Turbot v5 Update Digest for 20 to 26 July 2020

Current Recommended Versions

  • Turbot Enterprise (TE) 5.26.3
  • Turbot EnterpriseDatabase (TED) 1.11.0
  • Turbot Enterprise Foundation (TEF) 1.23.0
  • Turbot Terraform Provider 1.6.0
  • Turbot CLI 1.19.3

Turbot Enterprise

Highlights

  • Automatically detect and install new mod versions. The Turbot > Mod > Auto Update policy on each mod allows you to selectively enable this feature, including setting the desired Version Range. Initially our default is to disable this feature, but we expect to change that soon, so please lock the version of any mods you do not want updating. Requires @turbot/turbot mod v5.18.0 or later.
  • GraphQL favorites and watches queries now support resourceId:{aka} in filters.
  • Improved performance of various activity information and views in the UI.
  • Lots of optimizations and bug fixes.

Alerts

  • None

AWS Mods

Highlights

  • 11 mods released!
  • New policies or changed policy names in: aws-vpc-connect, aws-vpc-core
  • Continued rollout of support for tags with zero length values.
  • Release of Cross-Account controls for Transit Gateway!

Alerts

For the following permissions changes, these only apply if using Turbot Permissions to manage AWS users/roles. - In aws-iot, AWS/IoT/Admin now includes certificate management permissions. - In aws-cloudformation, AWS/CloudFormation/Admin now includes stack instance and stack set management permissions. - In aws-servicecatalog, AWS/Service Catalog/Admin now includes portfolio and product management permissions. - In aws-guardduty, AWS/GuardDuty/Admin now includes deleting invitation permissions. - In aws-sns, AWS/SNS/Admin now includes permissions to add statement to a topic’s access control policy for granting cross account access. - In aws-sqs, AWS/SQS/Admin now includes permissions for managing access to queues.

Release Notes

Azure

Highlights

  • 28 mods released!
  • New policies or changed policy names in: azure-provider
  • When deleting inactive resources through an Active control, different warning periods in days can be set to delay deletion. We recently identified a bug that would cause these warning periods to be ignored, and any inactive resources would be deleted immediately. This bug has been fixed and now all Active controls will abide by the warning period set in the policy value.
  • Removed some obsolete permissions in the azure-network stack that were preventing the Azure > Turbot > IAM Controls stack to fail.

Alerts

  • None

Release Notes

GCP

Highlights

  • 17 mods released!
  • New policies or changed policy names in:
  • Initial release: gcp-orgpolicy
  • A number of mods with Active controls didn’t delete inactive resources. Now they do.
  • The GCP > Compute Engine > Instance > Approved policy now includes the values Enforce: Stop unapproved and Enforce: Stop unapproved if new. With the addition of these values, it is now possible to just stop your unapproved instances instead of deleting them.

Alerts

  • None

Release Notes

Turbot Mods

Highlights

  • New policies or changed policy names in: turbot
  • Introduction of Smart Retention policies & controls to support new policy clean up features in Turbot Enterprise 5.26.0. turbot>=5.18.1 required Turbot Enterprise 5.26.0

Alerts

  • None

Release Notes

Turbot Terraform Provider

Highlights

  • Use data source turbot_control to get the status of a specific control for a resource and use it in your stacks.
  • Added allow_idp_initiated_sso to the turbot_saml_directory resource, allowing setup of SAML with IdP-initiated SSO.
  • turbot_mod resource now supports timeouts (default 15m), giving flexibility for scripting mod installs.

Turbot CLI

Highlights

  • Bug fixes for turbot configure.
Was this article helpful?
0 out of 0 found this helpful