Resource Type Categories
The capabilities of InsightCloudSec rely on the information gathered about your cloud resources. Within the InsightCloudSec platform, Resources are organized under a single landing page and grouped under six resource type categories.
Those categories are:
- Compute Resources
- Container Resources
- Storage Resources
- Network Resources
- Identity & Management Resources
- Machine Learning & AI Resources
Resource type matrix
| Resource Type | Category | Amazon Web Services (AWS) | AWS GovCloud | Microsoft Azure | Google Cloud Platform (GCP) | Alibaba Cloud | Kubernetes | Oracle (OCI) | |
|---|---|---|---|---|---|---|---|---|---|
| Access Analyzer | Identity and Management | AWS IAM Access Analyzer | |||||||
| Access List | Network | NACL / Security Group | NACL / Security Group | Network Security Group | Network Firewall | Security Group | Network Security Group/Security List | ||
| Access List Flow Log | Network | NSG (Network Security Group) Flow Log | |||||||
| Access List Rule | Network | Rules | Rules | Security Rules | Firewall Rules | Rules | Network Security Group Rule/Security List Rule | ||
| Activity Log Alert | Identity and Management | Activity Log Alert | |||||||
| Airflow Environment | Compute | Managed Airflow Environment | Cloud Composer | ||||||
| API Access Key | Identity and Management | Access key ID | Access key ID | Application Credentials | Service Account Key | Access Key ID | |||
| API Accounting Config | Identity and Management | CloudTrail | CloudTrail | N/A | Logs Storage | ActionTrail | |||
| API Key Usage Plan | Network | API Key Usage Plan | API Key Usage Plan | ||||||
| App Configuration | Compute | App Configuration | |||||||
| App Engine Service | Compute | App Engine Service | |||||||
| App Engine Service Version | Compute | App Engine Service Version | |||||||
| App Run Service | Containers | AWS App Runner | Cloud Run | ||||||
| App Server | Compute | App Service Plan | |||||||
| App Stream Fleet | Compute | AppStream 2.0 | AppStream 2.0 | ||||||
| Application Gateway | Network | API Gateway | API Management Service | ||||||
| Application Gateway Domain | Network | API Gateway Domain | |||||||
| Application Key | Network | API Gateway Key | |||||||
| Application Stage | Network | API Gateway Stage | |||||||
| Artifact Registry | Containers | Artifact Registry | |||||||
| Automation Account | Machine Learning & AI | Automation Account | |||||||
| Autoscaling Group | Compute | Autoscaling Group | Autoscaling Group | Virtual Machine Scale Sets | Autoscalers | N/A | |||
| Autoscaling Launch Configuration | Compute | Launch Configurations | N/A | N/A | N/A | N/A | |||
| Azure Policy | Identity and Management | Azure Policy | |||||||
| Backend Services | Compute | Load Balancer Backend Services | |||||||
| Backup Gateway | Storage | Backup Gateway | Backup Gateway | ||||||
| Backup Vault | Storage | Backup Vault | N/A | ||||||
| Bastion Host | Network | Bastion Host | |||||||
| Batch Environment | Compute | Batch Compute Environment | Batch Compute Environment | Batch Account | |||||
| Batch Pool | Compute | Batch Pool | |||||||
| Bedrock Agent | Machine Learning & AI | Bedrock Agent | |||||||
| Bedrock Model | Machine Learning & AI | Bedrock Model | |||||||
| Bedrock Training Job | Machine Learning & AI | Bedrock Job | |||||||
| Big Data Instance | Compute | Redshift | Redshift | ||||||
| Big Data Serverless Namespace | Compute | Redshift Serverless Namespace | |||||||
| Big Data Serverless Workgroup | Compute | Redshift Serverless Workgroup | |||||||
| Big Data Snapshot | Storage | Redshift Snapshot | Redshift Snapshot | N/A | N/A | N/A | |||
| Big Data Workspace | Compute | Azure Synapse | |||||||
| Bot Service | Machine Learning & AI | Bot Service | |||||||
| Build Project | Compute | CodeBuild Project | CodeBuild | ||||||
| Business Intelligence Subscription | Identity and Management | QuickSight | QuickSight | N/A | |||||
| Cache Database Cluster | Compute | MemoryDB | MemoryDB | ||||||
| Cache Instance | Compute | ElastiCache | Elasticache | Azure Redis | Memorystore | AsparaDB for Redis | |||
| Cache Snapshot | Storage | ElastiCache Snapshot | Redis Snapshot | ||||||
| Cassandra Table | Storage | Keyspaces Table | Keyspaces Table | ||||||
| Cloud Access Point | Identity and Management | S3 Access Point | S3 Access Point | ||||||
| Cloud Account | Identity and Management | Cloud Account | Cloud Account | Cloud Subscription | Project | Cloud Account | Cloud Tenancy | ||
| Cloud Advisor Check | Identity and Management | Trusted Advisor | Trusted Advisor | Security Command Center Baseline | N/A | ||||
| Cloud Alarm | Identity and Management | CloudWatch Alarm | CloudWatch Alarm | N/A | N/A | N/A | |||
| Cloud App | Identity and Management | Azure App Registration | |||||||
| Cloud Credentials | Identity and Management | API Keys | |||||||
| Cloud Dataset | Storage | BigQuery Dataset | |||||||
| Cloud Domain Group | Identity and Management | N/A | N/A | N/A | Domain Groups | ||||
| Cloud Domain User | Identity and Management | N/A | N/A | Domain Users | |||||
| Cloud Event Bus | Identity and Management | CloudWatch/Event Bridge Event Bus | CloudWatch/Event Bridge Event Bus | ||||||
| Cloud Event Rule | Identity and Management | CloudWatch Rule | CloudWatch Rule | ||||||
| Cloud Global Access Point | Storage | S3 Multi-Region Access Point | |||||||
| Cloud Group | Identity and Management | IAM Group | IAM Group | Group | Group | RAM Group | Group | ||
| Cloud Limit | Identity and Management | Limit | Limit | Limit | Limit | N/A | |||
| Cloud Log Destination | Identity and Management | CloudWatch Logs Destinations | CloudWatch Logs Destinations | ||||||
| Cloud Outpost | Identity and Management | Outpost | |||||||
| Cloud Policy | Identity and Management | IAM Policy | IAM Policy | Policy | Role Permission Set | RAM Policy | |||
| Cloud Region | Identity and Management | Region | Region | Region | Region | Region | Region | ||
| Cloud Resource Group | Identity and Management | Azure Resource Group | |||||||
| Cloud Role | Identity and Management | IAM Role | IAM Role | Role | Service Account | RAM Role | |||
| Cloud Role Assignment | Identity and Management | Azure Role Assignment | |||||||
| Cloud Service Cost | Identity and Management | Consolidated Bill | Consolidated Bill | N/A | Billing Export | ||||
| Cloud User | Identity and Management | IAM User | IAM User | User | User | RAM User | User | ||
| Cluster Role | Containers | Cluster Role | |||||||
| Clusters | Containers | EKS/ECS/Fargate Cluster | EKS/ECS/Fargate Cluster | Kubernetes Service | GKE | Kubernetes Cluster | Kubernetes Cluster | ||
| Code Repository | Identity and Management | Code Commit | Code Commit | ||||||
| Cognitive Search | Machine Learning & AI | Cognitive Search | |||||||
| Cold Storage | Storage | Glacier | N/A | N/A | N/A | N/A | |||
| Collaboration | Identity and Management | Clean Rooms | Clean Rooms | ||||||
