Product logo
DocsBlogPricing

The aws-glue mod contains resource, control and policy definitions for AWS Glue service.

Resource Types

Resource types covered by this mod:

Permissions

Taking a look at permissions and associated grant levels for each permission for Glue:

PermissionGrant LevelHelp
cloudformation:DescribeStacksMetadata
cloudformation:GetTemplateSummaryMetadata
ec2:DescribeInstancesMetadata
ec2:DescribeKeyPairsMetadata
ec2:DescribeRouteTablesMetadata
ec2:DescribeSecurityGroupsMetadata
ec2:DescribeSubnetsMetadata
ec2:DescribeVpcAttributeMetadata
ec2:DescribeVpcEndpointsMetadata
ec2:DescribeVpcsMetadata
glue:BatchCreatePartitionAdminCreates one or more partitions in a batch operation.
glue:BatchDeleteConnectionAdminDeletes a list of connection definitions from the Data Catalog.
glue:BatchDeletePartitionAdmin
glue:BatchDeleteTableAdmin
glue:BatchDeleteTableVersionAdmin
glue:BatchGetBlueprintsMetadata
glue:BatchGetCrawlersMetadata
glue:BatchGetDevEndpointsMetadata
glue:BatchGetJobsMetadata
glue:BatchGetPartitionMetadata
glue:BatchGetTriggersMetadata
glue:BatchGetWorkflowsMetadata
glue:BatchStopJobRunOperator
glue:BatchUpdatePartitionAdmin
glue:CancelMLTaskRunOperator
glue:CancelStatementOperator
glue:CheckSchemaVersionValidityOperator
glue:CreateBlueprintAdmin
glue:CreateClassifierAdminAdmin can creates a classifier in the user's account.
glue:CreateConnectionAdminAdmins can create a new Crawler with specified targets or role or configuration or optional schedule. At least one crawl target must be specified in either the s3Targets or the jdbcTargets field.
glue:CreateCrawlerAdmin
glue:CreateDatabaseAdmin
glue:CreateDevEndpointAdmin
glue:CreateJobAdmin
glue:CreateMLTransformAdmin
glue:CreatePartitionAdmin
glue:CreatePartitionIndexAdmin
glue:CreateRegistryAdmin
glue:CreateSchemaAdmin
glue:CreateScriptOperator
glue:CreateSecurityConfigurationAdmin
glue:CreateSessionAdmin
glue:CreateTableAdminThis can take cross account S3 bucket as data inout store. Cross account S3 access is controlled by S3. Turbot may come up secific guardrail in future.
glue:CreateTriggerAdmin
glue:CreateUserDefinedFunctionAdminCreates a new function definition in the Data Catalog.
glue:CreateWorkflowAdmin
glue:DeleteBlueprintAdmin
glue:DeleteClassifierAdmin
glue:DeleteColumnStatisticsForPartitionAdmin
glue:DeleteColumnStatisticsForTableAdmin
glue:DeleteConnectionAdmin
glue:DeleteCrawlerAdmin
glue:DeleteDatabaseAdmin
glue:DeleteDevEndpointAdmin
glue:DeleteJobAdmin
glue:DeleteMLTransformAdmin
glue:DeletePartitionAdmin
glue:DeletePartitionIndexAdmin
glue:DeleteRegistryAdmin
glue:DeleteResourcePolicyAdminDeletes a specified policy.
glue:DeleteSchemaAdmin
glue:DeleteSchemaVersionsAdmin
glue:DeleteSecurityConfigurationAdmin
glue:DeleteSessionAdmin
glue:DeleteTableAdmin
glue:DeleteTableVersionAdmin
glue:DeleteTriggerAdmin
glue:DeleteUserDefinedFunctionAdmin
glue:DeleteWorkflowAdmin
glue:GetBlueprintMetadata
glue:GetBlueprintRunMetadata
glue:GetBlueprintRunsMetadata
glue:GetCatalogImportStatusMetadata
glue:GetClassifierMetadata
glue:GetClassifiersMetadata
glue:GetColumnStatisticsForPartitionMetadata
glue:GetColumnStatisticsForTableMetadata
glue:GetConnectionMetadataRetrieves a connection definition from the Data Catalog. http://docs.aws.amazon.com/glue/latest/webapi/API_GetConnection.html
glue:GetConnectionsMetadata
glue:GetCrawlerMetadata
glue:GetCrawlerMetricsMetadata
glue:GetCrawlersMetadata
glue:GetDataCatalogEncryptionSettingsMetadata
glue:GetDatabaseMetadata
glue:GetDatabasesMetadata
glue:GetDataflowGraphMetadata
glue:GetDevEndpointMetadata
glue:GetDevEndpointsMetadata
glue:GetJobMetadata
glue:GetJobBookmarkMetadata
glue:GetJobRunMetadata
glue:GetJobRunsMetadata
glue:GetJobsMetadata
glue:GetMLTaskRunMetadata
