Enterprises are adopting the public cloud to reduce cost and gain the scalability, reliability, and transparency that is enabled by software-defined infrastructure; however, maintaining transparency as the Enterprise scales out across services, multiple accounts, and multiple cloud providers can be a difficult challenge. To assist these Enterprises with managing their cloud configurations at scale, Turbot is pleased to announce availability of our New Cloud CMDB™ feature.

The latest version of Turbot now provides a version controlled, automated cloud configuration management database, that provides complete visibility into the current state and history of all cloud infrastructure through a single, simple web-based search console.

Cloud Configuration Management – Under the Covers

To achieve sub-second search across millions of cloud configuration items, Turbot deploys a version controlled system automatically for each Turbot managed cloud account. Turbot then continuously records configuration state in human-readable YAML files. These files capture the complete configuration detail of your Turbot accounts and your cloud services & resources (EC2 Instances, EBS Volumes, Security Groups, IPs, VPCs, Internet/NAT/Virtual Gateways, S3 Buckets, etc.). Changes to those configurations can easily be found by executing diff between versions of the configuration that exist at different points in time.

Turbot maintains a constant state of awareness for any configuration changes in your cloud ecosystem. As changes occur, Turbot is notified and automatically updates the CMDB to record the latest state of configuration.

Cloud CMDB In Action

When a user creates an S3 bucket, Turbot enforces the guardrails specified by the Enterprise, to meet policy objectives regarding encryption standards, accessing logging, versioning, etc.


Turbot records the configuration history per guardrail so you can see the complete event, metadata, debugging, information, etc.


(example of configuration history of one particular guardrail per the new bucket)


(example of process details; debugging, event, metadata, and links to raw log files)


(example of CMDB updates per recent changes to new bucket)


(example of all active guardrail health on the bucket)

Search Current and Prior Inventory

As thousands of resources are created, changed, and removed, it becomes difficult to keep track of cloud resources in just one account and is impossible to do across multiple accounts without automation. Turbot provides full search functionality across all configuration details so you can easily find one or many resources across all accounts for all time periods. This provides limitless capabilities to interrogate configuration metadata on cloud resources (e.g. search for all buckets in a region, all buckets with server side encryption enforced, any volumes that are unencrypted, where a specific IP address is located, etc.)


(examples of pre-canned search filters for common searches)

Since Turbot keeps an active change history of all configurations, a user can immediately see the newly created bucket in their inventory.


(example of current inventory showing the bucket in the account)

Since configurations are version controlled, you can search history of configurations as well:


(example of prior revision history on the same search)

DevOps teams are comfortable using the AWS CLI or API to list and explore cloud resources, but these “describe” functions are limited to a single account, single service, and single resource type. Turbot allows everyone (IT, CloudOps, SecOps and DevOps) to use a common search UI and advanced search syntax to perform keyword and metadata constrained searches across multiple accounts, services and resources simultaneously – all with sub-second response.

For DevOps teams that want to integrate CMDB search into their automation workflow: Turbot is 100% API Driven, so all cloud CMDB searches can occur over the API as well.


Contact us to learn more and to schedule a demo of all Turbot’s features.