Mutation
Mutation
Mutation
null
activateGrant |
ActiveGrant | Activate a grant at the given resource. Optionally provide note, validFromTimestamp and validToTimestamp |
addRolloutAccounts |
Rollout | Add one or more accounts to a rollout with the given accounts. |
attachBenchmarkObjectives |
PreventionBenchmark | Attach objectives to a custom benchmark. |
attachBenchmarks |
PreventionBenchmark | Attach child benchmarks to a custom benchmark. |
attachGuardrails |
Guardrail | Attach the accounts to the guardrail. |
attachPolicyPacks |
PolicyPack | Attach the policy pack ids for the given resource. |
attachSmartFolders |
SmartFolder | Attach the smart folder ids for the given resource. This has been deprecated please use attachPolicyPacks. |
createBenchmark |
PreventionBenchmark | Create a custom benchmark. |
createCloudTrailLakeIntegration |
CreateCloudTrailLakeIntegrationResult! | Create a CloudTrail Lake SIEM integration, creating the resource and setting configuration policies in a single transaction. |
createFavorite |
Favorite | Create a favorite for the given resource. Optionally provide resources, level and notificationTypes |
createGoogleDirectory |
Resource! | Create a Google directory for searching in Turbot. |
createGrant |
Grant | Create a grant for the given type, level, resource and identity. Optionally provide note, validFromTimestamp and validToTimestamp |
createGroupProfile |
Resource! | Create a group profile. |
createGuardrail |
Guardrail | Create a guardrail for the given parent and with the given data. This has been deprecated please use createPolicyPack. |
createLdapDirectory |
Resource! | Create an LDAP directory for searching in Turbot. |
createLocalDirectory |
Resource! | Create a local directory for authentication in Turbot. |
createLocalDirectoryUserPassword |
LocalDirectoryUserPassword! | Create a password for the local directory user. |
createPolicyPack |
PolicyPack | Create a policy pack for the given parent and with the given data. |
createPolicySetting |
PolicySetting | Create a policy setting for the given type, resource and precedence. Provide the setting in either standard form (either value (as JSON) or valueSource (as YAML string), or as a calculated setting with inputTemplate (as YAML Nunjucks template) and optional input (as GraphQL query string). Optionally provide note, validFromTimestamp and validToTimestamp |
createProfile |
Resource! | Create a profile. |
createProfileAccessKey |
ProfileAccessKey! | Create an access key for the authenticated profile. |
createProfileAwsAccessKey |
ProfileAwsAccessKey! | Create profile AWS access key. |
createProfileSshKey |
ProfileSshKey! | save SSH public key`. |
createResource |
Resource | Create a resource for the given parent and type and with the given data. Optionally provide custom metadata, tags and akas |
createRollout |
Rollout | Create a rollout with the given data. |
createSamlDirectory |
Resource! | Create a SAML directory for authentication in Turbot. |
createSmartFolder |
SmartFolder | Create a smart folder for the given parent and with the given data. This has been deprecated please use createPolicyPack. |
createSplunkIntegration |
CreateSplunkIntegrationResult! | Create a Splunk SIEM integration, creating the resource and setting configuration policies in a single transaction. |
createTurbotDirectory |
Resource! | Create a Turbot directory for authentication in Turbot. |
createWatch |
Watch | Create a watch for the given resource. Optionally provide action and favorite |
createWatchRule |
WatchRule | Create a watch rule for the given watch. Optionally provide resource, level and notificationTypes |
deactivateGrant |
ActiveGrant | Deactivate a grant activation |
deleteBenchmark |
PreventionBenchmark | Delete a custom benchmark and its custom children recursively. |
deleteFavorite |
Favorite | Delete a favorite by id. |
deleteGoogleDirectory |
Resource! | Delete a Google directory. |
deleteGrant |
Grant | Delete the grant with the given id |
deleteGroupProfile |
Resource! | Delete a group profile. |
deleteGuardrail |
Guardrail | Delete a guardrail with the given id. |
deleteLdapDirectory |
Resource! | Delete an LDAP directory. |
deleteLocalDirectory |
Resource! | Delete a local directory. |
deletePolicyPack |
Resource | Delete the policy pack with the given id |
deletePolicySetting |
PolicySetting | Delete the policy setting with the given id |
deleteProfile |
