Resource Types & Categories
Resource Types
Every resource managed by Guardrails is an instance of a Resource Type. The resource type defines the properties that belong to a resource, as well as the Policies that apply to it. Each Policy Type targets one or more resource types.
The policy type
AWS > S3 > Bucket > Approved targets a resource type of AWS > S3 > Bucket, thus every instance of AWS > S3 > Bucket will have an AWS > S3 > Bucket > Approved policy.Resource types are defined in a type hierarchy.
The
AWS > S3 > Bucket resource type is a child of the AWS > S3 resource type.Note that the resource type hierarchy is separate and distinct from the Resource Hierarchy.
Resource types are defined in Mods.
Resource Categories
The Guardrails Resource Type hierarchy provides grouping of resources, but in a structured, service-oriented manner. Resource Categories provide an alternate, vendor agnostic, categorization of resource types.
The
AWS > S3 > Bucket, Azure > Storage > Storage Account, and GCP > Storage > Bucket resource types all have a resource category of Storage > Object.Resource categories are typically used for reporting, providing useful aggregation and filtering of data.
Example - Resource Types and Categories
