What's new?

• New tables added
  • aws_iot_fleet_metric (#2000)

Enhancements

• The account_id column has now been assigned as a connection key column across all the tables which facilitates more precise and efficient querying across multiple AWS accounts. (#2133)

Bug fixes

• Fixed the getDirectoryServiceSnapshotLimit and getDirectoryServiceEventTopics hydrate calls in the aws_directory_service_directory table to correctly return nil for the unsupported ADConnector services instead of an error. (#2170)

What's new?

• New tables added: (Thanks @jplanckeel for the new plugin!)
  • opsgenie_alert
  • opsgenie_team

What's new?

• New tables added
  • googlesearchconsole_indexing_status
  • googlesearchconsole_pagespeed_analysis_aggregated
  • googlesearchconsole_pagespeed_analysis
  • googlesearchconsole_site
  • googlesearchconsole_sitemap

v0.40.0 [2024-04-12]

What's new?

• New tables added
  • github_organization_collaborator (#411)
• Added support for plugin authentication using Github App. Please refer Github plugin configuration for more information. (#414)

Bug fixes

• Fixed the github_workflow table to correctly return data for dynamic workflows instead of an error. (#412)
• Fixed the plugin's Postgres FDW Extension crash issue.

What's new?

• New tables added
  • aws_accessanalyzer_finding (#2142)

Enhancements

• Added snapshot_block_public_access_state column to aws_ec2_regional_settings table. (#2077)

Bug fixes

• Fixed the getDirectoryServiceSnapshotLimit and getDirectoryServiceEventTopics hydrate calls in the aws_directory_service_directory table to correctly return nil for unsupported SharedMicrosoftAD services instead of an error. (#2156)

What's new?

• New tables added: (Thanks @ramirezj for the new plugin!)
  • kolide_admin_user
  • kolide_audit_log
  • kolide_check
  • kolide_deprovisioned_person
  • kolide_device
  • kolide_device_open_issue
  • kolide_issue
  • kolide_package

What's new?

• Added support for connection key columns. (#768)
• Added sp_ctx and sp_connection_name columns to all tables. (#769)

What's new?

• New tables added
  • gcp_tag_binding (#560)

Enhancements

• Added support for nested dashboards. (#4208)

Bug fixes

• Fixed the issue where local plugins were not being loaded. (#4196)
• Re-added support for 'implicit' local plugins (i.e. the plugin binary exists but there is no entry in the versions.json). (#4223)
• Fixed the issue where the daily update check message showed a <nil> when there was no message to show. (#4206)

What's new?

• New tables added
  • gcp_vertex_ai_model (#555)

Enhancements

• Added support for quota_project config arg to provide users the ability to set the Project ID used for billing and quota. (#556)

Bug fixes

• Fixed the retry_policy_maximum_backoff and retry_policy_minimum_backoff columns of gcp_pubsub_subscription table to correctly return data. (#552) (Thanks to @mvanholsteijn for the contribution!)

What's new?

• New tables added
  • aws_backup_job (#2145) (Thanks @rogerioacp for the contribution!)
  • aws_elastic_beanstalk_application_version (#2150)
  • aws_rds_db_engine_version (#2098)
  • aws_s3_object_version (#2070)
  • aws_servicequotas_service (#2070)

Bug fixes

• Fixed the aws_vpc_eip table to return an Access Denied error instead of an Invalid Memory Address or Nil Pointer Dereference error when a Service Control Policy is applied to an account for a specific region. (#2136)
• Fixed the aws_s3_bucket terraform script to prevent the AccessControlListNotSupported: The bucket does not allow ACLs error during the PutBucketAcl terraform call. (#2080) (Thanks @pdecat for the contribution!)
• Fixed an issue where querying regional tables while using AWS profiles with cross-account role credentials results in the correct error being reported instead of zero rows. (#2137)
• Fixed pagination in the aws_ebs_snapshot table to make fewer API calls when the limit parameter is passed to the query. (#2088)

What's new?

• New tables added
  • azure_compute_virtual_machine_metric_available_memory (#729)
  • azure_compute_virtual_machine_metric_available_memory_daily (#729)
  • azure_compute_virtual_machine_metric_available_memory_hourly (#729)

Enhancements

• Added the access_keys column to azure_storage_account table. (#730)
• Added the disable_local_auth column to azure_cosmosdb_account table. (#736)

What's new?