| Computer Vision | Machine Learning & AI | Computer Vision | |||||||
| Conditional Access Policy | Identity and Management | Conditional Access Policy | |||||||
| Config | Identity and Management | AWS Config | AWS Config | ||||||
| Config Map | Containers | Config Map | Config Map | ||||||
| Connect Instance | Compute | Amazon Connect | Amazon Connect | ||||||
| Container Image | Containers | Container Image (ECR) | Container Image (ECR) | Container Image | Container Image | ||||
| Container Instances | Containers | Container Instance (ECS) | Container Instance (ECS) | Azure Container Instance | Node Instance | ||||
| Container Node Group | Containers | EKS Node Group | EKS Node Group | ||||||
| Container Registry | Containers | Container Registry (ECR) | Container Registry (ECR) | Container Registry | |||||
| Container Service | Containers | ECS Service | ECS Service | ||||||
| Containers | Containers | Container | Container | Container | |||||
| Content Delivery Network | Network | CloudFront | CloudFront | CDN Profile, Front Door (Standard/Premium) | Cloud CDN | N/A | |||
| Content Moderator | Machine Learning & AI | Content Moderator | |||||||
| Control Plane | Containers | Control Plane | |||||||
| Control Policy | Identity and Management | Organization Policy | |||||||
| Control Tower Control | Identity and Management | Control Tower Control | Control Tower Control | ||||||
| Control Tower Landing Zone | Identity and Management | Control Tower Landing Zone | Control Tower Landing Zone | ||||||
| Cron Jobs | Containers | Cron Jobs | |||||||
| DaemonSet | Containers | DaemonSet | |||||||
| Data Analytics Workspace | Storage | Athena Workgroup | Athena Workgroup | ||||||
| Data Factory | Storage | Azure Data Factory | Data Fusion | ||||||
| Data Stream | Storage | Kinesis | Kinesis | Event Hub Namespace | N/A | N/A | |||
| Data Sync Task | Storage | DataSync Task | |||||||
| Database | Compute | N/A | N/A | SQL Database / Dedicated SQL Pool | Cloud SQL Database | ||||
| Database Cluster | Compute | RDS Database, Neptune, DocumentDB | |||||||
| Database Event Subscription | Compute | RDS Event Subscription | |||||||
| Database Instance | Compute | RDS Database, Neptune, DocumentDB | RDS Database | Azure Database for Postgres/MySQL/MariaDB | Cloud SQL | AsparaDB for RDS | MySQL DB System/Autonomous Data Warehouse | ||
| Database Migration Instance | Storage | DMS Replication Instance | DMS Replication Instance | ||||||
| Database Migration Endpoint | Network | DMS Endpoint | DMS Endpoint | ||||||
| Database Proxy | Storage | RDS Database Proxy | RDS Database Proxy | ||||||
| Database Snapshot | Storage | RDS Snapshot | RDS Snapshot | N/A | Cloud SQL Backup | RDS Snapshot | |||
| Databricks Workspace | Storage | Databricks Workspace | |||||||
| Dataflow Job | Compute | Dataflow Jobs | |||||||
| DDoS Protection | Network | Shield | DDoS Protection | ||||||
| Delivery Stream | Storage | Firehose | N/A | N/A | N/A | ||||
| Deployments/Tasks | Containers | Container Pod (ECS/Fargate) | Deployment | ||||||
| Diagnostic Settings | Identity and Management | Diagnostic Settings | |||||||
| Direct Connect | Network | Direct Connect | Express Route Circuit | Cloud Interconnect | |||||
| Directory Service | Identity and Management | AWS Directory Service | |||||||
| Distributed Table | Compute | DynamoDB | DynamoDB | Azure CosmosDB | N/A | N/A | NoSQL Database | ||
| Distributed Table Cluster | Compute | Dynamo DB Accelerator (DAX) | N/A | Bigtable | N/A | ||||
| DLP Job | Compute | DLP Inspection Job | |||||||
| DNS Domain | Identity and Management | Route53 Domain | Cloud Domain | ||||||
| DNS Zone | Network | Route53 DNS Zone | DNS Zone | DNS Zone | N/A | ||||
| Elastic Cluster | Storage | DocumentDB Elastic | |||||||
| Elasticsearch Instance | Compute | OpenSearch | OpenSearch | N/A | N/A | N/A | |||
| Elasticsearch Serverless Collection | Compute | OpenSearch Collection | |||||||
| Email Service Config | Compute | Simple Email Service Configuration Set (SES) | Simple Email Service Configuration Set (SES) | ||||||
| Email Service Domain | Compute | Simple Email Service (SES) | Simple Email Service (SES) | N/A | N/A | N/A | R | ||
| Email Service Rule | Compute | Simple Email Service Rule (SES) | Simple Email Service Rule (SES) | ||||||
| Encryption Key | Identity and Management | KMS | KMS | Key Vault Key | Cloud KMS Cryptokey | KMS Key | Master Encryption Key | ||
| Encryption Key Vault | Identity and Management | Key Vault | Cloud KMS Keyring | Vault | |||||
| ETL Connection | Storage | Glue Connection | Glue Connection | ||||||
| ETL Crawler | Storage | Glue Crawler | Glue Crawler | ||||||
| ETL Data Catalog | Storage | Glue Data Catalog | Glue Data Catalog | ||||||
| ETL Database | Storage | Glue Database | Glue Database | ||||||
| ETL Job | Storage | Glue Job | Glue Job | ||||||
| ETL Security Configuration | Storage | Glue Security Configuration | Glue Security Configuration | ||||||
| Event Grid Subscription | Compute | Event Grid Subscription | |||||||
| Event Grid System Topic | Compute | Event Grid System Topic | |||||||
| Event Grid Topic | Compute | Event Grid Topic | |||||||
| Event Subscription | Compute | RDS Event Subscription | RDS Event Subscription | ||||||
| Federated Group | Identity and Management | Federated Azure AD Group | |||||||
| Federated User | Identity and Management | Federated Azure AD User | |||||||
| File Share | Storage | NFS/SMB File Gateway Share | |||||||
| Forwarding Rules | Network | Load Balancer Forwarding Rules | |||||||
| Gatekeeper Constraint | Containers | Constraint | |||||||
| Gatekeeper ConstraintTemplate | Containers | ConstraintTemplate | |||||||
| Global Load Balancer | Network | Global Accelerator | Global Accelerator | Front Door | |||||
| GraphQL API | Storage | AppSync API | N/A | ||||||
| HSM Cluster | Compute | CloudHSM | CloudHSM | ||||||
| Hypervisor | Compute | Dedicated Instance | Dedicated Instance | Dedicated Host | N/A | N/A | |||
| Identity Provider | Identity and Management | SAML Identity Provider | Identity Platform Provider | ||||||
| Ingress | Containers | N/A | N/A | Ingress | |||||
| Instance | Compute | EC2 Instance | EC2 Instance | Virtual Machine | Compute Engine | ECS Instance | Instance | ||
| Internet Gateway | Network | Internet Gateway | Internet Gateway | N/A | N/A | N/A | |||
| Jobs | Containers | Jobs | |||||||
| K8S Secret | Containers | Secret | |||||||
| Language Service | Machine Learning & AI | Language Service | |||||||
| Launch Template | Compute | Launch Template | Launch Template | ||||||
| Lightsail | Compute | Amazon Lightsail | N/A | ||||||
| Load Balancer | Network | Load Balancer (ELB/ALB/NLB/Gateway) | ELB/ALB/NLB | Load Balancer/Application Gateway | Load Balancer | Load Balancer (SLB/ALB/NLB/CLB) | |||
| Logic App | Compute | Logic App | |||||||
| Log Analytics Workspace | Identity and Management | Log Analytics Workspace | |||||||