glue:GetMLTaskRunsMetadata
glue:GetMLTransformMetadata
glue:GetMLTransformsMetadata
glue:GetMappingOperatorOperator can create the mappings. http://docs.aws.amazon.com/glue/latest/webapi/API_GetMapping.html
glue:GetPartitionMetadata
glue:GetPartitionIndexesMetadata
glue:GetPartitionsMetadata
glue:GetPlanMetadata
glue:GetRegistryMetadata
glue:GetResourcePoliciesMetadata
glue:GetResourcePolicyMetadata
glue:GetSchemaMetadata
glue:GetSchemaByDefinitionMetadata
glue:GetSchemaVersionMetadata
glue:GetSchemaVersionsDiffMetadata
glue:GetSecurityConfigurationMetadata
glue:GetSecurityConfigurationsMetadata
glue:GetSessionMetadata
glue:GetStatementMetadata
glue:GetTableMetadata
glue:GetTableVersionMetadata
glue:GetTableVersionsMetadata
glue:GetTablesMetadataRetrieves the definitions of some or all of the tables in a given Database.
glue:GetTagsMetadata
glue:GetTriggerMetadata
glue:GetTriggersMetadata
glue:GetUserDefinedFunctionMetadata
glue:GetUserDefinedFunctionsMetadata
glue:GetWorkflowMetadata
glue:GetWorkflowRunMetadata
glue:GetWorkflowRunPropertiesMetadata
glue:GetWorkflowRunsMetadata
glue:GetWorkflowRunsMetadataMetadata
glue:ImportCatalogToGlueAdmin
glue:ListBlueprintsMetadata
glue:ListCrawlersMetadata
glue:ListDevEndpointsMetadata
glue:ListJobsMetadata
glue:ListMLTransformsMetadata
glue:ListRegistriesMetadata
glue:ListSchemaVersionsMetadata
glue:ListSchemasMetadata
glue:ListSessionsMetadata
glue:ListStatementsMetadata
glue:ListTriggersMetadata
glue:ListWorkflowsMetadata
glue:NotifyEventOperator
glue:PutDataCatalogEncryptionSettingsAdminAdmins can set the security configuration for a specified catalog. Once set the specified encryption configuration is applied to every catalog write thereafter.
glue:PutResourcePolicyAdminSets the Data Catalog resource policy for access control.
glue:PutSchemaVersionMetadataAdmin
glue:PutWorkflowRunPropertiesAdmin
glue:QuerySchemaVersionMetadataOperator
glue:RegisterSchemaVersionOperator
glue:RemoveSchemaVersionMetadataAdmin
glue:ResetJobBookmarkOperator
glue:ResumeWorkflowRunOperator
glue:RunStatementOperator
glue:SearchTablesMetadata
glue:StartBlueprintRunOperator
glue:StartCrawlerOperator
glue:StartCrawlerScheduleOperator
glue:StartExportLabelsTaskRunOperator
glue:StartImportLabelsTaskRunOperator
glue:StartJobRunOperator
glue:StartMLEvaluationTaskRunOperator
glue:StartMLLabelingSetGenerationTaskRunOperator
glue:StartTriggerOperator
glue:StartWorkflowRunOperator
glue:StopCrawlerOperator
glue:StopCrawlerScheduleOperator
glue:StopSessionOperator
glue:StopTriggerOperator
glue:StopWorkflowRunOperator
glue:TagResourceOperator
glue:UntagResourceOperator
glue:UpdateBlueprintAdmin
glue:UpdateClassifierAdmin
glue:UpdateColumnStatisticsForPartitionAdmin
glue:UpdateColumnStatisticsForTableAdmin
glue:UpdateConnectionAdmin
glue:UpdateCrawlerAdmin
glue:UpdateCrawlerScheduleOperator
glue:UpdateDatabaseAdmin
glue:UpdateDevEndpointAdmin
glue:UpdateJobAdmin
glue:UpdateMLTransformAdmin
glue:UpdatePartitionAdmin
glue:UpdateRegistryAdmin
glue:UpdateSchemaAdmin
glue:UpdateTableAdmin
glue:UpdateTriggerAdmin
glue:UpdateUserDefinedFunctionAdmin
glue:UpdateWorkflowAdmin
glue:UseMLTransformsOperator
iam:GetRoleMetadata
iam:GetRolePolicyMetadata
iam:ListRolePoliciesMetadata
iam:ListRolesMetadata
iam:PassRoleAdminRequired to create clusters.
kms:DescribeKeyMetadata
rds:DescribeDBInstancesMetadata
redshift:DescribeClusterSubnetGroupsMetadata
redshift:DescribeClustersMetadata
s3:GetBucketAclMetadata
s3:ListAllMyBucketsMetadata
s3:ListBucketMetadata
sagemaker:DescribeNotebookInstanceMetadataAWS Glue now supports connecting Amazon SageMaker notebooks to development endpoint.
sagemaker:ListNotebookInstancesMetadataAWS Glue now supports connecting Amazon SageMaker notebooks to development endpoint.