• New tables added
  • aws_acmpca_certificate_authority (#2125)
  • aws_dms_endpoint (#1992)
  • aws_dms_replication_task (#2110)
  • aws_docdb_cluster_snapshot (#2123)
  • aws_transfer_user (#2089) (Thanks @jramosf for the contribution!)

Enhancements

• Added auto_minor_version_upgrade column to aws_rds_db_cluster table. (#2109)
• Added open_zfs_configuration column to aws_fsx_file_system table. (#2113)
• Added logging_configuration column to aws_networkfirewall_firewall table. (#2115)
• Added lf_tags column to aws_glue_catalog_table table. (#2128)

Bug fixes

• Fixed the query in the aws_s3_bucket table doc to correctly filter out buckets without the application tag. (#2093)
• Fixed the aws_cloudtrail_lookup_event input param to pass correctly end_time as an optional qual. (#2102)
• Fixed the arn column of the aws_elastic_beanstalk_environment table to correctly return data instead of null. (#2105)
• Fixed the template_body_json column of the aws_cloudformation_stack table to correctly return data by adding a new transform function formatJsonBody, replacing the UnmarshalYAML transform function. (#1959)
• Fixed the next_execution_time column of aws_ssm_maintenance_window table to be of String datatype instead of TIMESTAMP. (#2116)
• Renamed the client_log_options column to connection_log_options in aws_ec2_client_vpn_endpoint table to correctly return data instead of null. (#2122)

Whats new

• Improved startup performance with high plugin count - parallelize plugin startup. (#4183)
• Added database SSL password support for encrypted private key in order to handle your own certificates. (#4149)

Bug fixes

• Fixed issue where plugin list cannot re-create top-level versions.json file if the file has been corrupted or empty. (#4191)

Notice

• Scripts must use the permanent installation script at https://steampipe.io/install/steampipe.sh.
• The script above is automatically updated when the script moves location.
• install.sh has been moved from the top level folder to the scripts folder.
• Scripts directly referencing the raw GitHub location must be updated.

Notice

Steampipe will no longer officially publish or support a Dockerfile or container images.

Steampipe can be run in a containerized setup. We run it ourselves that way as part of Turbot Pipes. But, we've decided to cease publishing an supporting a container definition because:

• The CLI is optimized for developer use on the command line.
• Everyone has specific goals and requirements for their containers.
• Container setup requires various mounts and access to configuration files.
• It's hard to support containers across many different environments.

We welcome users to create and share your own open-source container definitions for Steampipe!

Steampipe unbundled, introducing Powerpipe

Powerpipe is now the recommended way to run dashboards and benchmarks!

Mods still work as normal in Steampipe for now, but they are deprecated and will be removed in a future release:

• Steampipe unbundled →
• Powerpipe for Steampipe users →

Whats new

• Added version column to steampipe_plugin table. (#4141)
• Direct all errors and warnings to standard error (stderr). (4162)

Bug fixes

• Fixed the issue where search_path_prefix set in database options does not alter the search path. (#4160)
• Fix issue where asff output was always missing the first row. (#4157)

Deprecations and migrations

• Steampipe mods and dashboards are now separately available in Powerpipe, a new open-source project. The steampipe mod, check and dashboard commands have been deprecated and will be removed in a future version. Migration guide.
• Deprecated cloud-host and cloud-token CLI args, and replaced them with pipes-host and pipes-token respectively. (#4137)
• Deprecated STEAMPIPE_CLOUD_HOST and STEAMPIPE_CLOUD_TOKEN env vars, replaced with PIPES_HOST and PIPES_TOKEN respectively. (#4137)
• Deprecated cloud_host and cloud_token workspace args, replaced with pipes_host and pipes_token respectively. (#4137)
• Removed support for deprecated terminal options. (#3751)
• Removed support for deprecated max_parallel property in general options. (#4132)
• Removed support for deprecated connection options. (#4131)
• Removed deprecated version property from the mod require block. (#3750)

Enhancements

• Updated the regex pattern of slack_api_token to also detect the Slack bot tokens. (#73)
• Updated the regex pattern of AWS access_key_id to include key resources like AWS SSO credentials. (#74)

What's new?

