Turbot v5 Update Digest for 25 Aug to 1 Sept 2020

Current Recommended Versions

  • Turbot Enterprise (TE) 5.29.4
  • Turbot EnterpriseDatabase (TED) 1.11.0
  • Turbot Enterprise Foundation (TEF) 1.24.0
  • Turbot Terraform Provider 1.6.3
  • Turbot CLI 1.21.0

These versions should be used together and represent a "known good" combination of TEF, TED and TE the incorporates the latest bug fixes, stability and performance improvements

Turbot Enterprise

Highlights

Bug fixes

  • If a control or calculated policy has a dependency in Invalid, then it will also be set to Invalid (instead of Error).
  • Improved ordering of type changes during mod update to prevent conflicts.
  • Backlogged processes would timeout after 1 hour, causing the process to be restarted. We now let processes run up to 4 hours, provided they have active work done at least each hour.
  • Optimized performance of listing and summarizing controls by control type.
  • The JWT in our tasks includes the Turbot version number, causing backlogged tasks to fail validation during upgrades. Most were automatically marked for retry, but this causes noise and rework. We have removed the version, allowing our version upgrade redirect of tasks to work more smoothly.
  • Control runs triggered by a mod (e.g. a CMDB control run triggered by an event) would try to run the task immediately, increasing conflicts in our single process detection handler. We now queue the request as appropriate, reducing that noise and work.
  • Background tasks use a JWT for authorization. In v5.29.0 we changed processes to a max of 4 hours (with a 1 hr heartbeat), but our secondary check in token verification was still restricted to a 1 hour maximum. These defence in depth token checks have been updated to match.
  • Running a control from the UI would crash the API server if the control was already running

Enterprise Highlights

  • Reduced background task load, particularly tick.turbot.com:Next events, especially when the queue has a backlog to work through.
  • A new, optimized data format for dependencies has been added in this version and migrations are occurring in the background in preparation for a future version.
  • Dashboard graphs updated to use zero minimum values, better axes layout and more appropriate thresholds.

Alerts

  • None

AWS Mods

Highlights

  • 4 mods released!
  • New policies or changed policy names in: aws-workspaces
  • In aws: The WS > Account > Resource AKA Cleanup control has been updated to remove invalid AKAs from the services listed in the release notes below.
  • The AWS > Secrets Manager > Secret > CMDB control would sometimes remain in an error state when the secret was deleted from the AWS console. This has been fixed and now the secret will be deleted successfully from the Turbot console as well.

Alerts

  • None

Release Notes

Azure Mods

Highlights

  • 21 mods released!
  • New policies or changed policy names in:
  • Discovery controls now have their own control category, CMDB > Discovery, to allow for easier filtering separately from other CMDB controls.
  • We’ve renamed the service’s default regions policy from Regions [Default] to Regions to be consistent with our other regions policies.
  • In azure: You can now specify which version of Terraform you’d like to use for Stack controls.

Alerts

  • None

Release Notes

GCP Mods

Highlights

  • 20 mods released!
  • New policies or changed policy names in:
  • Initial release: gcp-dataflow
  • Discovery controls now have their own control category, CMDB > Discovery, to allow for easier filtering separately from other CMDB controls.
  • We’ve renamed the service’s default regions policy from Regions [Default] to Regions to be consistent with our other regions policies.
  • Real-time event handling for the GCP > Dataflow service.

Alerts

  • None

Release Notes

Turbot Mods

Highlights

  • New policies or changed policy names in: turbot
  • Updated: Turbot > Workspace > Migration control to notify when the migration of controls and policyValues dependencies to the new dependencies table is complete.

Alerts

  • Theturbot mod requires TE 5.29.0.  Upgrading on a TE version before 5.29.0 will cause theTurbot > Workspace > Migrationcontrol to be in error. The error will clear after upgrading to 5.29.0+.
Was this article helpful?
0 out of 0 found this helpful