Resource! | Delete a profile. |
deleteProfileAccessKey |
ProfileAccessKey! | Delete an access key by id. |
deleteProfileAwsAccessKey |
ProfileAwsAccessKey! | Delete profile AWS access key. |
deleteProfileSshKey |
ProfileSshKey! | Delete an SSH key by id. |
deleteResource |
Resource | Delete the resource with the given id |
deleteRollout |
Rollout | Delete a rollout along with its related events. This mutation permanently removes the rollout. |
deleteSamlDirectory |
Resource! | Delete a SAML directory. |
deleteSmartFolder |
Resource | Delete the smart folder with the given id. This has been deprecated please use deletePolicyPack. |
deleteTurbotDirectory |
Resource! | Delete a Turbot directory. |
deleteWatch |
Watch | Delete a watch by id. |
deleteWatchRule |
WatchRule | Delete a watch rule by id. |
detachBenchmarkObjectives |
PreventionBenchmark | Detach objectives from a custom benchmark. |
detachBenchmarks |
PreventionBenchmark | Detach child benchmarks from a custom benchmark. |
detachGuardrails |
Guardrail | Detach the guardrails from the resource. |
detachPolicyPacks |
PolicyPack | Detach the policy pack ids from the given resource. |
detachSmartFolders |
SmartFolder | Detach the smart folder ids from the given resource. This has been deprecated please use detachPolicyPacks. |
importAnthropicOrganization |
ImportAnthropicOrganizationResult! | Import an Anthropic organization atomically. |
| Creates the organization resource and sets credential policies in a single transaction. | ||
| Derives the organization id and name from /v1/organizations/me. | ||
importAwsAccount |
ImportAwsAccountResult! | Import an AWS account atomically, creating the resource and setting credential policies in a single transaction. |
| This replaces the multi-step createResource + createPolicySetting pattern. | ||
importAwsOrganization |
ImportAwsOrganizationResult! | Import an AWS Organization, creating the organization resource and configuring discovery policies. |
| Supports DISCOVER_ONLY (account resources only) or FULL_IMPORT (complete resource hierarchy) modes. | ||
importAzureActiveDirectory |
ImportAzureActiveDirectoryResult! | Import an Azure Active Directory (Entra ID) atomically, creating the directory resource and setting credential policies in a single transaction. |
| This replaces the multi-step createAzureActiveDirectorySubscription + setAzureActiveDirectoryPolicies pattern. | ||
importAzureSubscription |
ImportAzureSubscriptionResult! | Import an Azure subscription atomically, creating the resource and setting credential policies in a single transaction. |
| This replaces the multi-step createResource + createPolicySetting pattern. | ||
importAzureTenant |
ImportAzureTenantResult! | Import an Azure Tenant, creating the tenant resource and configuring discovery policies. |
| Supports discovery level configuration for subscriptions and management groups. | ||
importGcpOrganization |
ImportGcpOrganizationResult! | Import a GCP Organization, creating the organization resource and configuring discovery policies. |
| Supports discovery level configuration for projects and folders. | ||
importGcpProject |
ImportGcpProjectResult! | Import a GCP project atomically, creating the resource and setting credential policies in a single transaction. |
| This replaces the multi-step createResource + createPolicySetting pattern. | ||
importGitHubOrganization |
ImportGitHubOrganizationResult! | Import a GitHub organization atomically. |
| Creates the organization resource and sets credential policies in a single transaction. | ||
importOciTenancy |
ImportOciTenancyResult! | Import an OCI tenancy atomically. |
| Creates the tenancy resource and sets all credential policies (tenancyOcid, userOcid, fingerprint, privateKey, region). | ||
importOpenaiOrganization |
ImportOpenaiOrganizationResult! | Import an OpenAI organization atomically. |
| Creates the organization resource and sets credential policies in a single transaction. | ||
importServiceNowInstance |
ImportServiceNowInstanceResult! | Import a ServiceNow instance atomically. |
| Creates the instance resource and sets credential policies in a single transaction. | ||
installMod |
Mod | Install the mod for the given org and version, at the given parent |
muteControl |
Control | Mute a control on a given resource and controlType or controlId |
pauseRolloutAccounts |
Rollout | Pause an account in a rollout with the given account. |
