Turbot v5 Update Digest for 15 June to 22 June 2020

  • Turbot Enterprise (TE) 5.22.0
  • Turbot EnterpriseDatabase(TED) 1.10.0
  • Turbot Enterprise Foundation (TEF) 1.21.0

Turbot Enterprise

Highlights

  • Terraform stacks managed by Turbot were limited to 1-1 relationships between Terraform resources and Turbot CMDB resources. We now support a variety of relationships making them cleaner and more flexible. For example, a single aws_security_group_rule resource can map to several AWS > VPC > Security Group Rule resources in Turbot. Also, association resources (which exist only in Terraform) like aws_vpc_dhcp_options_association can now be managed inside existing Turbot resources (VPC or DHCP Options) without the need for an extra (and confusing) association resource.
  • In environments where DNS is not managed by Turbot, there is improved handling of events when migrating between TE versions.
  • Several database crashes have been identified and eliminated. This improves performance and stability.
  • Customers desiring more control over ECS IAM policies, can now bring their own role.

Alerts

  • TEF 1.21.0 deploys two additional nested CloudFormation stacks, one for Network Parameters and another for IAM Parameters.
  • The new minimum drive size for TED 1.10.0 is 200GB. The new default drive size for new installations is 1TB.

AWS Mods

Highlights

  • 10 mods released!
  • New policies or changed policy names in: aws-directoryservice, aws-ec2, aws-s3, aws-wellarchitected, aws-iam
  • Continued roll out of support for af-south-1, ap-east-1, eu-south-1 and me-south-1 in various mods.
  • CloudFormation CMDB entries will now keep track of only active stacks.
  • Enforcement of load balancer access logging
  • Enforcement of S3 bucket access logging.
  • Cleanup of resources with incorrect AKAs through the AWS > Account > Resource AKA Migration control
  • Clean up of data validation errors. Not blockers, just ugly. The UI is now a cleaner place.

Alerts

  • None

Release Notes

Azure

Highlights

  • 5 mods released!
  • New policies or changed policy names in: azure-cisv1, azure-networkwatcher, azure-compute
  • Network Watcher now has policies and controls for Flow Logs
  • Support for Compute > Disk Encryption Sets
  • Azure > IAM > Login Names properly handles situations where email addresses don’t exist in Azure Active Directory.

Alerts

  • None

Release Notes

GCP

Highlights

  • 2 mods released!
  • New policies or changed policy names in: gcp
  • Introduction of the GCP > Project > Resource AKA Cleanup to clean up resources with incorrect AKAs.
  • Clean up of data validation errors. Not blockers, just ugly. The UI is now a cleaner place.

Alerts

  • None

Release Notes

Was this article helpful?
0 out of 0 found this helpful