Container Resources
Container Resources are available in InsightCloudSec as the second section (tab) under the Resource landing page. They include resources related to storage and container functionality including clusters, containers, and container instances.
These resources are displayed alphabetically using the InsightCloudSec normalized terminology, such as clusters and services. Hovering over an individual resource provides the CSP-specific terminology with the associated logo to help users confirm the information they're viewing. For example, hovering over Container Instances displays Amazon's Container Instance, and Azure's Container Instance.
For a comprehensive reference of this normalized terminology check out our Resource Terminology.
Some attributes may not be included in these lists
A large number of Resource Attributes are offered for the resources outlined here. Because we are continuously expanding our supported resources the attributes and details included here can not be guaranteed to include every resource or every attribute.
If you need information about the attributes of a particular resource we are happy to help get those details for you - reach out to us through the Customer Support Portal with any questions!
App Run Service
App Run Service
App Run Services are managed services that simplify deploying containerized web applications and APIs quickly at scale with little to no experience, e.g., AWS App Runner, GCP Cloud Run.
| Attribute | Description |
|---|---|
| resource_id | The primary resource identifier that takes the form of a prefix followed by numbers and letters |
| organization_service_id | The ID of the parent organization service (cloud) |
| region_name | The region where the resource resides |
| service_id | The unique ID for the App Run Service |
| name | The name for the App Run Service |
| arn | The ARN associated with the App Run Service |
| status | The current state of the App Run Service |
| url | The URL generated by the App Run Service that can be used to access it |
| repository | The repository source for the App Run Service |
| repository_type | The type of repository source used for the App Run Service |
| environment_variables | The environment variables available to the App Run Service |
| cores | The number of CPU cores available to the App Run Service |
| memory | The amount of memory (in gigabytes) available to the App Run Service |
| auto_deployment | Whether auto deployment is enabled |
| role_resource_id | The identifier for the role associated with the App Run Service |
| key_resource_id | The resource ID of encryption key associated with the App Run Service |
| create_time | The timestamp when the App Runner service was created |
| last_update_time | The timestamp when the App Runner service was last updated |
| delete_time | The timestamp when the App Runner service was delete |
| public | Denotes whether the App Runner service is publicly available |
| ingress | Configuration for the ingress associated with the App Runner Service |
| contains_secret | Indicates if the App Runner Service contains a Secret within environment variables |
Artifact Registry
Artifact Registry
Artifact Registries store artifacts and build dependencies in one central location.
| Attribute | Description |
|---|---|
| resource_id | The primary resource identifier that takes the form of a prefix followed by numbers and letters |
| organization_service_id | The ID of the parent organization service (cloud) |
| name | Name of the artifact registry |
| description | Optional description for the artifact registry |
| create_time | The time the artifact registry was created |
| update_time | The time the artifact registry was last updated |
| publicly_accessible | Denotes whether the artifact registry is publicly accessible |
| image_count | The count of images in the artifact registry |
| key_resource_id | Resource ID for the encryption key associated with the artifact registry |
| registry_type | The artifact type of the registry |
Clusters
Clusters
Clusters are a logical grouping of Containers. This class inherits from TopLevelResource and has direct access to the resource's database object.