processHubData |
HubDataProcessResult | Process an uploaded hub data archive (parse and write to all hives) |
putPolicyPackAttachments |
PolicyPack | Put the policy pack ids for the given resource. |
putResource |
Resource | Put the resource with the given id. Optionally provide new data, custom metadata, tags or akas |
putSmartFolderAttachments |
SmartFolder | Put the smart folder ids for the given resource. This has been deprecated please use putPolicyPackAttachments. |
removeRolloutAccounts |
Rollout | Remove one or more accounts from a rollout with the given accounts. |
resumeRolloutAccounts |
Rollout | Resume an account in a rollout with the given account. |
rotateWorkspaceKey |
Scalar | Rotate workspace encryption key. Please contact Turbot Support to perform this action |
runAction |
Process | Run the action with the given actionTypeId and resourceTypeId |
runControl |
Process | Run the control with the given id |
runPolicy |
Process | Run the policy with the given id |
setBenchmarkChildOrder |
PreventionBenchmark | Set the display order of child benchmarks. |
terminateProcess |
Process | Terminate the process with the given id |
testAiConfiguration |
TestAiConfigurationResult! | Test an AI provider configuration by making a minimal live call through the same SDK path |
| Guardrails uses at runtime. Validates the provider, model, API key and (when set) that a custom | ||
| endpoint is reachable from the Guardrails backend. Leave apiKey blank to reuse the saved secret. | ||
testAnthropicConnectivity |
TestAnthropicConnectivityResult! | Test Anthropic connectivity by verifying the admin API key can authenticate. |
| Probes GET /v1/organizations/me and returns the organization the key is bound to. | ||
testAwsAccountConnectivity |
TestAwsAccountConnectivityResult! | Test AWS account connectivity by verifying credentials work correctly. |
| Uses STS GetCallerIdentity to validate the credentials. Supports both direct role ARN | ||
| and account ID + role name (for organization member account testing). | ||
testAwsCloudTrailLakeIntegration |
TestAwsCloudTrailLakeIntegrationResult! | Test an AWS CloudTrail Lake integration by resolving credentials and running a simple test query against the Event Data Store. |
testAwsOrganizationDiscovery |
TestAwsOrganizationDiscoveryResult! | Test AWS Organization discovery by listing accounts and OUs using management account credentials. |
| Verifies the credentials can access AWS Organizations API. | ||
testAzureActiveDirectoryConnectivity |
TestAzureActiveDirectoryConnectivityResult! | Test Azure Active Directory (Entra ID) connectivity by verifying app registration credentials can access the directory via Microsoft Graph API. |
testAzureOrganizationDiscovery |
TestAzureOrganizationDiscoveryResult! | Test Azure organization discovery by listing subscriptions and management groups in a tenant. |
| Returns hierarchy information for building tree views. | ||
testAzureSubscriptionConnectivity |
TestAzureSubscriptionConnectivityResult! | Test Azure subscription connectivity by verifying app registration credentials can access the subscription. |
testEntraIdConnectivity |
TestEntraIdConnectivityResult! | Test Microsoft Entra ID connectivity by verifying the app registration can authenticate |
| and access the directory via Microsoft Graph API. | ||
testEntraIdDirectoryDiscovery |
TestEntraIdDirectoryDiscoveryResult! | Test Microsoft Entra ID directory discovery by listing directory information |
| and resource counts accessible with the app registration. | ||
testGcpOrganizationDiscovery |
TestGcpOrganizationDiscoveryResult! | Test GCP organization discovery by listing projects and folders in an organization. |
| Returns hierarchy information for building tree views. | ||
testGcpProjectConnectivity |
TestGcpProjectConnectivityResult! | Test GCP project connectivity by verifying service account credentials can access the project. |
testGitHubConnectivity |
TestGitHubConnectivityResult! | Test GitHub connectivity by verifying the token can authenticate. |
| Returns information about the authenticated user or app. | ||
testGitHubOrganizationDiscovery |
TestGitHubOrganizationDiscoveryResult! | Test GitHub organization discovery by listing organizations accessible with the token. |
| Optionally query a specific organization by login name. | ||
testKubernetesClusterDiscovery |