| Log Group | Identity and Management | CloudWatch Log Group | |||||||
| Lookout Project | Identity and Management | Lookout Equipment/Metrics/Vision | N/A | ||||||
| LUIS API | Machine Learning & AI | LUIS API | |||||||
| Machine Learning Instance | Machine Learning & AI | Sagemaker Notebook | Sagemaker Notebook | AI Platform Notebook | |||||
| Machine Learning Training Job | Machine Learning & AI | Sagemaker Training job | Sagemaker Training Job | ||||||
| MapReduce Cluster | Compute | Elastic Mapreduce (EMR) | Elastic Mapreduce (EMR) | HDInsight Cluster | Dataproc | N/A | |||
| Message Broker Instance | Compute | MQ | |||||||
| Message Queue | Compute | Simple Queue Service (SQS) | Simple Queue Service (SQS) | Service Bus Queue | N/A | N/A | |||
| Message Queue Namespace | Compute | Service Bus | |||||||
| Mutating Webhook Configuration | Containers | Mutating Webhook Configuration | |||||||
| Named Location | Identity and Management | Named Location | |||||||
| Namespace | Containers | Namespace | |||||||
| NAT Gateway | Network | NAT Gateway (VPC) | N/A | NAT Gateway | Cloud NAT | N/A | |||
| Network | Network | VPC | VPC | Virtual Network | VPC | VCN | |||
| Network Address Group | Network | Managed Prefix List | Managed Prefix List | IP Group | |||||
| Network Endpoint | Network | VPC Endpoint/PrivateLink | Service Endpoint/Service Endpoint Policy/Private Endpoint | ||||||
| Network Endpoint Service | Network | VPC Endpoint Service | Private Link Service | ||||||
| Network Firewall | Network | Network Firewall | Network Firewall | Azure Firewall | |||||
| Network Firewall Rule | Network | Network Firewall Rule | Network Firewall Rule | Azure Firewall Rule | |||||
| Network Firewall Rule List | Network | Network Firewall Rule Group | Network Firewall Rule Group | Azure Firewall Rule Collection | |||||
| Network Flow Log | Network | VPC Flow Log (VPC) | VPC Flow Log (VPC) | Logging Bucket | |||||
| Network Interface | Network | Network Interface | Network Interface | Network Interface | Network Interface | Network Interface | VCS Interface | ||
| Network Peer | Network | VPC Peer | VPC Peer | Peerings | Network Peer | N/A | |||
| Network Policy | Containers | Network Policy | |||||||
| Notification Subscription | Compute | SNS Subscription | SNS Subscription | N/A | Pub / Sub Subscription | N/A | Subscription | ||
| Notification Topic | Compute | SNS Topic | SNS Topic | N/A | Pub / Sub Topic | N/A | Topic | ||
| Open AI | Machine Learning & AI | Open AI | |||||||
| Persistent Volume | Containers | Persistent Volume | |||||||
| Personalizer | Machine Learning & AI | Personalizer | |||||||
| Pod Security Policies | Containers | Pod Security Policy | |||||||
| Pods | Containers | Task Definition (ECS) | Pod | ||||||
| Private Image | Compute | AMI (Private) | AMI (Private) | Image | Image | Image | |||
| Private Subnet | Network | VPC Subnet | VPC Subnet | Subnet | Subnet | VSwitch | VCN Subnet | ||
| Public IP | Network | Elastic IP | Elastic IP | Reserved IP | Reserved IP | Elastic IP | Public IP | ||
| Query Log Config | Network | Route53 Resolver | Route53 Resolver | ||||||
| Recommendation | Identity and Management | Unattended Project Recommendations | |||||||
| Recommendation Finding | Identity and Management | Unattended Project Insights | |||||||
| Recycle Bin Rule | Storage | Recycle Bin Rule | |||||||
| ReplicaSet | Containers | ReplicaSet | |||||||
| Reserved Instance | Compute | Reserved Instance | Reserved Instance | N/A | N/A | N/A | |||
| Resource Share | Identity and Management | RAM (Resource Shares) | RAM (Resource Shares) | ||||||
| Resource Share Resource | Identity and Management | RAM (Resources) | RAM (Resources) | ||||||
| Role | Containers | Role | |||||||
| Route | Network | Route | Route | ||||||
| Route Table | Network | Route Table | N/A | Route Table | Route Table | Route Table | |||
| Search Cluster | Compute | Cloudsearch Cluster | Cloudsearch Cluster | ||||||
| Search Index | Compute | Kendra Index | N/A | ||||||
| Secret | Identity and Management | Secret | N/A | Secret | Secret | N/A | Secret | ||
| Secure File Transfer | Storage | SFTP Server | |||||||
| Security Posture | Identity and Management | Azure Advisor Recommendations | |||||||
| Serverless Application | Compute | Serverless Application Repository | |||||||
| Serverless Function | Compute | Lambda | Lambda | Function | Cloud Function | N/A | |||
| Serverless Layer | Compute | Lambda Layer | Lambda Layer | ||||||
| Service Account | Containers | Service Account | |||||||
| Service Control Policy | Identity and Management | Service Control Policy | |||||||
| Service Detector | Identity and Management | ||||||||
| Service Fabric Cluster | Containers | Service Fabric Cluster | |||||||
| Service Health Event | Identity and Management | Health Dashboard | Health Dashboard | ||||||
| Services | Containers | Service | |||||||
| Shared Gallery | Compute | Shared Image Gallery | |||||||
| Shared Gallery Image | Compute | Image Definition | |||||||
| Shared Gallery Image Version | Compute | Image Version | |||||||
| Shared File System | Storage | EFS, Lustre, FSx, and NetApp ONTAP | N/A | File Share | Cloud Filestore | N/A | File System | ||
| Simple Log Service | Identity and Management | Simple Log Service | |||||||
| Sink | Identity and Management | CloudWatch Observability Sink Link | Stackdriver Sink | ||||||
| Site-to-Site VPN | Network | Site-to-Site VPN (VPC) | VPN Tunnel | ||||||
| Snapshot | Storage | EBS Snapshot | EBS Snapshot | Snapshot | Snapshot | Snapshot | Block Volume Backup | ||
| Spanner | Storage | Aurora Global Database | Aurora Global Database | Cloud Spanner | |||||
| Speech Services | Machine Learning & AI | Speech Services | |||||||
| SSH Key Pair | Identity and Management | SSH Key Pair | SSH Key Pair | SSH Key Pair | SSH Key Pair | SSH Key Pair | |||
| SSL Certificate | Identity and Management | IAM/ACM SSL Certificate | IAM/ACM SSL Certificate | SSL Certificate | SSL Certificate | N/A | SSL Certificate | ||
| SSL Certificate Authority | Identity and Management | ACM Private Certificate Authority | ACM Private Certificate Authority | Certificate Authority Service | |||||
| SSM Association | Compute | SSM Association | SSM Association | ||||||
| SSM Document | Compute | SSM Document | SSM Document | ||||||
| Stack Template | Compute | CloudFormation Templates | CloudFormation Templates | ||||||
| StatefulSet | Containers | StatefulSet | |||||||
| Step Function | Compute | Step Function State Machine | Step Function State Machine | ||||||
| Storage Account | Storage | Storage Account | |||||||
| Storage Gateway | Storage | Storage Gateway | Storage Gateway | ||||||
| Storage Container | Storage | S3 Bucket | S3 Bucket | Blob Storage Container | Cloud Storage | Object Storage Bucket | Object Storage Backup | ||
| Storage Queue | Storage | Storage Queue | |||||||
| Storage Sync Service | Storage | Storage Sync Service | |||||||