| Attribute | Description |
|---|---|
| resource_id | The primary resource identifier that takes the form of a prefix followed by numbers and letters |
| organization_service_id | The ID of the parent organization service (cloud) |
| name | The name of the cluster |
| region_name | The region where the cluster resides |
| network_resource_id | The network provider ID of the cluster |
| endpoint | The endpoint address for the cluster |
| status | The status of the cluster (running, active, etc) |
| version | The version of the cluster |
| image_type | The image type the cluster is based from |
| cluster_cert | The text of the cluster certificate |
| client_cert | The text of the client certificate |
| client_key | The text ext of the client key |
| service_account | Denotes if service account (default) |
| instance_groups | The number of instance groups in the cluster |
| role_arn | The role ARN for the cluster |
| arn | The Amazon Resource Name for the cluster |
| res_type | The type of Cluster (GKS, EKS, ECS etc) |
| created_at | The time and Date cluster was created |
| registered_container_instances | The number of registered container instances for the cluster |
| running_deployment | The deployment is running in the cluster |
| pending_deployment | The deployment is pending being run in the cluster |
| active_services | The number of active services in cluster |
| master_auth_network_enabled | Denotes the master auth network is enabled on the cluster (true/false) |
| endpoint_public_access | Denotes if the cluster allows access from the public endpoint (true/false) |
| endpoint_private_access | Denotes if the cluster allows access from the private endpoint (true/false) |
| node_repair_enabled | Denotes if the cluster has node repair enabled (true/false) |
| node_upgrade_enabled | Denotes if the cluster has node upgrade enabled (true/false) |
| network_policy_enabled | Denotes if the cluster has a network policy enabled (true/false) |
| alias_ip_ranges_enabled | Denotes if the cluster uses alias IP ranges (true/false) |
| created_client_cert_enabled | Denotes the cluster enables creating client certificates |
| pod_security_enabled | Denotes if the cluster has pod security enabled (true/false) |
| dashboard_disabled | Denotes if the cluster has dashbard disabled (true/false) |
| legacy_auth_disabled | Denotes if the cluster has legacy auth disabled (true/false) |
| basic_auth_disabled | Denotes if the cluster has basic auth disabled (true/false) |
| monitoring | Denotes if the cluster has monitoring enabled (true/false) |
| logging | Denotes if the cluster is logging (true/false) |
| logging_types | The enabled logging types for the cluster |
| private_cluster | Denotes if the cluster is private (true/false) |
| security_groups | The Security Groups associated with the cluster |
| public_access_cidrs | The IP networks that can connect to the cluster |
| platform_version | The version of the platform associated with the cluster |
| identity_provider | The identity provider for the cluster |
| fargate | Denotes whether the cluster is Fargate enabled |
| key_resource_id | The resource ID of the key used to encrypt the cluster |
| autopilot | Denotes whether the cluster has autopilot enabled |
| profile | The profile associated with the cluster |
| addons | The addons associated with the cluster |
| capabilities | The capabilities associated with the cluster |
| shielded_nodes | Denotes whether the cluster has shielded nodes enabled |
| secure_boot | Denotes whether the cluster has secure boot enabled |
| integrity_monitoring | Denotes whether the cluster has integrity monitoring enabled |
Containers
Containers
Container Image
Container Images are Docker images stored in registries. This class inherits from TopLevelResource and has direct access to the resource's database object.
| Attribute | Description |
|---|---|
| resource_id | The primary resource identifier that takes the form of a prefix followed by numbers and letters |
| organization_service_id | The ID of the parent organization service (cloud) |
| region_name | The region where the Image resides |
| name | The name of the container image |
| digest | The digest of the container image |
| hash_algorithm | The type of hash algorithm the image uses (example: sha256) |
| image_tags | The tags on the image |
| raw_image_tags | The raw tags on the image |
| size | The size of image in bytes |
| registry_id | The account ID associated with the registry |
| registry_name | The name of the registry |
| push_time | The timestamp this image was pushed to the registry |
| last_scanned | The timestamp when this image was last scanned |
| finding_count | The scan finding counts of the image |
| critical | The critical vulnerability findings for the image |
| high | The high vulnerability findings for the image |
| medium | The medium vulnerability findings for the image |
| low | The low vulnerability findings for the image |
| container_count | The number of containers running the image |
Container Instances
Instances the containers run on. This class inherits from TopLevelResource and has direct access to the resource's database object.