Learn More About Turbot

Version
5.10.0
Released On
Jun 02, 2023
Depends On

Resource Types

Control Types

Policy Types

Release Notes

5.10.0 (2023-06-02)

What's new?

  • Resource's metadata will now also include createdBy details in Turbot CMDB.
  • README.md file is now available for users to check details about the resource types and service permissions that the mod covers.

5.9.0 (2023-04-04)

What's new?

Bug fixes

  • We'd sometimes fail to process glue:TagResource and glue:UntagResource real-time events correctly for AWS > Glue > Crawler. This is now fixed.
  • The AWS > Glue > Table > CMDB control would sometimes go into an error state if a table was inadvertently upserted with its name not in lowercase characters. We've fixed the process of upserting tables via the real-time glue:CreateTable event, and will now upsert tables with their names in lowercase. This will allow the CMDB control to work correctly, as expected.

Resource Types

Renamed

  • AWS > Glue > Development Endpoint to AWS > Glue > Development Endpoint [Deprecated]

Control Types

Renamed

  • AWS > Glue > Development Endpoint > Active to AWS > Glue > Development Endpoint [Deprecated] > Active
  • AWS > Glue > Development Endpoint > Approved to AWS > Glue > Development Endpoint [Deprecated] > Approved
  • AWS > Glue > Development Endpoint > CMDB to AWS > Glue > Development Endpoint [Deprecated] > CMDB
  • AWS > Glue > Development Endpoint > Discovery to AWS > Glue > Development Endpoint [Deprecated] > Discovery
  • AWS > Glue > Development Endpoint > Tags to AWS > Glue > Development Endpoint [Deprecated] > Tags
  • AWS > Glue > Development Endpoint > Usage to AWS > Glue > Development Endpoint [Deprecated] > Usage