| Stored Parameter | Storage | Systems Manager Parameter Store (Parameter) | |||||||
| Stream Instance | Compute | MSK Instance | |||||||
| Streaming Application | Compute | Kinesis Analytics Application | Kinesis Analytics Application | ||||||
| Target Proxies | Network | Load Balancer Target Proxies | |||||||
| Task Definitions | Container | Task Definition (ECS) | |||||||
| Template Spec | Compute | Template Specs | |||||||
| Threat Findings | Identity and Management | GuardDuty/Macie | Microsoft Defender for Cloud | Event Threat Detection | |||||
| Timeseries Database | Storage | Amazon Timestream | |||||||
| Traffic Manager | Network | Traffic Manager | |||||||
| Traffic Mirror Target | Network | VPC Traffic Mirror Target | VPC Traffic Mirror Targets | ||||||
| Transcoding Pipeline | Compute | Elastic Transcoder Pipeline | |||||||
| Transcription Job | Compute | Transcription Job | Transcription Job | ||||||
| Transit Gateway | Network | Transit Gateway | |||||||
| Translator | Machine Learning & AI | Translator | |||||||
| URL Map | Network | URL Map | |||||||
| User Pool | Identity and Management | Cognito User Pool | |||||||
| Validating Webhook Configuration | Containers | Validating Webhook Configuration | |||||||
| Vertex Custom Job | Machine Learning & AI | Vertex Custom Job | |||||||
| Video Stream | Storage | Kinesis Video Stream | |||||||
| Virtual Private Gateway | Network | Virtual Private Gateway | Virtual Network Gateway | VPN Gateway | |||||
| Volume | Storage | EBS Volume | EBS Volume | Disk | Persistent Disk | Disk | Block Volume | ||
| Web App | Compute | Elastic Beanstalk Environment | App Service | ||||||
| Web App Group | Compute | Elastic Beanstalk Application | |||||||
| Web Application Firewall | Network | Web Application Firewall | Web Application Firewall | Web Application Firewall Policies | Cloud Armor | ||||
| Web Application Firewall Rule | Network | Web Application Firewall Rule | Web Application Firewall Rule | ||||||
| Web Application Firewall Group | Network | Web Application Firewall Rule Group | Web Application Firewall Rule Group | ||||||
| Workspace | Compute | Workspace | N/A | N/A | N/A | N/A |
Resource Type Definitions
Compute
| Resource Type | Description |
|---|---|
| Airflow Environment | Managed orchestration for Apache Airflow to programmatically author, schedule, and monitor sequences of processes and tasks (AWS Managed Airflow Environment, GCP Cloud Composer) |
| App Configuration | Provide a means to centrally manage application settings and feature flags (Azure App Configuration) |
| App Engine Service | A small logical component of a large app, i.e., a microservice (GCP App Engine Service) |
| App Engine Service Version | A compiled version of one of your services, which can be used for rollbacks or testing (GCP App Engine Service Version) |
| App Server | Defines the region of the physical server where your app will be hosted and the amount of storage, RAM, and CPU the physical servers will have (Azure App Service Plan) |
| App Stream Fleet | Managed application streaming service that streams desktop applications to users (AWS AppStream 2.0) |
| Autoscaling Group | Collection of instances used for scaling and management |
| Autoscaling Launch Configuration | Configuration for autoscaling groups (min, max, etc.) |
| Batch Environment | An environment containing many compute nodes that can run large-scale parallel and high-performance computing batch jobs efficiently (AWS Batch Compute Environment, Azure Batch Account) |
| Batch Pool | A group of compute nodes that is used in a batch environment to run large-scale parallel and high-performance computing batch jobs efficiently (Azure Batch Pool) |
| Big Data Instance | Big data/data warehouse instances (AWS Redshift) |
| Big Data Serverless Namespace | A collection of Big Data database objects and users (AWS Redshift Serverless Namespace) |
| Big Data Serverless Workgroup | A collection of Big Data compute resources (AWS Redshift Serverless Workgroup) |
| Big Data Workspace | Analytics service that combines data integration, data warehousing, and big data analytics (Azure Synapse) |
| Build Project | Integration service for compiling source code, running tests, and producing deployable software packages (AWS CodeBuild) |
| Cache Database Cluster | A Cache Database Cluster is an in-memory database service that provides fast performance and durability (AWS MemoryDB) |
| Cache Instance | Memory cache instance (AWS ElastiCache, Redis, etc.) |
| Connect Instance | Provides virtual call center capabilities to your customers (AWS Amazon Connect) |
| Database | Relational database service (GCP Cloud SQL, Azure SQL Database/Dedicated SQL Pool) |
| Database Cluster | One or more DB instances and a cluster volume that manages the data for those instances (AWS RDS Aurora Cluster, Neptune, Document DB) |
| Database Event Subscription | Allow notifications when events within an event category occur (AWS RDS Event Subscription) |
| Database Instance | Database instance (RDS, CloudDatabase, etc.) |
| Dataflow Job | Unified stream and batch data processing job (GCP Dataflow Job) |
| Distributed Table | NoSQL database table (AWS DynamoDB) |
| Distributed Table Cluster | In-memory cache for Distributed Tables (DynamoDB DAX) |
| DLP Job | An individual data loss prevention (DLP) scan (GCP DLP Inspection Job) |
| Elasticsearch Instance | A restful search and analytics engine (AWS Elasticsearch) |
| Elasticsearch Serverless Collection | A serverless for OpenSearch Service for running large-scale search and analytics workloads without managing clusters (Amazon OpenSearch Serverless) |
| Email Service Config | Groups of rules applied to the verified identities that are used to send email through a cloud email service (Amazon SES Configuration Set) |
| Email Service Domain | A cloud-based email sending service (AWS SES) |
| Email Service Rule | Email Service Rules inform how to handle incoming email by executing an specified list of actions (AWS SES Rule) |
| Event Grid Subscription | An event topic that is sent to an endpoint for handling and consumption (Azure Event Grid Subscription) |
| Event Grid System Topic | Represent one or more events published by Azure services (Azure Event Grid System Topic) |
| Event Grid Topic | Acts as a receiving endpoint for a collection of related events (Azure Event Grid Topic) |
| HSM Cluster | A hardware security module (HSM) cluster providers users with an easy way to generate and manage encryption keys within a cloud service provider (CSP) environment (e.g., AWS CloudHSM) |
| Hypervisor | A hypervisor/dedicated host responsible for housing compute instances |
| Instance | Compute instance (EC2, CloudServers, etc.) |
| Launch Template | Contains configuration information for an instance so that it can be launched in a consistently reproducible way (Launch Template) |
