Turbot v5 Update Digest 25 May to 1 June 2020

Turbot Enterprise

Highlights

  • Runnables like controls and calculated policies use Lambda functions for function execution. By default, for security & stability, these functions run outside the VPC. For organizations wishing to inspect and control all network traffic, we now support running of these Lambda functions inside the VPC.
  • The test resource browse dropdown in the calculated policy editor will now automatically select the current resource by default.
  • When executing a large number of upsert commands in parallel (e.g. import or stack control) it’s possible for the same resource to get created twice in parallel (e.g. stack record from Turbot competing with a real-time event from the cloud provider). We now protect against these conflicts, smoothing large operations.

Alerts

  • None

Current Recommended Versions

  • Turbot Enterprise (TE) v5.20.1 - https://turbot.com/v5/docs/releases/te#5201-2020-05-28
  • Turbot EnterpriseDatabase(TED) v1.9.1 - https://turbot.com/v5/docs/releases/ted#v191-2020-05-19
  • Turbot Enterprise Foundation (TEF) v1.19.1 - https://turbot.com/v5/docs/releases/tef#v1191-2020-05-20

AWS Mods

Highlights

  • 38 Mods released!
  • Initial releases of: aws-appstream, aws-chime, aws-cloud9, aws-codepipeline, aws-mediaconnect, aws-resourcegroups, aws-sagemaker, aws-transfer and, aws-wellarchitected
  • Budget controls for Elasticache clusters
  • After stopping or starting an EC2 instance, the CMDB was not updated automatically to reflect the new state. This has been fixed.

Alerts

  • Policies renamed and/or removed in these mods: aws-cloudtrail, aws-elasticache, aws-kms, aws-rds
  • For aws-iam: After updating a role’s trust policy, the role’s AKA would be incorrectly updated to no longer include the AWS account ID, e.g., arn:aws:iam:::role/my-role. This has been fixed and the updating a role’s trust policy will no longer cause the role’s AKA to become malformed. However, roles that have had their AKA modified will remain malformed, so in an upcoming version, a control will be added that fixes these AKAs automatically. As this control is not available yet, a workaround to fix these roles’ AKAs today is to re-run their CMDB controls.

Release Notes

Azure Mods

Highlights

  • 6 mods released!
  • Initial release of azure-synapseanalytics
  • Support for Synapse service added to azure-provider
  • Support for germanywestcentral, norwayeast, switzerlandnorth in azure-compute

Alerts

  • Policy value change in azure-frontdoorservice

Release Notes

GCP Mods

Highlights

  • 4 mods released!
  • Various bug fixes to documentation links.

Alerts

  • Policies renamed in: gcp-build

Release Notes

Was this article helpful?
0 out of 0 found this helpful