| Attribute | Description |
|---|---|
| resource_id | The primary resource identifier that takes the form of a prefix followed by numbers and letters |
| organization_service_id | The ID of the parent organization service (cloud) |
| name | The name of the container instance |
| region_name | The region where the container instance resides |
| instance_resource_id | The resource ID of the instance |
| network_resource_id | The resource ID of the network the container instance is associated with |
| provider_id | The provider ID of this Instance |
| pod_cidr | he pod CIDR of the node assigned by the cloud provider |
| internal_ip_address | The internal IP address of the container instance |
| external_ip_address | The external IP address of the container instance |
| hostname_address | The DNS hostname of the container instance |
| architecture | The Architecture reported by the node |
| boot_id | The Boot ID reported by the node |
| container_runtime_version | The Container Runtime Version reported by the node through runtime remote API (e.g. docker://1.5.0) |
| operating_system | The Operating System reported by the node |
| os_image | The OS Image reported by the node from /etc/os-release (e.g. Debian GNU/Linux |
| kubelet_version | The Kubelet Version reported by the node |
| cluster_name | The name of the cluster the instance is a part of |
| generate_name | The GenerateName is an optional prefix, used by the Instance, to generate a unique name ONLY IF the Name field has not been provided |
| resource_version | The opaque value that represents the internal version of this object that can be used by kubernetes |
| create_time | The timestamp this Instance was created |
| api_server | The API Server for the cluster/instance, services REST operations |
| controller_manager | The controller managing control loops for the instance |
| scheduler | The manager that decides when and where to run pods on the instance |
| pod_count | The count of Pods for Instance |
| cpu_allocation | Denotes how much CPU is allocated for Instance |
| memory_allocation | Denotes how much Memory is allocated for instance |
| pod_allocation | Denotes how many Pods are allocated for this Instance |
| is_master | Boolean value denoting if this Instance is the master |
| ready | Boolean value denoting if the Instance is ready |
| unschedulable | The unschedulable controls node schedulability of new pods. By default, node is schedulable |
| allocatable | The allocatable space for pods within capacity |
| capacity | The capacity of the instance (kube reserved, system reserved, eviction threshold and allocatable space for pods) |
| conditions | The JSON value of the conditions for the instance |
| node_info | The JSON value with set of ids/uuids to uniquely identify the node |
| annotations | The JSON value of annotations (metadata) about the node (class, scheme, etc) |
| owner_references | The JSON value of owner references for the instance (api version, controller setting, kind, name, etc) |
Container Node Group
Container Node Groups are auto scaling groups containing compute instances that are managed by the parent cluster.
| Attribute | Description |
|---|---|
| resource_id | The primary resource identifier that takes the form of a prefix followed by numbers and letters |
| organization_service_id | The ID of the parent organization service (cloud) |
| region_name | The region that the registry resides in |
| name | The name of the container node group |
| arn | The ARN of the container node group |
| create_time | The time the container node group was created |
| cluster_resource_id | The resource ID of the parent cluster |
| status | The status of the container node group |
| version | The Kubernetes version of the node group |
| release_version | The release version of the node group |
| spot | Indicates if the node group leverages spot pricing |
| instance_types | The instance types used by the node group |
| image_type | The image type used by the node group |
| role_resource_id | The resource ID of the associated role |
| role_name | The name of the associated role |
| launch_template_name | The name of the launch template used by the node group |
| launch_template_resource_id | The resource ID for the launch template |
| desired_count | The desired node count of the group |
| min_count | The minimum node count of the group |
| max_count | The maximum node count of the group |
| relationships | The relationships associated with the node group |
Container Registry
Container Registries make it easier for developers to develop and manage Docker containers.