| Lightsail | Provides compute, storage, and networking capacity and capabilities for websites and web applications in the cloud (AWS Lightsail) |
| Logic App | Integration platform as a service that promotes scale and portability while offering critical workflow automation from a workspace of any size (Azure Logic App) |
| MapReduce Cluster | A programming model for processing and generating large data sets (Hadoop) |
| Message Broker Instance | Managed message broker service (AWS MQ) |
| Message Queue | Message queuing services (AWS SQS) |
| Message Queue Namespace | Groups message queues and publish-subscribe topics under one namespace (Azure Service Bus) |
| Notification Subscription | Subscription-based notifications (AWS SNS, GCP Pub/Sub) |
| Notification Topic | Topic to use when delivering notifications |
| Private Image | Private/shared image which can be used to create a compute instance |
| Recommendation | Machine-generated product and resource usage optimizations (GCP Project Recommendations) |
| Recommendation Finding | Important patterns and details about your resource usage (GCP Project Insights) |
| Reserved Instance | Guaranteed, available virtual private servers (AWS RIs, Azure Pre-Paid Instances) |
| Search Cluster | A cluster of Elasticsearch Instances |
| Search Index | A highly accurate intelligent search service for unstructured data using natural language |
| Serverless Application | Framework for building serverless applications (AWS Serverless Application) |
| Serverless Function | A compute service that runs code in respose to events |
| Serverless Layer | A package of libraries and dependencies that can be used with Serverless Functions (AWS Lambda Layer) |
| Service Health Event | Personalized communications about how the overall health of the CSP itself may be affecting your environment, including visibility into resource issues, upcoming changes, and important notifications (AWS Health Dashboard) |
| Shared Gallery | Shared Image Gallery (Azure) to build structure around image |
| Shared Gallery Image | Image definitions for logical version grouping |
| Shared Gallery Image Version | Image versioning, as used in environments |
| SSM Association | An ideal state assigned to resources to reduce configuration drift (AWS SSM Association) |
| SSM Document | Instructions for the Systems Manager describing how to interact with your managed instances (AWS SSM Document) |
| Stack Template | Infrastructure as code (CloudFormation Templates) |
| Step Function | A serverless orchestration service that lets you combine functions and other services to build applications (AWS Step Function State Machine) |
| Streaming Application | Allows you to query, transform, and analyze streaming data in real time (AWS Kinesis Analytics Application) |
| Template Spec | "A resource type that simplifies both storing and sharing a template (Azure Template Specs) |
| Transcoding Pipeline | A queue that manages media transcoding jobs (AWS Elastic Transcoder Pipeline) |
| Transcription Job | A job that provides speech-to-text transcriptions for a wide variety of use cases, e.g., AWS Transcription Job |
| Web App | Service providing app hosting (AWS Elastic Beanstalk Environment, Azure App Service) |
| Web App Group | Service for deploying and scaling web applications and services (AWS Elastic Beanstalk Application) |
| Workspace | Virtual desktops (AWS Workspaces) |
Containers
| Resource Type | Description |
|---|---|
| Access List | Used to protect and ingress/egress traffic to cloud resources (Security Groups/NACLs) |
| App Run Service | Managed services that simplify deploying containerized web applications and APIs quickly at scale with little to no experience (AWS App Runner, GCP Cloud Run) |
| Artifact Registry | Stores artifacts and build dependencies in one central location (GCP Artifact Registry) |
| Cluster Role | A representation of a non-namespaced set of permissions (Kubernetes Cluster Role) |
| Clusters | Runs the Kubernetes management infrastructure (AWS EKS, GCP GKE, Azure Kubernetes Service, Alibaba Kubernetes Clusters) |
| Config Map | An API object used to store key-value pairs (Kubernetes Config Map) |
| Container Image | Assists in storing, managing, and deploying Docker container images (AWS Container Image (ECR), Azure Container Image, GCP Container Image) |
| Container Instances | Assists in running Kubernetes without standing up or maintaining own Kubernetes control plane (AWS Container Instance (EKS), MS Azure Container Instance) |
| Container Node Group | Auto scaling groups containing compute instances that are managed by the parent cluster (AWS EKS Node Group) |
| Container Registry | Docker container registry assisting developers in storing, managing, and deploying Docker container images (AWS Container Registry (ECR), Azure Container Registry) |
| Container Service | A container service is a scalable and fast container management service that makes it simple to manage all the containers within a cluster (ECS Service) |
| Containers | Manages container services (AWS Container (ECS)) |
| Control Plane | The container orchestration layer that exposes the API and interfaces to manage containers and their lifecycle (Kubernetes Control Plane) |
| Cron Jobs | A templated Kubernetes Job that runs on a repeating schedule (Kubernetes Cron Job) |
| DaemonSet | An overarching template that ensures the appropriate Kubernetes nodes are running a copy of a Pod (Kubernetes DaemonSet) |
| Deployments/Tasks | Works with container tasks (AWS Container Task (ECS)) |
| Gatekeeper Constraint | Inform the system that a ConstraintTemplate needs to be enforced and how to enforce the template (Kubernetes Constraint) |
| Gatekeeper ConstraintTemplate | Describe the policies that enforce a constraint as well as the schema of the constraint (Kubernetes ConstraintTemplate) |
| Ingress | Exposes HTTP and HTTPS routes from outside a Kubernetes cluster to services within the cluster (Kubernetes Ingress) |
| Jobs | A Kubernetes Job creates and executes a specified number of Pods until they successfully terminate (Kubernetes Job) |
| K8S Secret | An object that contains a small amount of sensitive data that must be kept confidential (Kubernetes Secret) |
| Mutating Webhook Configuration | A configuration for a mutating webhook admission controller (Kubernetes Mutating Webhook Controller) |
| Namespace | A virtual cluster backed by a physical cluster; typically, there are several distinct namespaces on a single physical cluster (Kubernetes Namespace) |
| Network Policy | A policy that controls traffic flow at a given IP address or port for a Pod (Kubernetes Network Policy) |
| Persistent Volume | A provisioned piece of storage in a Kubernetes cluster with a lifecycle independent of any Pod that uses the persistent volume (Kubernetes Persistent Volume) |
| Pod Security Policies | (Kubernetes Pod Security Policy) |
| Pods | Kubernetes Pod |
