Changelog

Subscribe to all changelog posts via RSS or follow #changelog on our Slack community to stay updated on everything we ship.

What's new?

  • Server

    • Added: Support for creating and deleting watches using @turbot/sdk.
    • Updated: @turbot/fn, @turbot/aws-sdk, aws-sdk, @turbot/utils, @turbot/errors, @turbot/log, @turbot/responses packages.
    • Added: Support for ServiceNow credentials.
  • UI:

    • Added: Support to import ServiceNow Instance in Guardrails.

What's new?

  • Added the following controls across the benchmarks: (#49)
    • bigquery_table_deletion_protection_enabled
    • bigtable_instance_deletion_protection_enabled
    • spanner_database_deletion_protection_enabled
    • spanner_database_drop_protection_enabled

What's new?

  • Added the following controls across the benchmarks: (#47)
    • appservice_environment_zone_redundant_enabled
    • appservice_function_app_public_access_disabled
    • appservice_plan_zone_redundant
    • appservice_web_app_public_access_disabled
    • eventhub_namespace_uses_latest_tls_version
    • eventhub_namespace_zone_redundant
    • kubernetes_cluster_critical_pods_on_system_nodes
    • kubernetes_cluster_os_disk_ephemeral
    • redis_cache_standard_replication_enabled
    • sql_database_ledger_enabled
    • sql_database_zone_redundant_enabled

What's new?

  • Added the following controls across the benchmarks: (#98)
    • docdb_cluster_backup_retention_period_7
    • lambda_permission_restricted_service_permission
    • neptune_cluster_backup_retention_period_7
    • neptune_cluster_copy_tags_to_snapshot_enabled
    • neptune_cluster_iam_authentication_enabled

Bug fixes

  • Fixed the index doc by removing unsupported images. (#334)

Enhancements

  • Added the following controls to the All Controls benchmark: (#733)
    • api_gateway_rest_api_public_endpoint_with_authorizer
    • dlm_ebs_snapshot_lifecycle_policy_enabled
    • docdb_cluster_instance_encryption_at_rest_enabled
    • ebs_volume_snapshot_exists
    • elasticache_cluster_no_public_subnet
    • iam_role_no_administrator_access_policy_attached
    • iam_user_access_key_unused_45
    • iam_user_console_access_unused_45
    • neptune_db_cluster_no_public_subnet

What's new?

  • Control Category Types:
    • CMDB > External
    • Cloud > Integration

Bug fixes

  • Fixed missing closing tag in index doc. (#331)

What's new?

  • Resource Types:

    • AWS > Kendra
  • Policy Types:

    • AWS > Kendra > API Enabled
    • AWS > Kendra > Approved Regions [Default]
    • AWS > Kendra > Enabled
    • AWS > Kendra > Permissions
    • AWS > Kendra > Permissions > Levels
    • AWS > Kendra > Permissions > Levels > Modifiers
    • AWS > Kendra > Permissions > Lockdown
    • AWS > Kendra > Permissions > Lockdown > API Boundary
    • AWS > Kendra > Regions
    • AWS > Kendra > Tags Template [Default]
    • AWS > Turbot > Permissions > Compiled > API Boundary > @turbot/aws-kendra
    • AWS > Turbot > Permissions > Compiled > Levels > @turbot/aws-kendra
    • AWS > Turbot > Permissions > Compiled > Service Permissions > @turbot/aws-kendra

Bug fixes

  • Fixed ad_guest_user_reviewed_monthly, iam_deprecated_account_with_owner_roles, iam_external_user_with_read_permission, iam_external_user_with_write_permission, iam_user_not_allowed_to_create_security_group and iam_user_not_allowed_to_register_application queries to remove duplicate benchmark results. (#228)

What's new?

  • Category Types:
    • Turbot > Resource > Category > Business Application
    • Turbot > Resource > Category > Cloud > Api
    • Turbot > Resource > Category > Cloud > Provider
    • Turbot > Resource > Category > Cloud > Resource Group
    • Turbot > Resource > Category > Container
    • Turbot > Resource > Category > Cost Management
    • Turbot > Resource > Category > End User Computing
    • Turbot > Resource > Category > Migration
    • Turbot > Resource > Category > Robotics

What's new?

  • Added support to process enable and disable real-time events for Firebase Management APIs.

What's new?

  • You can now Enable/Disable Firebase Management API via Guardrails. To get started, set the GCP > Firebase > API Enabled policy.

  • We've updated the runtime of the lambda functions to Node 18. You wouldn't notice any difference and things will continue to work smoothly and consistently as before.

  • Control Types:

    • GCP > Firebase > API Enabled
  • Policy Types:

    • GCP > Firebase > API Enabled
    • GCP > Firebase > Android App > Approved > Custom
    • GCP > Firebase > Web App > Approved > Custom
    • GCP > Firebase > iOS App > Approved > Custom
  • Action Types:

    • GCP > Firebase > Set API Enabled

What's new?

  • Added support for newer US, Europe, India and US Government regions in the Azure > Synapse Analytics > Regions policy.

  • We've updated the runtime of the lambda functions to Node 18. You wouldn't notice any difference and things will continue to work smoothly and consistently as before.

  • Resource's metadata will now also include createdBy details in Turbot CMDB.

  • Policy Types:

    • Azure > Synapse Analytics > SQL Pool > Approved > Custom
    • Azure > Synapse Analytics > SQL Pool > Regions
    • Azure > Synapse Analytics > Workspace > Approved > Custom

What's new?

  • We've updated the runtime of the lambda functions to Node 18. You wouldn't notice any difference and things will continue to work smoothly and consistently as before.

  • Resource's metadata will now also include createdBy details in Turbot CMDB.

  • Policy Types:

    • Azure > API Management > API Management Service > Approved > Custom

What's new?

  • We've updated the runtime of the lambda functions to Node 18. You wouldn't notice any difference and things will continue to work smoothly and consistently as before.

  • Resource's metadata will now also include createdBy details in Turbot CMDB.

  • Policy Types:

    • Azure > AKS > Managed Cluster > Approved > Custom

What's new?

  • We've updated the runtime of the lambda functions to Node 18. You wouldn't notice any difference and things will continue to work smoothly and consistently as before.

  • Resource's metadata will now also include createdBy details in Turbot CMDB.

  • Policy Types:

    • Azure > Network Watcher > Flow Log > Approved > Custom
    • Azure > Network Watcher > Network Watcher > Approved > Custom

What's new?

  • We've updated the runtime of the lambda functions to Node 18. You wouldn't notice any difference and things will continue to work smoothly and consistently as before.

  • Resource's metadata will now also include createdBy details in Turbot CMDB.

  • Policy Types:

    • Azure > Data Factory > Dataset > Approved > Custom
    • Azure > Data Factory > Factory > Approved > Custom
    • Azure > Data Factory > Pipeline > Approved > Custom

What's new?

  • We've updated the runtime of the lambda functions to Node 18. You wouldn't notice any difference and things will continue to work smoothly and consistently as before.

What's new?

  • We've updated the runtime of the lambda functions to Node 18. You wouldn't notice any difference and things will continue to work smoothly and consistently as before.

What's new?

  • We've updated the runtime of the lambda functions to Node 18. You wouldn't notice any difference and things will continue to work smoothly and consistently as before.

  • Resource's metadata will now also include createdBy details in Turbot CMDB.

  • Policy Types:

    • Azure > Firewall > Firewall > Approved > Custom

What's new?

  • We've updated the runtime of the lambda functions to Node 18. You wouldn't notice any difference and things will continue to work smoothly and consistently as before.
  • Resource's metadata will now also include createdBy details in Turbot CMDB.

What's new?

  • We've updated the runtime of the lambda functions to Node 18. You wouldn't notice any difference and things will continue to work smoothly and consistently as before.

  • Resource's metadata will now also include createdBy details in Turbot CMDB.

  • Policy Types:

    • Azure > Front Door > Front Door > Approved > Custom

What's new?

  • We've updated the runtime of the lambda functions to Node 18. You wouldn't notice any difference and things will continue to work smoothly and consistently as before.

  • Resource's metadata will now also include createdBy details in Turbot CMDB.

  • Policy Types:

    • Azure > Databricks > Workspace > Approved > Custom

What's new?

  • We've updated the runtime of the lambda functions to Node 18. You wouldn't notice any difference and things will continue to work smoothly and consistently as before.
  • Resource's metadata will now also include createdBy details in Turbot CMDB.

Bug fixes

  • Fixed the plugin brand colour.

Bug fixes

  • Fixed the plugin to pass the namespace qualifier to the kubernetes API client when querying namespace scoped resources. (#181) (Thanks @pdecat for the contribution!!)

What's new?

  • Policy Types:
    • GCP > Compute Engine > Image > Policy > Trusted Access > All Authenticated
    • GCP > Compute Engine > Image > Policy > Trusted Access > All Users

What's new?

  • We've updated the runtime of the lambda functions to Node 18. You wouldn't notice any difference and things will continue to work smoothly and consistently as before.

  • Resource's metadata will now also include createdBy details in Turbot CMDB.

  • Policy Types:

    • Azure > SignalR Service > SignalR > Approved > Custom

What's new?

  • We've updated the runtime of the lambda functions to Node 18. You wouldn't notice any difference and things will continue to work smoothly and consistently as before.

  • Resource's metadata will now also include createdBy details in Turbot CMDB.

  • Policy Types:

    • Azure > Relay > Namespace > Approved > Custom

Bug fixes

  • Fixed the GetConfig of github_team_repository table to include support for dynamic GraphQL queries. (#379)
  • Fixed the example queries in github_commit doc file. (#377)
  • Fixed the example queries in github_search_issue doc file to filter out results from the API. (#378)

What's new?

Bug fixes

  • Fixed the retention_policy column of gcp_storage_bucket table to correctly return data instead of null. (#502)

What's new?

  • Policy Types:
    • GCP > Functions > Function > Policy > Trusted Access > All Authenticated
    • GCP > Functions > Function > Policy > Trusted Access > All Users

What's new?

  • We've updated the runtime of the lambda functions to Node 18. You wouldn't notice any difference and things will continue to work smoothly and consistently as before.

  • Resource's metadata will now also include createdBy details in Turbot CMDB.

  • Policy Types:

    • Azure > Search Management > Search Service > Approved > Custom

What's new?

  • We've updated the runtime of the lambda functions to Node 18. You wouldn't notice any difference and things will continue to work smoothly and consistently as before.

  • Resource's metadata will now also include createdBy details in Turbot CMDB.

  • Policy Types:

    • Azure > Recovery Service > Vault > Approved > Custom

What's new?

  • Users can now perform quick actions on resources to remediate cloud configuration issues or skip Turbot alarms for issues that they want to come back to later. To get started, click on the Actions button, which will reveal a dropdown menu with available actions, and select one. See Quick Actions for more information.

  • We've updated the runtime of the lambda functions to Node 18. You wouldn't notice any difference and things will continue to work smoothly and consistently as before.

  • Resource's metadata will now also include createdBy details in Turbot CMDB.

  • Policy Types:

    • AWS > SWF > Domain > Approved > Custom
  • Action Types:

    • AWS > SWF > Domain > Set Tags
    • AWS > SWF > Domain > Skip alarm for Active control
    • AWS > SWF > Domain > Skip alarm for Active control [90 days]
    • AWS > SWF > Domain > Skip alarm for Approved control
    • AWS > SWF > Domain > Skip alarm for Approved control [90 days]
    • AWS > SWF > Domain > Skip alarm for Tags control
    • AWS > SWF > Domain > Skip alarm for Tags control [90 days]

What's new?

Enhancements

  • Added the properties column to jira_project table. (#105)

Bug fixes

  • Fixed typo in the docs/index.md file. (#102) (Thanks @adrfrank for the contribution!)
  • Fixed the jira_issue table by enhancing case insensitivity support for the status column. (#90)

What's new?

  • Added CIS v3.0.0 benchmark (steampipe check benchmark.cis_v300). (#57)

Breaking Changes

  • Removed the following tables using the search API that no longer work due to API limitations. These tables will be added back if functionality can be restored.
    • linkedin_company_employee
    • linkedin_company_past_employee
    • linkedin_connection
    • linkedin_search_company
    • linkedin_search_profile

Bug fixes

  • Fixed the compute_firewall_allow_tcp_connections_proxied_by_iap query to correctly include all the ports and source IP ranges. (#128) (Thanks @saisirishreddy for the contribution!)

Enhancements

  • Added the dns_mx_dmarc_record_enabled control to the dns_mx_best_practices benchmark. (#20)

Bug fixes

  • Fixed dashboard localhost URLs in README and index doc. (#23)

Enhancements

  • Added the run_started_at column to github_actions_repository_workflow_run table. (#358) (Thanks @mridang for the contribution!)

What's new?_

  • Added the new All Controls benchmark (steampipe check benchmark.all_controls). This new benchmark includes 109 service-specific controls. (#127)

What's new?

  • Users can now perform quick actions on resources to remediate cloud configuration issues or skip Turbot alarms for issues that they want to come back to later. To get started, click on the Actions button, which will reveal a dropdown menu with available actions, and select one. See Quick Actions for more information.

  • We've updated the runtime of the lambda functions to Node 18. You wouldn't notice any difference and things will continue to work smoothly and consistently as before.

  • Policy Types:

    • AWS > QLDB > Ledger > Approved > Custom
  • Action Types:

    • AWS > QLDB > Ledger > Delete from AWS
    • AWS > QLDB > Ledger > Set Tags
    • AWS > QLDB > Ledger > Skip alarm for Active control
    • AWS > QLDB > Ledger > Skip alarm for Active control [90 days]
    • AWS > QLDB > Ledger > Skip alarm for Approved control
    • AWS > QLDB > Ledger > Skip alarm for Approved control [90 days]
    • AWS > QLDB > Ledger > Skip alarm for Tags control
    • AWS > QLDB > Ledger > Skip alarm for Tags control [90 days]

What's new?

  • Users can now perform quick actions on resources to remediate cloud configuration issues or skip Turbot alarms for issues that they want to come back to later. To get started, click on the Actions button, which will reveal a dropdown menu with available actions, and select one. See Quick Actions for more information.

  • We've updated the runtime of the lambda functions to Node 18. You wouldn't notice any difference and things will continue to work smoothly and consistently as before.

  • Resource's metadata will now also include createdBy details in Turbot CMDB.

  • Policy Types:

    • AWS > Neptune > DB Cluster > Approved > Custom
    • AWS > Neptune > DB Instance > Approved > Custom
  • Action Types:

    • AWS > Neptune > DB Cluster > Delete from AWS
    • AWS > Neptune > DB Cluster > Set Tags
    • AWS > Neptune > DB Cluster > Skip alarm for Active control
    • AWS > Neptune > DB Cluster > Skip alarm for Active control [90 days]
    • AWS > Neptune > DB Cluster > Skip alarm for Approved control
    • AWS > Neptune > DB Cluster > Skip alarm for Approved control [90 days]
    • AWS > Neptune > DB Cluster > Skip alarm for Tags control
    • AWS > Neptune > DB Cluster > Skip alarm for Tags control [90 days]
    • AWS > Neptune > DB Instance > Delete from AWS
    • AWS > Neptune > DB Instance > Set Tags
    • AWS > Neptune > DB Instance > Skip alarm for Active control
    • AWS > Neptune > DB Instance > Skip alarm for Active control [90 days]
    • AWS > Neptune > DB Instance > Skip alarm for Approved control
    • AWS > Neptune > DB Instance > Skip alarm for Approved control [90 days]
    • AWS > Neptune > DB Instance > Skip alarm for Tags control
    • AWS > Neptune > DB Instance > Skip alarm for Tags control [90 days]

What's new?

  • Users can now perform quick actions on resources to remediate cloud configuration issues or skip Turbot alarms for issues that they want to come back to later. To get started, click on the Actions button, which will reveal a dropdown menu with available actions, and select one. See Quick Actions for more information.

  • We've updated the runtime of the lambda functions to Node 18. You wouldn't notice any difference and things will continue to work smoothly and consistently as before.

  • Resource's metadata will now also include createdBy details in Turbot CMDB.

  • Policy Types:

    • AWS > Inspector > Assessment Target > Approved > Custom
    • AWS > Inspector > Assessment Template > Approved > Custom
  • Action Types:

    • AWS > Inspector > Assessment Target > Delete from AWS
    • AWS > Inspector > Assessment Target > Skip alarm for Active control
    • AWS > Inspector > Assessment Target > Skip alarm for Active control [90 days]
    • AWS > Inspector > Assessment Target > Skip alarm for Approved control
    • AWS > Inspector > Assessment Target > Skip alarm for Approved control [90 days]
    • AWS > Inspector > Assessment Template > Delete from AWS
    • AWS > Inspector > Assessment Template > Set Tags
    • AWS > Inspector > Assessment Template > Skip alarm for Active control
    • AWS > Inspector > Assessment Template > Skip alarm for Active control [90 days]
    • AWS > Inspector > Assessment Template > Skip alarm for Approved control
    • AWS > Inspector > Assessment Template > Skip alarm for Approved control [90 days]
    • AWS > Inspector > Assessment Template > Skip alarm for Tags control
    • AWS > Inspector > Assessment Template > Skip alarm for Tags control [90 days]

What's new?

  • Users can now perform quick actions on resources to remediate cloud configuration issues or skip Turbot alarms for issues that they want to come back to later. To get started, click on the Actions button, which will reveal a dropdown menu with available actions, and select one. See Quick Actions for more information.

  • We've updated the runtime of the lambda functions to Node 18. You wouldn't notice any difference and things will continue to work smoothly and consistently as before.

  • Resource's metadata will now also include createdBy details in Turbot CMDB.