Policy Types

Renamed

  • AWS > Glue > Development Endpoint > Active to AWS > Glue > Development Endpoint [Deprecated] > Active
  • AWS > Glue > Development Endpoint > Active > Age to AWS > Glue > Development Endpoint [Deprecated] > Active > Age
  • AWS > Glue > Development Endpoint > Active > Budget to AWS > Glue > Development Endpoint [Deprecated] > Active > Budget
  • AWS > Glue > Development Endpoint > Active > Last Modified to AWS > Glue > Development Endpoint [Deprecated] > Active > Last Modified
  • AWS > Glue > Development Endpoint > Active > Recently Used to AWS > Glue > Development Endpoint [Deprecated] > Active > Recently Used
  • AWS > Glue > Development Endpoint > Approved to AWS > Glue > Development Endpoint [Deprecated] > Approved
  • AWS > Glue > Development Endpoint > Approved > Budget to AWS > Glue > Development Endpoint [Deprecated] > Approved > Budget
  • AWS > Glue > Development Endpoint > Approved > Custom to AWS > Glue > Development Endpoint [Deprecated] > Approved > Custom
  • AWS > Glue > Development Endpoint > Approved > Regions to AWS > Glue > Development Endpoint [Deprecated] > Approved > Regions
  • AWS > Glue > Development Endpoint > Approved > Usage to AWS > Glue > Development Endpoint [Deprecated] > Approved > Usage
  • AWS > Glue > Development Endpoint > CMDB to AWS > Glue > Development Endpoint [Deprecated] > CMDB
  • AWS > Glue > Development Endpoint > Regions to AWS > Glue > Development Endpoint [Deprecated] > Regions
  • AWS > Glue > Development Endpoint > Tags to AWS > Glue > Development Endpoint [Deprecated] > Tags
  • AWS > Glue > Development Endpoint > Tags > Template to AWS > Glue > Development Endpoint [Deprecated] > Tags > Template
  • AWS > Glue > Development Endpoint > Usage to AWS > Glue > Development Endpoint [Deprecated] > Usage
  • AWS > Glue > Development Endpoint > Usage > Limit to AWS > Glue > Development Endpoint [Deprecated] > Usage > Limit

Action Types

Renamed

  • AWS > Glue > Development Endpoint > Delete to AWS > Glue > Development Endpoint [Deprecated] > Delete
  • AWS > Glue > Development Endpoint > Router to AWS > Glue > Development Endpoint [Deprecated] > Router
  • AWS > Glue > Development Endpoint > Update Tags to AWS > Glue > Development Endpoint [Deprecated] > Update Tags

5.8.3 (2022-08-18)

Bug fixes

  • Turbot would sometimes fail to cleanup Tables from CMDB via real-time glue:BatchDeleteTable event. This is now fixed.
  • The AWS > Glue > Table > CMDB control would sometimes go into an error state due to timeouts while fetching large tables' details. This is fixed and the control will now fetch details for such tables more reliably and consistently than before.

5.8.2 (2022-05-12)

Bug fixes

  • The AWS > Glue > Workflow > Discovery control would go into an error state for us-gov-east-1 because workflows are not currently supported in this region. We've updated the regions policy for the resource type to not include us-gov-east-1 in the list of supported regions, which will now allow the discovery control to move to a skipped state correctly.

5.8.1 (2022-03-03)

Bug fixes

  • We've improved the process of deleting resources from Turbot if their CMDB policy was set to Enforce: Disabled. The CMDB controls will now not look to resolve credentials via Turbot's IAM role while deleting resources from Turbot. This will allow the CMDB controls to process resource deletions from Turbot more reliably than before.

5.8.0 (2022-02-02)

What's new?

  • Users can now create their own custom checks against resource attributes in the Approved control using the Approved > Custom policy. These custom checks would be a part of the evaluation of the Approved control. Custom messages can also be added which are then displayed in the control details table. See Custom Checks for more information.