• New dashboards added:
  • OpenSearch Domain Detail (#75) (Thanks @Errahulaws for the contribution!)

What's new?

• New tables added
  • aws_ecr_registry_scanning_configuration (#2084)

Bug fixes

• Fixed the InvalidParameterCombination error when querying the aws_rds_db_instance table. (#2085)
• Fixed aws_rds_db_instance_metric_write_iops_daily table to correctly display WriteIOPS instead of ReadIOPS. (#2079)

Dependencies

• Recompiled plugin with steampipe-plugin-sdk v5.9.0 that fixes critical caching issues. (#2067)

Bug fixes

• Fixed the plugin to return nil instead of an error when API credentials are not set in the *.spc file. (#14)
• Fixed the default data type of the dynamic columns to be of the String type instead of JSON. (#16)

Bug fixes

• Fixed the hierarchy in the benchmark list by properly integrating Cloud Functions benchmark into all_controls benchmark. (#146)

What's new?

• Removed support for Memoized functions to be directly assigned as column hydrate functions. Instead, require a wrapper hydrate function. (#756) (#738)

Bug fixes

• If cache is disabled for the server, but enabled for the client, the query execution code tries to stream to the cache even though there is no active set operation. (#740)

Bug fixes

• Fixed growing memory usage following file watching events when running dashboard server. (#4150)

Dependencies

• GCP plugin v0.49.0 or higher is now required. (#143)

Enhancements

• Added 5 new controls to the All Controls benchmark across the following services: (#143)
  • App Engine
  • Cloud Run
  • Kubernetes

Dependencies

• AWS plugin v0.131.0 or higher is now required. (#747)

Enhancements

• Added 11 new controls to the All Controls benchmark across the following services: (#747)
  • API Gateway
  • DMS
  • EMR
  • MQ
  • VPC

Bug fixes

• Fixed the foundational_security_ssm_2 control to correctly evaluate results when patches are not applicable for SSM managed EC2 instances. (#761)

Bug fixes

• Fixed the typo in the scaleway_billing_consumption table docs to use consumption instead of consumtion. (#80)

What's new?

• New tables added
  • scaleway_account_project (#53) (Thanks @jplanckeel for the contribution!)
  • scaleway_billing_consumption (#70) (Thanks @jplanckeel for the contribution!)

Enhancements

• Improved the plugin error message when invalid credentials are set in the wiz.spc file. (#23)

Bug fixes

• Fixed the service_tickets column in wiz_issue table by removing the action subfield from the ServiceTickets field in the GraphQL response since it was no longer available. (#24 #25) (Thanks @sycophantic for the contribution!)

Bug fixes

• Removed duplicate control rds_db_cluster_encrypted_with_kms_cmk. (#105)

Bug fixes

• Removed duplicate node service_account. (#56)

Bug fixes

• Fixed the pipeline column of the github_workflow table to correctly return data instead of an error. (#388)
• Fixed the example query in the docs/index.md file by replacing the stargazers_count column with stargazer_count. (#397)

What's new?

• New tables added
  • aws_api_gateway_method (#1995)
  • aws_dms_certificate (#1985)
  • aws_emr_security_configuration (#1984)
  • aws_iot_thing (#1997)
  • aws_organizations_organizational_unit (#2063)
  • aws_ssmincidents_response_plan (#1885)
  • aws_trusted_advisor_check_summary (#1978)

Bug fixes

• Fixed aws_sfn_state_machine_execution_history table to handle pagination and ignore errors for expired execution history. (#1934) (Thanks @pdecat for the contribution!)
• Fixed the aws_health_affected_entity table to correctly return data instead of an interface conversion error. (#2072)

What's new?

• New table added
  • tfe_project (#42) (Thanks @edebrye for the contribution!)

Bug fixes

• Fixed the plugin initialization error by returning only the static tables when invalid config parameters were set for dynamic tables. #39

Bug fixes

• Fixed variables not being reloaded after the file watch event. (#4123)
• Fixed mod file being left invalid after mod uninstall. (#4124)

v0.86 [2024-02-08]

What's new?