  • Policy Types:

    • AWS > DAX > Cluster > Approved > Custom
  • Action Types:

    • AWS > DAX > Cluster > Delete from AWS
    • AWS > DAX > Cluster > Set Tags
    • AWS > DAX > Cluster > Skip alarm for Active control
    • AWS > DAX > Cluster > Skip alarm for Active control [90 days]
    • AWS > DAX > Cluster > Skip alarm for Approved control
    • AWS > DAX > Cluster > Skip alarm for Approved control [90 days]
    • AWS > DAX > Cluster > Skip alarm for Tags control
    • AWS > DAX > Cluster > Skip alarm for Tags control [90 days]
  • Updated the plugin dependency section of the following mods to use min_version instead of version:
    • Alicloud Insights
    • AWS Insights
    • AWS Tags
    • Azure Insights
    • Digitalocean Insights
    • Docker Compliance
    • GCP Insights
    • GCP Labels
    • Github Compliance
    • Github Insights
    • Gitlab Insights
    • Hackernews Insights
    • IBM Insights
    • Kubernetes Insights
    • Microsoft 365 Compliance
    • OCI Compliance
    • OCI Insights
    • OCI Thrifty
    • Snowflake Compliance
    • Tailscale Compliance
    • Terraform AWS Compliance
    • Terraform Azure Compliance
    • Terraform GCP Compliance
    • Terraform OCI Compliance
    • Turbot Guardrails Insights

Breaking changes

  • Updated the plugin dependency section of the mod to use min_version instead of version. (#82)

Bug fixes

  • Updated the docs to include the correct links for the nsa_cisa_v1 benchmark. (#80) (Thanks @aniketh-varma for the contribution!)
  • Fixed the following queries to cast the data to boolean format. (#79)
    • cronjob_container_privilege_disabled
    • cronjob_host_network_access_disabled
    • cronjob_hostpid_hostipc_sharing_disabled
    • cronjob_immutable_container_filesystem
    • cronjob_non_root_container
    • daemonset_container_privilege_disabled
    • daemonset_host_network_access_disabled
    • daemonset_hostpid_hostipc_sharing_disabled
    • daemonset_immutable_container_filesystem
    • daemonset_non_root_container
    • deployment_container_privilege_disabled
    • deployment_host_network_access_disabled
    • deployment_hostpid_hostipc_sharing_disabled
    • deployment_immutable_container_filesystem
    • deployment_non_root_container
    • job_container_privilege_disabled
    • job_host_network_access_disabled
    • job_hostpid_hostipc_sharing_disabled
    • job_immutable_container_filesystem
    • job_non_root_container
    • pod_container_privilege_disabled
    • pod_immutable_container_filesystem
    • pod_non_root_container
    • pod_service_account_token_enabled
    • pod_template_container_privilege_disabled
    • pod_template_immutable_container_filesystem
    • replicaset_container_privilege_disabled
    • replicaset_host_network_access_disabled
    • replicaset_hostpid_hostipc_sharing_disabled
    • replicaset_immutable_container_filesystem
    • replicaset_non_root_container
    • replication_controller_container_privilege_disabled
    • replication_controller_host_network_access_disabled
    • replication_controller_hostpid_hostipc_sharing_disabled
    • replication_controller_immutable_container_filesystem
    • replication_controller_non_root_container
    • statefulset_container_privilege_disabled
    • statefulset_host_network_access_disabled
    • statefulset_hostpid_hostipc_sharing_disabled
    • statefulset_immutable_container_filesystem
    • statefulset_non_root_container

Breaking changes

  • Updated the plugin dependency section of the mod to use min_version instead of version. (#130)

Bug fixes

  • Fixed the kms_key_separation_of_duties_enforced query to ensure that separation of duties is enforced while assigning KMS-related roles to users. (#132)

Breaking changes

  • Updated the plugin dependency section of the mod to use min_version instead of version. (#222)

Bug fixes

  • Fixed the compute_vm_tcp_udp_access_restricted_internet query to ensure internet-facing virtual machines are protected with network security groups. (#224)

Breaking changes

  • Updated the plugin dependency section of the mod to use min_version instead of version. (#34)

Bug fixes

  • Fixed the README and index docs to correctly reference the well_architected_framework_security benchmark. (#25)

Breaking changes

  • Updated the plugin dependency section of the mod to use min_version instead of version. (#161)
  • Renamed the control lambda_function_with_graviton2 to lambda_function_with_graviton in order to maintain consistency. (#158) (Thanks @bluedoors for the contribution!)

Breaking changes

  • Updated the plugin dependency section of the mod to use min_version instead of version. (#45)

Bug fixes

  • Fixed the README to include correct links to the benchmarks. (#47) (Thanks @vil02 for the contribution!)

Breaking changes

  • Updated the plugin dependency section of the mod to use min_version instead of version. (#728)

Enhancements

  • Added the following controls to the All Controls benchmark: (#727)
    • glue_connection_ssl_enabled
    • vpc_peering_connection_route_table_least_privilege

What's new?

  • Server

    • Updated: Updated the package passport-saml to @node-saml/passport-saml: 4.0.4
    • Updated: The directory API to support Require Signed Authentication Response and Strict Audience Validation.
  • UI:

    • Added: Introduced UI options for Require Signed Authentication Response and Strict Audience Validation for enhanced security in SAML authentication.

Enhanced Security and Compatibility Guide for SAML Authentication

Description

The recent package change for @node-saml/passport-saml has made it mandatory to sign the audience response and perform audience validation. To maintain backward compatibility, we have introduced two new options in the UI:

  1. Require Signed Authentication Response
  2. Strict Audience Validation

To make it backward compatible, both of these options are initially set to Disabled by default.

Important Note: This change ensures that the audience response is signed and audience validation is enforced. These checks were not available in earlier versions of the package.

Recommendations

We recommend customers enable both of these properties as they add an additional layer of security. However, it's important to be aware that enabling these properties might potentially break SAML login functionality. Therefore, certain steps need to be taken before enabling them.

Here are specific recommendations for popular Identity Providers (IDPs):

Okta

  • Strict Audience Validation: If enabled, ensure that the "Issuer ID" matches the "Audience Restriction."

OneLogin

  • Require Signed Authentication Response: This feature should be disabled in OneLogin, as OneLogin does not support it.
  • Strict Audience Validation: If enabled, ensure that the "Issuer ID" matches the "Audience".

Azure Entra ID (Previously Known as Azure AD)

  • Require Signed Authentication Response: If enabled, make sure you choose the Signing option to be "SIGN SAML response and assertion". The Signing option is available on the Signing Certificate page of Entra ID

Please follow these recommendations carefully to make sure you're able to transition smoothly to the updated SAML package.

What's new?

  • We've updated the runtime of the lambda functions to Node 18. You wouldn't notice any difference and things will continue to work smoothly and consistently as before.
  • Resource's metadata will now also include createdBy details in Turbot CMDB.

What's new?

  • Users can now perform quick actions on resources to remediate cloud configuration issues or skip Turbot alarms for issues that they want to come back to later. To get started, click on the Actions button, which will reveal a dropdown menu with available actions, and select one. See Quick Actions for more information.

  • We've updated the runtime of the lambda functions to Node 18. You wouldn't notice any difference and things will continue to work smoothly and consistently as before.

  • Policy Types:

    • AWS > Lightsail > Instance > Approved > Custom
    • AWS > Lightsail > Load Balancer > Approved > Custom
    • AWS > Lightsail > Relational Database > Approved > Custom
  • Action Types:

    • AWS > Lightsail > Instance > Delete from AWS
    • AWS > Lightsail > Instance > Set Tags
    • AWS > Lightsail > Instance > Skip alarm for Active control
    • AWS > Lightsail > Instance > Skip alarm for Active control [90 days]
    • AWS > Lightsail > Instance > Skip alarm for Approved control
    • AWS > Lightsail > Instance > Skip alarm for Approved control [90 days]
    • AWS > Lightsail > Instance > Skip alarm for Tags control
    • AWS > Lightsail > Instance > Skip alarm for Tags control [90 days]
    • AWS > Lightsail > Load Balancer > Delete from AWS
    • AWS > Lightsail > Load Balancer > Set Tags
    • AWS > Lightsail > Load Balancer > Skip alarm for Active control
    • AWS > Lightsail > Load Balancer > Skip alarm for Active control [90 days]
    • AWS > Lightsail > Load Balancer > Skip alarm for Approved control
    • AWS > Lightsail > Load Balancer > Skip alarm for Approved control [90 days]
    • AWS > Lightsail > Load Balancer > Skip alarm for Tags control
    • AWS > Lightsail > Load Balancer > Skip alarm for Tags control [90 days]
    • AWS > Lightsail > Relational Database > Delete from AWS
    • AWS > Lightsail > Relational Database > Set Tags
    • AWS > Lightsail > Relational Database > Skip alarm for Active control
    • AWS > Lightsail > Relational Database > Skip alarm for Active control [90 days]
    • AWS > Lightsail > Relational Database > Skip alarm for Approved control
    • AWS > Lightsail > Relational Database > Skip alarm for Approved control [90 days]
    • AWS > Lightsail > Relational Database > Skip alarm for Tags control
    • AWS > Lightsail > Relational Database > Skip alarm for Tags control [90 days]

What's new?

  • Resource Types:

    • AWS > Bedrock
  • Policy Types:

    • AWS > Bedrock > API Enabled
    • AWS > Bedrock > Approved Regions [Default]
    • AWS > Bedrock > Enabled
    • AWS > Bedrock > Permissions
    • AWS > Bedrock > Permissions > Levels
    • AWS > Bedrock > Permissions > Levels > Modifiers
    • AWS > Bedrock > Permissions > Lockdown
    • AWS > Bedrock > Permissions > Lockdown > API Boundary
    • AWS > Bedrock > Regions
    • AWS > Turbot > Permissions > Compiled > API Boundary > @turbot/aws-bedrock
    • AWS > Turbot > Permissions > Compiled > Levels > @turbot/aws-bedrock
    • AWS > Turbot > Permissions > Compiled > Service Permissions > @turbot/aws-bedrock

What's new?

  • Users can now perform quick actions on resources to remediate cloud configuration issues or skip Turbot alarms for issues that they want to come back to later. To get started, click on the Actions button, which will reveal a dropdown menu with available actions, and select one. See Quick Actions for more information.

  • We've updated the runtime of the lambda functions to Node 18. You wouldn't notice any difference and things will continue to work smoothly and consistently as before.

  • Resource's metadata will now also include createdBy details in Turbot CMDB.

  • Policy Types:

    • AWS > App Mesh > Mesh > Approved > Custom
  • Action Types:

    • AWS > App Mesh > Mesh > Delete from AWS
    • AWS > App Mesh > Mesh > Set Tags
    • AWS > App Mesh > Mesh > Skip alarm for Active control
    • AWS > App Mesh > Mesh > Skip alarm for Active control [90 days]
    • AWS > App Mesh > Mesh > Skip alarm for Approved control
    • AWS > App Mesh > Mesh > Skip alarm for Approved control [90 days]
    • AWS > App Mesh > Mesh > Skip alarm for Tags control
    • AWS > App Mesh > Mesh > Skip alarm for Tags control [90 days]

What's new?

  • We've updated the runtime of the lambda functions to Node 18. You wouldn't notice any difference and things will continue to work smoothly and consistently as before.
  • Resource's metadata will now also include createdBy details in Turbot CMDB.

Bug fixes

  • The AWS > ElastiCache > Snapshot > CMDB control would go into an error state due to a bad internal build. This is fixed and the control will now work correctly as expected.

Bug fixes

  • Fixed the description of the name column in aws_organizations_account table. (#1947) (Thanks @badideasforsale for the contribution!)

Dependencies

  • Recompiled plugin with steampipe-plugin-sdk v5.6.3 which addresses the issue of expired credentials being intermittently retained in the connection cache. (#1956)

Bug fixes

  • Fixed expired credentials sometimes being left in the connection cache. Update connection cache to use a backing store per connection, rather than a shared backing store. (#699)

What's new?

  • Users can now perform quick actions on resources to remediate cloud configuration issues or skip Turbot alarms for issues that they want to come back to later. To get started, click on the Actions button, which will reveal a dropdown menu with available actions, and select one. See Quick Actions for more information.

  • We've updated the runtime of the lambda functions to Node 18. You wouldn't notice any difference and things will continue to work smoothly and consistently as before.

  • Resource's metadata will now also include createdBy details in Turbot CMDB.

  • Action Types:

    • AWS > Glue > Crawler > Delete from AWS
    • AWS > Glue > Crawler > Set Tags
    • AWS > Glue > Crawler > Skip alarm for Active control
    • AWS > Glue > Crawler > Skip alarm for Active control [90 days]
    • AWS > Glue > Crawler > Skip alarm for Approved control
    • AWS > Glue > Crawler > Skip alarm for Approved control [90 days]
    • AWS > Glue > Crawler > Skip alarm for Tags control
    • AWS > Glue > Crawler > Skip alarm for Tags control [90 days]
    • AWS > Glue > Data Catalog > Skip alarm for Encryption at Rest control
    • AWS > Glue > Data Catalog > Skip alarm for Encryption at Rest control [90 days]
    • AWS > Glue > Database > Delete from AWS
    • AWS > Glue > Database > Skip alarm for Active control
    • AWS > Glue > Database > Skip alarm for Active control [90 days]
    • AWS > Glue > Database > Skip alarm for Approved control
    • AWS > Glue > Database > Skip alarm for Approved control [90 days]
    • AWS > Glue > Development Endpoint [Deprecated] > Delete from AWS
    • AWS > Glue > Development Endpoint [Deprecated] > Set Tags
    • AWS > Glue > Development Endpoint [Deprecated] > Skip alarm for Active control
    • AWS > Glue > Development Endpoint [Deprecated] > Skip alarm for Active control [90 days]
    • AWS > Glue > Development Endpoint [Deprecated] > Skip alarm for Approved control
    • AWS > Glue > Development Endpoint [Deprecated] > Skip alarm for Approved control [90 days]
    • AWS > Glue > Development Endpoint [Deprecated] > Skip alarm for Tags control
    • AWS > Glue > Development Endpoint [Deprecated] > Skip alarm for Tags control [90 days]
    • AWS > Glue > Job > Delete from AWS
    • AWS > Glue > Job > Set Tags
    • AWS > Glue > Job > Skip alarm for Active control
    • AWS > Glue > Job > Skip alarm for Active control [90 days]
    • AWS > Glue > Job > Skip alarm for Approved control
    • AWS > Glue > Job > Skip alarm for Approved control [90 days]
    • AWS > Glue > Job > Skip alarm for Tags control
    • AWS > Glue > Job > Skip alarm for Tags control [90 days]
    • AWS > Glue > ML Transform > Delete from AWS
    • AWS > Glue > ML Transform > Set Tags
    • AWS > Glue > ML Transform > Skip alarm for Active control
    • AWS > Glue > ML Transform > Skip alarm for Active control [90 days]
    • AWS > Glue > ML Transform > Skip alarm for Approved control
    • AWS > Glue > ML Transform > Skip alarm for Approved control [90 days]
    • AWS > Glue > ML Transform > Skip alarm for Tags control
    • AWS > Glue > ML Transform > Skip alarm for Tags control [90 days]
    • AWS > Glue > Security Configuration > Delete from AWS
    • AWS > Glue > Security Configuration > Skip alarm for Active control
    • AWS > Glue > Security Configuration > Skip alarm for Active control [90 days]
    • AWS > Glue > Security Configuration > Skip alarm for Approved control
    • AWS > Glue > Security Configuration > Skip alarm for Approved control [90 days]
    • AWS > Glue > Table > Delete from AWS
    • AWS > Glue > Table > Skip alarm for Active control
    • AWS > Glue > Table > Skip alarm for Active control [90 days]
    • AWS > Glue > Table > Skip alarm for Approved control
    • AWS > Glue > Table > Skip alarm for Approved control [90 days]
    • AWS > Glue > Trigger > Delete from AWS
    • AWS > Glue > Trigger > Set Tags
    • AWS > Glue > Trigger > Skip alarm for Active control
    • AWS > Glue > Trigger > Skip alarm for Active control [90 days]
    • AWS > Glue > Trigger > Skip alarm for Approved control
    • AWS > Glue > Trigger > Skip alarm for Approved control [90 days]
    • AWS > Glue > Trigger > Skip alarm for Tags control
    • AWS > Glue > Trigger > Skip alarm for Tags control [90 days]
    • AWS > Glue > Workflow > Delete from AWS
    • AWS > Glue > Workflow > Set Tags
    • AWS > Glue > Workflow > Skip alarm for Active control
    • AWS > Glue > Workflow > Skip alarm for Active control [90 days]
    • AWS > Glue > Workflow > Skip alarm for Approved control
    • AWS > Glue > Workflow > Skip alarm for Approved control [90 days]
    • AWS > Glue > Workflow > Skip alarm for Tags control
    • AWS > Glue > Workflow > Skip alarm for Tags control [90 days]

What's new?

  • Users can now perform quick actions on resources to remediate cloud configuration issues or skip Turbot alarms for issues that they want to come back to later. To get started, click on the Actions button, which will reveal a dropdown menu with available actions, and select one. See Quick Actions for more information.

  • We've updated the runtime of the lambda functions to Node 18. You wouldn't notice any difference and things will continue to work smoothly and consistently as before.

  • Resource's metadata will now also include createdBy details in Turbot CMDB.

  • Policy Types:

    • AWS > CodeCommit > Repository > Approved > Custom
  • Action Types:

    • AWS > CodeCommit > Repository > Delete from AWS
    • AWS > CodeCommit > Repository > Set Tags
    • AWS > CodeCommit > Repository > Skip alarm for Active control
    • AWS > CodeCommit > Repository > Skip alarm for Active control [90 days]
    • AWS > CodeCommit > Repository > Skip alarm for Approved control
    • AWS > CodeCommit > Repository > Skip alarm for Approved control [90 days]
    • AWS > CodeCommit > Repository > Skip alarm for Tags control
    • AWS > CodeCommit > Repository > Skip alarm for Tags control [90 days]

v0.12.0 of the Terraform Provider for Pipes is now available.

What's new?

  • Resource pipes_workspace_datatank.
  • Resource pipes_workspace_datatank_table.

Enhancements

  • Resource pipes_workspace now supports instance_type.

The query API timeout has been increased from 1 minute to 2 minutes, allowing for greater flexibility in how you query your data.

What's new?

  • Users can now set a Unique Writer Identity for Logging Sink created via the GCP > Turbot > Event Handlers stack. To get started, set the GCP > Turbot > Event Handlers > Logging > Unique Writer Identity policy.

Bug fixes

  • Guardrails stack controls would sometimes fail to update Pub/Sub Topic resources if the Terraform plan in the stack's source policy was updated. This is fixed and the stack controls will now update such resources correctly, as expected. Please note that this fix will only work for workspaces on TE v5.42.0 or higher.

Bug fixes

  • Guardrails stack controls would sometimes fail to update Logging Sink resources if the Terraform plan in the stack's source policy was updated. This is fixed and the stack controls will now update such resources correctly, as expected. Please note that this fix will only work for workspaces on TE v5.42.0 or higher.

What's new?

  • Users can now perform quick actions on resources to remediate cloud configuration issues or skip Turbot alarms for issues that they want to come back to later. To get started, click on the Actions button, which will reveal a dropdown menu with available actions, and select one. See Quick Actions for more information.

  • We've updated the runtime of the lambda functions to Node 18. You wouldn't notice any difference and things will continue to work smoothly and consistently as before.

  • Resource's metadata will now also include createdBy details in Turbot CMDB.

  • Policy Types:

    • AWS > Well-Architected Tool > Workload > Approved > Custom
  • Action Types:

    • AWS > Well-Architected Tool > Workload > Delete from AWS
    • AWS > Well-Architected Tool > Workload > Set Tags
    • AWS > Well-Architected Tool > Workload > Skip alarm for Active control
    • AWS > Well-Architected Tool > Workload > Skip alarm for Active control [90 days]
    • AWS > Well-Architected Tool > Workload > Skip alarm for Approved control
    • AWS > Well-Architected Tool > Workload > Skip alarm for Approved control [90 days]
    • AWS > Well-Architected Tool > Workload > Skip alarm for Tags control
    • AWS > Well-Architected Tool > Workload > Skip alarm for Tags control [90 days]

What's new?

  • We've updated the runtime of the lambda functions to Node 18. You wouldn't notice any difference and things will continue to work smoothly and consistently as before.
  • Resource's metadata will now also include createdBy details in Turbot CMDB.

What's new?

  • Users can now perform quick actions on resources to remediate cloud configuration issues or skip Turbot alarms for issues that they want to come back to later. To get started, click on the Actions button, which will reveal a dropdown menu with available actions, and select one. See Quick Actions for more information.

  • We've updated the runtime of the lambda functions to Node 18. You wouldn't notice any difference and things will continue to work smoothly and consistently as before.

  • Resource's metadata will now also include createdBy details in Turbot CMDB.

