What is the Resource Hierarchy in Turbot for Options?

Turbot includes a robust Guardrails Policy Engine that can apply 300+ options across 65+ AWS Services, Networking, OS, and DB tiers. Turbot includes a full, consistent hierarchy of resources where Options can be scoped across the Turbot Implementation, Cluster, Account, and/or Resource Level. An example of the resource hierarchy:

  • Turbot Implementation
    • Cluster c1
      • Account aaa
        • AWS Account 12345689012
          • us-east-1
            • S3 Bucket my-bucket-1
            • EC2 Instance i-abcd1234


  • The Turbot resource hierarchy for AWS is now in order of account > region > service > resource. This is deliberately different from AWS ARNs that are in service > region > account > resource. The Turbot approach is more logical for common use of resources while the AWS model makes more sense from an AWS specific internal perspective.

  • S3 buckets in Turbot now include the region as part of their hierarchy. Turbot > Cluster > Account > AWS Account > AWS Region > S3 > S3 Bucket.

Was this article helpful?
0 out of 0 found this helpful