• Added CIS v3.0.0 benchmark (steampipe check benchmark.cis_v300). (#755)

Bug fixes

• Fixed pagination in the datadog_monitor table to correctly return data instead of an error. (#48) (Thanks @mdb for the contribution!)

Bug fixes

• Fixed HomeDirectoryModfileCheck returning false positive, causing errors when executing steampipe out of the home directory. (#4118)

Enhancements

• Updated all the tables to fetch the column data using hydrate functions to optimize the API calls and increase query speed when querying specific columns. (#30)

Bug fixes

• Fixed UI freeze when prompting for workspace variables. (#4105)
• Fixed dependency variable validation - it was failing if dependency variable value was set in the vars file. (#4110)

Dependencies

• OCI plugin v0.35.0 or higher is now required. (#83)

What's new?

• Added CIS v2.0.0 benchmark (steampipe check benchmark.cis_v200). (#80)

What's new?

• New tables added
  • gcp_app_engine_application (#537)
  • gcp_compute_machine_image (#519)

What's new?

• Added OAuth config support to provide users the ability to set OAuth secret client ID and OAuth secret value of a service principal. For more information, please see Databricks plugin configuration. (#6) (Thanks @rinzool for the contribution!)
• Added Config object to directly pass credentials to the client. (#10)

What's new?

• New tables added
  • azure_api_management_backend (#689)
  • azure_consumption_usage (#721)
  • azure_monitor_log_profile (#717)

Enhancements

• Added the authorization_rules column to azure_servicebus_namespace table. (#719)

Enhancements

• Optimized aws_cloudwatch_log_stream table's query performance by adding descending, log_group_name, log_stream_name_prefix and order_by new optional key qual columns. (#1951)
• Optimized aws_ssm_inventory table's query performance by adding new optional key qual columns such as filter_key, filter_value, network_attribute_key, network_attribute_value, etc. (#1980)

Bug fixes

• Fixed aws_cloudwatch_log_group table key column to be globally unique by filtering the results by region. (#1976)
• Removed duplicate memoizing of getCommonColumns function from aws_s3_multi_region_access_point and aws_ec2_launch_template tables.(#2065)
• Fixed error for column type_name in table aws_ssm_inventory_entry. (#1980)
• Added the missing rate-limiter tags for aws_s3_bucket table's GetBucketLocation hydrate function to optimize query performance. (#2066)

What's new?

• New tables added
  • guardrails_query (#31)

Dependencies

• Azure plugin v0.53.0 or higher is now required. (#242)

Enhancements

• Added 41 new controls to the All Controls benchmark across the following services: (#234 #233)
  • Active Directory
  • App Service
  • Batch
  • Compute
  • Container Instance
  • Key Vault
  • Kubernetes Service
  • Network
  • Recovery Service
  • Service Bus
  • Storage

Bug fixes

• Fixed the description of CIS_v150_2_1_9 control. (#238) (Thanks @sfunkernw for the contribution!)

Breaking changes

• Removed the iam_root_user_virtual_mfa control since it is not recommended as good practice. (#743)
• Replaced iam_account_password_policy_strong with iam_account_password_policy_strong_min_reuse_24 in the GDPR, FFIEC and CISA Cyber Essentials benchmarks to align more accurately with the requirements specified in the AWS Config rules. (#739)

Bug fixes

• Updated the dashboard image to correctly list all the 25 benchmarks. (#748)

What's new?

• New tables added
  • oci_identity_db_credential (#596)

What's new?

• Added the following controls across Simple Email Service and VPC benchmarks. (#88 #102)
  • ses_configuration_set_tls_enforced
  • vpc_security_group_restrict_ingress_rdp_all
  • vpc_security_group_restrict_ingress_ssh_all

Bug fixes

• Fixed schema clone function failing if table has an LTREE column. (#4079)
• Maintained the order of execution when running multiple queries in batch mode. (#3728)
• Fixed issue where using any meta-command would load connection state even if not required. (#3614)
• Fixed issue where plugin version file back-filling would write versions.json to the CWD if the plugin folder is not found. (#4073)
• Simplified and fixed available port check. (#4030)

What's new?

