TABLE OF CONTENTS
In the context of RBAC, resources are grouped into categories: Artifacts (of applications), Workloads (containers), and Infrastructure (elements). Each category is subdivided into specific types of resources. Each resource type can be specified by the use of attributes.
Aqua Enterprise defines these resources, grouped by category.
The brand name VMware Tanzu has replaced Pivotal. The latter term may still be used in application scope definitions, e.g., PAS (Pivotal Application Service) instead of TAS (Tanzu Application Service).
An artifact is an application. It can be an image (for a container, not a CF application); a serverless function; or a Tanzu Application Service (TAS) droplet.
|Image||Registry||Name of a registry as defined in Aqua|
Image repository name
In registry.aquasec.com/server:6.2, the repository name is server.
|Serverless App||Name of a serverless application defined in Aqua|
Serverless function tag
A tag name and value must be specified.
|TAS (PAS) droplet||Blobstore||Name of the Cloud Controller blobstore in which the TAS droplet resides|
A workload is a running container. It can run in a Kubernetes cluster, on a VM (no orchestrator), or under Tanzu Application Service (TAS).
|Kubernetes||Cluster Name||Name of a Kubernetes cluster on which a container is running|
Kubernetes namespace in which a container is running
|No Orchestrator||Container Name||Name of a container running on a VM|
|Enforcer Group||Name of an Aqua Enforcer group associated with the VM on which the container is running|
|Host Name||Host name of the VM on which the container is running|
|TAS (PAS)||Organization||Name of a Tanzu organization (org) associated with the container|
|Space||Name of a Cloud Foundry space associated with the container|
An infrastructure resource is an element of a computing environment on which a workload is orchestrated and run. It can be a host (VM) or a Kubernetes cluster.
|Host||Enforcer Group||Name of an Aqua Enforcer group associated with the host (VM)|
|Kubernetes||Cluster Name||Name of a Kubernetes cluster in which the host (VM) is running|
Did you find it helpful?Send feedback