Resource Types

Added

  • AWS > Glue > Security Configuration

Control Types

Added

  • AWS > Glue > Security Configuration > Active
  • AWS > Glue > Security Configuration > Approved
  • AWS > Glue > Security Configuration > CMDB
  • AWS > Glue > Security Configuration > Discovery
  • AWS > Glue > Security Configuration > Usage

Policy Types

Added

  • AWS > Glue > Crawler > Approved > Custom
  • AWS > Glue > Database > Approved > Custom
  • AWS > Glue > Development Endpoint > Approved > Custom
  • AWS > Glue > Job > Approved > Custom
  • AWS > Glue > ML Transform > Approved > Custom
  • AWS > Glue > Security Configuration > Active
  • AWS > Glue > Security Configuration > Active > Age
  • AWS > Glue > Security Configuration > Active > Last Modified
  • AWS > Glue > Security Configuration > Approved
  • AWS > Glue > Security Configuration > Approved > Custom
  • AWS > Glue > Security Configuration > Approved > Regions
  • AWS > Glue > Security Configuration > Approved > Usage
  • AWS > Glue > Security Configuration > CMDB
  • AWS > Glue > Security Configuration > Regions
  • AWS > Glue > Security Configuration > Usage
  • AWS > Glue > Security Configuration > Usage > Limit
  • AWS > Glue > Table > Approved > Custom
  • AWS > Glue > Trigger > Approved > Custom
  • AWS > Glue > Workflow > Approved > Custom

Action Types

Added

  • AWS > Glue > Security Configuration > Delete
  • AWS > Glue > Security Configuration > Router

5.7.0 (2022-01-25)

What's new?

  • AWS/Glue/Admin, AWS/Glue/Metadata and AWS/Glue/Operator now include permissions for Blueprint, Partition Index, Registry, Schema and Session.

Bug fixes

  • We've made a few improvements in the GraphQL query for AWS > Glue > Data Catalog > Encryption At Rest and AWS > Glue > Data Catalog > Connection Password Encryption controls. You won't notice any difference, but things should run lighter and quicker than before.

5.6.0 (2021-09-08)

What's new?

  • We’ve improved our event handling configuration and now filter which AWS events Turbot listens for based on resources’ CMDB policies. If a resource’s CMDB policy is not set to Enforce: Enabled, the EventBridge rules will be configured to not send any events for that resource. This will greatly reduce the number of unnecessary events that Turbot listens for and handles today.

Policy Types

Added

  • AWS > Turbot > Event Handlers > Events > Rules > Custom Event Patterns > @turbot/aws-glue

Removed

  • AWS > Turbot > Event Handlers > Events > Rules > Event Sources > @turbot/aws-glue

5.5.0 (2021-08-27)

Resource Types

Added

  • AWS > Glue > Data Catalog

Control Types

Added

  • AWS > Glue > Data Catalog > CMDB
  • AWS > Glue > Data Catalog > Connection Password Encryption
  • AWS > Glue > Data Catalog > Discovery
  • AWS > Glue > Data Catalog > Encryption at Rest

Policy Types

Added

  • AWS > Glue > Data Catalog > CMDB
  • AWS > Glue > Data Catalog > Connection Password Encryption
  • AWS > Glue > Data Catalog > Connection Password Encryption > Customer Managed Key
  • AWS > Glue > Data Catalog > Encryption at Rest
  • AWS > Glue > Data Catalog > Encryption at Rest > Customer Managed Key
  • AWS > Glue > Data Catalog > Regions

Action Types

Added

  • AWS > Glue > Data Catalog > Router
  • AWS > Glue > Data Catalog > Update Connection Password Encryption
  • AWS > Glue > Data Catalog > Update Encryption at Rest

5.4.0 (2021-07-09)

What's new?

  • We've improved the details tables in the Tags controls to be more helpful, especially when a resource's tags are not set correctly as expected. Previously, to understand why the Tags controls were in an Alarm state, you would need to find and read the control's process logs. This felt like too much work for a simple task, so now these details are visible directly from the control page.