  • Policy Types:

    • AWS > Secrets Manager > Secret > Approved > Custom
  • Action Types:

    • AWS > Secrets Manager > Secret > Delete from AWS
    • AWS > Secrets Manager > Secret > Set Tags
    • AWS > Secrets Manager > Secret > Skip alarm for Active control
    • AWS > Secrets Manager > Secret > Skip alarm for Active control [90 days]
    • AWS > Secrets Manager > Secret > Skip alarm for Approved control
    • AWS > Secrets Manager > Secret > Skip alarm for Approved control [90 days]
    • AWS > Secrets Manager > Secret > Skip alarm for Encryption at Rest control
    • AWS > Secrets Manager > Secret > Skip alarm for Encryption at Rest control [90 days]
    • AWS > Secrets Manager > Secret > Skip alarm for Tags control
    • AWS > Secrets Manager > Secret > Skip alarm for Tags control [90 days]

What's new?

  • Users can now perform quick actions on resources to remediate cloud configuration issues or skip Turbot alarms for issues that they want to come back to later. To get started, click on the Actions button, which will reveal a dropdown menu with available actions, and select one. See Quick Actions for more information.

  • We've updated the runtime of the lambda functions to Node 18. You wouldn't notice any difference and things will continue to work smoothly and consistently as before.

  • Resource's metadata will now also include createdBy details in Turbot CMDB.

  • Policy Types:

    • AWS > Glacier > Vault > Approved > Custom
  • Action Types:

    • AWS > Glacier > Vault > Delete from AWS
    • AWS > Glacier > Vault > Set Tags
    • AWS > Glacier > Vault > Skip alarm for Active control
    • AWS > Glacier > Vault > Skip alarm for Active control [90 days]
    • AWS > Glacier > Vault > Skip alarm for Approved control
    • AWS > Glacier > Vault > Skip alarm for Approved control [90 days]
    • AWS > Glacier > Vault > Skip alarm for Tags control
    • AWS > Glacier > Vault > Skip alarm for Tags control [90 days]

What's new?

  • Users can now perform quick actions on resources to remediate cloud configuration issues or skip Turbot alarms for issues that they want to come back to later. To get started, click on the Actions button, which will reveal a dropdown menu with available actions, and select one. See Quick Actions for more information.

  • We've updated the runtime of the lambda functions to Node 18. You wouldn't notice any difference and things will continue to work smoothly and consistently as before.

  • Resource's metadata will now also include createdBy details in Turbot CMDB.

  • Policy Types:

    • AWS > Elastic Beanstalk > Application > Approved > Custom
  • Action Types:

    • AWS > Elastic Beanstalk > Application > Delete from AWS
    • AWS > Elastic Beanstalk > Application > Set Tags
    • AWS > Elastic Beanstalk > Application > Skip alarm for Active control
    • AWS > Elastic Beanstalk > Application > Skip alarm for Active control [90 days]
    • AWS > Elastic Beanstalk > Application > Skip alarm for Approved control
    • AWS > Elastic Beanstalk > Application > Skip alarm for Approved control [90 days]
    • AWS > Elastic Beanstalk > Application > Skip alarm for Tags control
    • AWS > Elastic Beanstalk > Application > Skip alarm for Tags control [90 days]

What's new?

  • We've updated the runtime of the lambda functions to Node 18. You wouldn't notice any difference and things will continue to work smoothly and consistently as before.
  • Resource's metadata will now also include createdBy details in Turbot CMDB.

What's new?

  • Users can now perform quick actions on resources to remediate cloud configuration issues or skip Turbot alarms for issues that they want to come back to later. To get started, click on the Actions button, which will reveal a dropdown menu with available actions, and select one. See Quick Actions for more information.

  • We've updated the runtime of the lambda functions to Node 18. You wouldn't notice any difference and things will continue to work smoothly and consistently as before.

  • Resource's metadata will now also include createdBy details in Turbot CMDB.

  • Policy Types:

    • AWS > WAF Regional > Rule > Approved > Custom
  • Action Types:

    • AWS > WAF Regional > Rule > Delete from AWS
    • AWS > WAF Regional > Rule > Skip alarm for Active control
    • AWS > WAF Regional > Rule > Skip alarm for Active control [90 days]
    • AWS > WAF Regional > Rule > Skip alarm for Approved control
    • AWS > WAF Regional > Rule > Skip alarm for Approved control [90 days]

What's new?

  • We've updated the runtime of the lambda functions to Node 18. You wouldn't notice any difference and things will continue to work smoothly and consistently as before.

  • Action Types:

    • AWS > VPC > Egress Only Internet Gateway > Delete from AWS
    • AWS > VPC > Egress Only Internet Gateway > Set Tags
    • AWS > VPC > Egress Only Internet Gateway > Skip alarm for Active control
    • AWS > VPC > Egress Only Internet Gateway > Skip alarm for Active control [90 days]
    • AWS > VPC > Egress Only Internet Gateway > Skip alarm for Approved control
    • AWS > VPC > Egress Only Internet Gateway > Skip alarm for Approved control [90 days]
    • AWS > VPC > Egress Only Internet Gateway > Skip alarm for Tags control
    • AWS > VPC > Egress Only Internet Gateway > Skip alarm for Tags control [90 days]
    • AWS > VPC > Elastic IP > Delete from AWS
    • AWS > VPC > Elastic IP > Set Tags
    • AWS > VPC > Elastic IP > Skip alarm for Active control
    • AWS > VPC > Elastic IP > Skip alarm for Active control [90 days]
    • AWS > VPC > Elastic IP > Skip alarm for Approved control
    • AWS > VPC > Elastic IP > Skip alarm for Approved control [90 days]
    • AWS > VPC > Elastic IP > Skip alarm for Tags control
    • AWS > VPC > Elastic IP > Skip alarm for Tags control [90 days]
    • AWS > VPC > Endpoint > Delete from AWS
    • AWS > VPC > Endpoint > Set Tags
    • AWS > VPC > Endpoint > Skip alarm for Active control
    • AWS > VPC > Endpoint > Skip alarm for Active control [90 days]
    • AWS > VPC > Endpoint > Skip alarm for Approved control
    • AWS > VPC > Endpoint > Skip alarm for Approved control [90 days]
    • AWS > VPC > Endpoint > Skip alarm for Tags control
    • AWS > VPC > Endpoint > Skip alarm for Tags control [90 days]
    • AWS > VPC > Endpoint Service > Delete from AWS
    • AWS > VPC > Endpoint Service > Set Tags
    • AWS > VPC > Endpoint Service > Skip alarm for Active control
    • AWS > VPC > Endpoint Service > Skip alarm for Active control [90 days]
    • AWS > VPC > Endpoint Service > Skip alarm for Approved control
    • AWS > VPC > Endpoint Service > Skip alarm for Approved control [90 days]
    • AWS > VPC > Endpoint Service > Skip alarm for Tags control
    • AWS > VPC > Endpoint Service > Skip alarm for Tags control [90 days]
    • AWS > VPC > Internet Gateway > Delete from AWS
    • AWS > VPC > Internet Gateway > Set Tags
    • AWS > VPC > Internet Gateway > Skip alarm for Active control
    • AWS > VPC > Internet Gateway > Skip alarm for Active control [90 days]
    • AWS > VPC > Internet Gateway > Skip alarm for Approved control
    • AWS > VPC > Internet Gateway > Skip alarm for Approved control [90 days]
    • AWS > VPC > Internet Gateway > Skip alarm for Tags control
    • AWS > VPC > Internet Gateway > Skip alarm for Tags control [90 days]
    • AWS > VPC > NAT Gateway > Delete from AWS
    • AWS > VPC > NAT Gateway > Set Tags
    • AWS > VPC > NAT Gateway > Skip alarm for Active control
    • AWS > VPC > NAT Gateway > Skip alarm for Active control [90 days]
    • AWS > VPC > NAT Gateway > Skip alarm for Approved control
    • AWS > VPC > NAT Gateway > Skip alarm for Approved control [90 days]
    • AWS > VPC > NAT Gateway > Skip alarm for Tags control
    • AWS > VPC > NAT Gateway > Skip alarm for Tags control [90 days]

What's new?

  • We've updated the runtime of the lambda functions to Node 18. You wouldn't notice any difference and things will continue to work smoothly and consistently as before.

  • Action Types:

    • AWS > VPC > DHCP Options > Delete from AWS
    • AWS > VPC > DHCP Options > Set Tags
    • AWS > VPC > DHCP Options > Skip alarm for Active control
    • AWS > VPC > DHCP Options > Skip alarm for Active control [90 days]
    • AWS > VPC > DHCP Options > Skip alarm for Tags control
    • AWS > VPC > DHCP Options > Skip alarm for Tags control [90 days]
    • AWS > VPC > Route Table > Delete from AWS
    • AWS > VPC > Route Table > Set Tags
    • AWS > VPC > Route Table > Skip alarm for Active control
    • AWS > VPC > Route Table > Skip alarm for Active control [90 days]
    • AWS > VPC > Route Table > Skip alarm for Tags control
    • AWS > VPC > Route Table > Skip alarm for Tags control [90 days]
    • AWS > VPC > Subnet > Delete from AWS
    • AWS > VPC > Subnet > Set Tags
    • AWS > VPC > Subnet > Skip alarm for Active control
    • AWS > VPC > Subnet > Skip alarm for Active control [90 days]
    • AWS > VPC > Subnet > Skip alarm for Tags control
    • AWS > VPC > Subnet > Skip alarm for Tags control [90 days]
    • AWS > VPC > VPC > Delete from AWS
    • AWS > VPC > VPC > Set Tags
    • AWS > VPC > VPC > Skip alarm for Active control
    • AWS > VPC > VPC > Skip alarm for Active control [90 days]
    • AWS > VPC > VPC > Skip alarm for Tags control
    • AWS > VPC > VPC > Skip alarm for Tags control [90 days]

What's new?

  • We've updated the runtime of the lambda functions to Node 18. You wouldn't notice any difference and things will continue to work smoothly and consistently as before.

What's new?

  • We've updated the runtime of the lambda functions to Node 18. You wouldn't notice any difference and things will continue to work smoothly and consistently as before.

What's new?

  • Users can now perform quick actions on resources to remediate cloud configuration issues or skip Turbot alarms for issues that they want to come back to later. To get started, click on the Actions button, which will reveal a dropdown menu with available actions, and select one. See Quick Actions for more information.

  • We've updated the runtime of the lambda functions to Node 18. You wouldn't notice any difference and things will continue to work smoothly and consistently as before.

  • Resource's metadata will now also include createdBy details in Turbot CMDB.

  • Policy Types:

    • AWS > Elasticsearch > Domain > Approved > Custom
  • Action Types:

    • AWS > Elasticsearch > Domain > Delete from AWS
    • AWS > Elasticsearch > Domain > Set Tags
    • AWS > Elasticsearch > Domain > Skip alarm for Active control
    • AWS > Elasticsearch > Domain > Skip alarm for Active control [90 days]
    • AWS > Elasticsearch > Domain > Skip alarm for Approved control
    • AWS > Elasticsearch > Domain > Skip alarm for Approved control [90 days]
    • AWS > Elasticsearch > Domain > Skip alarm for Tags control
    • AWS > Elasticsearch > Domain > Skip alarm for Tags control [90 days]

Bug fixes

  • The AWS > EC2 > Account Attributes > CMDB control would go into an error state due to a bad internal build. This is fixed and the control will now work correctly as expected.

Enhancements

  • Added the contact_info column to linkedin_profile table. (#5)

What's new?

  • We've updated the runtime of the lambda functions to Node 18. You wouldn't notice any difference and things will continue to work smoothly and consistently as before.

What's new?

  • We've updated the runtime of the lambda functions to Node 18. You wouldn't notice any difference and things will continue to work smoothly and consistently as before.
  • Resource's metadata will now also include createdBy details in Turbot CMDB.

What's new?

  • Users can now perform quick actions on resources to remediate cloud configuration issues or skip Turbot alarms for issues that they want to come back to later. To get started, click on the Actions button, which will reveal a dropdown menu with available actions, and select one. See Quick Actions for more information.

  • We've updated the runtime of the lambda functions to Node 18. You wouldn't notice any difference and things will continue to work smoothly and consistently as before.

  • Resource's metadata will now also include createdBy details in Turbot CMDB.

  • Action Types:

    • AWS > ElastiCache > Cache Cluster > Delete from AWS
    • AWS > ElastiCache > Cache Cluster > Set Tags
    • AWS > ElastiCache > Cache Cluster > Skip alarm for Active control
    • AWS > ElastiCache > Cache Cluster > Skip alarm for Active control [90 days]
    • AWS > ElastiCache > Cache Cluster > Skip alarm for Tags control
    • AWS > ElastiCache > Cache Cluster > Skip alarm for Tags control [90 days]
    • AWS > ElastiCache > Cache Parameter Group > Delete from AWS
    • AWS > ElastiCache > Cache Parameter Group > Skip alarm for Active control
    • AWS > ElastiCache > Cache Parameter Group > Skip alarm for Active control [90 days]
    • AWS > ElastiCache > Replication Group > Delete from AWS
    • AWS > ElastiCache > Replication Group > Skip alarm for Active control
    • AWS > ElastiCache > Replication Group > Skip alarm for Active control [90 days]
    • AWS > ElastiCache > Snapshot > Delete from AWS
    • AWS > ElastiCache > Snapshot > Set Tags
    • AWS > ElastiCache > Snapshot > Skip alarm for Active control
    • AWS > ElastiCache > Snapshot > Skip alarm for Active control [90 days]
    • AWS > ElastiCache > Snapshot > Skip alarm for Tags control
    • AWS > ElastiCache > Snapshot > Skip alarm for Tags control [90 days]

What's new?

  • Users can now perform quick actions on resources to remediate cloud configuration issues or skip Turbot alarms for issues that they want to come back to later. To get started, click on the Actions button, which will reveal a dropdown menu with available actions, and select one. See Quick Actions for more information.

  • We've updated the runtime of the lambda functions to Node 18. You wouldn't notice any difference and things will continue to work smoothly and consistently as before.

  • Resource's metadata will now also include createdBy details in Turbot CMDB.

  • Policy Types:

    • AWS > Data Pipeline > Pipeline > Approved > Custom
  • Action Types:

    • AWS > Data Pipeline > Pipeline > Delete from AWS
    • AWS > Data Pipeline > Pipeline > Set Tags
    • AWS > Data Pipeline > Pipeline > Skip alarm for Active control
    • AWS > Data Pipeline > Pipeline > Skip alarm for Active control [90 days]
    • AWS > Data Pipeline > Pipeline > Skip alarm for Approved control
    • AWS > Data Pipeline > Pipeline > Skip alarm for Approved control [90 days]
    • AWS > Data Pipeline > Pipeline > Skip alarm for Tags control
    • AWS > Data Pipeline > Pipeline > Skip alarm for Tags control [90 days]

Bug fixes

  • Recovery Points deleted in AWS were not cleaned up automatically via real-time events in Guardrails. This is now fixed.

What's new?

  • We've updated the runtime of the lambda functions to Node 18. You wouldn't notice any difference and things will continue to work smoothly and consistently as before.

What's new?

  • Users can now perform quick actions on resources to remediate cloud configuration issues or skip Turbot alarms for issues that they want to come back to later. To get started, click on the Actions button, which will reveal a dropdown menu with available actions, and select one. See Quick Actions for more information.

  • We've updated the runtime of the lambda functions to Node 18. You wouldn't notice any difference and things will continue to work smoothly and consistently as before.

  • Resource's metadata will now also include createdBy details in Turbot CMDB.

  • Added support for ap-northeast-3 and us-gov-east-1 regions in the AWS > SageMaker > Regions policy.

  • Policy Types:

    • AWS > SageMaker > Code Repository > Approved > Custom
    • AWS > SageMaker > Endpoint > Approved > Custom
    • AWS > SageMaker > Endpoint Configuration > Approved > Custom
    • AWS > SageMaker > Lifecycle Configuration > Approved > Custom
    • AWS > SageMaker > Model > Approved > Custom
    • AWS > SageMaker > Training Job > Approved > Custom
  • Action Types:

    • AWS > SageMaker > Code Repository > Delete from AWS
    • AWS > SageMaker > Code Repository > Skip alarm for Active control
    • AWS > SageMaker > Code Repository > Skip alarm for Active control [90 days]
    • AWS > SageMaker > Code Repository > Skip alarm for Approved control
    • AWS > SageMaker > Code Repository > Skip alarm for Approved control [90 days]
    • AWS > SageMaker > Domain > Delete from AWS
    • AWS > SageMaker > Endpoint > Delete from AWS
    • AWS > SageMaker > Endpoint > Set Tags
    • AWS > SageMaker > Endpoint > Skip alarm for Active control
    • AWS > SageMaker > Endpoint > Skip alarm for Active control [90 days]
    • AWS > SageMaker > Endpoint > Skip alarm for Approved control
    • AWS > SageMaker > Endpoint > Skip alarm for Approved control [90 days]
    • AWS > SageMaker > Endpoint > Skip alarm for Tags control
    • AWS > SageMaker > Endpoint > Skip alarm for Tags control [90 days]
    • AWS > SageMaker > Endpoint Configuration > Delete from AWS
    • AWS > SageMaker > Endpoint Configuration > Set Tags
    • AWS > SageMaker > Endpoint Configuration > Skip alarm for Active control
    • AWS > SageMaker > Endpoint Configuration > Skip alarm for Active control [90 days]
    • AWS > SageMaker > Endpoint Configuration > Skip alarm for Approved control
    • AWS > SageMaker > Endpoint Configuration > Skip alarm for Approved control [90 days]
    • AWS > SageMaker > Endpoint Configuration > Skip alarm for Tags control
    • AWS > SageMaker > Endpoint Configuration > Skip alarm for Tags control [90 days]
    • AWS > SageMaker > Lifecycle Configuration > Delete from AWS
    • AWS > SageMaker > Lifecycle Configuration > Skip alarm for Active control
    • AWS > SageMaker > Lifecycle Configuration > Skip alarm for Active control [90 days]
    • AWS > SageMaker > Lifecycle Configuration > Skip alarm for Approved control
    • AWS > SageMaker > Lifecycle Configuration > Skip alarm for Approved control [90 days]
    • AWS > SageMaker > Model > Delete from AWS
    • AWS > SageMaker > Model > Set Tags
    • AWS > SageMaker > Model > Skip alarm for Active control
    • AWS > SageMaker > Model > Skip alarm for Active control [90 days]
    • AWS > SageMaker > Model > Skip alarm for Approved control
    • AWS > SageMaker > Model > Skip alarm for Approved control [90 days]
    • AWS > SageMaker > Model > Skip alarm for Tags control
    • AWS > SageMaker > Model > Skip alarm for Tags control [90 days]
    • AWS > SageMaker > Notebook Instance > Delete from AWS
    • AWS > SageMaker > Notebook Instance > Set Tags
    • AWS > SageMaker > Notebook Instance > Skip alarm for Active control
    • AWS > SageMaker > Notebook Instance > Skip alarm for Active control [90 days]
    • AWS > SageMaker > Notebook Instance > Skip alarm for Approved control
    • AWS > SageMaker > Notebook Instance > Skip alarm for Approved control [90 days]
    • AWS > SageMaker > Notebook Instance > Skip alarm for Tags control
    • AWS > SageMaker > Notebook Instance > Skip alarm for Tags control [90 days]
    • AWS > SageMaker > Training Job > Set Tags
    • AWS > SageMaker > Training Job > Skip alarm for Active control
    • AWS > SageMaker > Training Job > Skip alarm for Active control [90 days]
    • AWS > SageMaker > Training Job > Skip alarm for Approved control
    • AWS > SageMaker > Training Job > Skip alarm for Approved control [90 days]
    • AWS > SageMaker > Training Job > Skip alarm for Tags control
    • AWS > SageMaker > Training Job > Skip alarm for Tags control [90 days]

What's new?

