Table: turbot_notification

Notifications represent significant events in the lifecycle of turbot infrastructure, including:

A history of change for a resource, e.g., my-s3-bucket.
A log of state changes and actions performed by a control, e.g., the Tags control for my-s3-bucket.
Changes to policy settings and policy values updated as a result.
Records of permission grants, activations, deactivations and revocations.

When querying this table, we recommend using at least one of these columns (usually in the where clause):

id
resource_id
notification_type
control_id
control_type_id
control_type_uri
resource_type_id
resource_type_uri
policy_setting_type_id
policy_setting_type_uri
actor_identity_id
create_timestamp
filter

For more information on how to construct a filter, please see Notifications examples.

Examples

Find all Turbot grants activations in last 1 week using `filter`

select
  active_grant_id,
  notification_type,
  active_grant_type_title,
  active_grant_level_title,
  create_timestamp,
  actor_identity_trunk_title,
  active_grant_identity_trunk_title,
  active_grant_valid_to_timestamp,
  active_grant_identity_profile_id,
  resource_title
from
  turbot_notification
where
  filter = 'notificationType:activeGrant createTimestamp:>T-1w'
  and active_grant_type_title = 'Turbot'
order by
  create_timestamp desc,
  notification_type,
  actor_identity_trunk_title,
  resource_title;

Find all AWS grants activations in last 7 days

select
  active_grant_id,
  notification_type,
  active_grant_type_title,
  active_grant_level_title,
  create_timestamp,
  actor_identity_trunk_title,
  active_grant_identity_trunk_title,
  active_grant_valid_to_timestamp,
  active_grant_identity_profile_id,
  resource_title
from
  turbot_notification
where
  notification_type = 'active_grants_created'
  and create_timestamp >= (current_date - interval '7' day)
  and active_grant_type_title = 'AWS'
order by
  create_timestamp desc,
  notification_type,
  actor_identity_trunk_title,
  resource_title;

Find all AWS S3 buckets created notifications in last 7 days

select
  create_timestamp,
  resource_id,
  resource_title,
  resource_trunk_title,
  actor_identity_trunk_title
from
  turbot_notification
where
  notification_type = 'resource_created'
  and create_timestamp >= (current_date - interval '120' day)
  and resource_type_uri = 'tmod:@turbot/aws-s3#/resource/types/bucket'
order by
  create_timestamp desc;

All policy settings notifications on a given resource or below in last 90 days

select
  notification_type,
  create_timestamp,
  policy_setting_id,
  policy_setting_type_trunk_title,
  policy_setting_type_uri,
  resource_trunk_title,
  resource_type_trunk_title,
  policy_setting_type_read_only,
  policy_setting_type_secret,
  policy_setting_value
from
  turbot_notification
where
  resource_id = 191382256916538
  and create_timestamp >= (current_date - interval '90' day)
  and filter = 'notificationType:policySetting level:self,descendant'
order by
  create_timestamp desc;

All policy settings notifications for AWS > Account > Regions policy

select
  notification_type,
  create_timestamp,
  policy_setting_id,
  resource_id,
  resource_trunk_title,
  jsonb_pretty(policy_setting_value :: jsonb) as policy_setting_value
from
  turbot_notification
where
  policy_setting_type_uri = 'tmod:@turbot/aws#/policy/types/regionsDefault'
  and filter = 'notificationType:policySetting level:self'
order by
  create_timestamp desc;

All notifications for AWS > Account > Budget > Budget control

select
  notification_type,
  create_timestamp,
  control_id,
  resource_trunk_title,
  control_state,
  control_reason
from
  turbot_notification
where
  control_type_uri = 'tmod:@turbot/aws#/control/types/budget'
  and filter = 'notificationType:control level:self'
order by
  resource_id,
  create_timestamp desc;