5.3.0 (2021-07-01)

Resource Types

Added

  • AWS > Glue > Development Endpoint
  • AWS > Glue > ML Transform
  • AWS > Glue > Table
  • AWS > Glue > Workflow

Control Types

Added

  • AWS > Glue > Development Endpoint > Active
  • AWS > Glue > Development Endpoint > Approved
  • AWS > Glue > Development Endpoint > CMDB
  • AWS > Glue > Development Endpoint > Discovery
  • AWS > Glue > Development Endpoint > Tags
  • AWS > Glue > Development Endpoint > Usage
  • AWS > Glue > ML Transform > Active
  • AWS > Glue > ML Transform > Approved
  • AWS > Glue > ML Transform > CMDB
  • AWS > Glue > ML Transform > Discovery
  • AWS > Glue > ML Transform > Tags
  • AWS > Glue > ML Transform > Usage
  • AWS > Glue > Table > Active
  • AWS > Glue > Table > Approved
  • AWS > Glue > Table > CMDB
  • AWS > Glue > Table > Discovery
  • AWS > Glue > Table > Usage
  • AWS > Glue > Workflow > Active
  • AWS > Glue > Workflow > Approved
  • AWS > Glue > Workflow > CMDB
  • AWS > Glue > Workflow > Discovery
  • AWS > Glue > Workflow > Tags
  • AWS > Glue > Workflow > Usage

Policy Types

Added

  • AWS > Glue > Development Endpoint > Active
  • AWS > Glue > Development Endpoint > Active > Age
  • AWS > Glue > Development Endpoint > Active > Budget
  • AWS > Glue > Development Endpoint > Active > Last Modified
  • AWS > Glue > Development Endpoint > Active > Recently Used
  • AWS > Glue > Development Endpoint > Approved
  • AWS > Glue > Development Endpoint > Approved > Budget
  • AWS > Glue > Development Endpoint > Approved > Regions
  • AWS > Glue > Development Endpoint > Approved > Usage
  • AWS > Glue > Development Endpoint > CMDB
  • AWS > Glue > Development Endpoint > Regions
  • AWS > Glue > Development Endpoint > Tags
  • AWS > Glue > Development Endpoint > Tags > Template
  • AWS > Glue > Development Endpoint > Usage
  • AWS > Glue > Development Endpoint > Usage > Limit
  • AWS > Glue > ML Transform > Active
  • AWS > Glue > ML Transform > Active > Age
  • AWS > Glue > ML Transform > Active > Budget
  • AWS > Glue > ML Transform > Active > Last Modified
  • AWS > Glue > ML Transform > Approved
  • AWS > Glue > ML Transform > Approved > Budget
  • AWS > Glue > ML Transform > Approved > Regions
  • AWS > Glue > ML Transform > Approved > Usage
  • AWS > Glue > ML Transform > CMDB
  • AWS > Glue > ML Transform > Regions
  • AWS > Glue > ML Transform > Tags
  • AWS > Glue > ML Transform > Tags > Template
  • AWS > Glue > ML Transform > Usage
  • AWS > Glue > ML Transform > Usage > Limit
  • AWS > Glue > Table > Active
  • AWS > Glue > Table > Active > Age
  • AWS > Glue > Table > Active > Budget
  • AWS > Glue > Table > Active > Last Modified
  • AWS > Glue > Table > Approved
  • AWS > Glue > Table > Approved > Budget
  • AWS > Glue > Table > Approved > Regions
  • AWS > Glue > Table > Approved > Usage
  • AWS > Glue > Table > CMDB
  • AWS > Glue > Table > Regions
  • AWS > Glue > Table > Usage
  • AWS > Glue > Table > Usage > Limit
  • AWS > Glue > Workflow > Active
  • AWS > Glue > Workflow > Active > Age
  • AWS > Glue > Workflow > Active > Budget
  • AWS > Glue > Workflow > Active > Last Modified
  • AWS > Glue > Workflow > Approved
  • AWS > Glue > Workflow > Approved > Budget
  • AWS > Glue > Workflow > Approved > Regions
  • AWS > Glue > Workflow > Approved > Usage
  • AWS > Glue > Workflow > CMDB
  • AWS > Glue > Workflow > Regions
  • AWS > Glue > Workflow > Tags
  • AWS > Glue > Workflow > Tags > Template
  • AWS > Glue > Workflow > Usage
  • AWS > Glue > Workflow > Usage > Limit