  • Users can now perform quick actions on resources to remediate cloud configuration issues or skip Turbot alarms for issues that they want to come back to later. To get started, click on the Actions button, which will reveal a dropdown menu with available actions, and select one. See Quick Actions for more information.

  • We've updated the runtime of the lambda functions to Node 18. You wouldn't notice any difference and things will continue to work smoothly and consistently as before.

  • Resource's metadata will now also include createdBy details in Turbot CMDB.

  • Policy Types:

    • AWS > Route 53 Resolver > Resolver Endpoint > Approved > Custom
    • AWS > Route 53 Resolver > Resolver Rule > Approved > Custom
  • Action Types:

    • AWS > Route 53 Resolver > Resolver Endpoint > Delete from AWS
    • AWS > Route 53 Resolver > Resolver Endpoint > Set Tags
    • AWS > Route 53 Resolver > Resolver Endpoint > Skip alarm for Active control
    • AWS > Route 53 Resolver > Resolver Endpoint > Skip alarm for Active control [90 days]
    • AWS > Route 53 Resolver > Resolver Endpoint > Skip alarm for Approved control
    • AWS > Route 53 Resolver > Resolver Endpoint > Skip alarm for Approved control [90 days]
    • AWS > Route 53 Resolver > Resolver Endpoint > Skip alarm for Tags control
    • AWS > Route 53 Resolver > Resolver Endpoint > Skip alarm for Tags control [90 days]
    • AWS > Route 53 Resolver > Resolver Rule > Delete from AWS
    • AWS > Route 53 Resolver > Resolver Rule > Set Tags
    • AWS > Route 53 Resolver > Resolver Rule > Skip alarm for Active control
    • AWS > Route 53 Resolver > Resolver Rule > Skip alarm for Active control [90 days]
    • AWS > Route 53 Resolver > Resolver Rule > Skip alarm for Approved control
    • AWS > Route 53 Resolver > Resolver Rule > Skip alarm for Approved control [90 days]
    • AWS > Route 53 Resolver > Resolver Rule > Skip alarm for Tags control
    • AWS > Route 53 Resolver > Resolver Rule > Skip alarm for Tags control [90 days]

What's new?

  • We've updated the runtime of the lambda functions to Node 18. You wouldn't notice any difference and things will continue to work smoothly and consistently as before.

What's new?

  • We've updated the runtime of the lambda functions to Node 18. You wouldn't notice any difference and things will continue to work smoothly and consistently as before.

What's new?

  • Users can now perform quick actions on resources to remediate cloud configuration issues or skip Turbot alarms for issues that they want to come back to later. To get started, click on the Actions button, which will reveal a dropdown menu with available actions, and select one. See Quick Actions for more information.

  • We've updated the runtime of the lambda functions to Node 18. You wouldn't notice any difference and things will continue to work smoothly and consistently as before.

  • Action Types:

    • AWS > Events > Rule > Skip alarm for Approved control
    • AWS > Events > Rule > Skip alarm for Approved control [90 days]
    • AWS > Events > Target > Skip alarm for Active control
    • AWS > Events > Target > Skip alarm for Active control [90 days]
    • AWS > Events > Target > Skip alarm for Approved control
    • AWS > Events > Target > Skip alarm for Approved control [90 days]

Bug fixes

  • Fixed the required quals of github_issue and github_pull_request tables to correctly return data instead of an error. (#355)

What's new?

  • Users can now perform quick actions on resources to remediate cloud configuration issues or skip Turbot alarms for issues that they want to come back to later. To get started, click on the Actions button, which will reveal a dropdown menu with available actions, and select one. See Quick Actions for more information.

  • We've updated the runtime of the lambda functions to Node 18. You wouldn't notice any difference and things will continue to work smoothly and consistently as before.

  • Resource's metadata will now also include createdBy details in Turbot CMDB.

  • Action Types:

    • AWS > WAF > IP Set > Delete from AWS
    • AWS > WAF > IP Set > Skip alarm for Active control
    • AWS > WAF > IP Set > Skip alarm for Active control [90 days]
    • AWS > WAF > IP Set > Skip alarm for Approved control
    • AWS > WAF > IP Set > Skip alarm for Approved control [90 days]
    • AWS > WAF > IP Set v2 Global > Delete from AWS
    • AWS > WAF > IP Set v2 Global > Set Tags
    • AWS > WAF > IP Set v2 Global > Skip alarm for Active control
    • AWS > WAF > IP Set v2 Global > Skip alarm for Active control [90 days]
    • AWS > WAF > IP Set v2 Global > Skip alarm for Approved control
    • AWS > WAF > IP Set v2 Global > Skip alarm for Approved control [90 days]
    • AWS > WAF > IP Set v2 Global > Skip alarm for Tags control
    • AWS > WAF > IP Set v2 Global > Skip alarm for Tags control [90 days]
    • AWS > WAF > IP Set v2 Regional > Delete from AWS
    • AWS > WAF > IP Set v2 Regional > Set Tags
    • AWS > WAF > IP Set v2 Regional > Skip alarm for Active control
    • AWS > WAF > IP Set v2 Regional > Skip alarm for Active control [90 days]
    • AWS > WAF > IP Set v2 Regional > Skip alarm for Approved control
    • AWS > WAF > IP Set v2 Regional > Skip alarm for Approved control [90 days]
    • AWS > WAF > IP Set v2 Regional > Skip alarm for Tags control
    • AWS > WAF > IP Set v2 Regional > Skip alarm for Tags control [90 days]
    • AWS > WAF > Rate Based Rule > Delete from AWS
    • AWS > WAF > Rate Based Rule > Skip alarm for Active control
    • AWS > WAF > Rate Based Rule > Skip alarm for Active control [90 days]
    • AWS > WAF > Rate Based Rule > Skip alarm for Approved control
    • AWS > WAF > Rate Based Rule > Skip alarm for Approved control [90 days]
    • AWS > WAF > Regex Pattern Set v2 Global > Delete from AWS
    • AWS > WAF > Regex Pattern Set v2 Global > Set Tags
    • AWS > WAF > Regex Pattern Set v2 Global > Skip alarm for Active control
    • AWS > WAF > Regex Pattern Set v2 Global > Skip alarm for Active control [90 days]
    • AWS > WAF > Regex Pattern Set v2 Global > Skip alarm for Approved control
    • AWS > WAF > Regex Pattern Set v2 Global > Skip alarm for Approved control [90 days]
    • AWS > WAF > Regex Pattern Set v2 Global > Skip alarm for Tags control
    • AWS > WAF > Regex Pattern Set v2 Global > Skip alarm for Tags control [90 days]
    • AWS > WAF > Regex Pattern Set v2 Regional > Delete from AWS
    • AWS > WAF > Regex Pattern Set v2 Regional > Set Tags
    • AWS > WAF > Regex Pattern Set v2 Regional > Skip alarm for Active control
    • AWS > WAF > Regex Pattern Set v2 Regional > Skip alarm for Active control [90 days]
    • AWS > WAF > Regex Pattern Set v2 Regional > Skip alarm for Approved control
    • AWS > WAF > Regex Pattern Set v2 Regional > Skip alarm for Approved control [90 days]
    • AWS > WAF > Regex Pattern Set v2 Regional > Skip alarm for Tags control
    • AWS > WAF > Regex Pattern Set v2 Regional > Skip alarm for Tags control [90 days]
    • AWS > WAF > Rule > Delete from AWS
    • AWS > WAF > Rule > Skip alarm for Active control
    • AWS > WAF > Rule > Skip alarm for Active control [90 days]
    • AWS > WAF > Rule > Skip alarm for Approved control
    • AWS > WAF > Rule > Skip alarm for Approved control [90 days]
    • AWS > WAF > Rule Group v2 Global > Delete from AWS
    • AWS > WAF > Rule Group v2 Global > Set Tags
    • AWS > WAF > Rule Group v2 Global > Skip alarm for Active control
    • AWS > WAF > Rule Group v2 Global > Skip alarm for Active control [90 days]
    • AWS > WAF > Rule Group v2 Global > Skip alarm for Approved control
    • AWS > WAF > Rule Group v2 Global > Skip alarm for Approved control [90 days]
    • AWS > WAF > Rule Group v2 Global > Skip alarm for Tags control
    • AWS > WAF > Rule Group v2 Global > Skip alarm for Tags control [90 days]
    • AWS > WAF > Rule Group v2 Regional > Delete from AWS
    • AWS > WAF > Rule Group v2 Regional > Set Tags
    • AWS > WAF > Rule Group v2 Regional > Skip alarm for Active control
    • AWS > WAF > Rule Group v2 Regional > Skip alarm for Active control [90 days]
    • AWS > WAF > Rule Group v2 Regional > Skip alarm for Approved control
    • AWS > WAF > Rule Group v2 Regional > Skip alarm for Approved control [90 days]
    • AWS > WAF > Rule Group v2 Regional > Skip alarm for Tags control
    • AWS > WAF > Rule Group v2 Regional > Skip alarm for Tags control [90 days]
    • AWS > WAF > Web ACL > Delete from AWS
    • AWS > WAF > Web ACL > Set Tags
    • AWS > WAF > Web ACL > Skip alarm for Active control
    • AWS > WAF > Web ACL > Skip alarm for Active control [90 days]
    • AWS > WAF > Web ACL > Skip alarm for Approved control
    • AWS > WAF > Web ACL > Skip alarm for Approved control [90 days]
    • AWS > WAF > Web ACL > Skip alarm for Tags control
    • AWS > WAF > Web ACL > Skip alarm for Tags control [90 days]
    • AWS > WAF > Web ACL v2 Global > Delete from AWS
    • AWS > WAF > Web ACL v2 Global > Set Tags
    • AWS > WAF > Web ACL v2 Global > Skip alarm for Active control
    • AWS > WAF > Web ACL v2 Global > Skip alarm for Active control [90 days]
    • AWS > WAF > Web ACL v2 Global > Skip alarm for Approved control
    • AWS > WAF > Web ACL v2 Global > Skip alarm for Approved control [90 days]
    • AWS > WAF > Web ACL v2 Global > Skip alarm for Tags control
    • AWS > WAF > Web ACL v2 Global > Skip alarm for Tags control [90 days]
    • AWS > WAF > Web ACL v2 Regional > Delete from AWS
    • AWS > WAF > Web ACL v2 Regional > Set Tags
    • AWS > WAF > Web ACL v2 Regional > Skip alarm for Active control
    • AWS > WAF > Web ACL v2 Regional > Skip alarm for Active control [90 days]
    • AWS > WAF > Web ACL v2 Regional > Skip alarm for Approved control
    • AWS > WAF > Web ACL v2 Regional > Skip alarm for Approved control [90 days]
    • AWS > WAF > Web ACL v2 Regional > Skip alarm for Tags control
    • AWS > WAF > Web ACL v2 Regional > Skip alarm for Tags control [90 days]

What's new?

  • Users can now perform quick actions on resources to remediate cloud configuration issues or skip Turbot alarms for issues that they want to come back to later. To get started, click on the Actions button, which will reveal a dropdown menu with available actions, and select one. See Quick Actions for more information.

  • We've updated the runtime of the lambda functions to Node 18. You wouldn't notice any difference and things will continue to work smoothly and consistently as before.

  • Action Types:

    • AWS > Backup > Backup Plan > Delete from AWS
    • AWS > Backup > Backup Plan > Set Tags
    • AWS > Backup > Backup Plan > Skip alarm for Active control
    • AWS > Backup > Backup Plan > Skip alarm for Active control [90 days]
    • AWS > Backup > Backup Plan > Skip alarm for Tags control
    • AWS > Backup > Backup Plan > Skip alarm for Tags control [90 days]
    • AWS > Backup > Backup Selection > Delete from AWS
    • AWS > Backup > Backup Selection > Skip alarm for Active control
    • AWS > Backup > Backup Selection > Skip alarm for Active control [90 days]
    • AWS > Backup > Backup Vault > Delete from AWS
    • AWS > Backup > Backup Vault > Set Tags
    • AWS > Backup > Backup Vault > Skip alarm for Active control
    • AWS > Backup > Backup Vault > Skip alarm for Active control [90 days]
    • AWS > Backup > Backup Vault > Skip alarm for Tags control
    • AWS > Backup > Backup Vault > Skip alarm for Tags control [90 days]
    • AWS > Backup > Recovery Point > Delete from AWS
    • AWS > Backup > Recovery Point > Set Tags
    • AWS > Backup > Recovery Point > Skip alarm for Active control
    • AWS > Backup > Recovery Point > Skip alarm for Active control [90 days]
    • AWS > Backup > Recovery Point > Skip alarm for Tags control
    • AWS > Backup > Recovery Point > Skip alarm for Tags control [90 days]

What's new?

  • Users can now perform quick actions on resources to remediate cloud configuration issues or skip Turbot alarms for issues that they want to come back to later. To get started, click on the Actions button, which will reveal a dropdown menu with available actions, and select one. See Quick Actions for more information.

  • Added support for ap-south-1, af-south-1, cn-north-1 and us-gov-east-1 regions in the AWS > WorkSpaces > Regions policy.

  • We've updated the runtime of the lambda functions to Node 18. You wouldn't notice any difference and things will continue to work smoothly and consistently as before.

  • Resource's metadata will now also include createdBy details in Turbot CMDB.

  • Policy Types:

    • AWS > WorkSpaces > WorkSpace > Approved > Custom
  • Action Types:

    • AWS > WorkSpaces > WorkSpace > Delete from AWS
    • AWS > WorkSpaces > WorkSpace > Set Tags
    • AWS > WorkSpaces > WorkSpace > Skip alarm for Active control
    • AWS > WorkSpaces > WorkSpace > Skip alarm for Active control [90 days]
    • AWS > WorkSpaces > WorkSpace > Skip alarm for Approved control
    • AWS > WorkSpaces > WorkSpace > Skip alarm for Approved control [90 days]
    • AWS > WorkSpaces > WorkSpace > Skip alarm for Tags control
    • AWS > WorkSpaces > WorkSpace > Skip alarm for Tags control [90 days]

What's new?

  • We've updated the runtime of the lambda functions to Node 18. You wouldn't notice any difference and things will continue to work smoothly and consistently as before.

What's new?

  • Users can now perform quick actions on resources to remediate cloud configuration issues or skip Turbot alarms for issues that they want to come back to later. To get started, click on the Actions button, which will reveal a dropdown menu with available actions, and select one. See Quick Actions for more information.

  • Added support for cn-north-1, cn-northwest-1, us-gov-east-1 and us-gov-west-1 regions in the AWS > MQ > Regions policy.

  • We've updated the runtime of the lambda functions to Node 18. You wouldn't notice any difference and things will continue to work smoothly and consistently as before.

  • Resource's metadata will now also include createdBy details in Turbot CMDB.

  • Policy Types:

    • AWS > Amazon MQ > Broker > Approved > Custom
  • Action Types:

    • AWS > Amazon MQ > Broker > Delete from AWS
    • AWS > Amazon MQ > Broker > Set Tags
    • AWS > Amazon MQ > Broker > Skip alarm for Active control
    • AWS > Amazon MQ > Broker > Skip alarm for Active control [90 days]
    • AWS > Amazon MQ > Broker > Skip alarm for Approved control
    • AWS > Amazon MQ > Broker > Skip alarm for Approved control [90 days]
    • AWS > Amazon MQ > Broker > Skip alarm for Tags control
    • AWS > Amazon MQ > Broker > Skip alarm for Tags control [90 days]

What's new?

  • Users can now perform quick actions on resources to remediate cloud configuration issues or skip Turbot alarms for issues that they want to come back to later. To get started, click on the Actions button, which will reveal a dropdown menu with available actions, and select one. See Quick Actions for more information.

  • We've updated the runtime of the lambda functions to Node 18. You wouldn't notice any difference and things will continue to work smoothly and consistently as before.

  • Resource's metadata will now also include createdBy details in Turbot CMDB.

  • Action Types:

    • AWS > Logs > Log Group > Delete from AWS
    • AWS > Logs > Log Group > Set Tags
    • AWS > Logs > Log Group > Skip alarm for Active control
    • AWS > Logs > Log Group > Skip alarm for Active control [90 days]
    • AWS > Logs > Log Group > Skip alarm for Approved control
    • AWS > Logs > Log Group > Skip alarm for Approved control [90 days]
    • AWS > Logs > Log Group > Skip alarm for Encryption at Rest control
    • AWS > Logs > Log Group > Skip alarm for Encryption at Rest control [90 days]
    • AWS > Logs > Log Group > Skip alarm for Tags control
    • AWS > Logs > Log Group > Skip alarm for Tags control [90 days]
    • AWS > Logs > Log Stream > Delete from AWS
    • AWS > Logs > Log Stream > Skip alarm for Active control
    • AWS > Logs > Log Stream > Skip alarm for Active control [90 days]
    • AWS > Logs > Log Stream > Skip alarm for Approved control
    • AWS > Logs > Log Stream > Skip alarm for Approved control [90 days]
    • AWS > Logs > Metric Filter > Delete from AWS
    • AWS > Logs > Metric Filter > Skip alarm for Active control
    • AWS > Logs > Metric Filter > Skip alarm for Active control [90 days]
    • AWS > Logs > Metric Filter > Skip alarm for Approved control
    • AWS > Logs > Metric Filter > Skip alarm for Approved control [90 days]
    • AWS > Logs > Resource Policy > Delete from AWS
    • AWS > Logs > Resource Policy > Skip alarm for Active control
    • AWS > Logs > Resource Policy > Skip alarm for Active control [90 days]
    • AWS > Logs > Resource Policy > Skip alarm for Approved control
    • AWS > Logs > Resource Policy > Skip alarm for Approved control [90 days]

What's new?

  • Users can now perform quick actions on resources to remediate cloud configuration issues or skip Turbot alarms for issues that they want to come back to later. To get started, click on the Actions button, which will reveal a dropdown menu with available actions, and select one. See Quick Actions for more information.

  • Added support for cn-north-1, cn-northwest-1, us-gov-east-1 and us-gov-west-1 regions in the AWS > FSx > Regions policy.

  • We've updated the runtime of the lambda functions to Node 18. You wouldn't notice any difference and things will continue to work smoothly and consistently as before.

  • Resource's metadata will now also include createdBy details in Turbot CMDB.

  • Policy Types:

    • AWS > FSx > Backup > Approved > Custom
    • AWS > FSx > File System > Approved > Custom
  • Action Types:

    • AWS > FSx > Backup > Delete from AWS
    • AWS > FSx > Backup > Set Tags
    • AWS > FSx > Backup > Skip alarm for Active control
    • AWS > FSx > Backup > Skip alarm for Active control [90 days]
    • AWS > FSx > Backup > Skip alarm for Approved control
    • AWS > FSx > Backup > Skip alarm for Approved control [90 days]
    • AWS > FSx > Backup > Skip alarm for Tags control
    • AWS > FSx > Backup > Skip alarm for Tags control [90 days]
    • AWS > FSx > File System > Delete from AWS
    • AWS > FSx > File System > Set Tags
    • AWS > FSx > File System > Skip alarm for Active control
    • AWS > FSx > File System > Skip alarm for Active control [90 days]
    • AWS > FSx > File System > Skip alarm for Approved control
    • AWS > FSx > File System > Skip alarm for Approved control [90 days]
    • AWS > FSx > File System > Skip alarm for Tags control
    • AWS > FSx > File System > Skip alarm for Tags control [90 days]

What's new?

