Table: turbot_notification
Notifications represent significant events in the lifecycle of turbot infrastructure, including:
- A history of change for a resource, e.g., my-s3-bucket.
- A log of state changes and actions performed by a control, e.g., the Tags control for my-s3-bucket.
- Changes to policy settings and policy values updated as a result.
- Records of permission grants, activations, deactivations and revocations.
When querying this table, we recommend using at least one of these columns (usually in the where
clause):
id
resource_id
notification_type
control_id
control_type_id
control_type_uri
resource_type_id
resource_type_uri
policy_setting_type_id
policy_setting_type_uri
actor_identity_id
create_timestamp
filter
For more information on how to construct a filter
, please see Notifications examples.
Examples
Find all Turbot grants activations in last 1 week using filter
select active_grant_id, notification_type, active_grant_type_title, active_grant_level_title, create_timestamp, actor_identity_trunk_title, active_grant_identity_trunk_title, active_grant_valid_to_timestamp, active_grant_identity_profile_id, resource_titlefrom turbot_notificationwhere filter = 'notificationType:activeGrant createTimestamp:>T-1w' and active_grant_type_title = 'Turbot'order by create_timestamp desc, notification_type, actor_identity_trunk_title, resource_title;
Find all AWS grants activations in last 7 days
select active_grant_id, notification_type, active_grant_type_title, active_grant_level_title, create_timestamp, actor_identity_trunk_title, active_grant_identity_trunk_title, active_grant_valid_to_timestamp, active_grant_identity_profile_id, resource_titlefrom turbot_notificationwhere notification_type = 'active_grants_created' and create_timestamp >= (current_date - interval '7' day) and active_grant_type_title = 'AWS'order by create_timestamp desc, notification_type, actor_identity_trunk_title, resource_title;
Find all AWS S3 buckets created notifications in last 7 days
select create_timestamp, resource_id, resource_title, resource_trunk_title, actor_identity_trunk_titlefrom turbot_notificationwhere notification_type = 'resource_created' and create_timestamp >= (current_date - interval '120' day) and resource_type_uri = 'tmod:@turbot/aws-s3#/resource/types/bucket'order by create_timestamp desc;
All policy settings notifications on a given resource or below in last 90 days
select notification_type, create_timestamp, policy_setting_id, policy_setting_type_trunk_title, policy_setting_type_uri, resource_trunk_title, resource_type_trunk_title, policy_setting_type_read_only, policy_setting_type_secret, policy_setting_valuefrom turbot_notificationwhere resource_id = 191382256916538 and create_timestamp >= (current_date - interval '90' day) and filter = 'notificationType:policySetting level:self,descendant'order by create_timestamp desc;
All policy settings notifications for AWS > Account > Regions policy
select notification_type, create_timestamp, policy_setting_id, resource_id, resource_trunk_title, jsonb_pretty(policy_setting_value :: jsonb) as policy_setting_valuefrom turbot_notificationwhere policy_setting_type_uri = 'tmod:@turbot/aws#/policy/types/regionsDefault' and filter = 'notificationType:policySetting level:self'order by create_timestamp desc;
All notifications for AWS > Account > Budget > Budget control
select notification_type, create_timestamp, control_id, resource_trunk_title, control_state, control_reasonfrom turbot_notificationwhere control_type_uri = 'tmod:@turbot/aws#/control/types/budget' and filter = 'notificationType:control level:self'order by resource_id, create_timestamp desc;
Schema for turbot_notification
Name | Type | Operators | Description |
---|---|---|---|
_ctx | jsonb | Steampipe context in JSON form, e.g. connection_name. | |
active_grant_id | bigint | Active grant ID for this notification. | |
active_grant_identity_profile_id | text | The identity of profile id for this active grant. | |
active_grant_identity_trunk_title | text | This is the title of hierarchy from the root down to this identity (i.e. Identity whoes access got revoked/permiited) for this active grant. | |
active_grant_level_title | text | The name of the active grant level. | |
active_grant_new_version_id | bigint | Active grant version ID of the grant after the notification. | |
active_grant_old_version_id | bigint | Version ID of the active grant before the event. | |
active_grant_permission_level_id | bigint | The unique identifier for the active grant permission level. | |
active_grant_permission_type_id | bigint | The unique identifier for the active grant permission type. | |
active_grant_role_name | text | Optional custom roleName for this active grant, when using existing roles rather than Turbot-managed ones. | |
active_grant_type_title | text | The name of the active grant type. | |
