Refactor of VM features (#670)

smendis-scottlogic · web-flow · commit 6ac1ed42a463 · 2025-02-17T07:24:03.000-08:00
diff --git a/services/compute/virtual-machines/features.yaml b/services/compute/virtual-machines/features.yaml
@@ -1,159 +1,146 @@
-common_features: []
+common_features:
+  - CCC.F02 # Encryption at Rest Enabled by Default
+  - CCC.F06 # Identity Based Access Control
+  - CCC.F07 # Event Notifications
+  - CCC.F09 # Monitoring
+  - CCC.F10 # Logging
+  - CCC.F11 # Backup
+  - CCC.F12 # Recovery
+  - CCC.F13 # Infrastructure as Code
+  - CCC.F15 # Cost Management
+  - CCC.F17 # Alerting
+  - CCC.F20 # Tagging
+  - CCC.F22 # Location Lock-In
+  - CCC.F23 # Network Access Rules
 features:
   - id: CCC.VM.F01
-    title: Instance Types - General Computing
-    description: Providing a range of instance types with different specifications for CPU and memory.
+    title: General Purpose Instances
+    description: |
+      Provides a computing instance that provides a balance of compute,
+      memory and networking resources. They are suitable for a wide range
+      of applications.
   - id: CCC.VM.F02
-    title: Instance Types - Storage Optimised
+    title: Compute Optimized Instances
     description: |
-      Providing instance types with storage optimization features including high-speed I/O capabilities,
-      disk types, and high capacities.
+      Provides instances that are suited for compute-bound applications that
+      benefits from high performance processors such as batch processing
+      workloads, media transcoding and high performance web servers.
   - id: CCC.VM.F03
-    title: Instance Types - GPU Optimised
-    description: Providing instance types tailored specifically for GPU-intensive workloads.
+    title: Memory Optimized Instances
+    description: |
+      Provides instances that are suited for memory intensive applications
+      such as high performance databases, in-memory caches, and real-time
+      big data analytics.
   - id: CCC.VM.F04
-    title: Instance Types - Network Optimised
+    title: Storage Optimized Instances
     description: |
-      Providing instance types equipped with a range of networking capabilities,
-      including options for high-bandwidth connections, low-latency networking,
-      and the ability to attach multiple or redundant network interfaces.
+      Provides instances that are optimized for applications that require
+      high, sequential read and write access to large datasets on local storage
+      such as distributed file systems, data warehousing applications, and
+      high-frequency online transaction processing (OLTP) systems.
   - id: CCC.VM.F05
-    title: Instance Types - Dynamic Performance
+    title: Accelerated Computing Instances
     description: |
-      Providing "burstable" instances for intermittent workloads that accumulate
-      credits during periods of low usage which can be used to burst above baseline performance when needed.
+      Provides instances that use hardware accelerator, or co-processors, such
+      as GPU to perform functions such as floating-point number calculations,
+      graphics processing, or data pattern matching more efficiently.
   - id: CCC.VM.F06
-    title: Operating System Options
-    description: A selection of operating systems for virtual machine instances.
+    title: Preemptible Instances
+    description: |
+      Providing the option for using preemptible virtual machine (spot) instances
+      at a lower cost for non-critical or fault-tolerant workloads that may be
+      terminated by the cloud provider after a notice period.
   - id: CCC.VM.F07
-    title: Ephemeral Storage
-    description: Temporary storage available to the VM which is lost when the instance is stopped or terminated.
+    title: Dedicated Instances
+    description: |
+      Ability to reserve a physical server dedicated to a single customer
+      for regulatory compliance.
   - id: CCC.VM.F08
-    title: High Availability
+    title: Vertical Scaling
     description: |
-      Ensuring high availability of virtual machine instances
-      through redundancy and multiple (availability) zones within a region.
+      Ability to increase or decrease resources such as cpu, memory, and
+      storage of an existing virtual machine instance.