• New tables added
  • rdap_domain (#46)

What's new?

• Added the kubernetes_cluster_no_cluster_level_node_pool control to the Kubernetes benchmark. (#53)

What's new?

• New tables added
  • oci_identity_domain (#587)
  • oci_database_cloud_vm_cluster (#583)

Enhancements

• Added the snapshot_time and snapshot_type columns to oci_file_storage_snapshot table. (#592)
• Added the kms_key_version_id, vault_id, sid_prefix and is_cdb columns to oci_database_db table. (#591)

Enhancements

• Added the annotations columns on all CRD resources. (#202)
• Updated the API version for table kubernetes_horizontal_pod_autoscaler. (#190)

What's new?

• New tables added
  • gcp_cloud_asset (#532)

Enhancements

• Added column iam_policy to gcp_cloud_run_service table. (#531)
• Optimized the gcp_logging_log_entry table result or result timing by applying a timestamp filter. (#508)
• Added the json_payload, proto_payload, metadata, resource, operation, and tags columns to gcp_logging_log_entry table. (#508)

Bug fixes

• Fixed the addons_config, network_config and network_policy column of gcp_kubernetes_cluster table to correctly return data instead of null. (#530)
• Fixed the end_time column of the gcp_sql_backup table to return null instead of an error when end time is unavailable for a SQL backup. (#534)
• Fixed the enqueued_time, start_time and window_start_time columns of the gcp_sql_backup table to return null instead of an error when timestamp is unavailable for a SQL backup. (#536)

Enhancements

• Added the audit_policy column to azure_sql_database and azure_sql_server tables. (#711)
• Added the webhooks column to azure_container_registry table. (#710)
• Added the disable_local_auth and status columns to azure_servicebus_namespace table. (#715)

Bug fixes

• Fixed the azure_key_vault_secret table to correctly return data when keyvault name is in camel-case. (#638)

Bug fixes

• Fixed the low_iops_ebs_volumes control to now suggest converting io1 and io2 volumes to GP3 volumes, when the base IOPS is less than 16000 instead of 3000. (#167)

What's new?

• New tables added
  • aws_servicecatalog_provisioned_product (#1917)

Enhancements

• Added deletion_protection_enabled column to aws_dynamodb_table table. (#2049)

Bug fixes

• Fixed default page size in aws_organizations_account table. (#2058)
• Fixed processor_features column in aws_rds_db_instance not returning data when default value is set. (#2028)
• Temporarily removed aws_organizations_organizational_unit table due to LTREE column issue. (#2058)

What's new?

• Added the input variables to the following services to allow different thresholds to be passed in:
  • Droplet
  • Database
  • Block Storage
  • Kubernetes

To get started, please see [Digitalocean Thrifty Configuration] (https://hub.steampipe.io/mods/turbot/digitalocean_thrifty#configuration). For a list of variables and their default values, please see steampipe.spvars. (#36)

What's new?

• New tables added
  • aws_cloudtrail_lookup_event (#2047)
  • aws_organizations_organizational_unit (#1677)
  • aws_organizations_root (#1677)
  • aws_sns_subscription (#2046)

Note : Table aws_sns_topic_subscription will be changing behaviours in a future release to return results from ListSubscriptionsByTopic instead of ListSubscriptions.

Bug fixes

• Updated the tags to use risk instead of severity to eliminate duplicate column names in output files. (#41)

What's new?

• Added the following controls across the benchmarks: (#51)
  • container_instance_container_group_secure_environment_variable
  • container_registry_zone_redundant_enabled

What's new?

• New tables added
  • aws_appsync_graphql_api (#2027)
  • aws_mq_broker (#2020)

Enhancements

• Added storage_throughput column to aws_rds_db_instance table. (#2010) (Thanks @toddwh50 for the contribution!)
• Added layers column to aws_lambda_function table. (#2008) (Thanks @icaliskanoglu for the contribution!)
• Added tags column to aws_backup_recovery_point and aws_backup_vault tables. (#2033)

Bug fixes

• Custom HTTP client should allow buildable settings through env var options such as AWS_CA_BUNDLE. (#2044)
• Fixed MaxItems in aws_iam_policy and aws_iam_policy_attachment tables to use 1000 instead of 100 to avoid unnecessary API calls. (#2025) (#2026)