Action Types

Added

  • AWS > Glue > Development Endpoint > Delete
  • AWS > Glue > Development Endpoint > Router
  • AWS > Glue > Development Endpoint > Update Tags
  • AWS > Glue > ML Transform > Delete
  • AWS > Glue > ML Transform > Router
  • AWS > Glue > ML Transform > Update Tags
  • AWS > Glue > Table > Delete
  • AWS > Glue > Table > Router
  • AWS > Glue > Workflow > Delete
  • AWS > Glue > Workflow > Router
  • AWS > Glue > Workflow > Update Tags

5.2.0 (2021-06-23)

Resource Types

Added

  • AWS > Glue > Crawler
  • AWS > Glue > Job
  • AWS > Glue > Trigger

Control Types

Added

  • AWS > Glue > Crawler > Active
  • AWS > Glue > Crawler > Approved
  • AWS > Glue > Crawler > CMDB
  • AWS > Glue > Crawler > Discovery
  • AWS > Glue > Crawler > Tags
  • AWS > Glue > Crawler > Usage
  • AWS > Glue > Job > Active
  • AWS > Glue > Job > Approved
  • AWS > Glue > Job > CMDB
  • AWS > Glue > Job > Discovery
  • AWS > Glue > Job > Tags
  • AWS > Glue > Job > Usage
  • AWS > Glue > Trigger > Active
  • AWS > Glue > Trigger > Approved
  • AWS > Glue > Trigger > CMDB
  • AWS > Glue > Trigger > Discovery
  • AWS > Glue > Trigger > Tags

Policy Types

Added

  • AWS > Glue > Crawler > Active
  • AWS > Glue > Crawler > Active > Age
  • AWS > Glue > Crawler > Active > Budget
  • AWS > Glue > Crawler > Active > Last Modified
  • AWS > Glue > Crawler > Approved
  • AWS > Glue > Crawler > Approved > Budget
  • AWS > Glue > Crawler > Approved > Regions
  • AWS > Glue > Crawler > Approved > Usage
  • AWS > Glue > Crawler > CMDB
  • AWS > Glue > Crawler > Regions
  • AWS > Glue > Crawler > Tags
  • AWS > Glue > Crawler > Tags > Template
  • AWS > Glue > Crawler > Usage
  • AWS > Glue > Crawler > Usage > Limit
  • AWS > Glue > Job > Active
  • AWS > Glue > Job > Active > Age
  • AWS > Glue > Job > Active > Budget
  • AWS > Glue > Job > Active > Last Modified
  • AWS > Glue > Job > Approved
  • AWS > Glue > Job > Approved > Budget
  • AWS > Glue > Job > Approved > Regions
  • AWS > Glue > Job > Approved > Usage
  • AWS > Glue > Job > CMDB
  • AWS > Glue > Job > Regions
  • AWS > Glue > Job > Tags
  • AWS > Glue > Job > Tags > Template
  • AWS > Glue > Job > Usage
  • AWS > Glue > Job > Usage > Limit
  • AWS > Glue > Trigger > Active
  • AWS > Glue > Trigger > Active > Age
  • AWS > Glue > Trigger > Active > Last Modified
  • AWS > Glue > Trigger > Approved
  • AWS > Glue > Trigger > Approved > Regions
  • AWS > Glue > Trigger > Approved > Usage
  • AWS > Glue > Trigger > CMDB
  • AWS > Glue > Trigger > Regions
  • AWS > Glue > Trigger > Tags
  • AWS > Glue > Trigger > Tags > Template

Action Types

Added

  • AWS > Glue > Crawler > Delete
  • AWS > Glue > Crawler > Router
  • AWS > Glue > Crawler > Update Tags
  • AWS > Glue > Job > Delete
  • AWS > Glue > Job > Router
  • AWS > Glue > Job > Update Tags
  • AWS > Glue > Trigger > Delete
  • AWS > Glue > Trigger > Router
  • AWS > Glue > Trigger > Update Tags

5.1.2 (2020-12-28)

Bug fixes

  • Controls run faster now when in the tbd and skipped states thanks to the new Turbot Precheck feature (not to be confused with TSA PreCheck). With Turbot Precheck, controls avoid running GraphQL input queries when in tbd and skipped, resulting in faster and lighter control runs.