   - id: CCC.VM.F09
-    title: Identity and Access Management
+    title: Horizontal Scaling
     description: |
-      Implementing identity and access management features such as key pairs,
-      JIT and MFA to control user access to virtual machine instances.
+      Ability to add or remove VM instances assigned to the application to
+      handle increased or decreased workload.
   - id: CCC.VM.F10
-    title: Monitoring and Logging
+    title: VM Images
     description: |
-      Offering monitoring and logging capabilities to track performance metrics, user access, and security events.
+      Provides templates to create new virtual machines. They usually includes
+      operating syste, configuration settings and installed applications.
   - id: CCC.VM.F11
-    title: Backup and Restore
+    title: Custom Images
     description: |
-      Providing backup and disaster recovery solutions for virtual machine instances and associated data,
-      including snapshot-based backups, incremental backups, and point-in-time recovery.
+      Ability to create virtual machines with images what are created and owned
+      by the customer which are only available within the subscription of the
+      customer.
   - id: CCC.VM.F12
-    title: Encryption at Rest
-    description: Encrypting data stored by virtual machine instances to protect against unauthorized access.
+    title: Interoperability with Storage Options
+    description: |
+      Capability to read/write to non-ephemeral external storage including
+      object storage and encrypted block storage.
   - id: CCC.VM.F13
     title: Patch Management
     description: |
-      Offering patch management services and compatibility with third-party patch management tools
-      to keep virtual machine instances up to date with security patches and updates.
+      Offering patch management services and compatibility with third-party
+      patch management tools to keep virtual machine instances up to date
+      with security patches and updates.
   - id: CCC.VM.F14
     title: Isolated Secure Environments
     description: |
-      Providing an isolated "enclave" within a virtual machine for processing encrypted
-      and/or sensitive data, with support for custom key management infrastructure.
+      Providing an isolated "enclave" within a virtual machine for processing
+      highly sensitive data such as personal identifiable information,
+      healthcare data and intellectual property. These enclaves are fully
+      isolated from the parent EC2 instance, with no persistent storage,
+      no interactive access, and no external networking.
   - id: CCC.VM.F15
     title: Nested Virtualization
-    description: Allowing the creation of virtual machines within virtual machines.
-  - id: CCC.VM.F16
-    title: Container Support
     description: |
-      Offering support for running containers within virtual machine instances for containerized applications.
-  - id: CCC.VM.F17
+      Ability to create and manage virtual machines within instances.
+  - id: CCC.VM.F16
     title: Instance Metadata
-    description: Providing metadata about virtual machine instances for configuration and management purposes.
-  - id: CCC.VM.F18
-    title: Instance Lifecycle Events
     description: |
-      Offering features for managing the lifecycle and state of virtual machine instances,
-      including starting, stopping, pausing, and restarting instances as needed.
-  - id: CCC.VM.F19
+      Providing metadata about virtual machine instances for configuration
+      and management purposes.
+  - id: CCC.VM.F17
     title: Instance Snapshots
     description: |
-      Creation of snapshots of virtual machine instances to capture and preserve state
-      and data for backup and cloning purposes.
-  - id: CCC.VM.F20
+      Creation of snapshots of virtual machine instances to capture and
+      preserve state and data for backup and cloning purposes.
+  - id: CCC.VM.F18
     title: Instance Templates
     description: |
-      Offering templates for provisioning virtual machine instances with pre-configured images,
-      instance types, and network configurations.
-  - id: CCC.VM.F21
+      Offering templates for provisioning virtual machine instances with
+      pre-configured images, instance types, and network configurations.
+  - id: CCC.VM.F19
     title: Bootstrap Scripts
-    description: Ability to provide bootstrap scripts to a VM to run during the instance boot process.
-  - id: CCC.VM.F22
-    title: Instance Preemptibility
     description: |
-      Providing the option for using preemptible virtual machine (spot) instances at a lower cost
-      for non-critical or fault-tolerant workloads that may be terminated by the cloud provider after a notice period.
