail
Lightsail
Lightsail provides developers compute, storage, and networking capacity and capabilities to deploy and manage websites and web applications in the cloud.
| Attributes | Description |
|---|---|
| resource_id | The primary resource identifier that takes the form of a prefix followed by numbers and letters |
| region_name | The name of the region |
| organization_service_id | The ID of the parent organization service (cloud) |
| lightsail_id | The provider ID of the Lightsail instance |
| name | The name of the Lightsail instance |
| arn | The ARN of the Lightsail instance |
| provider_resource_type | The resource type associated with this Lightsail instance (e.g., Relational Database, Load Balancer, Container Service) |
| size | The size of the Lightsail instance |
| engine | The engine the Lightsail instance uses (e.g., mysql 8.0.21, HTTP) |
| create_time | The creation time of the Lightsail instance |
| state | The state of the instance |
| publicly_accessible | Boolean value denoting whether the instance is publicly accessible |
| resource_properties | Properties of the Lightsail instance |
MapReduce Cluster
MapReduce Cluster
MapReduce Clusters are Hadoop frameworks. This class inherits from TopLevelResource and has direct access to the resource's database object.
| Attributes | Description |
|---|---|
| resource_id | The primary resource identifier that takes the form of a prefix followed by numbers and letters |
| organization_service_id | The ID of the parent organization service (cloud) |
| region_name | The name of the region |
| cluster_id | The provider given ID of the cluster |
| name | The name of the cluster |
| status | The status of the cluster |
| create_time | The creation time of the cluster |
| availability_zone | The availability zone where cluster |
| network_resource_id | The resource ID of the associated network |
| subnet_resource_id | The resource ID of the associated subnet |
| total_node_count | The total node count |
| master_node_count | The master node count |
| application | The application of the cluster |
| role_resource_id | The resource ID of the role |
| release_label | The software release of the cluster |
| security_config | The security configuration that is associated with the cluster |
| security_config_resource_id | The resource ID of the security configuration |
| logging_uri | The S3 location for storing logs |
| image_creation_date | The date the image this cluster is based on was created |
| bootstrap_actions | The list of bootstrap actions associated with the cluster |
| internal_ip_only | Denotes whether the cluster permits connections from internal IP addresses only |
| termination_protection | Denotes if the MapReduce cluster has termination protection enabled |
| visible_to_all_users | Denotes if the MapReduce cluster is visible to all users |
| public_dns | The public DNS value for the MapReduce cluster |
| key_resource_id | The provider ID of Encryption Key (if encrypted) |
Messages
Messages
Message Broker Instance
Message Broker Instance is a managed broker instance that makes it easier to set up and operate message brokers in the cloud, such as Amazon MQ.
| Attributes | Description |
|---|---|
| resource_id | The primary resource identifier that takes the form of a prefix followed by numbers and letters |
| organization_service_id | The ID of the parent organization service (cloud) |
| region_name | The name of the region |
| instance_id | The provider ID |
| name | The user-defined name of the instance |
| instance_type | The type of instance deployed |
| state | The current instance state |
| arn | The ARN of the instance |
| endpoint_address | The FQDN of the instance |
| engine | The software engine running on the instance |
| engine_version | The software version of the engine |
| nodes | Number of instance nodes deployed |
| create_time | The creation time of the instance |
| publicly_accessible | Boolean value denoting if the instance is publicly accessible |
| audit_logs | Boolean value denoting if the instance has audit level logging enabled |
| general_logs | Boolean value denoting if the instance has general logging enabled |
| key_resource_id | The resource ID of the key used for encryption, if applicable |
Message Queue
Message Queues are message queuing services, such as AWS SQS. This class inherits from TopLevelResource and has direct access to the resource’s database object.
| Attributes | Description |
|---|---|
| resource_id | The primary resource identifier that takes the form of a prefix followed by numbers and letters |
| organization_service_id | The ID of the parent organization service (cloud) |
| url | The URL of the message queue |
| name | The name of the message queue |
| region_name | The region the queue is in |
| message_count | The number of messages in the queue |
| messages_delayed_count | The number of delayed messages in the queue |
| messages_not_visible_count | The number of messages that are not deleted or timed out |
| creation_timestamp | The time the queue was created |
| last_modified | The most recent time the queue was modified |
| delay | The number of seconds of the default delay of the queue |
| max_size | The maximum size in bytes a message can be |
| retention_period | The length of time in seconds that a message is kept |
| policy | The policy of the queue (JSON) |
| arn | The Amazon Resource Name of the queue |
| trusted_accounts | The list of trusted accounts for this Message Queue |
| redrive_policy | The parameters for dead-letter queue functionality |
| server_side_encryption | Denotes whether server side encryption is enabled on the queue |
| queue_type | Type of queue, example FIFO, standard, etc. |
| deduplication | Indicates whether deduplication is enabled for the queue |
| key_resource_id | The resource ID of encryption key for the queue |
| key_reuse_period | The length of time in seconds that the data key can be reused to encrypt or decrypt messages |
| visibility_timeout | The visibility timeout for the queue |
| receive_message_wait_time | The length of time in seconds the queue waits for a message to arrive |
class DivvyResource.Resources.messagequeue.MessageQueue(resource_id)
Bases: DivvyResource.Resources.toplevelresource.TopLevelResource
Message Queue Operations
get_date_created()
static get_db_class()
static get_provider_id_field()
static get_resource_type()
get_supported_actions()
handle_resource_created(user_resource_id=None, project_resource_id=None)
This should be called when a resource is created/discovered after the basic data is added to the database. This gives an opportunity for post-addition hooks (assignment to groups, alerts, etc.).