This class inherits from TopLevelResource and has direct access to the resource's database object.
| Attribute | Description |
|---|---|
| resource_id | The primary resource identifier that takes the form of a prefix followed by numbers and letters |
| organization_service_id | The ID of the parent organization service (cloud) |
| region_name | The region that the registry resides in |
| create_time | The time the registry was created |
| name | The name of the registry |
| registry_id | The account ID associated with the registry |
| status | The status of the registry |
| namespace_id | The Amazon Resource Name of the registry (AWS only) |
| policy | The JSON policy associated with the registry |
| trusted_accounts | The trusted accounts for the registry |
| publicly_accessible | Denotes if the registry is publicly accessible |
| image_count | The number of images are in the registry |
| registry_type | The type of registry |
| scan_on_push | Denotes if scan on push is enabled or disabled (if not enabled, InsightCloudSec will not be able to see results for image vulnerability scanning) |
| lifecycle_policy | The lifecycle policy for the registry |
| encryption_type | The type of encryption used for the registry |
| key_resource_id | Resource identifier of the encryption key associated with the registry |
| tag_mutability | Denotes whether the container registry's resource tags are mutable |
| scan_type | The type of scan used for the registry |
Container Service
A container service is a scalable and fast container management service that makes it simple to manage all the containers within a cluster.
| Attribute | Description |
|---|---|
| resource_id | The primary resource identifier that takes the form of a prefix followed by numbers and letters |
| organization_service_id | The ID of the parent organization service (cloud) |
| region_name | The region where the resource resides |
| name | The name for the Container Service |
| arn | The Amazon Resource Name associated with the Container Service |
| create_time | Timestamp for when the Container Service was created |
| cluster_resource_id | The identifier for the cluster associated with the Container Service |
| task_resource_id | The identifier for the task associated with the Container Service |
| container_registries | List of container registries associated with the Container Service |
| desired_count | The desired number of tasks to run |
| running_count | The number of tasks currently running |
| pending_count | The number of tasks pending |
| platform_version | The version of the platform in use |
| role_resource_id | The identifier for the role associated with the Container Service |
| role_name | The name of the role that allows the Container Service to make calls to a load balancer |
| assign_public_ip | Denotes whether a public IP has been assigned to the Container Service |
| scheduling_strategy | The type of scheduling strategy used for the service |
| created_by | The Amazon Resource Name associated with the role that created the Container Service |
| enable_ecs_tags | Denotes whether the Container Service has enabled tags |
| propagate_tags | Denotes whether to propagate tags from the task definition or Container Service to the tasks within the Container Service. |
| enable_execute_command | Denotes whether the Container Service has the execute command enabled |
Containers
Containers are small, lightweight execution environments that share the operating system kernel. This class inherits from TopLevelResource and has direct access to the resource's database object.
| Attribute | Description |
|---|---|
| resource_id | The primary resource identifier that takes the form of a prefix followed by numbers and letters |
| organization_service_id | The ID of the parent organization service (cloud) |
| name | The name of the container |
| pod_name | The name of the pod |
| namespace | The location namespace for the container |
| region_name | The region where the container resides |
| image | The image name the container is running from |
| image_pull_policy | Denotes the image pull policy is enabled |
| restart_policy | Denotes if a restart policy is set on the container |
| working_dir | The root directory of the container |
| termination_message_policy | The file indicating how the termination message should be populated |
| termination_message_path | The path at which the file to which the container's termination message will be written is mounted into the container's filesystem |
| restart_count | The restart count of container |
| running_time | The time the container has been running |
| privileged | Denotes if container is privileged |
| stdin | The container allocated a buffer for stdin during runtime |
| stdin_once | The container runtime should close the stdin channel after it has been opened by a single attach |
| tty | Denotes if the container has allocated a TTY for itself |
| args | The arguments to the entrypoint |
| command | The entrypoint array. Not executed within a shell |
| env | The list of environment variables to set in the container |
| security_context | The security options the container should be run with |
| volume_mounts | The JSON of volume mounts on the container |
| state | The state of the container (running, created, restarting, etc) |
| repository | The repository of where the container is pulling the image from |
| version | The version the container is pulling the image from |
| raw_image_tag | The raw tag of the image the container is currently using |
| status | The status of the container |
| pod_resource_id | The resource ID of the pod |
| task_definition_resource_id | The resource ID fo the parent task definition |
| log_driver | The logging driver |
| log_group_name | The name of the logging group to feed logs into |
| log_group_resource_id | The resource ID for the target log group |
| runtime_id | The ID for the container runtime |
| container_id | The ID for the container |
| arn | The ARN associated with the container |
| digest | Unique immutable ID for the container image |
| contains_secret | Indicates if the container contains a Secret within the environment variables or run arguments |
Deployment / Tasks
Deployment/Tasks
Deployment/Tasks provides declarative updates for Pods and ReplicaSets. This class inherits from TopLevelResource and has direct access to the resource's database object.