  • Users can now perform quick actions on resources to remediate cloud configuration issues or skip Turbot alarms for issues that they want to come back to later. To get started, click on the Actions button, which will reveal a dropdown menu with available actions, and select one. See Quick Actions for more information.

  • We've updated the runtime of the lambda functions to Node 18. You wouldn't notice any difference and things will continue to work smoothly and consistently as before.

  • Action Types:

    • AWS > CloudWatch > Alarm > Delete from AWS
    • AWS > CloudWatch > Alarm > Set Tags
    • AWS > CloudWatch > Alarm > Skip alarm for Active control
    • AWS > CloudWatch > Alarm > Skip alarm for Active control [90 days]
    • AWS > CloudWatch > Alarm > Skip alarm for Approved control
    • AWS > CloudWatch > Alarm > Skip alarm for Approved control [90 days]
    • AWS > CloudWatch > Alarm > Skip alarm for Tags control
    • AWS > CloudWatch > Alarm > Skip alarm for Tags control [90 days]

What's new?

  • Users can now perform quick actions on resources to remediate cloud configuration issues or skip Turbot alarms for issues that they want to come back to later. To get started, click on the Actions button, which will reveal a dropdown menu with available actions, and select one. See Quick Actions for more information.

  • Added support for ca-central-1, eu-west-2, sa-east-1, us-east-2 and us-gov-east-1 regions in the AWS > AppStream > Regions policy.

  • We've updated the runtime of the lambda functions to Node 18. You wouldn't notice any difference and things will continue to work smoothly and consistently as before.

  • Resource's metadata will now also include createdBy details in Turbot CMDB.

  • Policy Types:

    • AWS > AppStream > Fleet > Approved > Custom
    • AWS > AppStream > Image > Approved > Custom
    • AWS > AppStream > Image Builder > Approved > Custom
    • AWS > AppStream > User > Approved > Custom
  • Action Types:

    • AWS > AppStream > Fleet > Delete from AWS
    • AWS > AppStream > Fleet > Set Tags
    • AWS > AppStream > Fleet > Skip alarm for Active control
    • AWS > AppStream > Fleet > Skip alarm for Active control [90 days]
    • AWS > AppStream > Fleet > Skip alarm for Approved control
    • AWS > AppStream > Fleet > Skip alarm for Approved control [90 days]
    • AWS > AppStream > Fleet > Skip alarm for Tags control
    • AWS > AppStream > Fleet > Skip alarm for Tags control [90 days]
    • AWS > AppStream > Image > Delete from AWS
    • AWS > AppStream > Image > Set Tags
    • AWS > AppStream > Image > Skip alarm for Active control
    • AWS > AppStream > Image > Skip alarm for Active control [90 days]
    • AWS > AppStream > Image > Skip alarm for Approved control
    • AWS > AppStream > Image > Skip alarm for Approved control [90 days]
    • AWS > AppStream > Image > Skip alarm for Tags control
    • AWS > AppStream > Image > Skip alarm for Tags control [90 days]
    • AWS > AppStream > Image Builder > Delete from AWS
    • AWS > AppStream > Image Builder > Set Tags
    • AWS > AppStream > Image Builder > Skip alarm for Active control
    • AWS > AppStream > Image Builder > Skip alarm for Active control [90 days]
    • AWS > AppStream > Image Builder > Skip alarm for Approved control
    • AWS > AppStream > Image Builder > Skip alarm for Approved control [90 days]
    • AWS > AppStream > Image Builder > Skip alarm for Tags control
    • AWS > AppStream > Image Builder > Skip alarm for Tags control [90 days]
    • AWS > AppStream > User > Delete from AWS
    • AWS > AppStream > User > Skip alarm for Active control
    • AWS > AppStream > User > Skip alarm for Active control [90 days]
    • AWS > AppStream > User > Skip alarm for Approved control
    • AWS > AppStream > User > Skip alarm for Approved control [90 days]

What's new

  • Updated github_issue, github_my_issue, github_pull_request, github_search_issue, and github_search_pull_request tables to only include nested and user permission columns in GraphQL request when requested. This should result in faster queries and large scale queries completing more consistently. (#342)

What's new?

  • Server:
    • Updated: Downgrade passport-saml Node package to 1.3.5.

Bug fixes

  • Fixed vanta_computer table queries failing due to inclusion of deprecated API field requiresLocationServices in fetchDomainEndpoints query. (#19) (Thanks @eric-glb for the contribution!)

What's new?

  • The Sentry base URL can now be set through the base_url config argument or SENTRY_URL environment variable. (#11) (Thanks @beudbeud for the contribution!)

What's new?

  • The Prometheus address (address) can now be set with the PROMETHEUS_URL environment variable. (#23) (Thanks @beudbeud for the contribution!)

Bug fixes

  • Fixed README to include correct reference to the All Controls benchmark. (#218) (Thanks @vil02 for the contribution!)

Enhancements

  • Added the following controls to the All Controls benchmark: (#722)
    • athena_workgroup_enforce_configuration_enabled
    • iam_inline_policy_no_administrative_privileges

Bug fixes

  • Fixed README to include correct reference to the All Controls benchmark. (#721) (Thanks @vil02 for the contribution!)
  • Fixed typos in several compliance control descriptions. (#719) (Thanks @pdecat for the contribution!)

Bug fixes

  • The AWS > EC2 > Volume > Discovery control would go into an error state because of an unintended GraphQL query bug. This is fixed and the control will now work correctly as expected.

Enhancements

  • Improved documentation and descriptions for the aws_iam_role table. (#1940)
  • Replaced uses of rand.Seed with latest rand.NewSource. (#1933)

Enhancements

  • Added additional dashboard and query docs and updated metadata descriptions in docs. (#323)

What's new?

  • Updated: Hive manager code to include the new certificate.

What's new?

  • Added: parameter for RDS certificate for commercial cloud.

What's new?

  • Server:

    • Updated: RDS CA Certificate to use the latest bundled certificate.
    • Updated: Updated the package passport-saml to @node-saml/passport-saml: 4.0.4
    • Updated: Steampipe query in developer section now points to the correct table.
  • UI:

    • Added: Option to view Changelogs in the Help dropdown menu.

Bug fixes

  • Server:
    • Fixed: Stack control failed to run when a large number of resources were being managed by a stack control.

All Pipes workspaces have now been upgraded to Steampipe v0.21.1.

For more information on this Steampipe release, see the release notes.

What's new?

  • Users can now perform quick actions on resources to remediate cloud configuration issues or skip Turbot alarms for issues that they want to come back to later. To get started, click on the Actions button, which will reveal a dropdown menu with available actions, and select one. See Quick Actions for more information.

  • We've updated the runtime of the lambda functions to Node 18. You wouldn't notice any difference and things will continue to work smoothly and consistently as before.

  • Resource's metadata will now also include createdBy details in Turbot CMDB.

  • Action Types:

    • AWS > GuardDuty > Detector > Delete from AWS
    • AWS > GuardDuty > Detector > Set Tags
    • AWS > GuardDuty > Detector > Skip alarm for Active control
    • AWS > GuardDuty > Detector > Skip alarm for Active control [90 days]
    • AWS > GuardDuty > Detector > Skip alarm for Approved control
    • AWS > GuardDuty > Detector > Skip alarm for Approved control [90 days]
    • AWS > GuardDuty > Detector > Skip alarm for Tags control
    • AWS > GuardDuty > Detector > Skip alarm for Tags control [90 days]
    • AWS > GuardDuty > IPSet > Delete from AWS
    • AWS > GuardDuty > IPSet > Set Tags
    • AWS > GuardDuty > IPSet > Skip alarm for Active control
    • AWS > GuardDuty > IPSet > Skip alarm for Active control [90 days]
    • AWS > GuardDuty > IPSet > Skip alarm for Approved control
    • AWS > GuardDuty > IPSet > Skip alarm for Approved control [90 days]
    • AWS > GuardDuty > IPSet > Skip alarm for Tags control
    • AWS > GuardDuty > IPSet > Skip alarm for Tags control [90 days]
    • AWS > GuardDuty > ThreatIntelSet > Delete from AWS
    • AWS > GuardDuty > ThreatIntelSet > Set Tags
    • AWS > GuardDuty > ThreatIntelSet > Skip alarm for Active control
    • AWS > GuardDuty > ThreatIntelSet > Skip alarm for Active control [90 days]
    • AWS > GuardDuty > ThreatIntelSet > Skip alarm for Approved control
    • AWS > GuardDuty > ThreatIntelSet > Skip alarm for Approved control [90 days]
    • AWS > GuardDuty > ThreatIntelSet > Skip alarm for Tags control
    • AWS > GuardDuty > ThreatIntelSet > Skip alarm for Tags control [90 days]

What's new?

  • Users can now perform quick actions on resources to remediate cloud configuration issues or skip Turbot alarms for issues that they want to come back to later. To get started, click on the Actions button, which will reveal a dropdown menu with available actions, and select one. See Quick Actions for more information.

  • We've updated the runtime of the lambda functions to Node 18. You wouldn't notice any difference and things will continue to work smoothly and consistently as before.

  • Resource's metadata will now also include createdBy details in Turbot CMDB.

  • Action Types:

    • AWS > EMR > Cluster > Delete from AWS
    • AWS > EMR > Cluster > Set Tags
    • AWS > EMR > Cluster > Skip alarm for Active control
    • AWS > EMR > Cluster > Skip alarm for Active control [90 days]
    • AWS > EMR > Cluster > Skip alarm for Approved control
    • AWS > EMR > Cluster > Skip alarm for Approved control [90 days]
    • AWS > EMR > Cluster > Skip alarm for Tags control
    • AWS > EMR > Cluster > Skip alarm for Tags control [90 days]
    • AWS > EMR > Security Configuration > Delete from AWS
    • AWS > EMR > Security Configuration > Skip alarm for Active control
    • AWS > EMR > Security Configuration > Skip alarm for Active control [90 days]
    • AWS > EMR > Security Configuration > Skip alarm for Approved control
    • AWS > EMR > Security Configuration > Skip alarm for Approved control [90 days]

What's new?

  • Users can now perform quick actions on resources to remediate cloud configuration issues or skip Turbot alarms for issues that they want to come back to later. To get started, click on the Actions button, which will reveal a dropdown menu with available actions, and select one. See Quick Actions for more information.

  • We've updated the runtime of the lambda functions to Node 18. You wouldn't notice any difference and things will continue to work smoothly and consistently as before.

  • Resource's metadata will now also include createdBy details in Turbot CMDB.

  • Action Types:

    • AWS > ECS > Cluster > Delete from AWS
    • AWS > ECS > Cluster > Set Tags
    • AWS > ECS > Cluster > Skip alarm for Active control
    • AWS > ECS > Cluster > Skip alarm for Active control [90 days]
    • AWS > ECS > Cluster > Skip alarm for Approved control
    • AWS > ECS > Cluster > Skip alarm for Approved control [90 days]
    • AWS > ECS > Cluster > Skip alarm for Tags control
    • AWS > ECS > Cluster > Skip alarm for Tags control [90 days]
    • AWS > ECS > Container Instance > Delete from AWS
    • AWS > ECS > Container Instance > Skip alarm for Active control
    • AWS > ECS > Container Instance > Skip alarm for Active control [90 days]
    • AWS > ECS > Container Instance > Skip alarm for Approved control
    • AWS > ECS > Container Instance > Skip alarm for Approved control [90 days]
    • AWS > ECS > Service > Delete from AWS
    • AWS > ECS > Service > Set Tags
    • AWS > ECS > Service > Skip alarm for Active control
    • AWS > ECS > Service > Skip alarm for Active control [90 days]
    • AWS > ECS > Service > Skip alarm for Approved control
    • AWS > ECS > Service > Skip alarm for Approved control [90 days]
    • AWS > ECS > Service > Skip alarm for Tags control
    • AWS > ECS > Service > Skip alarm for Tags control [90 days]
    • AWS > ECS > Task Definition > Delete from AWS
    • AWS > ECS > Task Definition > Set Tags
    • AWS > ECS > Task Definition > Skip alarm for Active control
    • AWS > ECS > Task Definition > Skip alarm for Active control [90 days]
    • AWS > ECS > Task Definition > Skip alarm for Approved control
    • AWS > ECS > Task Definition > Skip alarm for Approved control [90 days]
    • AWS > ECS > Task Definition > Skip alarm for Tags control
    • AWS > ECS > Task Definition > Skip alarm for Tags control [90 days]

What's new?

  • You can now configure Block Public Access for AMIs. To get started, set the AWS > EC2 > Account Attributes > Block Public Access for AMIs policy to Enforce: Enable Block Public Access for AMIs.

  • We've updated the runtime of the lambda functions to Node 18. You wouldn't notice any difference and things will continue to work smoothly and consistently as before.

  • Control Types:

    • AWS > EC2 > Account Attributes > Block Public Access for AMIs
  • Policy Types:

    • AWS > EC2 > Account Attributes > Block Public Access for AMIs
  • Action Types:

    • AWS > EC2 > Account Attributes > Update Block Public Access for AMIs

What's new?

  • Users can now perform quick actions on resources to remediate cloud configuration issues or skip Turbot alarms for issues that they want to come back to later. To get started, click on the Actions button, which will reveal a dropdown menu with available actions, and select one. See Quick Actions for more information.

  • We've updated the runtime of the lambda functions to Node 18. You wouldn't notice any difference and things will continue to work smoothly and consistently as before.

  • Resource's metadata will now also include createdBy details in Turbot CMDB.

  • Policy Types:

    • AWS > DMS > Endpoint > Approved > Custom
    • AWS > DMS > Replication Instance > Approved > Custom
  • Action Types:

    • AWS > DMS > Endpoint > Delete from AWS
    • AWS > DMS > Endpoint > Set Tags
    • AWS > DMS > Endpoint > Skip alarm for Active control
    • AWS > DMS > Endpoint > Skip alarm for Active control [90 days]
    • AWS > DMS > Endpoint > Skip alarm for Approved control
    • AWS > DMS > Endpoint > Skip alarm for Approved control [90 days]
    • AWS > DMS > Endpoint > Skip alarm for Tags control
    • AWS > DMS > Endpoint > Skip alarm for Tags control [90 days]
    • AWS > DMS > Replication Instance > Delete from AWS
    • AWS > DMS > Replication Instance > Set Tags
    • AWS > DMS > Replication Instance > Skip alarm for Active control
    • AWS > DMS > Replication Instance > Skip alarm for Active control [90 days]
    • AWS > DMS > Replication Instance > Skip alarm for Approved control
    • AWS > DMS > Replication Instance > Skip alarm for Approved control [90 days]
    • AWS > DMS > Replication Instance > Skip alarm for Tags control
    • AWS > DMS > Replication Instance > Skip alarm for Tags control [90 days]

What's new?

  • Added 11 new controls across the benchmarks for the following services: (#39)
    • Application Gateway
    • Automation
    • Cognitive Search
    • Compute
    • Frontdoor
    • Network
    • PostgreSQL

What's new?

  • Users can now perform quick actions on resources to remediate cloud configuration issues or skip Turbot alarms for issues that they want to come back to later. To get started, click on the Actions button, which will reveal a dropdown menu with available actions, and select one. See Quick Actions for more information.

  • We've updated the runtime of the lambda functions to Node 18. You wouldn't notice any difference and things will continue to work smoothly and consistently as before.

  • Resource's metadata will now also include createdBy details in Turbot CMDB.

  • Action Types:

    • AWS > SES > Identity > Delete from AWS
    • AWS > SES > Identity > Skip alarm for Active control
    • AWS > SES > Identity > Skip alarm for Active control [90 days]
    • AWS > SES > Identity > Skip alarm for Approved control
    • AWS > SES > Identity > Skip alarm for Approved control [90 days]

What's new?

  • Users can now perform quick actions on resources to remediate cloud configuration issues or skip Turbot alarms for issues that they want to come back to later. To get started, click on the Actions button, which will reveal a dropdown menu with available actions, and select one. See Quick Actions for more information.

  • We've updated the runtime of the lambda functions to Node 18. You wouldn't notice any difference and things will continue to work smoothly and consistently as before.

  • Resource's metadata will now also include createdBy details in Turbot CMDB.

  • Policy Types:

    • AWS > Security Hub > Hub > Approved > Custom
  • Action Types:

    • AWS > Security Hub > Hub > Delete from AWS
    • AWS > Security Hub > Hub > Set Tags
    • AWS > Security Hub > Hub > Skip alarm for Approved control
    • AWS > Security Hub > Hub > Skip alarm for Approved control [90 days]
    • AWS > Security Hub > Hub > Skip alarm for Tags control
    • AWS > Security Hub > Hub > Skip alarm for Tags control [90 days]

What's new?

  • Users can now perform quick actions on resources to remediate cloud configuration issues or skip Turbot alarms for issues that they want to come back to later. To get started, click on the Actions button, which will reveal a dropdown menu with available actions, and select one. See Quick Actions for more information.

  • We've updated the runtime of the lambda functions to Node 18. You wouldn't notice any difference and things will continue to work smoothly and consistently as before.

  • Resource's metadata will now also include createdBy details in Turbot CMDB.

  • Action Types:

    • AWS > Kinesis > Consumer > Delete from AWS
    • AWS > Kinesis > Consumer > Skip alarm for Active control
    • AWS > Kinesis > Consumer > Skip alarm for Active control [90 days]
    • AWS > Kinesis > Consumer > Skip alarm for Approved control
    • AWS > Kinesis > Consumer > Skip alarm for Approved control [90 days]
    • AWS > Kinesis > Stream > Delete from AWS
    • AWS > Kinesis > Stream > Set Tags
    • AWS > Kinesis > Stream > Skip alarm for Active control
    • AWS > Kinesis > Stream > Skip alarm for Active control [90 days]
    • AWS > Kinesis > Stream > Skip alarm for Approved control
    • AWS > Kinesis > Stream > Skip alarm for Approved control [90 days]
    • AWS > Kinesis > Stream > Skip alarm for Encryption at Rest control
    • AWS > Kinesis > Stream > Skip alarm for Encryption at Rest control [90 days]
    • AWS > Kinesis > Stream > Skip alarm for Tags control
    • AWS > Kinesis > Stream > Skip alarm for Tags control [90 days]

What's new?

  • Users can now perform quick actions on resources to remediate cloud configuration issues or skip Turbot alarms for issues that they want to come back to later. To get started, click on the Actions button, which will reveal a dropdown menu with available actions, and select one. See Quick Actions for more information.

  • We've updated the runtime of the lambda functions to Node 18. You wouldn't notice any difference and things will continue to work smoothly and consistently as before.

  • Resource's metadata will now also include createdBy details in Turbot CMDB.