handle_resource_destroyed(user_resource_id=None)
This should be called when a resource is destroyed before the basic data is removed from the database. This gives an opportunity for pre-destruction hooks (removal from groups, alerts, etc.).
handle_resource_modified(resource, *args, **kwargs)
This should be called when a resource is modified after the new data has been updated in teh DB session. This gives an opportunity for post-modification hooks.
message_queue
message_queue_id
top_level_resource = True
Message Queue Namespace
A Message Queue Namespace groups message queues and publish-subscribe topics under one namespace.
| Attribute | Description |
|---|---|
| resource_id | The primary resource identifier that takes the form of a prefix followed by numbers and letters |
| organization_service_id | The ID of the parent organization service (cloud) |
| service_bus_namespace_id | The ID for the message queue |
| url | The URL for the message queue |
| name | The name for the message queue |
| region_name | The region in which the message queue resides |
| sku | The pricing tier for the message queue |
| status | The status of the message queue |
| tls_version | The TLS version for the message queue |
| private_endpoint_connections | The number of private endpoint connections to the message queue |
| local_auth_disabled | Indicates if local authentication is disabled for the message queue |
| public_network_access | The public network status of the message queue |
| zone_redundant | Indicates if the message queue is zone redundant |
| key_resource_id | The ID for the key associated with the message queue |
| global_encryption | The encryption type of the message queue |
| namespace_id | The provider-specific ID for the message queue |
Notifications
Notifications
Notification Subscription
Subscription-based notifications (AWS SNS, GCP Pub/Sub. This class inherits from TopLevelResource and has direct access to the resource’s database object.
| Attribute | Description |
|---|---|
| resource_id | The primary resource identifier that takes the form of a prefix followed by numbers and letters |
| organization_service_id | The ID of the parent organization service (cloud) |
| region_name | The region where the subscription resides |
| subscription_id | The provider ID for the subscription |
| arn | The Amazon resource name for the subscription |
| name | The name of the subscription |
| topic_resource_id | The parent topic of the subscription |
| protocol | The delivery protocol of the subscription |
| endpoint | The delivery destination of the subscription |
| filter_policy | The filter policy JSON assigned to the subscription |
| confirmation_authenticated | Denotes the subscription's confirmation was authenticated (true/false) |
| pending_confirmation | Denotes if the message is pending confirmation (true/false) |
| raw_message_delivery | Denotes if raw message delivery is enabled (true/false) |
| ack_deadline_seconds | The deadline (in seconds) for how long to acknowledge messages |
| retain_acked_messages | Denotes whether acknowledged messages are retained (true/false) |
| message_retention_seconds | Denotes (in seconds) how long to retain messages for |
| invalid_json | Denotes if the subscription contains invalid JSON |
Notification Topic
Topic to use when delivering notifications. This class inherits from TopLevelResource and has direct access to the resource’s database object.
| Attribute | Description |
|---|---|
| resource_id | The primary resource identifier that takes the form of a prefix followed by numbers and letters |
| organization_service_id | The ID of the parent organization service (cloud) |
| region_name | The region where the topic resides |
| arn | The Amazon resource name for the topic |
| name | The name of the topic |
| display_name | The display name to use for a Notification Topic |
| policy | The JSON of access policy associated with this topic |
| effective_delivery_policy | The JSON of the delivery policy associated with this topic, including retry information |
| trusted_accounts | The JSON value of accounts trusted by the instance |
| public | Denotes if the topic is public |
| pending_subscriptions | The number of subscriptions that are pending |
| confirmed_subscriptions | The number of subscriptions that are confirmed |
| deleted_subscriptions | The number of subscriptions that are deleted |
| key_resource_id | The resource ID of the key used for encryption, if applicable |
Private Image
Private Image
Private Images provide protected information that is required to launch an instance. This class inherits from TopLevelResource and has direct access to the resource’s database object.
