-
Notifications
You must be signed in to change notification settings - Fork 1
Conversation
… turbot_notification
docs/tables/turbot_notification.md
Outdated
- Changes to policy settings, and the specific policy values they update. | ||
- Records of permission grants, activations, deactivations and revocations. | ||
|
||
Queries to this table must specify (usually in the `where` clause) at least one |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Should we use must
, or recommended
, since those are not required, but we can use those for faster query.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@LalitTurbot Please see comments/suggestions in the review.
In general, the changes requested are:
- Ensure column names match the path, even if coming across something like
grant_valid_to_timestamp
. The only time we should deviate from this is not including the wordturbot
, since that's redundant, e.g.,Turbot.Id
is justId
, and for active grants, not including the wordgrant
twice, e.g.,ActiveGrant.Grant.Field
would becomeactive_grant_field
. - Update all
policy
columns to start withpolicy_setting
- Split grant and active grant columns to make it simpler
turbot/table_turbot_notification.go
Outdated
{Name: "filter", Type: proto.ColumnType_STRING, Transform: transform.FromQual("filter"), Description: "Filter used to search for notifications."}, | ||
|
||
// Actor info for the notification | ||
{Name: "actor_trunk_title", Type: proto.ColumnType_STRING, Transform: transform.FromField("Actor.Identity.Trunk.Title").NullIfZero(), Description: "Title hierarchy of the actor from the root down to the actor of this event."}, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
{Name: "actor_trunk_title", Type: proto.ColumnType_STRING, Transform: transform.FromField("Actor.Identity.Trunk.Title").NullIfZero(), Description: "Title hierarchy of the actor from the root down to the actor of this event."}, | |
{Name: "actor_identity_trunk_title", Type: proto.ColumnType_STRING, Transform: transform.FromField("Actor.Identity.Trunk.Title").NullIfZero(), Description: "Title hierarchy of the actor from the root down to the actor of this event."}, |
turbot/table_turbot_notification.go
Outdated
{Name: "resource_tags", Type: proto.ColumnType_JSON, Transform: transform.FromField("Resource.Turbot.Tags"), Description: "Tags attached to this resource."}, | ||
|
||
// Policy settings notification details | ||
{Name: "policy_id", Type: proto.ColumnType_INT, Transform: transform.FromField("Turbot.PolicySettingID"), Description: "ID of the policy setting for this notification."}, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
{Name: "policy_id", Type: proto.ColumnType_INT, Transform: transform.FromField("Turbot.PolicySettingID"), Description: "ID of the policy setting for this notification."}, | |
{Name: "policy_setting_id", Type: proto.ColumnType_INT, Transform: transform.FromField("Turbot.PolicySettingID"), Description: "ID of the policy setting for this notification."}, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
All of these column names should start with policy_setting_
, since there are policy settings and values within Turbot (even if there aren't notifications on policy values), so it will help users know we are specifically returning policy setting notifications.
turbot/table_turbot_notification.go
Outdated
|
||
// Policy settings notification details | ||
{Name: "policy_id", Type: proto.ColumnType_INT, Transform: transform.FromField("Turbot.PolicySettingID"), Description: "ID of the policy setting for this notification."}, | ||
{Name: "policy_new_version_id", Type: proto.ColumnType_INT, Transform: transform.FromField("Turbot.PolicySettingNewVersionID"), Description: "Version ID of the policy setting after the event."}, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
{Name: "policy_new_version_id", Type: proto.ColumnType_INT, Transform: transform.FromField("Turbot.PolicySettingNewVersionID"), Description: "Version ID of the policy setting after the event."}, | |
{Name: "policy_setting_new_version_id", Type: proto.ColumnType_INT, Transform: transform.FromField("Turbot.PolicySettingNewVersionID"), Description: "Version ID of the policy setting after the event."}, |
turbot/table_turbot_notification.go
Outdated