| Attribute | Description |
|---|---|
| resource_id | The primary resource identifier that takes the form of a prefix followed by numbers and letters |
| organization_service_id | The ID of the parent organization service (cloud) |
| name | The name of the deployment |
| namespace | The namespace defines the space within each name must be unique |
| region_name | The region where deployment resides |
| arn | The Amazon Resource Name of deployment |
| desired_status | The desired status of deployment |
| launch_type | The deployment launch type (AWS only) |
| connectivity | The connectivity of deployment |
| platform_version | The deployment platform version |
| last_status | The last status of the deployment (progressing, complete) |
| cluster_name | The name of the cluster for deployment |
| strategy_type | The strategy type for deployment (rolling update, recreate) |
| paused | Denotes if deployment is paused (true/false) |
| create_time | The create time of the deployment |
| available_replicas | The total number of available pods (ready for at least minReadySeconds) targeted by this deployment |
| unavailable_replicas | The total number of unavailable pods targeted by this deployment |
| replicas | The total number of non-terminated pods targeted by this deployment |
| ready_replicas | The total number of ready pods targeted by this deployment |
| updated_replicas | The total number of non-terminated pods targeted by the deployment |
| observed_generation | The generation observed by the deployment controller |
| collision_count | The number of of hash collisions for deployment |
| annotations | The JSON value of annotations (metadata) for deployment |
| conditions | The JSON value latest available observations of the deployment's current state |
| owner_references | The JSON value of owner references for the deployment (api version, controller setting, kind, name, etc) |
| rolling_update | The JSON value of rolling update config parameters |
| network_interface_id | The attached network interface ID. |
Gatekeeper
Gatekeeper
Gatekeeper Constraints
Gatekeeper Constraints inform the system that a ConstraintTemplate needs to be enforced and how to enforce the template.
| Attribute | Description |
|---|---|
| resource_id | The primary resource identifier that takes the form of a prefix followed by numbers and letters |
| organization_service_id | The ID of the parent organization service (cloud) |
| constraint_template_resource_id | The ID for the template associated with the constraint |
| content | The content of the document |
| create_time | The timestamp for when the constraint was created |
Gatekeeper ConstraintTemplates
Gatekeeper ConstraintTemplates describe the policies that enforce a constraint as well as the schema of the constraint.
| Attribute | Description |
|---|---|
| resource_id | The primary resource identifier that takes the form of a prefix followed by numbers and letters |
| organization_service_id | The ID of the parent organization service (cloud) |
| content | The content of the document |
| create_time | The timestamp for when the template was created |
Ingress
Ingress
Ingress is an API object that manages external access to the services in a cluster. This class inherits from TopLevelResource and has direct access to the resource's database object.
| Attribute | Description |
|---|---|
| resource_id | The primary resource identifier that takes the form of a prefix followed by numbers and letters |
| organization_service_id | The ID of the parent organization service (cloud) |
| name | The name of the Ingress |
| ingress_uid | The unique in time and space value for ingress |
| namespace | The object name and auth scope of Ingress |
| cluster_name | The name of the cluster which the ingress belongs to |
| generation | The sequence number representing a specific generation of the desired state |
| resource_version | The resource version of Ingress |
| create_time | The creation time of Ingress |
| annotations | The JSON value of annotations (metadata) for Ingress |
| rules | The JSON value of Ingress rules |
Namespace
Namespaces
A virtual cluster backed by a physical cluster; typically, there are several distinct namespaces on a single physical cluster. An example of a Namespace is an Kubernetes Namespace.