| Attributes | Description |
|---|---|
| resource_id | The primary resource identifier that takes the form of a prefix followed by numbers and letters |
| organization_service_id | The ID of the parent organization service (cloud) |
| image_id | The ID of the image |
| name | The name of the image |
| root_device_type | The original device type (ebs, snapshot, etc) |
| architecture | The architecture type (e.g. x86_64, x86_32) |
| min_ram | The Integer representing the minimum memory required for use of this image |
| min_disk | The Integer representing the minimum disk space required for use of this image |
| state | The state of this private image |
| description | Text description of this image |
| region_name | The region in which this image was taken |
| platform | The platform the image was taken on (linux/windows) |
| block_device_mapping | The information regarding this image |
| virtualization_type | Denotes the virtualization type (paravirtual Attr or hardware virtual machine ion",) |
| product_code | The product code (25 digit alphanumeric code identifying the private image) |
| product_code_type | The product code type (marketplace, none) |
| creation_date | The date the Image was created |
| is_public | Denotes if the image is public (true/false) |
| instance_resource_id | The resource ID of the instance associated with this private image, if known |
| encrypted | Denotes if the image is encrypted |
class DivvyResource.Resources.privateimage.PrivateImage(resource_id)
Bases: DivvyResource.Resources.toplevelresource.TopLevelResource
Private Image Operations
delete(user_resource_id=None)
Delete this resource. If wrapped in a with JobQueue() block, this will queue the deletion job to the wrapped queue, otherwise it calls immediately.
get_date_created()
Retrieve the time from the provider that this resource was created (if available).
static get_db_class()
get_parent_resource_id()
static get_provider_id_field()
static get_resource_type()
get_supported_actions()
handle_resource_created(user_resource_id=None, project_resource_id=None)
This should be called when a resource is created/discovered after the basic data is added to the database. This gives an opportunity for post-addition hooks (assignment to projects/groups, alerts, etc.).
handle_resource_destroyed(user_resource_id=None)
This should be called when a resource is destroyed before the basic data is removed from the database. This gives an opportunity for pre-destruction hooks (removal from projects/groups, alerts, etc.).
handle_resource_modified(resource, *args, **kwargs)
This should be called when a resource is modified after the new data has been updated in the DB session This gives an opportunity for post-modification hooks.
image
image_id
top_level_resource = True
Reserved Instance
Reserved Instance
Reserved Instances are guaranteed available virtual private servers with compute capacity reservations of a specific type and location. Examples include AWS Reserved Instances and Azure pre-paid Virtual Machines. There is no analog in GCE, where pricing changes retroactively based upon usage. This class inherits from TopLevelResource and has direct access to the resource’s database object.
| Attribute | Description |
|---|---|
| resource_id | The primary resource identifier that takes the form of a prefix followed by numbers and letters |
| organization_service_id | The ID of the parent organization service (cloud) |
| reservation_id | The cloud-assigned ID of the reservation |
| reservation_type | The type of reservation, e.g., compute, database |
| type_id | The ID of the type of reservation |
| region_name | The region where the reservation exists |
| zone | The availability zone where the reservation exists |
| offering_class | The class of reservation, e.g., standard or convertible |
| offering_type | The type of instance included in the reservation |
| state | The state of the reservation, e.g., whether it is active, pending modification, or retired |
| start | The start time of the reservation |
| expiration | The expiration of the reservation |
| duration | The duration of the reservation, e.g., 1 year |
| usage_price | The monthly price of the reservation, if not fully paid in advance |
| fixed_price | The upfront price of the reservation |
| instance_count | The number of instances in the reservation |
| product_description | The tenancy of the reservation, e.g., whether instances are physically or virtually isolated |
| scope | The scope of the reservation, i.e., whether it is region-wide or specific to an availability zone |
class DivvyResource.Resources.instancereservation.InstanceReservation(resource_id)
Bases: DivvyResource.Resources.toplevelresource.TopLevelResource
Reserved Instance Operations
static get_db_class()
static get_provider_id_field()
get_resource_name()
Reserved instances are not named by the user. We return the reservation ID here.
static get_resource_name_field()
static get_resource_type()
handle_resource_created(user_resource_id=None, project_resource_id=None)
This is called when a resource is created/discovered after initial data harvesting. It provides an opportunity for post-addition hooks (assignment to groups, alerts, etc.).
handle_resource_destroyed(user_resource_id=None)
This is called when a resource is destroyed and before removal from the database. It provides an opportunity for pre-destruction hooks (removal from groups, alerts, etc.).
handle_resource_modified(resource, *args, **kwargs)
This is called when a resource is modified after the new data has been updated in the DB session. It provides an opportunity for post-modification hooks.
