Overview

When items are created or imported into the itopia Cloud Automation Stack (CAS), CAS retains a "management" reference of the item. Depending on the item type, the references contains a minimal set of attributes to allow CAS to unique identify the object in Google Cloud or the Active Directory instance and allow management tasks to be performed against the item. The table below provides a sample of the attributes retained by CAS for common item types.

CAS Item Type	Attributes
VM Instance	Google Cloud unique identifier Name Description Instance type GCP region and zone Private IP Public IP Labels
User	AD GUID (objectGuid) Display name (displayName) First name (givenName) Last name (sn) Email address (email) Phone number (telephoneNumber) User principal name (userPrincipalName) Department (department)
Security Group	AD GUID (objectGuid) Display name (displayName) Members (member)
VM Snapshot	Google Cloud unique identifier
Images	Google Cloud unique identifier Name Base operating system Image family Image disk size Description Associated VM instance (if the image is not finalized)

Certain items exist only in CAS, such as Server Uptime Schedules and Snapshot Plans. Other items are not stored in CAS, such as VPN tunnels or Network Shares; although these can be created or deleted in the CAS Admin Console, CAS enumerates these items directly from Google Cloud or your infrastructure servers and does not create a management reference for them.

Removing Items from CAS

When removing an item from CAS, the behavior differs depending on the item type. For items with a management reference, you have the option to also delete the actual item. If you do not explicitly choose to delete the item, only the management reference is removed from CAS; if you choose to delete the item, the object will be deleted from Google Cloud or Active Directory.

The table below describes the removal behavior in CAS for different item types.

CAS Item Type	CAS Category	Removal Options	Details
Application	Management Reference	Remove from CAS	Applications will not be uninstalled from Session Hosts
Collection Pool	CAS Item	Delete from CAS	Session Host VMs for the Collection Pool will be deleted in Google Cloud
File Share	Management Reference	Remove from CAS	Share data will not be deleted from the file server
Image	Management Reference	Delete in GCP	Deleting an image in CAS will also delete the image in Google Cloud
Security Group	Management Reference	Remove from CAS Delete group in Active Directory (optional)	Groups imported from a trusted Active Directory forest cannot be deleted, only removed
Server Uptime	CAS Item	Delete from CAS
Snapshot	CAS Item	No option in CAS	Snapshots are created in Google Cloud by Snapshot Plans. CAS retains a copy of each snapshot created by a Snapshot Plan, but snapshots must be managed directly in Google Cloud
Snapshot Plan	CAS Item	Delete from CAS
User	Management Reference	Remove from CAS Delete user in Active Directory (optional)	Users imported from a trusted Active Directory forest cannot be deleted, only removed
VM Instance	Management Reference	Remove from CAS Delete VM in Google Cloud (optional)
VPN	GCP Item	Delete in GCP	VPNs are enumerated directly from GCP. Deleting a VPN in CAS will delete the VPN in Google Cloud