active_grant_valid_to_timestamp | timestamp with time zone | Optional end date for the active grant to expire. | |
actor_identity_id | bigint | = | Identity ID of the actor that performed this event. |
actor_identity_trunk_title | text | Title hierarchy of the actor from the root down to the actor of this event. | |
control_details | jsonb | Optional details provided at the last state update of this control. | |
control_id | bigint | = | ID of the control for this notification. |
control_new_version_id | bigint | Version ID of the control after the event. | |
control_old_version_id | bigint | Version ID of the control before the event. | |
control_reason | text | Optional reason provided at the last state update of this control. | |
control_state | text | The current state of the control. | |
control_type_id | bigint | = | ID of the control type for this control. |
control_type_trunk_title | text | This is the title of hierarchy from the root down to this control type. | |
control_type_uri | text | = | URI of the control type for this control. |
create_timestamp | timestamp with time zone | >, >=, =, <, <= | When the resource was first discovered by Turbot. (It may have been created earlier.) |
filter | text | = | Filter used to search for notifications. |
grant_id | bigint | ID of the grant for this notification. | |
grant_identity_profile_id | text | The identity profile id for this grant. | |
grant_identity_trunk_title | text | This is the title of hierarchy from the root down to this identity (i.e. Identity whoes access got revoked/permiited) for this grant. | |
grant_level_title | text | The name of the permission level. | |
grant_new_version_id | bigint | Version ID of the grant after the event. | |
grant_old_version_id | bigint | Version ID of the grant before the event. | |
grant_permission_level_id | bigint | The unique identifier for the permission level. | |
grant_permission_type_id | bigint | The unique identifier for the permission type. | |
grant_role_name | text | Optional custom roleName for this grant, when using existing roles rather than Turbot-managed ones. | |
grant_type_title | text | The name of the permission type. | |
grant_valid_to_timestamp | timestamp with time zone | Optional end date for the grant. | |
icon | text | Icon for this notification type. | |
id | bigint | = | Unique identifier of the notification. |
message | text | Message for the notification. | |
notification_type | text | = | Type of the notification: resource, action, policySetting, control, grant, activeGrant. |
policy_setting_default_template | text | The Nunjucks template if this setting is for a calculated value. | |
policy_setting_default_template_input | text | The GraphQL Input query if this setting is for a calculated value. | |
policy_setting_id | bigint | ID of the policy setting for this notification. | |
policy_setting_is_calculated | boolean | If true this setting contains calculated inputs e.g. templateInput and template. | |
policy_setting_new_version_id | bigint | Version ID of the policy setting after the event. | |
policy_setting_old_version_id | bigint | Version ID of the policy setting before the event. | |
policy_setting_type_id | bigint | = | ID of the policy setting type for this notification. |
policy_setting_type_read_only | boolean | If true user-defined policy settings are blocked from being created. | |
policy_setting_type_secret | boolean | If true policy value will be encrypted. | |
policy_setting_type_trunk_title | text | This is the title of hierarchy from the root down to this policy type. | |
policy_setting_type_uri | text | = | URI of the policy setting type for this notification. |
policy_setting_value | text | The value of the policy setting after this event. | |
process_id | bigint | ID of the process that created this notification. | |
resource_akas | jsonb | The globally-unique akas for this resource. | |
resource_data | jsonb | The data for this resource | |
resource_id | bigint | = | ID of the resource for this notification. |
resource_new_version_id | bigint | Version ID of the resource after the event. | |
resource_old_version_id | bigint | Version ID of the resource before the event. | |
resource_parent_id | bigint | The id of the parent resource of this resource. | |
resource_path | text | The string of resource ids separated by "." from root down to this resource. | |
resource_tags | jsonb | Tags attached to this resource. | |
resource_title | text | Title of the resource. | |
resource_trunk_title | text | Title of the resource hierarchy from the root down to this resource. | |
resource_type_id | bigint | = | ID of the resource type for this notification. |
resource_type_trunk_title | text | Title of the resource type hierarchy from the root down to this resource. | |
resource_type_uri | text | = | URI of the resource type for this notification. |