instance_reservation
reservation_id
top_level_resource = True
Search
Search
Search Cluster
Search Clusters are managed, scalable search solutions. This class inherits from TopLevelResource and has direct access to the resource's database object.
| Attribute | Description |
|---|---|
| resource_id | The primary resource identifier that takes the form of a prefix followed by numbers and letters |
| organization_service_id | The ID of the parent organization service (cloud) |
| region_name | The region that the cluster resides in |
| cluster_id | The provider ID of the search cluster |
| arn | The Amazon Resource Name of the cluster |
| name | The name of this search cluster |
| status | The status of this cluster (Creating, active, etc) |
| instance_type | The type of instances that are in the cluster |
| instance_flavor_resource_id | The resource ID of the instance flavor of the instances in the cluster |
| instance_count | The number of instances in the cluster |
| search_endpoint | The endpoint for requesting search results from a cluster |
| document_endpoint | The service endpoint for updating documents in a cluster |
| multi_az | Boolean value of whether or not the cluster has multi-availability enabled |
| service_policy | The JSON of access policy associated with this cluster |
| transit_encryption | Denotes if the cluster has transit encryption enabled |
Search Index
A scalable, integrated search service that enables search for unstructured data using natural language. Returns specific answers for an experience similar to human interaction. (e.g. AWS Kendra Index).
| Attribute | Description |
|---|---|
| resource_id | The primary resource identifier that takes the form of a prefix followed by numbers and letters |
| organization_service_id | The ID of the parent organization service (cloud) |
| region_name | The region where the index is deployed |
| index_id | The ID for the index |
| name | The name of the index |
| description | The description associated with this index |
| arn | The Amazon resource name for the index |
| edition | Indicates whether the index is the enterprise or developer edition |
| status | The status of the index |
| key_resource_id | The provider ID of the encryption key, if applicable |
| date_created | The date the index was created |
| date_modified | The date the index was last modified |
| storage_capacity_units | The document storage capacity for the index |
| query_capacity_units | The query capacity (queries per second) for the index |
| user_context_policy | The user context policy assigned to this index |
Serverless
Serverless
Serverless Application
A Serverless Application is a managed repository for serverless applications (e.g. AWS Serverless Application Repository). It enables the storage and sharing of reusable applications for ease in deployment of serverless architecture.
| Attribute | Description |
|---|---|
| resource_id | The primary resource identifier that takes the form of a prefix followed by numbers and letters |
| organization_service_id | The ID of the parent organization service (cloud) |
| region_name | The region where the application is deployed |
| name | The name of the serverless application |
| namespace_id | The ARN of the serverless application |
| description | The description associated with this serverless application |
| create_time | The creation time of the application |
| author | The creator of the application |
| home_page_url | The optional field, directing users to an applications homepage (e.g. an external GitHub page) |
| spdx_license_id | The Software Data Package Exchange (SPDX) license applied to this application |
| labels | A set of user defined tags applied to the application |
| policy | The IAM policy associated with this application |
| trusted_accounts | The list of any accounts with a trust relationship with this application, if applicable |
| public_access | Denotes if this application is publicly accessible |
Serverless Function
A Serverless Function is a compute service that runs code in response to events and automatically manages the compute resources required by that code. An example is AWS Lambda. This class inherits from TopLevelResource and has direct access to the resource's database object.
| Attribute | Description |
|---|---|
| resource_id | The primary resource identifier that takes the form of a prefix followed by numbers and letters |
| organization_service_id | The ID of the parent organization service (cloud) |
| region_name | The region that the serverless function resides in |
| name | The name of the serverless function |
| provider_id | The cloud provider supplied ID |
| description | The description of the serverless function |
| network_resource_id | The resource ID of the parent (network) |
| code_size | The size of your serverless function code in bytes |
| memory_size_mb | The memory size of your serverless function in MB |
| timeout | The timeout or limit of the serverless function |
| runtime | The runtime language of the function |
| version | The version this serverless function is running on |
| last_modified | The time the serverless function was last modified |
| role_resource_id | The resource ID of the role associated with the serverless function, if applicable |
| key_resource_id | The resource ID of the encryption key associated with the serverless function, if applicable |
| web_app_resource_id | The resource ID of the web application associated with the serverless function, if applicable |
| config | The serverless function configuration, if known |
| enabled | Boolean value indicating if event source mapping is enabled |
| environment_variable_count | Total count of the number of environment variables |
| environment_variables | The function's environment variables |
| publicly_accessible | Denotes if the function can be accessed over the Internet |
| policy | The policy attached to this serverless function |
| trusted_accounts | The list of any accounts with a trust relationship with this function, if applicable |
| tracing_enabled | Denotes if AWS X-Ray tracing is enabled |
| http_trigger | HTTP-based resource used to trigger the lambda function |
| code_sha256 | The SHA256 hash of the function's deployment package |
| revision_id | The identifier for the latest updated revision of the function or alias |
| namespace_id | The unique composite ID of the provider ID for the serverless function |
| contains_secret | Indicates if the serverless function contains a Secret within the environment variables |
| layers | The list of layer ARNs used by the function |
| package_type | The type of deployment package |
| image | The container image used by the function |
| url_config | The URL config for the function |
| snap_start | Whether SnapStart is enabled for the function |
class DivvyResource.Resources.serverlessfunction.ServerlessFunction(resource_id)
Bases: DivvyResource.Resources.toplevelresource.TopLevelResource
Serverless Function Operations
delete(user_resource_id=None)
static get_db_class()
static get_provider_id_field()
static get_resource_type()
get_supported_actions()
handle_resource_created(user_resource_id=None, project_resource_id=None)
This should be called when a resource is created/discovered after the basic data is added to the database. This gives an opportunity for post-addition hooks (assignment to projects/groups, alerts, etc.).