| Attribute | Description |
|---|---|
| resource_id | The primary resource identifier that takes the form of a prefix followed by numbers and letters |
| organization_service_id | The ID of the parent organization service (cloud) |
| name | The name of the namespace |
| status | The status of the namespace |
| create_time | The timestamp for when the namespace was created |
| annotations | Custom metadata for the namespace |
Pods
Pods
Pod Security Policies
Pod Security Policies are a cluster-level resource that controls security sensitive aspects of the pod specification. This class inherits from TopLevelResource and has direct access to the resource's database object.
| Attribute | Description |
|---|---|
| resource_id | The primary resource identifier that takes the form of a prefix followed by numbers and letters |
| organization_service_id | The ID of the parent organization service (cloud) |
| name | The name of the Pod Security Policy |
| privileged | Denotes if a pod can request to be run as privileged |
| allow_privilege_escalation | Denotes if a pod can request to allow privilege escalation |
| host_ipc | Denotes if the policy allows the use of HostIPC in the pod spec |
| host_network | Denotes if the policy allows the use of HostNetwork in the pod spec |
| host_pid | Denotes if the policy allows the use of HostPID in the pod spec |
| read_only_root_filesystem | Denotes if containers run with a read only root file system |
| run_as_user | The JSON value of the strategy that will dictate the allowable RunAsUser values that may be set |
| se_linux | The JSON Value of the strategy that will dictate the allowable labels that may be set |
| fs_group | The JSON value of the strategy that will dictate what fs group is used by the SecurityContext |
| supplemental_groups | The JSON value of the strategy that will dictate what supplemental groups are used by the SecurityContext |
| create_time | The creation time of the Pod Security Policy |
| annotations | The JSON value of annotations (metadata) for the Pod Security Policy |
| allowed_capabilities | The JSON list of capabilities that can be requested to add to the container |
| required_drop_capabilities | The JSON list the capabilities that will be dropped from the container |
Pods
Pods refer to a running process on your cluster. This class inherits from TopLevelResource and has direct access to the resource's database object.
| Attribute | Description |
|---|---|
| resource_id | The primary resource identifier that takes the form of a prefix followed by numbers and letters |
| organization_service_id | The ID of the parent organization service (cloud) |
| name | The name of the pod |
| namespace | The pod name and auth scope |
| namespace_id | The fully qualified ID of the resource, including the resource name and resource type |
| region_name | The region the Pod resides in |
| version | The version the Pod uses |
| hostname | The hostname of the Pod (docker image name) |
| container_instance_resource_id | The cluster master node |
| host_ip | The IP address of the host to which the pod is assigned |
| pod_ip | The IP address allocated to the pod. Routable at least within the cluster |
| status | The current status of the pod |
| execution_role_arn | The role ARN for Pod execution |
| network_mode | The contains network modes for Pod |
| restart_policy | The restart policy for all containers within the pod. (always, onfailure, never) |
| service_account_name | The name of the ServiceAccount to use to run the pod |
| priority_class_name | The specified, indicates the pod's priority (system-node-critical, system-cluster-critical) |
| generate_name | The GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided |
| resource_version | The internal version of this Pod |
| dns_policy | The DNS policy for the pod (clusterfirst, clusterfirstwithhostnet, default or none) |
| create_time | The create time for the pod |
| generation | The number representing a specific generation of the desired state |
| priority | The priority value |
| host_ipc | Use the host's ipc namespace (true/false) |
| host_network | Host networking requested for this pod |
| host_pid | The host's pid namespace (true/false) |
| owner_references | The JSON value of owner references for the Pod (api version, controller setting, kind, name, etc) |
| security_context | The JSON value of the security context attached to the pod |
| launch_type | The JSON Value of the launch type of pod |
| node_selector | The JSON list of node selector requirements by node's fields |
| container_count | The number of containers within the pod |
| container_statuses | The status of containers within the pod |
Service Fabric Cluster
Service Fabric Cluster
A cluster that orchestrates highly available and durable micro services at scale.