TestKubernetesClusterDiscoveryResult! | Test Kubernetes cluster discovery by listing namespaces, nodes, and pods |
| accessible with the bearer token. | ||
testKubernetesConnectivity |
TestKubernetesConnectivityResult! | Test Kubernetes cluster connectivity by verifying the bearer token can authenticate |
| and access the API server. | ||
testOciConnectivity |
TestOciConnectivityResult! | Test OCI connectivity by verifying API credentials can authenticate |
| and access the tenancy. | ||
testOpenaiConnectivity |
TestOpenaiConnectivityResult! | Test OpenAI connectivity by verifying the admin API key + organization id can authenticate. |
| Probes the projects-list endpoint because OpenAI does not expose a /me endpoint. | ||
testServiceNowInstanceDiscovery |
TestServiceNowInstanceDiscoveryResult! | Test ServiceNow instance discovery by listing instance information |
| and available applications/scopes. | ||
testSplunkConnectivity |
TestSplunkConnectivityResult! | Test Splunk connectivity by connecting to the server info endpoint with the provided credentials. |
uninstallMod |
ModUninstallResult | Uninstall an existing mod with the given id |
unmuteControl |
Control | Unmute a control on a given resource and controlType or controlId |
updateAttachedGuardrailPhase |
Guardrail | Update the phase for an attached guardrail on a given resource. |
updateBenchmark |
PreventionBenchmark | Update a custom benchmark. |
updateCloudTrailLakeIntegration |
UpdateCloudTrailLakeIntegrationResult! | Update an existing CloudTrail Lake SIEM integration's configuration policies. |
updateGoogleDirectory |
Resource! | Update a Google directory. |
updateGrant |
Grant | Update a grant with the given id. Optionally provide note, validFromTimestamp and validToTimestamp |
updateGroupProfile |
Resource! | Update a group profile. |
updateGuardrail |
Guardrail | Update an existing guardrail with the given properties. |
updateLdapDirectory |
Resource! | Update an LDAP directory. |
updateLocalDirectory |
Resource! | Update a local directory. |
updateLocalDirectoryUserPassword |
LocalDirectoryUserPassword! | Update the password for the local directory user. |
updatePolicyPack |
PolicyPack | Update a policy pack with the given id. |
updatePolicySetting |
PolicySetting | Update the policy setting with the given id. Provide the setting in either standard form (either value (as JSON) or valueSource (as YAML string), or as a calculated setting with inputTemplate (as YAML Nunjucks template) and optional input (as GraphQL query string). Optionally provide precedence, note, validFromTimestamp and validToTimestamp |
updatePreventionObjective |
PreventionObjective | Update the priority for a given objective. |
updateProfile |
Resource! | Update a profile. |
updateProfileAccessKey |
ProfileAccessKey! | Update an access key's status by id. |
updateProfileAwsAccessKey |
ProfileAwsAccessKey! | Update profile AWS access key. |
updateProfileSshKey |
ProfileSshKey! | Update an SSH key's status by id. |
updateResource |
Resource | Update the resource with the given id. Optionally provide a new parent, provide data updates, or update custom metadata, tags and akas |
updateRollout |
Rollout | Update a rollout with the given id. |
updateSamlDirectory |
Resource! | Update a SAML directory. |
updateSmartFolder |
SmartFolder | Update a smart folder with the given id.This has been deprecated please use updatePolicyPack. |
updateSplunkIntegration |
UpdateSplunkIntegrationResult! | Update an existing Splunk SIEM integration's resource data and configuration policies. |
updateTurbotDirectory |
Resource! | Update a Turbot directory. |
updateWatch |
Watch | Update a watch by id. Optionally provide action and favorite |
updateWatchRule |
WatchRule | Update a watch rule by id. Optionally provide resource, level and notificationTypes", |
uploadHubData |
HubDataUploadResult | Generate a presigned S3 URL for uploading hub data (docs, KB, policy packs) |
uploadMod |
ModUploadResult | Upload a local to mod with the given id |
upsertResource |
Resource | Upsert a resource for the given parent and type and with the given data. Optionally provide custom metadata, tags and akas. If akas are passed, the first one in the array will be used to look up if the resource already exists. If no akas are passed, the first resource type AKA metadata template will be rendered using the resource data and used to look up if the resource already exists |