handle_resource_destroyed(user_resource_id=None)
This should be called when a resource is destroyed before the basic data is removed from the database. This gives an opportunity for pre-destruction hooks (removal from projects/groups, alerts, etc.).
handle_resource_modified(resource, *args, **kwargs)
This should be called when a resource is modified after the new data has been updated in the DB session. This gives an opportunity for post-modification hooks.
instance
top_level_resource = True
Serverless Layer
A Serverless Layer is a package of libraries and dependencies that can be used with Serverless Functions. An example is AWS Lambda Layer.
| Attribute | Description |
|---|---|
| resource_id | The primary resource identifier that takes the form of a prefix followed by numbers and letters |
| organization_service_id | The ID of the parent organization service (cloud) |
| region_name | The region where the serverless layer resides |
| name | The name for the serverless layer |
| arn | The ARN associated with the serverless layer |
| version | The version for the serverless layer |
| description | A description of the serverless layer |
| runtimes | The runtimes included with the serverless layer |
| architectures | The architecture used to run the serverless layer |
| policy | The access policy attached to the serverless layer |
| public | Indicates if the serverless layer is public |
| trusted_accounts | The list of trusted accounts for the serverless layer |
| created_date | The date the serverless layer was created |
SSM
SSM Association
An SSM Association is an ideal state assigned to resources to reduce configuration drift.
| Attribute | Description |
|---|---|
| resource_id | The primary resource identifier that takes the form of a prefix followed by numbers and letters |
| organization_service_id | The ID of the parent organization service (cloud) |
| region_name | The region in which the association resides |
| association_id | The unique ID for the association |
| association_name | The name for the association |
| document_name | The name for the document that correlates to the association |
| document_version | The version of the document that correlates to the association |
| create_time | The time the association was created |
| status_overview | An overview of the status of the association |
| targets | A list of targets for the association |
| target_maps | The key-value mapping of document parameters to target resources for the association |
| target_locations | The target location of the association |
| parameters | The parameters for the association |
| output_bucket_name | The output location bucket name for the association |
| schedule_expression | The schedule expression for the association |
| last_successful_execution | The time of last successful execution of the association |
| maximum_error_threshold | The maximum error threshold of the association |
| maximum_target_concurrency | The maximum target concurrency of the association |
| compliance_severity | The compliance severity of the association |
| configured_alarms | The configured alarms for the association |
| namespace_id | The fully qualified ID of the resource, including the resource name and resource type |
| relationships | A list of resources associated with the association |
SSM Document
A script or document written in JSON or YAML that provides instructions to the Systems Manager for how to interact with your managed instances, e.g., AWS Systems Manager (SSM) Document.
| Attribute | Description |
|---|---|
| resource_id | The primary resource identifier that takes the form of a prefix followed by numbers and letters |
| organization_service_id | The ID of the parent organization service (cloud) |
| region_name | The region in which the SSM Document resides |
| document_id | The unique ID for the SSM Document |
| document_version | The version of the SSM Document |
| name | The name of the SSM Document |
| document_version_name | The name for the version of the SSM Document |
| document_type | The type of SSM Document (Session, Command, Automation, etc.) |
| document_format | The format for the SSM Document (JSON, YAML, TEXT) |
| schema_version | The schema version for the SSM Document |
| target_type | The kinds of resources the SSM Document can run on |
| review_status | The current status of the review on the SSM Document |
| author | The author of the SSM Document |
| platform_types | The list of OSes that are compatible with the SSM Document |
| create_time | Timestamp for when the SSM Document was created |
| content | The content of the SSM Document |
Stack Template
Stack Template
Stack Templates, such as AWS Cloud Formation Templates, allow you to code your infrastructure from scratch and deploy from there. This class inherits from Resource and has direct access to the resource’s database object.