| ReplicaSet | A template that maintains a stable set of specified number of identical (replica) Pods (Kubernetes ReplicaSet) |
| Role | A representation of a set of permissions to a specified namespace (Kubernetes Role) |
| Service Account | A special account that provides an identity for processes that run inside of a Pod (Kubernetes Service Account) |
| Service Fabric Cluster | A cluster that orchestrates highly available and durable micro services at scale (Azure Service Fabric Cluster) |
| Services | (Kubernetes Service) |
| StatefulSet | An API object used to managed stateful applications (Kubernetes StatefulSet) |
| Task Definitions | Task Definitions are required to run Docker containers within container management services in the cloud (AWS ECS Task Definition) |
| Validating Webhook Configuration | A configuration for a validating webhook admission controller (Kubernetes Validated Webhook Configuration) |
Identity & Management
| Resource Type | Description |
|---|---|
| Access Analyzer | Identifies security risks through unintended access to your resources and data by identifying resources or roles that are shared with an external entity (AWS IAM Access Analyzer) |
| Activity Log Alert | Monitors a resource by checking its logs for a new event that matches defined conditions (Azure Activity Log Alert) |
| API Access Key | Used to make programmatic calls to Cloud Provider’s API (Azure Application Credentials, AWS IAM User Access Key, GCP Service Account Key) |
| API Accounting Config | Logs and tracks all calls made to the provider API (AWS CloudTrail, GCP Logs Storage) |
| Azure Policy | Helps businesses enforce and assess standards and compliance at scale (Azure Policy) |
| Business Intelligence Subscription | Service that connects and combines data sources for cloud to create a single data dashboard for easier user management (AWS QuickSight) |
| Cloud Access Point | A feature to simplify managing data access at scale for applications using shared data sets (AWS S3 Access Point) |
| Cloud Account | Secure, world-wide storage and retrieval of any amount of data at any time |
| Cloud Advisor Check | A recommendation guide that analyzes your configuration and usage (AWS Trusted Advisor) |
| Cloud Alarm | Notification on events from a Content Delivery Network (AWS Cloudwatch Events) |
| Cloud App | Application to manage application objects (definition of the application) that allows services to understand how to issue tokens to the application based on settings (Azure App Registration) |
| Cloud Credentials | A set of credentials (or API key) used to access applications or services within your environment |
| Cloud Domain Group | A virtual group of all accounts created in an organization's master account (GCP Domain Groups) |
| Cloud Domain User | Cloud Identity User able to manage across your entire domain (GCP Only) |
| Cloud Event Bus | A serverless event bus that facilitates connecting applications together using data from your own (SaaS or other) applications or services (AWS EventBridge) |
| Cloud Event Rule | A Cloud Event Rule matches incoming Cloud Alarms ("events") and routes them to targets for processing (AWS CloudWatch Rule) |
| Cloud Group | A cloud provider group within an organization service |
| Cloud Limit | Limits placed on amount of services available for cloud provider accounts |
| Cloud Log Destination | A physical resource that enables you to subscribe to a stream of log events (AWS CloudWatch Logs Destination) |
| Cloud Outpost | Managed service for hybrid cloud |
| Cloud Policy | A policy that will gave specific permissions to Cloud Users, Groups or Roles (AWS IAM) |
| Cloud Region | Where cloud resources are located |
| Cloud Resource Group | Used for related resources (e.g., Azure Resource Group) |
| Cloud Role | A cloud provider role within an organization service |
| Cloud Role Assignment | A record of a cloud role assignment for a user or group within an organization service |
| Cloud Service Cost | Cost associated with cloud provider services |
| Cloud User | A cloud user account used to access the provider console/API (AWS IAM) |
| Code Repository | A secure, managed source code service that hosts private Git repositories (AWS CodeCommit) |
| Collaboration | Enables you to share, combine, and analyze data with other organizations without sharing raw, identifiable data (AWS Clean Rooms) |
| Conditional Access Policy | Uses simple if-then statements to govern a given user's access to resources and services within a Cloud Service Provider (Azure Conditional Access Policy) |
| Config | Config provides details into the resources in your account, including information on configuration, relationships between resources, and how those both configuration and relationships change over time (AWS Config) |
| Control Policy | An Organization-wide policy that governs resource access, usage, and deployment (GCP Organization Policy) |
| Control Tower Control | A singular rule that provides governance for your Control Tower environment (AWS Control Tower Control) |
| Control Tower Landing Zone | A container around the desired Control Tower environment that determines the boundary of governance and compliance (AWS Control Tower Landing Zone) |
| Diagnostic Settings | Configuration profile that enables sending platform metrics and logs to various destinations (Azure Diagnostic Settings) |
| Directory Service | Collection of services for managing users and devices on a network (e.g., Azure AD) |
| DNS Domain | For managing domain names in a Domain Name System (DNS) (AWS Route53 Domain, GCP Cloud Domains) |
| Encryption Key | A master key used to encrypt cloud volumes, databases and more (AWS KMS) |
| Encryption Key Vault | Secure key management (GCP Cloud KMS Keyring, Azure Key Vault) |
| Federated Group | Azure Groups that have federated access to AWS SSO via Azure AD (Federated Azure AD Group). See Resources for details |
| Federated User | Azure Users that have federated access to AWS SSO via Azure AD (Federated Azure AD User). See Resources for details |
| Identity Provider | Creates, maintains, and manages identity information, providing authentication (SAML, AD) |
| Log Analytics Workspace | Container used for storing and analyzing log data and configuration (Azure Log Analytics Workspace) |
| Log Group | Group of Event logs within a Log Stream (e.g., AWS CloudWatch Log Groups) |
| Lookout Project | Lookout Projects (e.g., Amazon Lookout) comprise three facets: Metrics, Equipment, and Vision. Lookout Metrics finds root causes for anomalies in data. Lookout Equipment monitors physical equipment for abnormal behavior and potential failures. Lookout Vision finds visual defects in industrial products, like missing components, physical damage, irregularities, and defects. |
| Named Location | Groups of designated network ranges that are frequently referenced in Conditional Access Policies (Azure Named Locations) |