-  - id: CCC.VM.F23
+      Ability to provide bootstrap scripts to a VM to run during the
+      instance boot process.
+  - id: CCC.VM.F20
     title: Instance Affinity/Anti-affinity
     description: |
       Enabling control over the location of virtual machine instances to ensure or
       prevent co-location on the same physical hardware.
-  - id: CCC.VM.F24
+  - id: CCC.VM.F21
     title: Instance Health Checks
     description: |
       Exposing health checks on virtual machine instances so that unhealthy
       instances can be automatically replaced or repaired.
-  - id: CCC.VM.F25
+  - id: CCC.VM.F22
     title: Instance Remote Access
     description: |
-      Offering remote access to virtual machine instances through methods such as SSH or
-      RDP for troubleshooting, debugging, and maintenance purposes.
-  - id: CCC.VM.F26
+      Offering remote access to virtual machine instances through methods
+      such as SSH or RDP for troubleshooting, debugging, and maintenance purposes.
+  - id: CCC.VM.F23
     title: Instance Live Migration
     description: |
       Ability to perform live migration of virtual machine instances between physical
       hosts for maintenance or load balancing purposes without downtime.
-  - id: CCC.VM.F27
-    title: Instance Remote Configuration
-    description: |
-      Providing tools for remotely configuring virtual machine instances,
-      including deployment automation and configuration management frameworks.
-  - id: CCC.VM.F28
-    title: Instance Resource Tagging
-    description: |
-      Enabling tagging of virtual machine instances with metadata for organization,
-      management, and cost allocation purposes.
-  - id: CCC.VM.F29
-    title: Instance Resource Utilisation Metrics
-    description: |
-      Providing tools for monitoring resource utilization and performance metrics for virtual
-      machine instances, including CPU usage, memory usage, disk I/O, and network traffic.
-  - id: CCC.VM.F30
-    title: Custom Images
-    description: Allows users to create and manage their own customized virtual machine images.
-  - id: CCC.VM.F31
-    title: Dedicated Instances
-    description: |
-      Providing the option to run instances on physical servers that are dedicated solely to a
-      single customer account, ensuring that the underlying hardware resources are not shared with other customers.
-  - id: CCC.VM.F32
-    title: Interoperability with Storage Options
-    description: |
-      Capability to read/write to non-ephemeral external storage including object storage and encrypted block storage.
-  - id: CCC.VM.F33
-    title: Instance Autoscaling
-    description: |
-      Providing an interface for autoscaling services to automatically adjust the number and/or instance type
-      of virtual machine instances based on predefined criteria such as CPU utilization or incoming traffic.
-  - id: CCC.VM.F34
-    title: Instance Grouping
-    description: Offering logical grouping and management tools for sets of virtual machine instances.
-  - id: CCC.VM.F35
-    title: Security Groups
-    description: |
-      Ability to configure security groups or firewalls to control inbound and outbound traffic to and from instances.
-  - id: CCC.VM.F36
+  - id: CCC.VM.F24
     title: TPM Support
     description: |
-      Providing support for Trusted Platform Module (TPM) for hardware-based security features
-      such as secure boot and cryptographic key storage.
+      Providing support for Trusted Platform Module (TPM) for hardware-based
+      security features such as secure boot and cryptographic key storage.
diff --git a/services/compute/virtual-machines/metadata.yaml b/services/compute/virtual-machines/metadata.yaml
@@ -1,10 +1,10 @@
 title: CCC Virtual Machines
 id: CCC.VM
 description: |
-  This documents the minimual set of features that should be present for a
+  This documents the minimal set of features that should be present for a
   virtual machine service to be considered for use in financial services ecosystems.
 release_details:
-  - version: "2024.09"
+  - version: "2025.06"
     assurance_level: None
     threat_model_url: None
     threat_model_author: None
@@ -15,6 +15,4 @@ release_details:
       github_id: damienjburks
       company: Citi
       summary: Initial release
-    change_log:
-      - "Test"
-      - "Test"
+    change_log: []