{Name: "policy_is_calculated", Type: proto.ColumnType_BOOL, Transform: transform.FromField("PolicySetting.isCalculated"), Description: "If true this setting contains calculated inputs e.g. templateInput and template."}, | ||
{Name: "policy_template", Type: proto.ColumnType_STRING, Transform: transform.FromField("PolicySetting.DefaultTemplate"), Description: "The Nunjucks template if this setting is for a calculated value."}, | ||
{Name: "policy_template_input", Type: proto.ColumnType_STRING, Transform: transform.FromField("PolicySetting.DefaultTemplateInput").Transform(formatPolicyFieldsValue), Description: "The GraphQL input query if this setting is for a calculated value."}, | ||
{Name: "policy_read_only", Type: proto.ColumnType_BOOL, Transform: transform.FromField("PolicySetting.Type.ReadOnly"), Description: "If true user-defined policy settings are blocked from being created."}, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
{Name: "policy_read_only", Type: proto.ColumnType_BOOL, Transform: transform.FromField("PolicySetting.Type.ReadOnly"), Description: "If true user-defined policy settings are blocked from being created."}, | |
{Name: "policy_setting_type_read_only", Type: proto.ColumnType_BOOL, Transform: transform.FromField("PolicySetting.Type.ReadOnly"), Description: "If true user-defined policy settings are blocked from being created."}, |
turbot/table_turbot_notification.go
Outdated
{Name: "policy_trunk_title", Type: proto.ColumnType_STRING, Transform: transform.FromField("PolicySetting.Type.Trunk.Title"), Description: "This is the title of hierarchy from the root down to this policy type."}, | ||
{Name: "policy_is_calculated", Type: proto.ColumnType_BOOL, Transform: transform.FromField("PolicySetting.isCalculated"), Description: "If true this setting contains calculated inputs e.g. templateInput and template."}, | ||
{Name: "policy_template", Type: proto.ColumnType_STRING, Transform: transform.FromField("PolicySetting.DefaultTemplate"), Description: "The Nunjucks template if this setting is for a calculated value."}, | ||
{Name: "policy_template_input", Type: proto.ColumnType_STRING, Transform: transform.FromField("PolicySetting.DefaultTemplateInput").Transform(formatPolicyFieldsValue), Description: "The GraphQL input query if this setting is for a calculated value."}, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
{Name: "policy_template_input", Type: proto.ColumnType_STRING, Transform: transform.FromField("PolicySetting.DefaultTemplateInput").Transform(formatPolicyFieldsValue), Description: "The GraphQL input query if this setting is for a calculated value."}, | |
{Name: "policy_setting_default_template_input", Type: proto.ColumnType_STRING, Transform: transform.FromField("PolicySetting.DefaultTemplateInput").Transform(formatPolicyFieldsValue), Description: "The GraphQL input query if this setting is for a calculated value."}, |
turbot/table_turbot_notification.go
Outdated
{Name: "grant_id", Type: proto.ColumnType_INT, Transform: fromField("Turbot.GrantID", "Turbot.ActiveGrantsID"), Description: "ID of the grant for this notification."}, | ||
{Name: "grant_new_version_id", Type: proto.ColumnType_INT, Transform: fromField("Turbot.GrantNewVersionID", "Turbot.ActiveGrantsNewVersionID"), Description: "Version ID of the grant after the event."}, | ||
{Name: "grant_old_version_id", Type: proto.ColumnType_INT, Transform: fromField("Turbot.GrantOldVersionID", "Turbot.ActiveGrantsOldVersionID"), Description: "Version ID of the grant before the event."}, | ||
{Name: "grant_end_date", Type: proto.ColumnType_TIMESTAMP, Transform: fromField("Grant.ValidToTimestamp", "ActiveGrant.Grant.ValidToTimestamp"), Description: "Optional end date for the grant."}, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
{Name: "grant_end_date", Type: proto.ColumnType_TIMESTAMP, Transform: fromField("Grant.ValidToTimestamp", "ActiveGrant.Grant.ValidToTimestamp"), Description: "Optional end date for the grant."}, | |
{Name: "grant_valid_to_timestamp", Type: proto.ColumnType_TIMESTAMP, Transform: fromField("Grant.ValidToTimestamp"), Description: "Optional end date for the grant."}, |
We should keep the column name consistent with the GraphQL paths to make overall naming easier across this table, and all tables.