| Resource Share | Collection of resources that is designated to be shared amongst a group of principals (AWS RAM Resource Share) |
| Resource Share Resource | Individual resource within a Resource Share collection (AWS RAM Resources) |
| Secret | Confidential or secure data (AWS Secret) |
| Security Posture | Assists in assessing and strengthening your security across multi-cloud and hybrid environments (Azure Advisor Recommendations) |
| Service Control Policy | A type of policy to manage your application (AWS Service Control Policy) |
| Service Detector | Threat detection service (AWS GuardDuty Detector, Microsoft Defender for Cloud) |
| Simple Log Service | A service that aggregates and analyses logs, metrics, and traces into a single observation platform (Alibaba Cloud Simple Log Service) |
| Sink | A Stackdriver Sink controls how logs are routed throughout your environment (GCP Stackdriver Sink, AWS CloudWatch Observability Sink Link) |
| SSH Key Pair | Public and Private keys associated with a cloud provider within an organization service |
| SSL Certificate | A certificate bound to a load balancer to facilitate secure client/server communication |
| SSL Certificate Authority | Issues digital certificates to help identify websites, people, and devices (AWS Certificate Manager, GCP Certificate Authority Service) |
| Threat Findings | Threat detection service (AWS GuardDuty/Macie) |
| User Pool | Allows your users to sign in to your web or mobile app (AWS Cognito User Pool) |
Machine Learning & AI
| Resource Type | Description |
|---|---|
| Automation Account | Orchestrate cloud-based automation tasks for you, including operating system and configuration updates, to ensure consistent management across your cloud environments (Azure Automation Account) |
| Bedrock Agent | Acts as an intermediary orchestrator between users, data, models, and software (AWS Bedrock Agent) |
| Bedrock Model | Self-contained code that has been trained on a dataset to recognize patterns in or make assumptions about datasets without human intervention (AWS Bedrock Model) |
| Bedrock Training Job | A singular, running instance of a model training (AWS Bedrock Job) |
| Bot Service | Provide an interactive experience, for example a virtual assistant or support for your website, built off of your data (Azure Bot Service) |
| Cognitive Search | Uses artificial intelligence to identify and explore large amounts of content (Azure Cognitive Search) |
| Computer Vision | Uses artificial intelligence to provide insights from image and video content (Azure Computer Vision) |
| Content Moderator | Provides automated image, text, and video moderation (Azure Content Moderator) |
| Language Service | Provides natural language capabilities via an API (Azure Language Service) |
| LUIS API | Allows your applications to understand commands from your users using natural language processing (Azure LUIS API) |
| Machine Learning Instance | Prepare and processes data, trains and deploys machine learning models |
| Machine Learning Training Job | A computation task that trains a machine learning model (AWS SageMaker Training Job) |
| Open AI | Allows you to apply advanced coding and language models to your own use cases (Azure Open AI) |
| Personalizer | Assists in providing a unique, relevant experience for each of your users (Azure Personalizer) |
| Speech Services | Encapsulates several different speech-related features including text-to-speech, speech-to-text, translation, and speaker recognition (Azure Speech Services) |
| Translator | Provides machine translation via an API (Azure Translator) |
| Vertex Custom Job | A singular, running instance of a custom model training (GCP Vertex Custom Job) |
Network
| Resource Type | Description |
|---|---|
| Access List | Used to protect and ingress/egress traffic to cloud resources (Security Groups/NACLs) |
| Access List Flow Log | Allows users to log information about IP traffic flowing through a Network Security Group |
| Access List Rule | Ingress/Egress traffic rules for Security Groups/NACLs |
| API Key Usage Plan | A usage plan that specifies who can access various API endpoints and methods as well as target request rates (AWS API Key Usage Plan) |
| Application Gateway | Facilitates the creation, use, and management of APIs at any scale (AWS API Gateway, Azure API Management Service) |
| Application Gateway Domain | Allows the creation, use, and naming of custom domain name (AWS API Gateway Domain) |
| Application Key | Generates API keys (AWS Gateway Key) |
| Application Stage | Sets up a stage, a named reference to a deployment, which can be used to manage and optimize the deployment (AWS API Gateway Stage) |
| Backend Services | Configuration for load balancing services (GCP Load Balancer Backend Services) |
| Bastion Host | Part of a service that allows seamless and secure connection to your virtual machines (Azure Bastion Host) |
| Content Delivery Network | A service that securely delivers data (AWS CloudFront, Azure CDN Profile, GCP Cloud CDN) |
| Database Migration Services | Database Migration Services use this information to connect to a data store and migrate data from a source endpoint to a target endpoint (AWS DMS Endpoint) |
| DDoS Protection | Distributed Denial of Service (DDoS) protection service that safeguards applications running in the cloud (AWS Shield, Azure DDoS Protection) |
| Direct Connect | Establishes dedicated network from your premises to the cloud (AWS Direct Connect, GCP Cloud Interconnect, Azure Express Route Circuit) |
| DNS Zone | Used to store DNS records for name public/private name resolution (AWS Route53) |
| Forwarding Rules | Manage frontend configuration of a load balancer (GCP Load Balancer Forwarding Rules, Azure Load Balancing Rules) |
| Global Load Balancer | A global, scalable entry-point that uses a global edge network to create web applications (e.g., Azure Front Door, AWS Global Accelerator) |
| Internet Gateway | A logical connection between a network and the internet |
| Load Balancer | Used in multi-tier apps to distribute load across a variety of compute instances |
| NAT Gateway | Enables instances in a private network to forward traffic to the Internet |
| Network | Logically isolated virtual environment within a Cloud Provider (AWS VPC) |
| Network Address Group | Provides visibility into defined network address prefixes (AWS Managed Prefix List, Azure IP Group) |
| Network Endpoint | Enables private connection of your VPC to cloud services |
| Network Endpoint Service | Enables you to privately connect your VPC to supported provider services (AWS VPC Endpoint Services, Azure Private Link Service) |
| Network Firewall | A managed, cloud-based network-security service that protects network resources (Azure Firewall) |
| Network Firewall Rule | Firewall rules including:NAT rules, network rules, and applications rules (Azure Firewall Rule) |