5.1.1 (2020-09-21)

Bug fixes

  • We've made some improvements to our real-time event handling that reduces the risk of creating resources in CMDB with malformed AKAs. There's no noticeable difference, but things should run more reliably now.

5.1.0 (2020-09-02)

What's new?

  • Discovery controls now have their own control category, CMDB > Discovery, to allow for easier filtering separately from other CMDB controls.
  • We've renamed the service's default regions policy from Regions [Default] to Regions to be consistent with our other regions policies.

5.0.4 (2020-08-12)

Bug fixes

  • In various Active controls, we were outputting log messages that did not properly show how many days were left until we'd delete the inactive resources (we were still deleting them after the correct number of days). These log messages have been fixed and now contain the correct number of days.

5.0.3 (2020-07-06)

Bug fixes

  • Updated various resource configurations to provide better compatibility with AWS China regions.

5.0.2 (2020-06-11)

What's new?

  • All resource Router actions now run even if Turbot is outside of its allowed change window. This allows Turbot to maintain an up-to-date CMDB by handling resource updates at all times. Note that this only affects Turbot's ability to process resources changes that were made in the cloud provider - enforcement actions are still disabled outside of the change window.

5.0.1 (2020-05-08)

Bug fixes

  • Several permissions did not have grant levels assigned, so when this service was enabled, the IAM permission model would be unable to calculate the full permission set across all services. The missing grant levels have been added and permission calculations are now running smoothly again.

5.0.0 (2020-04-25)

Resource Types

Added

  • AWS > Glue
  • AWS > Glue > Database

Control Types

Added

  • AWS > Glue > Database > Active
  • AWS > Glue > Database > Approved
  • AWS > Glue > Database > CMDB
  • AWS > Glue > Database > Discovery
  • AWS > Glue > Database > Usage

Policy Types

Added

  • AWS > Glue > API Enabled
  • AWS > Glue > Approved Regions [Default]
  • AWS > Glue > Database > Active
  • AWS > Glue > Database > Active > Age
  • AWS > Glue > Database > Active > Budget
  • AWS > Glue > Database > Active > Last Modified
  • AWS > Glue > Database > Approved
  • AWS > Glue > Database > Approved > Budget
  • AWS > Glue > Database > Approved > Regions
  • AWS > Glue > Database > Approved > Usage
  • AWS > Glue > Database > CMDB
  • AWS > Glue > Database > Regions
  • AWS > Glue > Database > Usage
  • AWS > Glue > Database > Usage > Limit
  • AWS > Glue > Enabled
  • AWS > Glue > Permissions
  • AWS > Glue > Permissions > Levels
  • AWS > Glue > Permissions > Levels > Modifiers
  • AWS > Glue > Permissions > Lockdown
  • AWS > Glue > Permissions > Lockdown > API Boundary
  • AWS > Glue > Regions [Default]
  • AWS > Glue > Tags Template [Default]
  • AWS > Turbot > Event Handlers > Events > Rules > Event Sources > @turbot/aws-glue
  • AWS > Turbot > Permissions > Compiled > API Boundary > @turbot/aws-glue
  • AWS > Turbot > Permissions > Compiled > Levels > @turbot/aws-glue
  • AWS > Turbot > Permissions > Compiled > Service Permissions > @turbot/aws-glue

Action Types

Added

  • AWS > Glue > Database > Delete
  • AWS > Glue > Database > Router