We should also have another column for active grants (but we exclude the second Grant
since it's redundant):
{Name: "active_grant_valid_to_timestamp", Type: proto.ColumnType_TIMESTAMP, Transform: fromField("Grant.ValidToTimestamp", "ActiveGrant.Grant.ValidToTimestamp"), Description: "Optional end date for the grant."},
turbot/table_turbot_notification.go
Outdated
{Name: "control_type_uri", Type: proto.ColumnType_STRING, Transform: transform.FromField("Control.Type.URI"), Description: "URI of the control type for this control."}, | ||
{Name: "control_type_trunk_title", Type: proto.ColumnType_STRING, Transform: transform.FromField("Control.Type.Trunk.Title"), Description: "This is the title of hierarchy from the root down to this control type."}, | ||
|
||
// ActiveGrants and Grants details |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can you please split all of the columns below into 2 sets of columns, 1 for grants, and 1 for active grants? I understand why you combined them and then suggesting to users they filter based on the grant type, but I think it's worth having 2 sets of columns to lay it out in the simplest way possible.
turbot/table_turbot_notification.go
Outdated
Columns: []*plugin.Column{ | ||
// Top columns | ||
{Name: "id", Type: proto.ColumnType_INT, Transform: transform.FromField("Turbot.ID"), Description: "Unique identifier of the notification."}, | ||
{Name: "notifications_count", Type: proto.ColumnType_INT, Transform: transform.FromField("Count"), Description: "Total number of notification matching the searched filter in query. It will be same for all the records in the table for a query."}, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can you please remove this column? I think we'll add the ability to get counts but probably in a separate table.
turbot/table_turbot_control.go
Outdated
@@ -30,6 +30,7 @@ func tableTurbotControl(ctx context.Context) *plugin.Table { | |||
Columns: []*plugin.Column{ | |||
// Top columns | |||
{Name: "id", Type: proto.ColumnType_INT, Transform: transform.FromField("Turbot.ID"), Description: "Unique identifier of the control."}, | |||
{Name: "controls_count", Type: proto.ColumnType_INT, Transform: transform.FromField("Count"), Description: "Total number of controls matching the searched filter in query. It will be same for all the records in the table for a query."}, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can you please remove this column? I think we'll add the ability to get counts but probably in a separate table.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@LalitTurbot I found some columns that still don't match up with the path, I made a few suggestions for ones that didn't match up, but didn't look at all of the column names. Can you please do another sweep and ensure that 100% of the columns are named correctly, and update any examples that reference them as well? Thanks!
turbot/table_turbot_notification.go
Outdated
{Name: "policy_setting_type_uri", Type: proto.ColumnType_STRING, Transform: transform.FromField("PolicySetting.Type.URI"), Description: "URI of the policy setting type for this notification."}, | ||
{Name: "policy_setting_trunk_title", Type: proto.ColumnType_STRING, Transform: transform.FromField("PolicySetting.Type.Trunk.Title"), Description: "This is the title of hierarchy from the root down to this policy type."}, | ||
{Name: "policy_setting_is_calculated", Type: proto.ColumnType_BOOL, Transform: transform.FromField("PolicySetting.isCalculated"), Description: "If true this setting contains calculated inputs e.g. templateInput and template."}, | ||
{Name: "policy_setting_template", Type: proto.ColumnType_STRING, Transform: transform.FromField("PolicySetting.DefaultTemplate"), Description: "The Nunjucks template if this setting is for a calculated value."}, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
{Name: "policy_setting_template", Type: proto.ColumnType_STRING, Transform: transform.FromField("PolicySetting.DefaultTemplate"), Description: "The Nunjucks template if this setting is for a calculated value."}, | |
{Name: "policy_setting_default_template", Type: proto.ColumnType_STRING, Transform: transform.FromField("PolicySetting.DefaultTemplate"), Description: "The Nunjucks template if this setting is for a calculated value."}, |
turbot/table_turbot_notification.go
Outdated
