- Builders deploy and inspect workloads.
- Operators manage subnets and admission.
- Providers connect nodes and manage fleets.
Core concepts
| Concept | What it means |
|---|---|
| Realm | The IDYL environment the CLI authenticates with. |
| Identity | The signed-in user or token used to authenticate requests. |
| Account | The primary ownership boundary for resources. |
| Region | A placement domain for subnets and workloads. |
| Organization | A grouping for accounts, billing, policies, and access management. |
| Access profile | A reusable permission template that can be assigned to an identity. |
| Context | A saved CLI selection of realm, identity, account, profile, namespace, and subnet. |
| Namespace | An account-scoped grouping for related workload resources. |
| Subnet | A governed compute environment where workloads run and nodes provide capacity. |
| Subnet name | A human-readable alias that can point to a subnet slug. |
| Application | The software you deploy and manage through workloads. |
| Workload | A resource that describes runnable work. |
| Manifest | A YAML resource definition that can be applied repeatedly. |
| Pod spec | The container and host requirement definition used by workloads. |
| Sandbox | A temporary environment for previews, agents, experiments, demos, or customer-specific deployments. |
| Workload isolation | The runtime boundary requested by a workload, from standard container execution to microVM-backed execution, enforced through subnet runtime policy and compatible provider capacity. |
| Node | A machine connected to IDYL as compute capacity. |
| Fleet | A provider-managed group of nodes. |
| Admission | Subnet policy and grants controlling who can deploy or provide capacity. |
Start here
Accounts, profiles, and contexts
Learn how the CLI chooses the account, permissions, namespace, and subnet for commands.
Global accounts and regions
Understand global account management, regional subnet placement, and region deployment policy.
Subnets
Understand the deployment target and capacity boundary used by builders, operators, and providers.
Workloads
Learn how deployments, jobs, cron jobs, replica sets, and pods relate.
Sandboxes
Create temporary environments for previews, agents, experiments, demos, and customer-specific deployments.
Workload isolation
Understand standard containers, microVM-backed workloads, runtime policy, and compatible provider capacity.
Admission and access
Compare account permissions with subnet admission controls.