| Attribute | Description |
|---|---|
| resource_id | The primary resource identifier that takes the form of a prefix followed by numbers and letters |
| organization_service_id | The ID of the parent organization service (cloud) |
| region_name | The region where the stack template resides |
| stack_id | The provider ID of the stack template |
| name | The name of the stack template |
| description | The description of the stack template |
| state | The state of the stack template (CREATE_COMPLETE, ROLLBACK_IN_PROGRESS, etc.) |
| termination_protection | Denotes if termination protection is enabled |
| create_date | The date and time the stack template was created |
| update_date | The date and time the stack template was updated |
| delete_date | The date and time the stack template was deleted |
| template | JSON field of the stack template |
| drift_status | Indicates whether the stack's configuration differs from its template configuration, a.k.a. it has drifted |
| contains_secret | Indicates if the stack template contains a Secret within environment variables |
Step Function
Step Function
A Step Function (e.g., AWS Step Function State Machine) is a serverless orchestration service that lets you combine functions and other services to build applications and view an application’s workflow as a series of event-driven steps.
| Attribute | Description |
|---|---|
| resource_id | The primary resource identifier that takes the form of a prefix followed by numbers and letters |
| organization_service_id | The ID of the parent organization service (cloud) |
| region_name | The region where the step function is deployed |
| name | The display name of the step function |
| status | The status (active/inactive) of the step function |
| type | The type of the step function, if applicable |
| definition | The definition of the step function |
| arn | The Amazon resource name associated with the step function |
| role_name | The name of the role associated with the step function |
| role_resource_id | The Resource ID of the associated service Role, if applicable |
| create_time | The creation time of the step function |
| logging_enabled | The status of logging for the step function (enabled/disabled) |
| logging_configuration | Defines what execution history events are logged and where they are logged. |
| tracing_enabled | The status of tracing for the step function (e.g., AWS X-Ray tracing) |
Stream Instance
Stream Instance
A Stream Instance is a streaming data service built to offer streaming data pipelines and applications. This compute function makes it easy to continuously collect, process, and deliver streaming data, e.g. Amazon MSK.
| Attribute | Description |
|---|---|
| resource_id | The primary resource identifier that takes the form of a prefix followed by numbers and letters |
| organization_service_id | The ID of the parent organization service (cloud) |
| region_name | The region where the instance is deployed |
| instance_id | The ID of the instance |
| name | The name of the instance |
| arn | The Amazon resource name of the stream instance |
| instance_type | The type of instance being deployed |
| instance_flavor_resource_id | The Resource ID of the instance flavor being used |
| state | The current state of the instance |
| volume_size_gb | The size of the attached volume, in GB |
| key_resource_id | The resource ID of the key used for encryption, if known |
| client_encryption | The type of encryption being used on this instance |
| cluster_encryption | Boolean value indicating if cluster encryption is enabled |
| enhanced_monitoring | The level of monitoring for the MSK cluster. The possible values are DEFAULT, PER_BROKER, and PER_TOPIC_PER_BROKER. |
| nodes | The number of nodes in the cluster |
| stream_version | The current version of the stream |
| connect_string | The connection string to use to connect to the Apache ZooKeeper cluster. |
| create_time | The creation time of the instance |
| logging | JSON string denoting the logging enabled for the stream instance (if any) |
Streaming Application
Streaming Application
Streaming applications allow you to query, transform, and analyze streaming data in real time.
| Attribute | Description |
|---|---|
| resource_id | The primary resource identifier that takes the form of a prefix followed by numbers and letters |
| organization_service_id | The ID of the parent organization service (cloud) |
| region_name | The region in which the streaming application resides |
| name | The name of the streaming application |
| namespace_id | The namespace ID of the streaming application |
| description | The description of the streaming application |
| status | The status of the streaming application |
| runtime_environment | The runtime environment of the streaming application |
| version_id | The version ID of the streaming application |
| mode | The mode of the streaming application |
| create_time | The timestamp when the streaming application was created |
| last_modified | The time when the streaming application was last modified |
| snapshots_enabled | Denotes whether snapshots are enabled for the streaming application |
| monitoring_log_level | Describes the verbosity of the logs for the streaming application |
| monitoring_metrics_level | Describes the granularity of the logs for the streaming application |
| parallelism | The number of parallel tasks that a Flink-based streaming application can perform |
| parallelism_per_kpu | The number of parallel tasks that a Flink-based streaming application can perform per Kinesis Processing Unit (KPU) used by the application |
| autoscaling_enabled | Denotes whether autoscaling is enabled |
Template Spec
Template Spec
A template spec is a resource type that simplifies both storing and sharing a template.