  • Action Types:

    • AWS > DynamoDB > Backup > Delete from AWS
    • AWS > DynamoDB > Backup > Skip alarm for Active control
    • AWS > DynamoDB > Backup > Skip alarm for Active control [90 days]
    • AWS > DynamoDB > Backup > Skip alarm for Approved control
    • AWS > DynamoDB > Backup > Skip alarm for Approved control [90 days]
    • AWS > DynamoDB > Global Table > Delete from AWS
    • AWS > DynamoDB > Global Table > Skip alarm for Active control
    • AWS > DynamoDB > Global Table > Skip alarm for Active control [90 days]
    • AWS > DynamoDB > Global Table > Skip alarm for Approved control
    • AWS > DynamoDB > Global Table > Skip alarm for Approved control [90 days]
    • AWS > DynamoDB > Table > Delete from AWS
    • AWS > DynamoDB > Table > Set Tags
    • AWS > DynamoDB > Table > Skip alarm for Active control
    • AWS > DynamoDB > Table > Skip alarm for Active control [90 days]
    • AWS > DynamoDB > Table > Skip alarm for Approved control
    • AWS > DynamoDB > Table > Skip alarm for Approved control [90 days]
    • AWS > DynamoDB > Table > Skip alarm for Encryption at Rest control
    • AWS > DynamoDB > Table > Skip alarm for Encryption at Rest control [90 days]
    • AWS > DynamoDB > Table > Skip alarm for Tags control
    • AWS > DynamoDB > Table > Skip alarm for Tags control [90 days]

Bug fixes

  • Removed custom plugin level retryer which was unnecessary as the plugin already uses the AWS SDK retryer. (#1932)
  • The plugin now retries errors with the error code UnknownError. These are often thrown by services like SNS when performing a large number of requests. (#1932)

Turbot Pipes plans & pricing are now available.

Free for Developers! Free trial & usage-based for Teams. Start immediately & cancel anytime.

For more information, see the launch post.

Datatank is now available in Turbot Pipes workspaces. Blow past API speed limits with scheduled data sync.

For more information, see the launch post.

What's new?

  • Users can now perform quick actions on resources to remediate cloud configuration issues or skip Turbot alarms for issues that they want to come back to later. To get started, click on the Actions button, which will reveal a dropdown menu with available actions, and select one. See Quick Actions for more information.

  • We've updated the runtime of the lambda functions to Node 18. You wouldn't notice any difference and things will continue to work smoothly and consistently as before.

  • Resource's metadata will now also include createdBy details in Turbot CMDB.

  • Policy Types:

    • AWS > Step Functions > State Machine > Approved > Custom
  • Action Types:

    • AWS > Step Functions > State Machine > Delete from AWS
    • AWS > Step Functions > State Machine > Set Tags
    • AWS > Step Functions > State Machine > Skip alarm for Active control
    • AWS > Step Functions > State Machine > Skip alarm for Active control [90 days]
    • AWS > Step Functions > State Machine > Skip alarm for Approved control
    • AWS > Step Functions > State Machine > Skip alarm for Approved control [90 days]
    • AWS > Step Functions > State Machine > Skip alarm for Tags control
    • AWS > Step Functions > State Machine > Skip alarm for Tags control [90 days]

What's new?

  • Users can now perform quick actions on resources to remediate cloud configuration issues or skip Turbot alarms for issues that they want to come back to later. To get started, click on the Actions button, which will reveal a dropdown menu with available actions, and select one. See Quick Actions for more information.

  • We've updated the runtime of the lambda functions to Node 18. You wouldn't notice any difference and things will continue to work smoothly and consistently as before.

  • Resource's metadata will now also include createdBy details in Turbot CMDB.

  • Policy Types:

    • AWS > Shield > Protection > Approved > Custom
  • Action Types:

    • AWS > Shield > Protection > Delete from AWS
    • AWS > Shield > Protection > Skip alarm for Active control
    • AWS > Shield > Protection > Skip alarm for Active control [90 days]
    • AWS > Shield > Protection > Skip alarm for Approved control
    • AWS > Shield > Protection > Skip alarm for Approved control [90 days]

What's new?

  • Users can now perform quick actions on resources to remediate cloud configuration issues or skip Turbot alarms for issues that they want to come back to later. To get started, click on the Actions button, which will reveal a dropdown menu with available actions, and select one. See Quick Actions for more information.

  • We've updated the runtime of the lambda functions to Node 18. You wouldn't notice any difference and things will continue to work smoothly and consistently as before.

  • Resource's metadata will now also include createdBy details in Turbot CMDB.

  • Policy Types:

    • AWS > Directory Service > Directory > Approved > Custom
  • Action Types:

    • AWS > Directory Service > Directory > Delete from AWS
    • AWS > Directory Service > Directory > Skip alarm for Active control
    • AWS > Directory Service > Directory > Skip alarm for Active control [90 days]
    • AWS > Directory Service > Directory > Skip alarm for Approved control
    • AWS > Directory Service > Directory > Skip alarm for Approved control [90 days]

What's new?

  • Users can now perform quick actions on resources to remediate cloud configuration issues or skip Turbot alarms for issues that they want to come back to later. To get started, click on the Actions button, which will reveal a dropdown menu with available actions, and select one. See Quick Actions for more information.

  • We've updated the runtime of the lambda functions to Node 18. You wouldn't notice any difference and things will continue to work smoothly and consistently as before.

  • Resource's metadata will now also include createdBy details in Turbot CMDB.

  • Action Types:

    • AWS > CodeBuild > Build > Delete from AWS
    • AWS > CodeBuild > Build > Skip alarm for Active control
    • AWS > CodeBuild > Build > Skip alarm for Active control [90 days]
    • AWS > CodeBuild > Build > Skip alarm for Approved control
    • AWS > CodeBuild > Build > Skip alarm for Approved control [90 days]
    • AWS > CodeBuild > Project > Delete from AWS
    • AWS > CodeBuild > Project > Set Tags
    • AWS > CodeBuild > Project > Skip alarm for Active control
    • AWS > CodeBuild > Project > Skip alarm for Active control [90 days]
    • AWS > CodeBuild > Project > Skip alarm for Approved control
    • AWS > CodeBuild > Project > Skip alarm for Approved control [90 days]
    • AWS > CodeBuild > Project > Skip alarm for Tags control
    • AWS > CodeBuild > Project > Skip alarm for Tags control [90 days]
    • AWS > CodeBuild > Source Credential > Delete from AWS
    • AWS > CodeBuild > Source Credential > Skip alarm for Active control
    • AWS > CodeBuild > Source Credential > Skip alarm for Active control [90 days]
    • AWS > CodeBuild > Source Credential > Skip alarm for Approved control
    • AWS > CodeBuild > Source Credential > Skip alarm for Approved control [90 days]

What's new?

  • Users can now perform quick actions on resources to remediate cloud configuration issues or skip Turbot alarms for issues that they want to come back to later. To get started, click on the Actions button, which will reveal a dropdown menu with available actions, and select one. See Quick Actions for more information.

  • We've updated the runtime of the lambda functions to Node 18. You wouldn't notice any difference and things will continue to work smoothly and consistently as before.

  • Resource's metadata will now also include createdBy details in Turbot CMDB.

  • Policy Types:

    • AWS > CloudFormation > Stack > Approved > Custom
    • AWS > CloudFormation > StackSet > Approved > Custom
  • Action Types:

    • AWS > CloudFormation > Stack > Delete from AWS
    • AWS > CloudFormation > Stack > Set Tags
    • AWS > CloudFormation > Stack > Skip alarm for Active control
    • AWS > CloudFormation > Stack > Skip alarm for Active control [90 days]
    • AWS > CloudFormation > Stack > Skip alarm for Approved control
    • AWS > CloudFormation > Stack > Skip alarm for Approved control [90 days]
    • AWS > CloudFormation > Stack > Skip alarm for Tags control
    • AWS > CloudFormation > Stack > Skip alarm for Tags control [90 days]
    • AWS > CloudFormation > StackSet > Delete from AWS
    • AWS > CloudFormation > StackSet > Set Tags
    • AWS > CloudFormation > StackSet > Skip alarm for Active control
    • AWS > CloudFormation > StackSet > Skip alarm for Active control [90 days]
    • AWS > CloudFormation > StackSet > Skip alarm for Approved control
    • AWS > CloudFormation > StackSet > Skip alarm for Approved control [90 days]
    • AWS > CloudFormation > StackSet > Skip alarm for Tags control
    • AWS > CloudFormation > StackSet > Skip alarm for Tags control [90 days]

What's new?

  • Users can now perform quick actions on resources to remediate cloud configuration issues or skip Turbot alarms for issues that they want to come back to later. To get started, click on the Actions button, which will reveal a dropdown menu with available actions, and select one. See Quick Actions for more information.

  • We've updated the runtime of the lambda functions to Node 18. You wouldn't notice any difference and things will continue to work smoothly and consistently as before.

  • Resource's metadata will now also include createdBy details in Turbot CMDB.

  • Policy Types:

    • AWS > Athena > NamedQuery > Approved > Custom
    • AWS > Athena > Workgroup > Approved > Custom
  • Action Types:

    • AWS > Athena > NamedQuery > Delete from AWS
    • AWS > Athena > NamedQuery > Set Tags
    • AWS > Athena > NamedQuery > Skip alarm for Active control
    • AWS > Athena > NamedQuery > Skip alarm for Active control [90 days]
    • AWS > Athena > NamedQuery > Skip alarm for Approved control
    • AWS > Athena > NamedQuery > Skip alarm for Approved control [90 days]
    • AWS > Athena > NamedQuery > Skip alarm for Tags control
    • AWS > Athena > NamedQuery > Skip alarm for Tags control [90 days]
    • AWS > Athena > Workgroup > Delete from AWS
    • AWS > Athena > Workgroup > Set Tags
    • AWS > Athena > Workgroup > Skip alarm for Active control
    • AWS > Athena > Workgroup > Skip alarm for Active control [90 days]
    • AWS > Athena > Workgroup > Skip alarm for Approved control
    • AWS > Athena > Workgroup > Skip alarm for Approved control [90 days]
    • AWS > Athena > Workgroup > Skip alarm for Tags control
    • AWS > Athena > Workgroup > Skip alarm for Tags control [90 days]

Bug fixes

  • Fixed queries to correctly return data for connection_name and tags dimensions instead of an error. (#73)

Enhancements

  • Updated the following queries to use url as the resource column: (#35)
    • default_branch_all_build_steps_as_code
    • default_branch_pipeline_locks_external_dependencies_for_build_process
    • default_branch_pipeline_must_have_jobs_with_sbom_generation
    • default_branch_pipelines_scan_for_vulnerabilities
    • default_branch_pipelines_scanners_set_to_prevent_sensitive_data
    • org_member_mfa_enabled
    • repo_inactive_members_review
    • repo_deletion_limited_to_trusted_users
    • repo_issue_deletion_limited_to_trusted_users
    • repo_webhook_package_registery_security_settings_enabled

The following 21 Turbot Steampipe plugins have been updated to use steampipe-plugin-sdk v5.6.2, which prevents nil pointer reference errors for implicit hydrate configs:

  • Alibaba Cloud
  • AWS CloudFormation
  • Azure
  • Azure Active Directory
  • CSV
  • DigitalOcean
  • Docker
  • Docker Hub
  • Exec
  • GCP
  • GitHub
  • IBM Cloud
  • Jira
  • Microsoft 365
  • Net
  • Okta
  • OpenShift
  • Oracle Cloud Infrastructure
  • Salesforce
  • Turbot Pipes
  • Zoom

What's new?

  • Users can now perform quick actions on resources to remediate cloud configuration issues or skip Turbot alarms for issues that they want to come back to later. To get started, click on the Actions button, which will reveal a dropdown menu with available actions, and select one. See Quick Actions for more information.

  • We've updated the runtime of the lambda functions to Node 18. You wouldn't notice any difference and things will continue to work smoothly and consistently as before.

  • Resource's metadata will now also include createdBy details in Turbot CMDB.

  • Action Types:

    • AWS > CloudSearch > Domain > Skip alarm for Active control
    • AWS > CloudSearch > Domain > Skip alarm for Active control [90 days]
    • AWS > CloudSearch > Domain > Skip alarm for Approved control
    • AWS > CloudSearch > Domain > Skip alarm for Approved control [90 days]

What's new?

  • Users can now perform quick actions on resources to remediate cloud configuration issues or skip Turbot alarms for issues that they want to come back to later. To get started, click on the Actions button, which will reveal a dropdown menu with available actions, and select one. See Quick Actions for more information.

  • We've updated the runtime of the lambda functions to Node 18. You wouldn't notice any difference and things will continue to work smoothly and consistently as before.

  • Resource's metadata will now also include createdBy details in Turbot CMDB.

  • Policy Types:

    • AWS > CloudFront > CloudFront Origin Access Identity > Approved > Custom
    • AWS > CloudFront > Distribution > Approved > Custom
    • AWS > CloudFront > Streaming Distribution > Approved > Custom
  • Action Types:

    • AWS > CloudFront > CloudFront Origin Access Identity > Skip alarm for Active control
    • AWS > CloudFront > CloudFront Origin Access Identity > Skip alarm for Active control [90 days]
    • AWS > CloudFront > CloudFront Origin Access Identity > Skip alarm for Approved control
    • AWS > CloudFront > CloudFront Origin Access Identity > Skip alarm for Approved control [90 days]
    • AWS > CloudFront > Distribution > Set Tags
    • AWS > CloudFront > Distribution > Skip alarm for Active control
    • AWS > CloudFront > Distribution > Skip alarm for Active control [90 days]
    • AWS > CloudFront > Distribution > Skip alarm for Approved control
    • AWS > CloudFront > Distribution > Skip alarm for Approved control [90 days]
    • AWS > CloudFront > Distribution > Skip alarm for Tags control
    • AWS > CloudFront > Distribution > Skip alarm for Tags control [90 days]
    • AWS > CloudFront > Streaming Distribution > Set Tags
    • AWS > CloudFront > Streaming Distribution > Skip alarm for Active control
    • AWS > CloudFront > Streaming Distribution > Skip alarm for Active control [90 days]
    • AWS > CloudFront > Streaming Distribution > Skip alarm for Approved control
    • AWS > CloudFront > Streaming Distribution > Skip alarm for Approved control [90 days]
    • AWS > CloudFront > Streaming Distribution > Skip alarm for Tags control
    • AWS > CloudFront > Streaming Distribution > Skip alarm for Tags control [90 days]

What's new?

  • Users can now perform quick actions on resources to remediate cloud configuration issues or skip Turbot alarms for issues that they want to come back to later. To get started, click on the Actions button, which will reveal a dropdown menu with available actions, and select one. See Quick Actions for more information.

  • We've updated the runtime of the lambda functions to Node 18. You wouldn't notice any difference and things will continue to work smoothly and consistently as before.

  • Resource's metadata will now also include createdBy details in Turbot CMDB.

  • Action Types:

    • AWS > API Gateway > API > Delete from AWS
    • AWS > API Gateway > API > Set Tags
    • AWS > API Gateway > API > Skip alarm for Active control
    • AWS > API Gateway > API > Skip alarm for Active control [90 days]
    • AWS > API Gateway > API > Skip alarm for Approved control
    • AWS > API Gateway > API > Skip alarm for Approved control [90 days]
    • AWS > API Gateway > API > Skip alarm for Tags control
    • AWS > API Gateway > API > Skip alarm for Tags control [90 days]
    • AWS > API Gateway > API Key > Delete from AWS
    • AWS > API Gateway > API Key > Set Tags
    • AWS > API Gateway > API Key > Skip alarm for Active control
    • AWS > API Gateway > API Key > Skip alarm for Active control [90 days]
    • AWS > API Gateway > API Key > Skip alarm for Approved control
    • AWS > API Gateway > API Key > Skip alarm for Approved control [90 days]
    • AWS > API Gateway > API Key > Skip alarm for Tags control
    • AWS > API Gateway > API Key > Skip alarm for Tags control [90 days]
    • AWS > API Gateway > API V2 > Delete from AWS
    • AWS > API Gateway > API V2 > Set Tags
    • AWS > API Gateway > API V2 > Skip alarm for Active control
    • AWS > API Gateway > API V2 > Skip alarm for Active control [90 days]
    • AWS > API Gateway > API V2 > Skip alarm for Approved control
    • AWS > API Gateway > API V2 > Skip alarm for Approved control [90 days]
    • AWS > API Gateway > API V2 > Skip alarm for Tags control
    • AWS > API Gateway > API V2 > Skip alarm for Tags control [90 days]
    • AWS > API Gateway > Authorizer > Delete from AWS
    • AWS > API Gateway > Authorizer > Skip alarm for Active control
    • AWS > API Gateway > Authorizer > Skip alarm for Active control [90 days]
    • AWS > API Gateway > Authorizer > Skip alarm for Approved control
    • AWS > API Gateway > Authorizer > Skip alarm for Approved control [90 days]
    • AWS > API Gateway > Authorizer V2 > Delete from AWS
    • AWS > API Gateway > Authorizer V2 > Skip alarm for Active control
    • AWS > API Gateway > Authorizer V2 > Skip alarm for Active control [90 days]
    • AWS > API Gateway > Authorizer V2 > Skip alarm for Approved control
    • AWS > API Gateway > Authorizer V2 > Skip alarm for Approved control [90 days]
    • AWS > API Gateway > Domain Name V2 > Delete from AWS
    • AWS > API Gateway > Domain Name V2 > Set Tags
    • AWS > API Gateway > Domain Name V2 > Skip alarm for Active control
    • AWS > API Gateway > Domain Name V2 > Skip alarm for Active control [90 days]
    • AWS > API Gateway > Domain Name V2 > Skip alarm for Approved control
    • AWS > API Gateway > Domain Name V2 > Skip alarm for Approved control [90 days]
    • AWS > API Gateway > Domain Name V2 > Skip alarm for Tags control
    • AWS > API Gateway > Domain Name V2 > Skip alarm for Tags control [90 days]
    • AWS > API Gateway > Integration V2 > Delete from AWS
    • AWS > API Gateway > Integration V2 > Skip alarm for Active control
    • AWS > API Gateway > Integration V2 > Skip alarm for Active control [90 days]
    • AWS > API Gateway > Integration V2 > Skip alarm for Approved control
    • AWS > API Gateway > Integration V2 > Skip alarm for Approved control [90 days]
    • AWS > API Gateway > Resource > Delete from AWS
    • AWS > API Gateway > Resource > Skip alarm for Active control
    • AWS > API Gateway > Resource > Skip alarm for Active control [90 days]
    • AWS > API Gateway > Resource > Skip alarm for Approved control
    • AWS > API Gateway > Resource > Skip alarm for Approved control [90 days]
    • AWS > API Gateway > Stage > Delete from AWS
    • AWS > API Gateway > Stage > Set Tags
    • AWS > API Gateway > Stage > Skip alarm for Active control
    • AWS > API Gateway > Stage > Skip alarm for Active control [90 days]
    • AWS > API Gateway > Stage > Skip alarm for Approved control
    • AWS > API Gateway > Stage > Skip alarm for Approved control [90 days]
    • AWS > API Gateway > Stage > Skip alarm for Tags control
    • AWS > API Gateway > Stage > Skip alarm for Tags control [90 days]
    • AWS > API Gateway > Stage v2 > Delete from AWS
    • AWS > API Gateway > Stage v2 > Set Tags
    • AWS > API Gateway > Stage v2 > Skip alarm for Active control
    • AWS > API Gateway > Stage v2 > Skip alarm for Active control [90 days]
    • AWS > API Gateway > Stage v2 > Skip alarm for Approved control
    • AWS > API Gateway > Stage v2 > Skip alarm for Approved control [90 days]
    • AWS > API Gateway > Stage v2 > Skip alarm for Tags control
    • AWS > API Gateway > Stage v2 > Skip alarm for Tags control [90 days]
    • AWS > API Gateway > Usage Plan > Delete from AWS
    • AWS > API Gateway > Usage Plan > Set Tags
    • AWS > API Gateway > Usage Plan > Skip alarm for Active control
    • AWS > API Gateway > Usage Plan > Skip alarm for Active control [90 days]
    • AWS > API Gateway > Usage Plan > Skip alarm for Approved control
    • AWS > API Gateway > Usage Plan > Skip alarm for Approved control [90 days]
    • AWS > API Gateway > Usage Plan > Skip alarm for Tags control
    • AWS > API Gateway > Usage Plan > Skip alarm for Tags control [90 days]

What's new?

