Turbot v3.64.0 Commercial & Gov Cloud Release

Important note about custom ansible playbooks: Versions 3.63.0 and beyond are using Python 3. If the Turbot custom playbook feature is being used, any custom ansible code will need to be updated using https://docs.ansible.com/ansible/latest/user_guide/playbooks_python_version.html as a reference.

Summary
Added additional AWS guardrails and IAM services & permissions. Other fixes and improvements.

Version
3.64.0

Release Date
2020-03-30

Notes

AWS Services

  • Added: AWS > Chatbot IAM permissions.
  • Added: AWS > Chime IAM permissions.
  • Added: AWS > Connect IAM permissions.
  • Added: AWS > IAM > Access-Analyzer permissions.
  • Added: AWS > Lightsail IAM permissions.
  • Added: AWS > Marketplace IAM permissions.
  • Added: AWS > MediaConnect IAM permissions.
  • Added: AWS > Personalize IAM permissions.
  • Fixed: AWS > VPC > DisassociateClientVpnTargetNetwork IAM permission should be granted to users with Admin access, not Metadata.
  • Updated: AWS > Backup IAM permissions updated to include backup-storage:MountCapsule.
  • Updated: AWS > EC2 IAM permissions AllocateAddress and ReleaseAddress so that EIP permissions can be explicitly controlled. Default allows these permissions as that was the previous stance.
  • Updated: AWS > Events IAM permissions with EventBridge permissions.
  • Updated: AWS > RAM IAM permissions to include select metadata permissions for CodeBuild, EC2 Image Builder, RDS, and Resource Groups to allow for easier use of the service.

Policy Changes

  • Added: AWS > Chatbot > Enabled.
  • Added: AWS > Chatbot > Rights.
  • Added: AWS > Chime > Enabled.
  • Added: AWS > Chime > Regions.
  • Added: AWS > Chime > Rights.
  • Added: AWS > Connect > Enabled.
  • Added: AWS > Connect > Regions.
  • Added: AWS > Connect > Rights.
  • Added: AWS > EC2 > Elastic IP Management.
  • Added: AWS > Lightsail > Enabled.
  • Added: AWS > Lightsail > Regions.
  • Added: AWS > Lightsail > Rights.
  • Added: AWS > Marketplace > Enabled.
  • Added: AWS > Marketplace > Rights.
  • Added: AWS > MediaConnect > Enabled.
  • Added: AWS > MediaConnect > Regions.
  • Added: AWS > MediaConnect > Rights.
  • Added: AWS > Personalize > Enabled.
  • Added: AWS > Personalize > Regions.
  • Added: AWS > Personalize > Rights.

Other fixes & improvements

  • Updated: Turbot web servers should restrict secure protocol to TLS 1.2.
Was this article helpful?
0 out of 0 found this helpful