Schema for turbot_notification

Name	Type	Operators	Description
_ctx	jsonb		Steampipe context in JSON form, e.g. connection_name.
active_grant_id	bigint		Active grant ID for this notification.
active_grant_identity_profile_id	text		The identity of profile id for this active grant.
active_grant_identity_trunk_title	text		This is the title of hierarchy from the root down to this identity (i.e. Identity whoes access got revoked/permiited) for this active grant.
active_grant_level_title	text		The name of the active grant level.
active_grant_new_version_id	bigint		Active grant version ID of the grant after the notification.
active_grant_old_version_id	bigint		Version ID of the active grant before the event.
active_grant_permission_level_id	bigint		The unique identifier for the active grant permission level.
active_grant_permission_type_id	bigint		The unique identifier for the active grant permission type.
active_grant_role_name	text		Optional custom roleName for this active grant, when using existing roles rather than Turbot-managed ones.
active_grant_type_title	text		The name of the active grant type.
active_grant_valid_to_timestamp	timestamp with time zone		Optional end date for the active grant to expire.
actor_identity_id	bigint	=	Identity ID of the actor that performed this event.
actor_identity_trunk_title	text		Title hierarchy of the actor from the root down to the actor of this event.
control_details	jsonb		Optional details provided at the last state update of this control.
control_id	bigint	=	ID of the control for this notification.
control_new_version_id	bigint		Version ID of the control after the event.
control_old_version_id	bigint		Version ID of the control before the event.
control_reason	text		Optional reason provided at the last state update of this control.
control_state	text		The current state of the control.
control_type_id	bigint	=	ID of the control type for this control.
control_type_trunk_title	text		This is the title of hierarchy from the root down to this control type.
control_type_uri	text	=	URI of the control type for this control.
create_timestamp	timestamp with time zone	>, >=, =, <, <=	When the resource was first discovered by Turbot. (It may have been created earlier.)
filter	text	=	Filter used to search for notifications.
grant_id	bigint		ID of the grant for this notification.
grant_identity_profile_id	text		The identity profile id for this grant.
grant_identity_trunk_title	text		This is the title of hierarchy from the root down to this identity (i.e. Identity whoes access got revoked/permiited) for this grant.
grant_level_title	text		The name of the permission level.
grant_new_version_id	bigint		Version ID of the grant after the event.
grant_old_version_id	bigint		Version ID of the grant before the event.
grant_permission_level_id	bigint		The unique identifier for the permission level.
grant_permission_type_id	bigint		The unique identifier for the permission type.
grant_role_name	text		Optional custom roleName for this grant, when using existing roles rather than Turbot-managed ones.
grant_type_title	text		The name of the permission type.
grant_valid_to_timestamp	timestamp with time zone		Optional end date for the grant.
icon	text		Icon for this notification type.
id	bigint	=	Unique identifier of the notification.
message	text		Message for the notification.
notification_type	text	=	Type of the notification: resource, action, policySetting, control, grant, activeGrant.
policy_setting_default_template	text		The Nunjucks template if this setting is for a calculated value.
policy_setting_default_template_input	text		The GraphQL Input query if this setting is for a calculated value.
policy_setting_id	bigint		ID of the policy setting for this notification.
policy_setting_is_calculated	boolean		If true this setting contains calculated inputs e.g. templateInput and template.
policy_setting_new_version_id	bigint		Version ID of the policy setting after the event.
policy_setting_old_version_id	bigint		Version ID of the policy setting before the event.
policy_setting_type_id	bigint	=	ID of the policy setting type for this notification.
policy_setting_type_read_only	boolean		If true user-defined policy settings are blocked from being created.
policy_setting_type_secret	boolean		If true policy value will be encrypted.
policy_setting_type_trunk_title	text		This is the title of hierarchy from the root down to this policy type.
policy_setting_type_uri	text	=	URI of the policy setting type for this notification.
policy_setting_value	text		The value of the policy setting after this event.
process_id	bigint		ID of the process that created this notification.
resource_akas	jsonb		The globally-unique akas for this resource.
resource_data	jsonb		The data for this resource
resource_id	bigint	=	ID of the resource for this notification.
resource_new_version_id	bigint		Version ID of the resource after the event.
resource_old_version_id	bigint		Version ID of the resource before the event.
resource_parent_id	bigint		The id of the parent resource of this resource.
resource_path	text		The string of resource ids separated by "." from root down to this resource.
resource_tags	jsonb		Tags attached to this resource.
resource_title	text		Title of the resource.
resource_trunk_title	text		Title of the resource hierarchy from the root down to this resource.
resource_type_id	bigint	=	ID of the resource type for this notification.
resource_type_trunk_title	text		Title of the resource type hierarchy from the root down to this resource.
resource_type_uri	text	=	URI of the resource type for this notification.