| Attribute | Description |
|---|---|
| resource_id | The primary resource identifier that takes the form of a prefix followed by numbers and letters |
| organization_service_id | The ID of the parent organization service (cloud) |
| name | The name of the cluster |
| region_name | The name of the region in which the cluster resides |
| cluster_id | The ID of the cluster |
| cluster_state | The state of the cluster |
| cluster_code_version | The current code version of the cluster |
| upgrade_mode | The set mode for upgrading the version of the cluster |
| vm_image | The operating system image running on the cluster |
| node_count | The current number of nodes attached to the cluster |
| node_type_name | The name of the primary node attached to the cluster |
| node_instance_count | The number of nodes attached to the primary node |
| client_port | The TCP cluster management endpoint port of the primary node |
| http_port | The HTTP cluster management endpoint port of the primary node |
| reverse_proxy_port | The reverse proxy endpoint port of the primary node |
| namespace_id | The unique composite ID of the provider ID for the resource |
| latest_available_code_version | The most up-to-date code version available for the cluster |
Services
Services
Services are a grouping of pods that are running on the cluster. This class inherits from TopLevelResource and has direct access to the resource's database object.
| Attribute | Description |
|---|---|
| resource_id | The primary resource identifier that takes the form of a prefix followed by numbers and letters |
| organization_service_id | The ID of the parent organization service (cloud) |
| name | The name of the service |
| namespace | The services name and auth scope- Namespace defines the space within each name must be unique |
| cluster_name | The name of the cluster which the service belongs to |
| external_i_ps | The list of IP addresses for which nodes in the cluster will also accept traffic for this service |
| external_name | The external reference that kubedns or equivalent will return as a CNAME record for this service |
| load_balancer_ip | The LoadBalancer will get created with the IP specified in this field \nOnly applies to Service Type: LoadBalancer |
| resource_version | The version for the service |
| service_type | Denotes how the Service is exposed. (externalname, clusterip, nodeport, loadalancer) |
| generation | The sequence number representing a specific generation of the desired state |
| create_time | The creation time of the service |
| annotations | The JSON value of annotations (metadata) for the Service |
| selector | The JSON value of selector with label keys and values that route service traffic to pods |
| load_balancer_source_ranges | The restricter of traffic through the cloud-provider load-balancer will be restricted to the specified kubernetes.client IPs (JSON) \nIf specified and supported by the platform |
| service_ports | The JSON list of the ports of the service |
Task Definitions
Task Definitions
Task Definitions are required to run Docker containers within container management services in the cloud. An example of a Task Definition is an AWS Elastic Container Service (ECS) Task Definition.
| Attribute | Description |
|---|---|
| resource_id | The primary resource identifier that takes the form of a prefix followed by numbers and letters |
| organization_service_id | The ID of the parent organization service (cloud) |
| name | The name of the Task Definition |
| region_name | The region the Task Definition resides in |
| version | The version of the Task Definition |
| arn | The Amazon Resource Name |
| status | The status of the Task Definition |
| container_count | The number of containers within the Task Definition |
| network_mode | The Docker networking mode to use for containers within the Task Definition |
| launch_type | The type of infrastructure on which the Task Definition is loaded |
| execution_role_arn | The Amazon Resource Name of the task execution role |
| cpu | The number of CPU units used by the Task Definition |
| memory | The amount of memory used by the Task Definition |
| family | The name of a family that the Task Definition is registered to |
| created_at | Date the Task Definition was created |
| volumes | Volumes associated with the Task Definition |
| container_definitions | Definitions for containers within the Task Definition |
| contains_secret | Denotes if the task definition contains a secret in its environment variables |
Did this page help you?