| Attribute | Description |
|---|---|
| resource_id | The primary resource identifier that takes the form of a prefix followed by numbers and letters |
| organization_service_id | The ID of the parent organization service (cloud) |
| template_id | The provider ID for the template spec, including name and version |
| template_name | The name of the template spec. Multiple template specs may share a name |
| version_name | The version name for the template spec |
| resource_group | The name of the resource group that the template will launch resources into |
| version_description | The description for this version of the template |
| region_name | The region in which the template spec resides |
| template_resource_types | A list of the resource types the template spec will deploy |
| template | The template used to deploy resources |
| contains_secret | Denotes whether the default value for any of the parameters contain a secret |
| namespace_id | The unique composite ID of the provider ID for the resource |
Transcoding Pipeline
Transcoding Pipeline
A queue that manages media transcoding jobs, e.g., an AWS Elastic Transcoder Pipeline.
| Attribute | Description |
|---|---|
| resource_id | The primary resource identifier that takes the form of a prefix followed by numbers and letters |
| organization_service_id | The ID of the parent organization service (cloud) |
| region_name | The region in which this pipeline resides |
| pipeline_id | The ID for the pipeline |
| name | The name of the pipeline |
| status | The status of the pipeline |
| arn | The ARN associated with the pipeline |
| key_resource_id | The provider ID of Encryption Key (if encrypted) |
| role_resource_id | The Resource ID of the associated service Role, if applicable |
| output_bucket | The output bucket used by this pipeline |
| input_bucket | The input bucket used by this pipeline |
| content_config | Content configuration for jobs submitted to this pipeline |
| thumbnail_config | Thumbnail configuration for jobs submitted to this pipeline |
| notifications | Notifications this pipeline sends upon job status changes |
Transcription Job
Transcription Job
A job that provides speech-to-text transcriptions for a wide variety of use cases, e.g., AWS Transcription Job.
| Attribute | Description |
|---|---|
| resource_id | The primary resource identifier that takes the form of a prefix followed by numbers and letters |
| organization_service_id | The ID of the parent organization service (cloud) |
| region_name | The region in which the Transcription Job resides |
| name | The name of the Transcription Job |
| job_type | The type of Transcription Job |
| arn | The ARN associated with the Transcription Job |
| status | The status of the Transcription Job |
| language_code | The language code for the Transcription Job |
| media_format | The media format used for the Transcription Job |
| failure_reason | If the Transcription Job failed, the reason for doing so |
| creation_time | Timestamp for when the Transcription Job was created |
| start_time | Timestamp for when the Transcription Job was started |
| completion_time | Timestamp for when the Transcription Job was completed (if successful) |
| content_redaction | Describes the content redaction settings for the Transcription Job |
| output_data_location | Location for the Transcription Job's output |
| input_data_location | Location for the Transcription Job's input |
| input_bucket_resource_id | The resource ID for the Transcription Job's input bucket |
| output_bucket_resource_id | The resource ID for the Transcription Job's output bucket |
| public_bucket | Indicates whether the bucket is public |
Web App
Web App
A Web App is a compute function in the form of an application. Web Apps are conceptually similar to a folder, containing environments, versions, and configs that allow users to quickly build, deploy, and scale web apps using popular frameworks in containers or running on any OS. For example Azure App Service, or an AWS Elastic Beanstalk Environment.
