@turbot/aws-organizations
The aws-organizations mod contains resource, control and policy definitions for AWS Organizations service.
- Setting Policies Tutorial
- Mods Overview
- Policies Overview
- Resources Overview
- Common Policies and Controls
Recommended Version
Version
5.2.0
Released On
Sep 26, 2023
Depends On
Resource Types
- AWS > Organizations
- AWS > Organizations > Organization
- AWS > Organizations > Organization Root
- AWS > Organizations > Organizational Account
- AWS > Organizations > Organizational Unit
Control Types
- AWS > Organizations > Organization > CMDB
- AWS > Organizations > Organization > Discovery
- AWS > Organizations > Organization Root > Active
- AWS > Organizations > Organization Root > Approved
- AWS > Organizations > Organization Root > CMDB
- AWS > Organizations > Organization Root > Discovery
- AWS > Organizations > Organizational Account > Active
- AWS > Organizations > Organizational Account > Approved
- AWS > Organizations > Organizational Account > CMDB
- AWS > Organizations > Organizational Account > Discovery
- AWS > Organizations > Organizational Unit > CMDB
- AWS > Organizations > Organizational Unit > Discovery
Policy Types
- AWS > Organizations > API Enabled
- AWS > Organizations > Enabled
- AWS > Organizations > Organization > CMDB
- AWS > Organizations > Organization Root > Active
- AWS > Organizations > Organization Root > Active > Age
- AWS > Organizations > Organization Root > Active > Last Modified
- AWS > Organizations > Organization Root > Approved
- AWS > Organizations > Organization Root > Approved > Custom
- AWS > Organizations > Organization Root > Approved > Usage
- AWS > Organizations > Organization Root > CMDB
- AWS > Organizations > Organizational Account > Active
- AWS > Organizations > Organizational Account > Active > Age
- AWS > Organizations > Organizational Account > Active > Last Modified
- AWS > Organizations > Organizational Account > Approved
- AWS > Organizations > Organizational Account > Approved > Custom
- AWS > Organizations > Organizational Account > Approved > Usage
- AWS > Organizations > Organizational Account > CMDB
- AWS > Organizations > Organizational Unit > CMDB
- AWS > Organizations > Permissions
- AWS > Organizations > Permissions > Levels
- AWS > Organizations > Permissions > Levels > Modifiers
- AWS > Organizations > Permissions > Lockdown
- AWS > Organizations > Permissions > Lockdown > API Boundary
- AWS > Turbot > Event Handlers > Events > Rules > Event Sources > @turbot/aws-organizations
- AWS > Turbot > Permissions > Compiled > API Boundary > @turbot/aws-organizations
- AWS > Turbot > Permissions > Compiled > Levels > @turbot/aws-organizations
- AWS > Turbot > Permissions > Compiled > Service Permissions > @turbot/aws-organizations
Release Notes
5.2.0 (2023-09-26)
What's new?
- Rebranded to a Turbot Guardrails Mod. To maintain compatibility, none of the existing resource types, control types or policy types have changed, your existing configurations and settings will continue to work as before.
Bug fixes
- We've updated the runtime of the lambda functions to Node 18. You wouldn't notice any difference and things will continue to work smoothly and consistently as before.
Control Types
Added
- AWS > Organizations > Organization Root > Active
- AWS > Organizations > Organization Root > Approved
- AWS > Organizations > Organizational Account > Active
- AWS > Organizations > Organizational Account > Approved
Policy Types
Added
- AWS > Organizations > Organization Root > Active
- AWS > Organizations > Organization Root > Active > Age
- AWS > Organizations > Organization Root > Active > Last Modified
- AWS > Organizations > Organization Root > Approved
- AWS > Organizations > Organization Root > Approved > Custom
- AWS > Organizations > Organization Root > Approved > Usage
- AWS > Organizations > Organizational Account > Active
- AWS > Organizations > Organizational Account > Active > Age
- AWS > Organizations > Organizational Account > Active > Last Modified
- AWS > Organizations > Organizational Account > Approved
- AWS > Organizations > Organizational Account > Approved > Custom
- AWS > Organizations > Organizational Account > Approved > Usage
Action Types
Added
- AWS > Organizations > Organization Root > Skip alarm for Active control
- AWS > Organizations > Organization Root > Skip alarm for Active control [90 days]
- AWS > Organizations > Organization Root > Skip alarm for Approved control
- AWS > Organizations > Organization Root > Skip alarm for Approved control [90 days]
- AWS > Organizations > Organizational Account > Skip alarm for Active control
- AWS > Organizations > Organizational Account > Skip alarm for Active control [90 days]
- AWS > Organizations > Organizational Account > Skip alarm for Approved control
- AWS > Organizations > Organizational Account > Skip alarm for Approved control [90 days]
5.1.0 (2023-06-14)
What's new?
- Resource's metadata will now also include
createdBy
details in Guardrails CMDB. - README.md file is now available for users to check details about the resource types and service permissions that the mod covers.
Bug fixes
- The
AWS > Organizations > Organizational Account > CMDB
control did not cleanup Organizational Accounts from Guardrails CMDB if the accounts were deleted in AWS. This is now fixed.
5.0.1 (2022-02-17)
Bug fixes
- The
AWS > Organizations > Organization > Discovery
control would incorrectly go into an error state for management accounts belonging to AWS US Gov Cloud. This is now fixed.
5.0.0 (2021-10-28)
Resource Types
Added
- AWS > Organizations
- AWS > Organizations > Organization
- AWS > Organizations > Organization Root
- AWS > Organizations > Organizational Account
- AWS > Organizations > Organizational Unit
Control Types
Added
- AWS > Organizations > Organization > CMDB
- AWS > Organizations > Organization > Discovery
- AWS > Organizations > Organization Root > CMDB
- AWS > Organizations > Organization Root > Discovery
- AWS > Organizations > Organizational Account > CMDB
- AWS > Organizations > Organizational Account > Discovery
- AWS > Organizations > Organizational Unit > CMDB
- AWS > Organizations > Organizational Unit > Discovery
Policy Types
Added
- AWS > Organizations > API Enabled
- AWS > Organizations > Enabled
- AWS > Organizations > Organization > CMDB
- AWS > Organizations > Organization Root > CMDB
- AWS > Organizations > Organizational Account > CMDB
- AWS > Organizations > Organizational Unit > CMDB
- AWS > Organizations > Permissions
- AWS > Organizations > Permissions > Levels
- AWS > Organizations > Permissions > Levels > Modifiers
- AWS > Organizations > Permissions > Lockdown
- AWS > Organizations > Permissions > Lockdown > API Boundary
- AWS > Turbot > Event Handlers > Events > Rules > Event Sources > @turbot/aws-organizations
- AWS > Turbot > Permissions > Compiled > API Boundary > @turbot/aws-organizations
- AWS > Turbot > Permissions > Compiled > Levels > @turbot/aws-organizations
- AWS > Turbot > Permissions > Compiled > Service Permissions > @turbot/aws-organizations
Action Types
Added
- AWS > Organizations > Organization Root > Router
- AWS > Organizations > Organizational Account > Router
- AWS > Organizations > Organizational Unit > Router