  • AWS/Amplify/Admin and AWS/Amplify/Metadata now also include permissions for Deployment, WebHook and Artifacts.

  • Users can now perform quick actions on resources to remediate cloud configuration issues or skip Turbot alarms for issues that they want to come back to later. To get started, click on the Actions button, which will reveal a dropdown menu with available actions, and select one. See Quick Actions for more information.

  • We've updated the runtime of the lambda functions to Node 18. You wouldn't notice any difference and things will continue to work smoothly and consistently as before.

  • Resource's metadata will now also include createdBy details in Turbot CMDB.

  • Policy Types:

    • AWS > Amplify > App > Approved > Custom
  • Action Types:

    • AWS > Amplify > App > Delete from AWS
    • AWS > Amplify > App > Set Tags
    • AWS > Amplify > App > Skip alarm for Active control
    • AWS > Amplify > App > Skip alarm for Active control [90 days]
    • AWS > Amplify > App > Skip alarm for Approved control
    • AWS > Amplify > App > Skip alarm for Approved control [90 days]
    • AWS > Amplify > App > Skip alarm for Tags control
    • AWS > Amplify > App > Skip alarm for Tags control [90 days]

What's new?

  • Users can now perform quick actions on resources to remediate cloud configuration issues or skip Turbot alarms for issues that they want to come back to later. To get started, click on the Actions button, which will reveal a dropdown menu with available actions, and select one. See Quick Actions for more information.

  • We've updated the runtime of the lambda functions to Node 18. You wouldn't notice any difference and things will continue to work smoothly and consistently as before.

  • Resource's metadata will now also include createdBy details in Turbot CMDB.

  • Policy Types:

    • AWS > ACM > Certificate > Approved > Custom
  • Action Types:

    • AWS > ACM > Certificate > Delete from AWS
    • AWS > ACM > Certificate > Set Tags
    • AWS > ACM > Certificate > Skip alarm for Active control
    • AWS > ACM > Certificate > Skip alarm for Active control [90 days]
    • AWS > ACM > Certificate > Skip alarm for Approved control
    • AWS > ACM > Certificate > Skip alarm for Approved control [90 days]
    • AWS > ACM > Certificate > Skip alarm for Tags control
    • AWS > ACM > Certificate > Skip alarm for Tags control [90 days]

Breaking changes

  • Removed instances column from terraform_resource table. (#64)
  • All arguments and lifecycle columns now return null instead of {} if empty. (#64)

Enhancements

  • Added address, attributes, and attributes_std columns to terraform_resource table. (#64)

Bug fixes

  • Fixed the start_line, end_line and source column values in the terraform_resource table to return correct values regardless of file indentation. (#64)
  • Fixed the plugin to check all files even if a non-existent file name is provided in any file_paths config arg. (#67)

Enhancements

  • Updated the queries to use the attributes_std and address columns from the terraform_resource table instead of arguments, type and name columns for better support of terraform state files. (#34)

Dependencies

  • Terraform plugin v0.10.0 or higher is now required. (#34)

Enhancements

  • Updated the queries to use the attributes_std and address columns from the terraform_resource table instead of arguments, type and name columns for better support of terraform state files. (#42)

Dependencies

  • Terraform plugin v0.10.0 or higher is now required. (#42)

Enhancements

  • Updated the queries to use the attributes_std and address columns from the terraform_resource table instead of arguments, type and name columns for better support of terraform state files. (#35)

Dependencies

  • Terraform plugin v0.10.0 or higher is now required. (#35)

Enhancements

  • Updated the queries to use the attributes_std and address columns from the terraform_resource table instead of arguments, type and name columns for better support of terraform state files. (#90)

Dependencies

  • Terraform plugin v0.10.0 or higher is now required. (#90)

Bug fixes

  • Fixed the plugin to prevent crashes when source_types config argument contains manifest but manifest_file_paths is not defined. (#177)

What's new?

  • Added 39 new controls for the ClusterRoleBinding, CronJob, DaemonSet, Ingress, Job, Pod resource types to the all_controls benchmark. (#68)

Bug fixes

  • Fixed the source_account_id column of aws_securityhub_finding table to correctly return data instead of null. (#1927) (Thanks @gabrielsoltz for the contribution!)
  • Fixed the members column of aws_rds_db_cluster table to correctly return data instead of null. (#1926)

Bug fixes

  • Added support for the missing mod-location flag to the steampipe variable list command. (#3942)

Bug fixes

  • The initialise function is now being called for implicit hydrate configs (i.e. hydrate functions without explicit config), thereby preventing nil pointer reference errors when the hydrate function returns an error. (#683)

All new Pipes workspaces will be running Steampipe v0.21.1 and existing workspaces will be upgraded by Monday 9th October 2023.

For more information on this Steampipe release, see the launch post or release notes.

The Pipes dashboard now shows a feed of the most recent changelog entries, allowing you to see what's new at a glance.

Whats new?

  • Define rate and concurrency limits for plugin execution. (#3746)
  • Define multiple instances of a plugin version using a plugin connection config block. (#3807)
  • The maximum memory used by plugins and the CLI can now be specified either in plugin instance definitions or the new plugin options block. (#3807)
  • New introspection tables steampipe_plugin and steampipe_plugin_limiter containing all configured plugin instances and limiters. (#3746)
  • New introspection table steampipe_server_settings populated with server settings data during service startup. (#3462)
  • Running plugin install with no arguments installs all referenced plugins. (#3451)
  • New --output flag for plugin list cmd allows selection between json and table output. (#3368)
  • Each plugin directory ncontains a version.json which can be used to recompose the global plugin versions.json if it is missing or corrupt. (#3492)
  • Typing .cache in interactive prompt shows the current value of cache. (#2439)
  • Steampipe commands bypass plugin requirement check if installed plugin is locally built. (#3643)
  • New skip-config flag disables writing of default plugin config during plugin installation. (#3531, #2206)
  • Logs are now written to file instead of console. (#2916)
  • When plugin startup fails, report useful message in the CLI. (#3732)
  • Users are warned to not have mod.sp files in home directory. (#2321)
  • Updated messaging when service is started on an unavailable port. (#623)
  • Log files are rotated if the process is active across date boundaries. (#125, #3825)
  • Listen hosts may be selected when starting steampipe service. (#3505)
  • Initialisation behaviour for the sample options has been changed: always copy a sample file (default.spc.sample), but only overwrite the default.spc file with the sample content if the existing file has not been modified. (#3431)
  • Validation for the workspace profile cache settings. (#3646)
  • Support OCI registries requiring authentication. (#2819)
  • Compiled with Go 1.21. (#3763)

Bug fixes

  • Plugin manager shutdown stalling intermittently due to deadlocks. (#3818)
  • Temporary tables dropped in interactive prompt when pool connections recycled. (#3781,#3543)
  • service start was not listening on network by default. (#3593)
  • Multi line logs from plugins not rendered correctly in plugin logs. (#3678)
  • .inspect panicking for long column descriptions. (#3709)
  • Interactive prompt crashing when there is a code panic. (#3713)
  • Incorrect zsh completion instructions.
  • Steampipe should not create export files for cancelled control runs. (#3578)
  • BuildFullResourceName not validating non empty arguments. (#3601)
  • Spinner not showing when exporting check results. (#3577)
  • stdin was consumed by query command even if there are arguments. (#1985)
  • When exporting multiple benchmarks, results now merged the results into a single export. (#2380)
  • Raise warning when pseudo-resources are ignored because of named HCL resources. (#1328)
  • Database reinstalled unnecessarily if any FDW files were missing. (#2040)
  • Improved error message when steampipe fails to parse a mod definition file because mod block does not exist. (#1198)
  • Only install-dir and workspace flags should be global flags. All other flags should only apply to specific command. (#3542)
  • Passing an empty list for list variables was not working. (#2094)
  • Show deprecation warning for version field in require block of mod definition.
  • Temporary directories were not always being cleaned up after plugin commands.
  • plugin list returned nothing if no plugins were installed. (#3927)

Deprecations and migrations

  • Table steampipe_connection_state renamed to steampipe_connection
  • Removed migration and backward compatibility of data files from v0.13.0. (#3517)
  • Removed deprecated workspace-chdir flag. (#3925)
  • Migrated from cloud.steampipe.io to pipes.turbot.com. (#3724)
  • Removed support for plugins which do not support multiple connections (i.e. using SDK < v4.0.0).
  • Deprecated terminal options.

All 115 Turbot Steampipe plugins have been updated to use steampipe-plugin-sdk v5.6.1, which adds support for rate and concurrency limiters.

Limiters provide a simple, flexible interface to implement client-site rate limiting and concurrency thresholds at compile time or run time. You can use limiters to:

  • Smooth the request rate from Steampipe to reduce load on the remote API or service
  • Limit the number of parallel requests to reduce contention for client and network resources
  • Avoid hitting server limits and throttling

For more information on getting started, please see Concurrency and Rate Limiting.

Deprecated

  • The source_type config argument has been deprecated and will be removed in the next major version. Please use the source_types config argument instead. If both config arguments are set, source_types will take precedence. For backward compatibility, please see below for old and new value equivalents: (#167)
    • source_type = 'all': source_types = ["deployed", "helm", "manifest"]
    • source_type = 'deployed': source_types = ["deployed"]
    • source_type = 'helm': source_types = ["helm"]
    • source_type = 'manifest': source_types = ["manifest"]

What's new?

  • Added the source_types config argument, which allows specifying a combination of source types to load per connection. (#167)

What's new?

  • Added 350+ new controls across all resource types to the all_controls benchmark. (#64)

Enhancements

  • Added path to default set of common_dimensions, so now any file paths will appear by default in the additional dimensions in control results. (#63)
  • Added iac category to mod definition.

Dependencies

  • Kubernetes plugin v0.23.0 or higher is now required.

Breaking changes

  • Removed the output column in the exec_command table. This column has been replaced by the stdout_output and stderr_output columns. (#13)

What's new?

  • Added stdout_output and stderr_output columns to the exec_command table. (#13)
  • Added stream column to the exec_command_line table. (#13)
  • Added plugin limiter exec_global with MaxConcurrency set to 15 in an effort to reduce abuse reports due to large number of concurrent remote connections. (#13)

Bug fixes

  • Results from the exec_command table should now be consistent when using local and remote connections. (#13)

Dependencies

What's new?

  • Added CIS v1.6.0 benchmark (steampipe check docker_compliance.benchmark.cis_v160). (#4)

Enhancements

  • Updated the Makefile to build the netgo package only for Darwin systems. (#1918)
  • Added the configuration_settings column to aws_elastic_beanstalk_environment table. (#1916)

Bug fixes

  • Fixed the table aws_dynamodb_backup to return nil instead of an error when backup does not exist. (#1914)

What's new?

  • SetConnectionCacheOptions, a new GRPC endpoint to clear connection cache. (#678)

What's new?

  • Added: t4g, m7g, m6gd, r7g, r6gd, c6g and c6gd to instance type parameter for RDS.
  • Added: new hive parameter group for Postgres 14 and 15.

What's new?

  • We've updated the runtime of the lambda functions to Node 18. You wouldn't notice any difference and things will continue to work smoothly and consistently as before.
  • Rebranded to a Turbot Guardrails Mod. To maintain compatibility, none of the existing resource types, control types or policy types have changed, your existing configurations and settings will continue to work as before.

What's new?

  • Resource Types:

    • AWS > Route 53 > Record
  • Control Types:

    • AWS > Route 53 > Record > Active
    • AWS > Route 53 > Record > Approved
    • AWS > Route 53 > Record > CMDB
    • AWS > Route 53 > Record > Discovery
  • Policy Types:

    • AWS > Route 53 > Record > Active
    • AWS > Route 53 > Record > Active > Age
    • AWS > Route 53 > Record > Active > Budget
    • AWS > Route 53 > Record > Active > Last Modified
    • AWS > Route 53 > Record > Approved
    • AWS > Route 53 > Record > Approved > Budget
    • AWS > Route 53 > Record > Approved > Custom
    • AWS > Route 53 > Record > Approved > Usage
    • AWS > Route 53 > Record > CMDB
  • Action Types:

    • AWS > Route 53 > Record > Delete
    • AWS > Route 53 > Record > Delete from AWS
    • AWS > Route 53 > Record > Router
    • AWS > Route 53 > Record > Skip alarm for Active control
    • AWS > Route 53 > Record > Skip alarm for Active control [90 days]
    • AWS > Route 53 > Record > Skip alarm for Approved control
    • AWS > Route 53 > Record > Skip alarm for Approved control [90 days]

Enhancements

  • Added the last_successful_login_time column to oci_identity_user table. (#547)

Enhancements

  • Added the department column to azuread_user table. (#132)

Bug fixes

  • Fixed the title column in azuread_device and azuread_user tables to correctly return data instead of null. (#134)

What's new?

  • Define rate and concurrency limits for plugin execution. (#623)
  • Diagnostics property added to _ctx column, containing information on hydrate calls and rate limiting (enabled by setting env var STEAMPIPE_DIAGNOSTIC_LEVEL=all)
  • Support for JSONB operators in List hydrate functions. (#594)
  • Type property added to ConnectionConfig protobuf definition to determine if a connection is an aggregator. (#590)
  • When plugin startup fails, write a specially formatted string to stdout so plugin manager can parse the output and display a useful message. (#619)
  • Support for multi-line log entries. (#612)
  • Added Equals function for QualValue. (#646)

What's new?

  • We've updated the runtime of the lambda functions to Node 18. You wouldn't notice any difference and things will continue to work smoothly and consistently as before.

  • Control Types:

    • AWS > Organizations > Organization Root > Active
    • AWS > Organizations > Organization Root > Approved
    • AWS > Organizations > Organizational Account > Active
    • AWS > Organizations > Organizational Account > Approved
  • Policy Types:

    • AWS > Organizations > Organization Root > Active
    • AWS > Organizations > Organization Root > Active > Age
    • AWS > Organizations > Organization Root > Active > Last Modified
    • AWS > Organizations > Organization Root > Approved
    • AWS > Organizations > Organization Root > Approved > Custom
    • AWS > Organizations > Organization Root > Approved > Usage
    • AWS > Organizations > Organizational Account > Active
    • AWS > Organizations > Organizational Account > Active > Age
    • AWS > Organizations > Organizational Account > Active > Last Modified
    • AWS > Organizations > Organizational Account > Approved
    • AWS > Organizations > Organizational Account > Approved > Custom
    • AWS > Organizations > Organizational Account > Approved > Usage
  • Action Types:

    • AWS > Organizations > Organization Root > Skip alarm for Active control
    • AWS > Organizations > Organization Root > Skip alarm for Active control [90 days]
    • AWS > Organizations > Organization Root > Skip alarm for Approved control
    • AWS > Organizations > Organization Root > Skip alarm for Approved control [90 days]
    • AWS > Organizations > Organizational Account > Skip alarm for Active control
    • AWS > Organizations > Organizational Account > Skip alarm for Active control [90 days]
    • AWS > Organizations > Organizational Account > Skip alarm for Approved control
    • AWS > Organizations > Organizational Account > Skip alarm for Approved control [90 days]

What's new?

  • AWS/MSK/Admin, AWS/MSK/Metadata and AWS/MSK/Operator now also include permissions for Cluster V2, Scram Secrets and Kafka VPC Connections.

  • We've updated the runtime of the lambda functions to Node 18. You wouldn't notice any difference and things will continue to work smoothly and consistently as before.

  • Resource's metadata will now also include createdBy details in Turbot CMDB.

  • Rebranded to a Turbot Guardrails Mod. To maintain compatibility, none of the existing resource types, control types or policy types have changed, your existing configurations and settings will continue to work as before.

  • Policy Types:

    • AWS > MSK > Cluster > Approved > Custom
    • AWS > MSK > Cluster > Approved > Instance Types
  • Action Types:

    • AWS > MSK > Cluster > Delete from AWS
    • AWS > MSK > Cluster > Set Tags
    • AWS > MSK > Cluster > Skip alarm for Active control
    • AWS > MSK > Cluster > Skip alarm for Active control [90 days]
    • AWS > MSK > Cluster > Skip alarm for Approved control
    • AWS > MSK > Cluster > Skip alarm for Approved control [90 days]
    • AWS > MSK > Cluster > Skip alarm for Tags control
    • AWS > MSK > Cluster > Skip alarm for Tags control [90 days]

Bug fixes

  • Guardrails would sometimes fail to upsert clusters correctly in CMDB. This is now fixed.

What's new?

  • Control Types:

    • AWS > ElastiCache > Replication Group > Backup
  • Policy Types:

    • AWS > ElastiCache > Replication Group > Backup
    • AWS > ElastiCache > Replication Group > Backup > Retention Period
    • AWS > ElastiCache > Replication Group > Backup > Window
  • Action Types:

    • AWS > ElastiCache > Cache Cluster > Skip alarm for approved control
    • AWS > ElastiCache > Cache Cluster > Skip alarm for approved control [90 days]
    • AWS > ElastiCache > Cache Parameter Group > Skip alarm for approved control
    • AWS > ElastiCache > Cache Parameter Group > Skip alarm for approved control [90 days]
    • AWS > ElastiCache > Replication Group > Skip alarm for approved control
    • AWS > ElastiCache > Replication Group > Skip alarm for approved control [90 days]
    • AWS > ElastiCache > Replication Group > Update Backup
    • AWS > ElastiCache > Snapshot > Skip alarm for approved control
    • AWS > ElastiCache > Snapshot > Skip alarm for approved control [90 days]

Enhancements

  • Added 112 new controls to the All Controls benchmark for the following services: (#59)
    • CronJob
    • DaemonSet
    • Deployment
    • Job
    • Pod
    • ReplicaSet
    • ReplicationController
    • StatefulSet

All Pipes workspaces have now been upgraded to Steampipe v0.20.12.

For more information on this Steampipe release, see the release notes.

All new Pipes workspaces will be running Steampipe v0.20.12 and existing workspaces will be upgraded by Monday 25th September 2023.

For more information on this Steampipe release, see the release notes.

What's new?

  • Added support for Global Event Handlers. This release contains new Guardrails policies and controls to support deployment of Global Event Handlers for AWS.

  • Control Types:

    • AWS > Turbot > Event Handlers [Global]
  • Policy Types:

    • AWS > Turbot > Event Handlers [Global]
    • AWS > Turbot > Event Handlers [Global] > Events
    • AWS > Turbot > Event Handlers [Global] > Events > Rules
    • AWS > Turbot > Event Handlers [Global] > Events > Rules > Name Prefix
    • AWS > Turbot > Event Handlers [Global] > Events > Rules > Tags
    • AWS > Turbot > Event Handlers [Global] > Events > Target
    • AWS > Turbot > Event Handlers [Global] > Events > Target > IAM Role ARN
    • AWS > Turbot > Event Handlers [Global] > Primary Region
    • AWS > Turbot > Event Handlers [Global] > SNS
    • AWS > Turbot > Event Handlers [Global] > SNS > Topic
    • AWS > Turbot > Event Handlers [Global] > SNS > Topic > Customer Managed Key
    • AWS > Turbot > Event Handlers [Global] > SNS > Topic > Name Prefix
    • AWS > Turbot > Event Handlers [Global] > SNS > Topic > Tags
    • AWS > Turbot > Event Handlers [Global] > Source
    • AWS > Turbot > Event Handlers [Global] > Terraform Version
    • AWS > Turbot > Service Roles > Event Handlers [Global]
    • AWS > Turbot > Service Roles > Event Handlers [Global] > Name

What's new?