{Name: "policy_setting_template", Type: proto.ColumnType_STRING, Transform: transform.FromField("PolicySetting.DefaultTemplate"), Description: "The Nunjucks template if this setting is for a calculated value."}, | ||
{Name: "policy_setting_default_template_input", Type: proto.ColumnType_STRING, Transform: transform.FromField("PolicySetting.DefaultTemplateInput").Transform(formatPolicyFieldsValue), Description: "The GraphQL input query if this setting is for a calculated value."}, | ||
{Name: "policy_setting_read_only", Type: proto.ColumnType_BOOL, Transform: transform.FromField("PolicySetting.Type.ReadOnly"), Description: "If true user-defined policy settings are blocked from being created."}, | ||
{Name: "policy_setting_secret", Type: proto.ColumnType_BOOL, Transform: transform.FromField("PolicySetting.Type.Secret"), Description: "If true policy value will be encrypted."}, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
{Name: "policy_setting_secret", Type: proto.ColumnType_BOOL, Transform: transform.FromField("PolicySetting.Type.Secret"), Description: "If true policy value will be encrypted."}, | |
{Name: "policy_setting_type_secret", Type: proto.ColumnType_BOOL, Transform: transform.FromField("PolicySetting.Type.Secret"), Description: "If true policy value will be encrypted."}, |
turbot/table_turbot_notification.go
Outdated
{Name: "policy_setting_is_calculated", Type: proto.ColumnType_BOOL, Transform: transform.FromField("PolicySetting.isCalculated"), Description: "If true this setting contains calculated inputs e.g. templateInput and template."}, | ||
{Name: "policy_setting_template", Type: proto.ColumnType_STRING, Transform: transform.FromField("PolicySetting.DefaultTemplate"), Description: "The Nunjucks template if this setting is for a calculated value."}, | ||
{Name: "policy_setting_default_template_input", Type: proto.ColumnType_STRING, Transform: transform.FromField("PolicySetting.DefaultTemplateInput").Transform(formatPolicyFieldsValue), Description: "The GraphQL input query if this setting is for a calculated value."}, | ||
{Name: "policy_setting_read_only", Type: proto.ColumnType_BOOL, Transform: transform.FromField("PolicySetting.Type.ReadOnly"), Description: "If true user-defined policy settings are blocked from being created."}, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
{Name: "policy_setting_read_only", Type: proto.ColumnType_BOOL, Transform: transform.FromField("PolicySetting.Type.ReadOnly"), Description: "If true user-defined policy settings are blocked from being created."}, | |
{Name: "policy_setting_type_read_only", Type: proto.ColumnType_BOOL, Transform: transform.FromField("PolicySetting.Type.ReadOnly"), Description: "If true user-defined policy settings are blocked from being created."}, |
turbot/table_turbot_notification.go
Outdated
{Name: "policy_setting_old_version_id", Type: proto.ColumnType_INT, Transform: transform.FromField("Turbot.PolicySettingOldVersionID"), Description: "Version ID of the policy setting before the event."}, | ||
{Name: "policy_setting_type_id", Type: proto.ColumnType_INT, Transform: transform.FromField("PolicySetting.Type.Turbot.ID").NullIfZero(), Description: "ID of the policy setting type for this notification."}, | ||
{Name: "policy_setting_type_uri", Type: proto.ColumnType_STRING, Transform: transform.FromField("PolicySetting.Type.URI"), Description: "URI of the policy setting type for this notification."}, | ||
{Name: "policy_setting_trunk_title", Type: proto.ColumnType_STRING, Transform: transform.FromField("PolicySetting.Type.Trunk.Title"), Description: "This is the title of hierarchy from the root down to this policy type."}, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
{Name: "policy_setting_trunk_title", Type: proto.ColumnType_STRING, Transform: transform.FromField("PolicySetting.Type.Trunk.Title"), Description: "This is the title of hierarchy from the root down to this policy type."}, | |
{Name: "policy_setting_type_trunk_title", Type: proto.ColumnType_STRING, Transform: transform.FromField("PolicySetting.Type.Trunk.Title"), Description: "This is the title of hierarchy from the root down to this policy type."}, |
turbot/table_turbot_notification.go
Outdated
{Name: "active_grant_valid_to_timestamp", Type: proto.ColumnType_TIMESTAMP, Transform: fromField("ActiveGrant.Grant.ValidToTimestamp"), Description: "Optional end date for the grant."}, | ||
{Name: "active_grant_role_name", Type: proto.ColumnType_STRING, Transform: fromField("ActiveGrant.Grant.RoleName"), Description: "Optional custom roleName for this grant, when using existing roles rather than Turbot-managed ones."}, | ||