| Attribute | Description |
|---|---|
| resource_id | The primary resource identifier that takes the form of a prefix followed by numbers and letters |
| organization_service_id | The ID of the parent organization service (cloud) |
| region_name | The region where the web app is deployed |
| web_app_id | The cloud provider ID for the web app |
| web_app_group_resource_id | The resource ID of the web app group, if applicable |
| name | The name of the web app |
| app_server_resource_id | The resource ID of the application server, if applicable |
| app_type | The application type |
| deployment_slot | Boolean value indicating if the web app is currently deployed |
| web_app_parent_resource_id | The resource ID of the parent web app, if applicable |
| platform | The platform architecture the web app is deployed on |
| network_resource_id | The resource ID of the associated network, if applicable |
| subnet_resource_id | The resource ID of the associated subnet, if known |
| default_hostname | The default hostname used by the web app, if applicable |
| ip_address | The IP address of the web app |
| https_required | Boolean value indicating if this web app requires HTTPS protocol. |
| remote_debugging_enabled | Boolean value indicating if remote debugging is enabled |
| web_sockets_enabled | Boolean value indicating if web sockets are enabled |
| always_on | Boolean value indicating if the web app is in an always on state |
| scm_type | Describes the source control management type, if known |
| ftp_state | Lists the current File Transfer state of the app |
| http2_enabled | Boolean value indicating if HTTP2 is enabled |
| net_framework_version | The NET Framework version of the app, if applicable |
| php_version | The PHP version of the app, if applicable |
| python_version | The Python version of the app, if applicable |
| java_version | The Java version of the app, if applicable |
| java_container | The Java container used by the app, if applicable |
| java_container_version | The Java container version used by the app, if applicable |
| runtimes | The software running on the web app (AWS only) |
| state | The current state of the application |
| authentication_required | Denotes if the web app requires authentication or not |
| automatic_patching | Indicates if the web app has automatic patching enabled |
| client_certificates | The number of client certificates, if known |
| managed_identity | Boolean value indicating if the web app is utilizing managed identity |
| cors | Describes the CORS settings for the web app |
| role_resource_id | The resource ID of the role associated with the web app, if applicable |
| last_modified | The time the web app was last modified, if known |
| minimal_tls_version | The lowest TLS version allowed for the Web App |
| domain_config | The configuration for the Web App's domain |
| possible_outbound_ip_addresses | The list of possible outbound IP addresses allowed for the Web App |
| outbound_ip_addresses | The list of current outbound IP addresses used for the Web App |
| private_endpoint_connections | Boolean indicating if private endpoint connections are enabled for the Web App |
| key_vault_reference_identity | The ID of the identity that the Web App uses to access Key Vaults |
Web App Group
A Webb App Group is an application that serves as a container for the environments to run a web app, e.g. an AWS Elastic Beanstalk Application.
| Attribute | Description |
|---|---|
| resource_id | The primary resource identifier that takes the form of a prefix followed by numbers and letters |
| organization_service_id | The ID of the parent organization service (cloud) |
| web_app_group_id | The provider ID of the web app group |
| name | The name of the web app group |
| region_name | The region where the web app group is deployed |
| arn | The Amazon resource name of the web app group |
| description | The description field of the web app group |
| creation_timestamp | The creation time of the group, if known |
Workspace
Workspace
Workspaces are virtual desktops, such as AWS Workspaces. This class inherits from TopLevelResource and has direct access to the resource’s database object.
| Attribute | Description |
|---|---|
| resource_id | The primary resource identifier that takes the form of a prefix followed by numbers and letters |
| organization_service_id | The ID of the parent organization service (cloud) |
| region_name | The region that the workspace resides in |
| workspace_id | The ID of the workspace |
| name | The name of the workspace |
| directory_resource_id | The provider ID of the workspace |
| user_name | The username for the workspace user |
| ip_address | The IP address of workspace |
| state | The state of workspace (available, stopped, etc.) |
| bundle_resource_id | The provider ID of the workspace bundle |
| subnets | The subnets associated to the workspace |
| error_message | The error message for the workspace |
| error_code | The error code for the workspace |
| computer_name | The computer name given to the workspace |
| volume_encryption_key | The encryption key for the volume of the workspace |
| user_volume_encryption_enabled | Denotes if user volume encryption is enabled |
| root_volume_encryption_enabled | Denotes if root volume encryption is enabled |
| running_mode | The running mode for workspace (always_on, auto_stop, etc.) |
| auto_stop_timeout | The auto stop timeout for workspace in minutes |
| root_volume_size | Root volume size of workspace in GiB |
| user_volume_size | The user volume size of workspace in Gib |
| compute_type | The compute type of the workspace (standard, graphics, etc.) |
| connection_state_check_time | The last time when the connection state was checked |
| connection_state | The current state of the connection to the workspace |
| last_connected_user_time | The time a user was last connected |
class DivvyResource.Resources.workspace.Workspace(resource_id)
Bases: DivvyResource.Resources.toplevelresource.TopLevelResource
Workspace Operations
delete(user_resource_id=None)
get_compute_type()
static get_db_class()
static get_provider_id_field()
static get_resource_type()
get_supported_actions()
Retrieve all the actions which are supported by this resource. Restricts actions by resource state.
handle_resource_created(user_resource_id=None, project_resource_id=None)
This should be called when a resource is created/discovered after the basic data is added to the database. This gives an opportunity for post-addition hooks (assignment to projects/groups, alerts, etc.).
handle_resource_destroyed(user_resource_id=None)
This should be called when a resource is destroyed before the basic data is removed from the database. This gives an opportunity for pre-destruction hooks (removal from projects/groups, alerts, etc.).
handle_resource_modified(*args, **kwargs)
This should be called when a resource is modified after the new data has been updated in the DB session This gives an opportunity for post-modification hooks.
organization_service_id
reboot()
rebuild()
region_name
start()
stop()
top_level_resource = True
workspace
workspace_id