| Network Firewall Rule List | Firewall rule collections processed according to the rule type in priority order (Azure Firewall Rule Collection) |
| Network Flow Log | Stores configuration and delivery info regarding traffic flows in a cloud network |
| Network Interface | Virtual interfaces that can allow communication between networks/subnets |
| Network Peer | Interconnects two private networks |
| Private Subnet | Private logical subdivision of a network |
| Public IP | Elastic/Floating IP addresses which allow communication over the Internet |
| Query Log Config | Enables DNS query resolution across entire hybrid cloud (AWS Route53Resolver Configuration) |
| Route | Used to determine where network traffic from your subnet or gateway is directed (AWS Route, Azure Route) |
| Route Table | Used to store routes |
| Site-to-Site VPN | Enable access to your remote network from your VPC (AWS Site-to-Site VPN (VPC), GCP VPN Tunnel) |
| Target Proxies | Load balancing component that routes incoming requests to a URL map, terminates connection to the user (GCP Load Balancer Target Proxies) |
| Traffic Manager | A Traffic Manager is a DNS-based network traffic load balancer, distributing network traffic evenly across your environment (Azure Traffic Manager) |
| Traffic Mirror Target | An elastic network interface or a network load balancer (AWS VPC Traffic Mirror Targets) |
| Transit Gateway | Service enabling connection of VPCs and on-premises networks to a single gateway (AWS Transit Gateway) |
| URL Map | A set of rules for routing incoming HTTP(S) requests to specific services (GCP URL Map) |
| Virtual Private Gateway | Private virtual interface for one or more connections |
| Web Application Firewall | Web application security (AWS Application Firewall (WAF), WAFv2) |
| Web Application Firewall Rule | Governs how incoming HTTP(S) requests are inspected and handled (AWS WAF Rule) |
| Web Application Firewall Rule Group | A set of rules that can be added to an access control list (AWS WAF Rule Group) |
Storage
Azure Data Lake Storage Gen1 Retired
As of February 29, 2024, Azure has retired the Data Lake Storage Gen1 service. The Data Lake Storage resource type has been disabled until InsightCloudSec is able to officially support Azure Data Lake Storage Gen2. Contact support for any questions or issues.
| Resource Type | Description |
|---|---|
| Backup Gateway | A template that connects a backup service to a hypervisor, enabling interactive backup and restoration (AWS Backup Gateway) |
| Backup Vault | Container for organizing your backups |
| Big Data Snapshot | Point-in-time back up of a big data instance |
| Cache Snapshot | Point-in-time backup of Redis cluster (AWS ElastiCache Snapshot, Alibaba Cloud Redis Snapshot) |
| Cassandra Table | Managed, efficient, and reliable Apache Cassandra-based database services (AWS Keyspaces) |
| Cloud Dataset | Top-level containers for organizing and controlling access to tables and views (GCP BigQuery Dataset) |
| Cloud Global Access Point | A global endpoint for routing storage container request traffic between regions (AWS S3 Multi-Region Access Point) |
| Cold Storage | Deep archive storage (AWS Glacier) |
| Data Analytics Workspace | Interactive query service for data analytics (AWS Athena) |
| Data Factory | Managed, serverless data integration (Azure Data Factory GCP Data Fusion) |
| Data Stream | The transfer of data at a steady high-speed rate (AWS Kinesis) |
| Data Sync Task | Tasks associated with online data transfer (AWS DataSync Task) |
| Database Migration Instance | Migrates on-premises database to the cloud (AWS Database Migration Service (DMS)) |
| Database Proxy | Simplifies connection management by handling network traffic between client applications and the database (AWS RDS Database Proxy) |
| Database Snapshot | Point-in-time backup of a database instance |
| Databricks Workspace | Collaborative analytics platform based on Apache Spark (Azure Databricks Workspace) |
| Delivery Stream | Load streaming data into data stores and analytics tools (AWS Firehose) |
| Elastic Cluster | A database cluster that allows you to scale your workload's throughput (AWS Elastic Cluster) |
| ETL Connection | An object that stores login and access information for a data store that can be reused to load ETL jobs |
| ETL Crawler | Processes data schemas found in a given data store and creates metadata tables within a dat catalog for the schemas (AWS Glue Crawler) |
| ETL Data Catalog | An index to the location, schema, and runtime metrics of your data; supports extract, transform, and load (ETL) service (AWS Glue Data Catalog) |
| ETL Database | Extract, transform, load (ETL) databases are used to organize metadata for holistic ETL services (AWS Glue Database) |
| ETL Job | An individual extract, transform, and load job from given source data to a data target (AWS Glue Job) |
| ETL Security Configuration | A set of security properties that can be used by your extract, transform, and load (ETL) service (AWS Glue Security Configuration) |
| File Share | A cloud storage service that provides on-premises access to cloud storage (AWS NFS/SMB File Gateway Share) |
| GraphQL API | GraphQL manages services that improve performance, support real-time updates, and make connecting to secure datasources easy (AWS AppSync API) |
| Recycle Bin Rule | Assists in preventing accidental deletion of snapshots using custom retention rules and recovery (AWS Recycle Bin Rule) |
| Secure File Transfer | Allows secure transfer of files using SFTP protocol (AWS SFTP Server) |
| Shared File System | Scalable volumes that can be shared between multiple instances (eg: AWS EFS) |
| Snapshot | Point-in-time backups of volumes |
| Spanner | A globally-distributed, and synchronously-replicated database (GCP Spanner, AWS Aurora Global Database) |
| Storage Account | Contains all Azure storage data objects (Azure Storage Account) |
| Storage Container | Object storage (S3, Cloud Storage, Blob Storage, etc.) |
| Storage Gateway | Securely connect on-premises software applications with cloud-based storage (AWS Storage Gateway) |
| Storage Queue | Stores large numbers of messages that can be accessed anywhere at anytime to process work asynchronously (Azure Storage Queue) |
| Storage Sync Service | Assists with centralizing your file shares while also enabling high availability and recovery (Azure Storage Sync Service) |
| Stored Parameters | Secure storage for configuration data as parameter values (AWS Systems Manager Parameter Store Parameter) |
| Stream Instance | Streaming data service (AWS MSK Instance) |
| Timeseries Database | Timeseries databases store and analyze trillions of events daily for internet of things (IoT) and operational applications (Amazon Timestream) |
| Video Stream | Service to stream live video from devices to the cloud (AWS Kinesis Video Stream) |
| Volume | Network attached storage (EBS, Virtual Disks, etc.) |
Did this page help you?