  • Added support for querying on-premise Jira instances. This can be done by setting the personal_access_token config argument in the jira.spc file. (#86) (Thanks @juandspy for the contribution!)

Bug fixes

  • Empty values will no longer be cached incorrectly for the github_my_repository, github_repository, and github_search_repository tables. (#340)
  • Fixed github_team_repository table to include support for dynamic GraphQL queries. (#339)

What's new?

  • AWS/RDS/Admin, AWS/RDS/Metadata and AWS/RDS/Operator now include permissions for Performance Insights.
  • Rebranded to a Turbot Guardrails Mod. To maintain compatibility, none of the existing resource types, control types or policy types have changed, your existing configurations and settings will continue to work as before.

What's new

  • Update github_my_repository, github_repository, and github_search_repository tables to only include requested columns in GraphQL request. This should result in faster queries and large scale queries completing more consistently. (#338)

Dependencies

  • Recompiled plugin with Go 1.21. (#338)

What's new?

  • Added support for new multi-regions NAM8, NAM9, NAM10, NAM11, NAM12, NAM13, NAM14, NAM15, NAM-EUR-ASIA1, NAM-EUR-ASIA3, IN, EUR5, EUR6, EUROPE and EMEA in the GCP > Project > Regions policy.

  • Policy Types Removed:

    • GCP > Project > Multi-Regions [Deprecated]

Bug fixes

  • Fixed github_search_repository table queries failing when selecting the has_downloads, has_pages, hooks, network_count, subscribers_count, or topics columns. (#337)

All Pipes workspaces have now been upgraded to Steampipe v0.20.11.

For more information on this Steampipe release, see the release notes.

Bug fixes

  • The AWS > VPC > Security Group > CMDB control would sometimes go into an error state if the TE version installed on the workspace was 5.42.1 or lower. This is fixed and the control will now work as expected.

Bug fixes

  • Fixed the invalid memory address or nil pointer dereference errors when querying Terraform configuration or plan or state files that included null valued arguments. (#56)

Enhancements

  • Added 90 new controls to the All Controls benchmark for the following services: (#56)
    • CronJob
    • DaemonSet
    • Deployment
    • Job
    • Pod
    • ReplicaSet
    • ReplicationController
    • StatefulSet

Bug fixes

  • Fixed the role_with_wildcards_used control to correctly return data instead of an error. (#54)

Bug fixes

  • Fixed the plugin to return nil instead of an error when the file/path specified in dockerfile_paths or docker_compose_file_paths config arguments does not exist. (#38)

Bug fixes

  • Added the missing resource column in the queries of glue_data_catalog_encryption_settings_metadata_encryption_enabled and glue_data_catalog_encryption_settings_password_encryption_enabled controls. (#715)

What's new?

  • Added: m7g instance types for Elasticache.

Bug fixes

  • User group name for hive names with _ in it.
  • Hive manager code to add access grant to public schema for postgres 15.

Requirements

  • TEF: 1.52.0

What's new?

  • Added support for new europe-west10 region in the GCP > Project > Regions policy.
  • Rebranded to a Turbot Guardrails Mod. To maintain compatibility, none of the existing resource types, control types or policy types have changed, your existing configurations and settings will continue to work as before.

What's new?

  • Added support for new asia-northeast3, asia-south2, asia-southeast2, australia-southeast2, europe-central2, europe-southwest1, europe-west10, europe-west12, europe-west8, europe-west9, me-central1, me-west1, northamerica-northeast2, southamerica-west1, us-east5, us-south1, us-west3 and us-west4 regions in the GCP > Compute Engine > Regions policy.
  • Rebranded to a Turbot Guardrails Mod. To maintain compatibility, none of the existing resource types, control types or policy types have changed, your existing configurations and settings will continue to work as before.

Bug fixes

  • The real-time Event Handlers would sometimes fail to upsert data disks attached to instances in Guardrails CMDB. This is now fixed.

Bug fixes

  • Guardrails stack controls would fail to claim any existing Security Group if the Security Group was available in Guardrails CMDB and the stack's Source policy included the Terraform plan for the Security Group. This is fixed and stack control will now be able to claim existing Security Groups correctly. Please note that this fix will only work for workspaces on TE v5.42.2 or higher.
  • Guardrails stack controls would sometimes fail to update Security Groups and Security Group Rules if the Terraform plan in the stack's source policy included changes to attributes which force replaced the resource. This is fixed and the stack controls will now update such resources correctly, as expected. Please note that this fix will only work for workspaces on TE v5.42.2 or higher.

What's new?

  • Policy Types:
    • AWS > EC2 > Instance > Schedule Tag > Name

Bug fixes

  • After starting/stopping an instance successfully, the AWS > EC2 > Instance > Schedule control would try and perform the same start/stop action again if the state of the instance was changed outside of the control within 1 hour of the successful start/stop run. This is fixed and the control will now not trigger a start/stop action again for a minimum of 1 hour of the previous successful run.

Enhancements

  • Added the resource_object and object columns to guardrails_notification and guardrails_resource tables respectively. (#7)

Bug fixes

  • Added the missing S3 go-getter examples in the docs/index.md file.

Bug fixes

  • Fixed the data type of capacity_reservation_specification column of aws_ec2_instance table to be of JSON type instead of STRING. (#1903)

What's new?

  • Updated: Hive manager code to include access grant for public schema for postgres 15.

What's new?

  • Server:
    • Updated: Now supports creating multiple AKAs starting with arn, azure, and gcp via APIs.
    • Updated: Add mod version check for workspace upgrade.

Bug fixes

  • Server:
    • Fixed: Ensure successful workspace creation on fresh PostgreSQL 15 installations.
    • Fixed: The stack should claim the Security Group (SG) or Security Group Rule (SGR) if the resource already exists.
    • Removed: vm2 node package.

What's new?

  • Resource Types:

    • Azure > Network > Express Route Circuits
  • Control Types:

    • Azure > Network > Express Route Circuits > Active
    • Azure > Network > Express Route Circuits > Approved
    • Azure > Network > Express Route Circuits > CMDB
    • Azure > Network > Express Route Circuits > Discovery
    • Azure > Network > Express Route Circuits > Tags
  • Policy Types:

    • Azure > Network > Express Route Circuits > Active
    • Azure > Network > Express Route Circuits > Active > Age
    • Azure > Network > Express Route Circuits > Active > Last Modified
    • Azure > Network > Express Route Circuits > Approved
    • Azure > Network > Express Route Circuits > Approved > Custom
    • Azure > Network > Express Route Circuits > Approved > Regions
    • Azure > Network > Express Route Circuits > Approved > Usage
    • Azure > Network > Express Route Circuits > CMDB
    • Azure > Network > Express Route Circuits > Regions
    • Azure > Network > Express Route Circuits > Tags
    • Azure > Network > Express Route Circuits > Tags > Template
  • Action Types:

    • Azure > Network > Express Route Circuits > Delete
    • Azure > Network > Express Route Circuits > Router
    • Azure > Network > Express Route Circuits > Set Tags

Enhancements

  • Added the iam_workload_identity_restricted control to the IAM benchmark. (#38)

Breaking changes

  • Removed the dms_s3_endpoint_encryption_in_transit_enabled control from the DMS benchmark. (#84)

Enhancements

  • Added the vpc_transfer_server_allows_only_secure_protocols control to the VPC benchmark. (#84)

Deprecations

  • Deprecated domain column in net_certificate table, which has been replaced by the address column. Please note that the address column requires a port, e.g., github.com:443. This column will be removed in a future version. (#50)

What's new?

  • Added address column to the net_certificate table to allow specifying a port with the domain name. (#50)

All new Pipes workspaces will be running Steampipe v0.20.11 and existing workspaces will be upgraded by Monday 18th September 2023.

For more information on this Steampipe release, see the release notes.

What's new?

Users can now delete Login Profiles for IAM Users.

  • Control Types:

    • AWS > IAM > User > Login Profile
  • Policy Types:

    • AWS > IAM > User > Login Profile
  • Action Types:

    • AWS > IAM > User > Delete Login Profile

Bug fixes

  • Updated the bitbucket.spc and index.md files to include details of BITBUCKET_USERNAME, BITBUCKET_PASSWORD, and BITBUCKET_API_BASE_URL environment variables. (#77)

What's new?

  • Resource Types:

    • Azure > Network > Private DNS Zones
    • Azure > Network > Private Endpoints
  • Control Types:

    • Azure > Network > Private DNS Zones > Active
    • Azure > Network > Private DNS Zones > Approved
    • Azure > Network > Private DNS Zones > CMDB
    • Azure > Network > Private DNS Zones > Discovery
    • Azure > Network > Private DNS Zones > Tags
    • Azure > Network > Private Endpoints > Active
    • Azure > Network > Private Endpoints > Approved
    • Azure > Network > Private Endpoints > CMDB
    • Azure > Network > Private Endpoints > Discovery
    • Azure > Network > Private Endpoints > Tags
  • Policy Types:

    • Azure > Network > Private DNS Zones > Active
    • Azure > Network > Private DNS Zones > Active > Age
    • Azure > Network > Private DNS Zones > Active > Last Modified
    • Azure > Network > Private DNS Zones > Approved
    • Azure > Network > Private DNS Zones > Approved > Custom
    • Azure > Network > Private DNS Zones > Approved > Usage
    • Azure > Network > Private DNS Zones > CMDB
    • Azure > Network > Private DNS Zones > Tags
    • Azure > Network > Private DNS Zones > Tags > Template
    • Azure > Network > Private Endpoints > Active
    • Azure > Network > Private Endpoints > Active > Age
    • Azure > Network > Private Endpoints > Active > Last Modified
    • Azure > Network > Private Endpoints > Approved
    • Azure > Network > Private Endpoints > Approved > Custom
    • Azure > Network > Private Endpoints > Approved > Regions
    • Azure > Network > Private Endpoints > Approved > Usage
    • Azure > Network > Private Endpoints > CMDB
    • Azure > Network > Private Endpoints > Regions
    • Azure > Network > Private Endpoints > Tags
    • Azure > Network > Private Endpoints > Tags > Template
  • Action Types:

    • Azure > Network > Private DNS Zones > Delete
    • Azure > Network > Private DNS Zones > Router
    • Azure > Network > Private DNS Zones > Set Tags
    • Azure > Network > Private Endpoints > Delete
    • Azure > Network > Private Endpoints > Router
    • Azure > Network > Private Endpoints > Set Tags

Bug fixes

  • A few policy values would sometimes fail to evaluate correctly if the mod was installed on TE v5.42.1. We've fixed this issue and such policy values will now be evaluated correctly.

Bug fixes

  • The AWS > Turbot > Event Handlers now support real-time events for AWS S3 Multi-Region Access Point.

What's new?

  • Resource Types:

    • AWS > S3 > Multi-Region Access Point
  • Control Types:

    • AWS > S3 > Multi-Region Access Point > Active
    • AWS > S3 > Multi-Region Access Point > Approved
    • AWS > S3 > Multi-Region Access Point > CMDB
    • AWS > S3 > Multi-Region Access Point > Discovery
    • AWS > S3 > Multi-Region Access Point > Usage
  • Policy Types:

    • AWS > S3 > Multi-Region Access Point > Active
    • AWS > S3 > Multi-Region Access Point > Active > Age
    • AWS > S3 > Multi-Region Access Point > Active > Budget
    • AWS > S3 > Multi-Region Access Point > Active > Last Modified
    • AWS > S3 > Multi-Region Access Point > Approved
    • AWS > S3 > Multi-Region Access Point > Approved > Budget
    • AWS > S3 > Multi-Region Access Point > Approved > Custom
    • AWS > S3 > Multi-Region Access Point > Approved > Usage
    • AWS > S3 > Multi-Region Access Point > CMDB
    • AWS > S3 > Multi-Region Access Point > Usage
    • AWS > S3 > Multi-Region Access Point > Usage > Limit
    • AWS > Turbot > Event Handlers > Events > Rules > Custom Event Patterns > @turbot/aws-s3multiregionaccesspoint
  • Action Types:

    • AWS > S3 > Multi-Region Access Point > Delete
    • AWS > S3 > Multi-Region Access Point > Delete from AWS
    • AWS > S3 > Multi-Region Access Point > Router
    • AWS > S3 > Multi-Region Access Point > Skip alarm for Active control
    • AWS > S3 > Multi-Region Access Point > Skip alarm for Active control [90 days]
    • AWS > S3 > Multi-Region Access Point > Skip alarm for Approved control
    • AWS > S3 > Multi-Region Access Point > Skip alarm for Approved control [90 days]

What's new?

  • AWS/S3/Admin and AWS/S3/Metadata now include permissions for Multi-Region Access Point Routes.

What's new?

  • We've updated the runtime for lambda functions in the aws-efs mod to Node 18. You wouldn't notice any difference and things will continue to work smoothly and consistently as before.
  • Rebranded to a Turbot Guardrails Mod. To maintain compatibility, none of the existing resource types, control types or policy types have changed, your existing configurations and settings will continue to work as before.

What's new?

  • We've updated the runtime for lambda functions in the aws-config mod to Node 18. You wouldn't notice any difference and things will continue to work smoothly and consistently as before.

  • Policy Types:

    • AWS > Config > Configuration Recorder > Approved > Custom
    • AWS > Config > Delivery Channel > Approved > Custom
    • AWS > Config > Rule > Approved > Custom
  • Action Types

    • AWS > Config > Configuration Recorder > Skip alarm for Active control
    • AWS > Config > Configuration Recorder > Skip alarm for Active control [90 days]
    • AWS > Config > Configuration Recorder > Skip alarm for Approved control
    • AWS > Config > Configuration Recorder > Skip alarm for Approved control [90 days]
    • AWS > Config > Delivery Channel > Skip alarm for Active control
    • AWS > Config > Delivery Channel > Skip alarm for Active control [90 days]
    • AWS > Config > Delivery Channel > Skip alarm for Approved control
    • AWS > Config > Delivery Channel > Skip alarm for Approved control [90 days]
    • AWS > Config > Rule > Skip alarm for Active control
    • AWS > Config > Rule > Skip alarm for Active control [90 days]
    • AWS > Config > Rule > Skip alarm for Approved control
    • AWS > Config > Rule > Skip alarm for Approved control [90 days]

What's new?

  • We've updated the runtime for lambda functions in the aws-cloudtrail mod to Node 18. You wouldn't notice any difference and things will continue to work smoothly and consistently as before.

What's new?

  • Resource Types:

    • AWS > Elastic Inference
  • Policy Types:

    • AWS > Elastic Inference > API Enabled
    • AWS > Elastic Inference > Approved Regions [Default]
    • AWS > Elastic Inference > Enabled
    • AWS > Elastic Inference > Permissions
    • AWS > Elastic Inference > Permissions > Levels
    • AWS > Elastic Inference > Permissions > Levels > Modifiers
    • AWS > Elastic Inference > Permissions > Lockdown
    • AWS > Elastic Inference > Permissions > Lockdown > API Boundary
    • AWS > Elastic Inference > Regions
    • AWS > Elastic Inference > Tags Template [Default]
    • AWS > Turbot > Event Handlers > Events > Rules > Event Sources > @turbot/aws-elasticinference
    • AWS > Turbot > Permissions > Compiled > API Boundary > @turbot/aws-elasticinference
    • AWS > Turbot > Permissions > Compiled > Levels > @turbot/aws-elasticinference
    • AWS > Turbot > Permissions > Compiled > Service Permissions > @turbot/aws-elasticinference

What's new?

  • Server:
    • Cloudwatch dashboard query for View AWS External Messages by AWS Account ID and Events to exclude restriction on AWS.
    • Allow sending notifications for same state change.
    • Replaced vm2 with eval for inline and trustedInline execution of policies, controls, and actions.

What's new?

  • GCP/OAuth/Admin and GCP/OAuth/Metadata now also include oauthconfig:* permissions. Click here for more details.

All Pipes workspaces have now been upgraded to Steampipe v0.20.10.

For more information on this Steampipe release, see the release notes.

All new Pipes workspaces will be running Steampipe v0.20.10 and existing workspaces will be upgraded by Monday 21st August 2023.

For more information on this Steampipe release, see the release notes.

What's new?

  • Added: Parameter for restricting untrusted code upload to Turbot Guardrails.
  • Removed: Alb Waf support.

What's new?

  • Server:
    • Added: worker, sqs queue, sns topic for factory.
    • Updated: Allow upload of mod based on the value of TURBOT_CUSTOM_MOD_UPLOAD.
    • Added: Environment variable for custom mod upload.
    • Removed: Support for ALB WAF.

Bug fixes

  • Server:
    • Stack will not fail to delete and recreate resources.

Requirements

  • TEF: 1.51.0

What's new?

  • Added: Postgres version 11.19, 11.20, 12.14, 12.15, 13.10, 13.11, 14.8, 15.2 and 15.3.

What's new?

  • UI
    • Added: Inactive Users report.

Bug fixes

  • Server:
    • The actor information for attach and detach smart folder.
    • Disable notification feature if Redis is not being used.

What's new?

  • Added: Support for Factory worker.
  • Updated: Descriptions and names to Turbot Guardrails Enterprise Foundation from Turbot Enterprise Foundation.

What's new?

  • Server:

    • Added: Added support for control/action update notifications.
    • Added: Support for interface in control types.
    • Added: Turbot Installation Type environment variable.
    • Added: SES SendEmail permission to Worker Lambda Role.
    • Added: Add notification index to improve performance of notifications.
    • Updated: Improve policy value create/update with a more efficient database design.
    • Updated: Description of TE stack from Turbot Enterprise to Turbot Guardrails Enterprise.
    • Updated: @slack/web-api to 6.8.1. @wry/equality to 0.5.6. anymatch to 3.1.3. archiver to 5.3.1. body-parser to 1.20.2. chai to 4.3.7. chokidar to 3.5.3. classnames to 2.3.2. cli-progress to 3.12.0. copy-to-clipboard to 3.3.3. dataloader to 2.2.2. diff to 5.1.0. express to 4.18.2. generate-password to 1.7.0. graphql-2-json-schema to 0.10.0. http-status-codes to 2.2.0. lodash-match-pattern to 2.3.1. micromatch to 4.0.5. mockserver-client to 5.15.0. moment-timezone to 0.5.43. nconf to 0.12.0. nodemailer to 6.9.2. nunjucks to 3.2.4. passport to 0.6.0. pg to 8.10.0. performant-array-to-tree to 1.11.0. prismjs to 1.29.0. prompt to 1.3.0. prompts to 2.4.2. recursive-readdir to 2.2.3. redux to 4.2.1. resolve to 1.22.2. semver to 7.5.1. simple-git to 3.18.0. unzipper to 0.10.14. uri-js to 4.4.1. vm2 to 3.9.19 and other dev dependencies. Removed aws-appsync and aws-xray-sdk. ioredis to 5.3.1.
  • UI

    • Updated: Updated new login logo and home page logo.
    • Updated: Turbot directory should be created in guardrails.turbot.com.
    • Updated: Turbot directory SSO login should be redirected to there respective guardrails domain.

Note

IAM change in this release:

  • Updated worker lambda to include SES SendEmail permissions.