{Name: "active_grant_permission_type_id", Type: proto.ColumnType_INT, Transform: fromField("ActiveGrant.Grant.PermissionTypeID"), Description: "The unique identifier for the permission type."}, | ||
{Name: "active_grant_permission_type", Type: proto.ColumnType_STRING, Transform: fromField("ActiveGrant.Grant.Type.Title"), Description: "The name of the permission type."}, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
{Name: "active_grant_permission_type", Type: proto.ColumnType_STRING, Transform: fromField("ActiveGrant.Grant.Type.Title"), Description: "The name of the permission type."}, | |
{Name: "active_grant_type_title", Type: proto.ColumnType_STRING, Transform: fromField("ActiveGrant.Grant.Type.Title"), Description: "The name of the permission type."}, |
turbot/table_turbot_notification.go
Outdated
{Name: "active_grant_permission_type_id", Type: proto.ColumnType_INT, Transform: fromField("ActiveGrant.Grant.PermissionTypeID"), Description: "The unique identifier for the permission type."}, | ||
{Name: "active_grant_permission_type", Type: proto.ColumnType_STRING, Transform: fromField("ActiveGrant.Grant.Type.Title"), Description: "The name of the permission type."}, | ||
{Name: "active_grant_permission_level_id", Type: proto.ColumnType_INT, Transform: fromField("ActiveGrant.Grant.PermissionLevelId"), Description: "The unique identifier for the permission level."}, | ||
{Name: "active_grant_permission_level", Type: proto.ColumnType_STRING, Transform: fromField("ActiveGrant.Grant.Level.Title"), Description: "The name of the permission level."}, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
{Name: "active_grant_permission_level", Type: proto.ColumnType_STRING, Transform: fromField("ActiveGrant.Grant.Level.Title"), Description: "The name of the permission level."}, | |
{Name: "active_grant_level_title", Type: proto.ColumnType_STRING, Transform: fromField("ActiveGrant.Grant.Level.Title"), Description: "The name of the permission level."}, |
turbot/table_turbot_notification.go
Outdated
{Name: "grant_valid_to_timestamp", Type: proto.ColumnType_TIMESTAMP, Transform: fromField("Grant.ValidToTimestamp"), Description: "Optional end date for the grant."}, | ||
{Name: "grant_role_name", Type: proto.ColumnType_STRING, Transform: fromField("Grant.RoleName"), Description: "Optional custom roleName for this grant, when using existing roles rather than Turbot-managed ones."}, | ||
{Name: "grant_permission_type_id", Type: proto.ColumnType_INT, Transform: fromField("Grant.PermissionTypeID"), Description: "The unique identifier for the permission type."}, | ||
{Name: "grant_permission_type", Type: proto.ColumnType_STRING, Transform: fromField("Grant.Type.Title"), Description: "The name of the permission type."}, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
{Name: "grant_permission_type", Type: proto.ColumnType_STRING, Transform: fromField("Grant.Type.Title"), Description: "The name of the permission type."}, | |
{Name: "grant_type_title", Type: proto.ColumnType_STRING, Transform: fromField("Grant.Type.Title"), Description: "The name of the permission type."}, |
turbot/table_turbot_notification.go
Outdated
{Name: "grant_permission_type_id", Type: proto.ColumnType_INT, Transform: fromField("Grant.PermissionTypeID"), Description: "The unique identifier for the permission type."}, | ||
{Name: "grant_permission_type", Type: proto.ColumnType_STRING, Transform: fromField("Grant.Type.Title"), Description: "The name of the permission type."}, | ||
{Name: "grant_permission_level_id", Type: proto.ColumnType_INT, Transform: fromField("Grant.PermissionLevelId"), Description: "The unique identifier for the permission level."}, | ||
{Name: "grant_permission_level", Type: proto.ColumnType_STRING, Transform: fromField("Grant.Level.Title"), Description: "The name of the permission level."}, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
{Name: "grant_permission_level", Type: proto.ColumnType_STRING, Transform: fromField("Grant.Level.Title"), Description: "The name of the permission level."}, | |
{Name: "grant_level_title", Type: proto.ColumnType_STRING, Transform: fromField("Grant.Level.Title"), Description: "The name of the permission level."}, |
Integration test logs
Logs
Example query results
Results
All alarm notification for AWS > Account > Budget > Budget control