Enhancements

• Updated the controls to reference their query using query = rather than sql =. (#25)

Bug fixes

• Fixed the broken network_subnet_to_network_virtual_network edge of the relationship graph in the sql_server_detail dashboard page to correctly reference the network_subnets_for_sql_server query. (#118)

Bug fixes

• Fixed the kubernetes_cluster_upgraded_with_non_vulnerable_version query to correctly check if a Kubernetes cluster is using an outdated software version. (#235)

Bug fixes

• Fixed the plugin to return only static tables instead of an error when the objects config argument is not set or the plugin credentials are not set correctly. (#26)

What's new?

• New tables added
  • reddit_my_saved_post (Thanks @mkell43 for the contribution!)
  • reddit_my_saved_comment (Thanks @mkell43 for the contribution!)

Whats new

• Allow using pprof on FDW when STEAMPIPE_FDW_PPROF environment variable is set. (#368)

Bug fixes

• Set connection state to error if plugin load fails. (#4043)
• Fixes incorrect row count in timing output for aggregator connections. (#402)
• OpenTelemetry metric names must only contain [A-Za-z0-9_.-]. (#369)
• Maintain the order of execution when running multiple queries in batch mode. (#3728)

Enhancements

• Added 61 new controls to the All Controls benchmark across the following services: (#140)
  • CloudFunctions
  • Compute
  • KMS
  • Kubernetes
  • Project
  • SQL
  • Storage

Enhancements

• Added 50 new controls to the All Controls benchmark across the following services: (#736)
  • ACM
  • CloudFront
  • CloudTrail
  • Config
  • DocumentDB
  • EC2
  • ECS
  • EKS
  • ElastiCache
  • ELB
  • EMR
  • Kinesis
  • RDS
  • Redshift
  • S3
  • SNS
  • SQS
  • SSM
  • VPC

What's new?

• New tables added: (Thanks @ajmaradiaga for the new plugin!)
  • btp_accounts_directory
  • btp_accounts_global_account
  • btp_accounts_subaccount
  • btp_entitlements_assignment
  • btp_entitlements_datacenter

Enhancements

• Updated the plugin to use a shared, optimized HTTP client that enhances DNS management and reduces connection floods for more stable and efficient queries. (#2036)

Enhancements

• Updated the plugin's .goreleaser file to build the netgo package only for Darwin systems. (#2029)

114 plugins have been updated to include the following changes:

What's new?

• Query tables directly in Postgres as a native Foreign Data Wrapper.
• Query tables directly in SQLite as a SQLite extension.
• Run as an Export CLI to extract data to files.
• SQLite examples added to table documentation.
• Expanded table documentation, especially to describe example queries.
• Docs license updated to match Steampipe CC BY-NC-ND license.

Dependencies

• Recompiled with steampipe-plugin-sdk v5.8.0 that includes plugin server encapsulation for in-process and GRPC usage, adding Steampipe Plugin SDK version to _ctx column, and fixing connection and potential divide-by-zero bugs.

Whats new

• Added steampipe_plugin_column introspection table to the steampipe_internal schema. (#4003)

Bug fixes

• Fixed issue where a query would return 'null' for an empty result set when output is set to json. (#3955)
• Fixed custom registries bugs.
• Clean up apt temporary files in Dockerfile.

Bug fixes

• Fixed the plugin to correctly return results when environment variables are only used for authentication. (#21)

Bug fixes

• Fixed the invalid Go module path of the plugin. (#15)

Bug fixes

• Fixed the invalid Go module path of the plugin. (#20)

Bug fixes

• Fixed the invalid Go module path of the plugin. (#13)

Bug fixes

• Fixed the invalid Go module path of the plugin. (#43)

Bug fixes

• Fixed the invalid Go module path of the plugin. (#36)

Bug fixes

• Fixed the invalid Go module path of the plugin. (#20)

Bug fixes

• Fixed the invalid Go module path of the plugin. (#26)

What's new?

• New tables added
  • github_repository_sbom (#353) (Thanks @lwakefield for the contribution!)

Enhancements

• Updated the following tables to include support for dynamic GraphQL queries:
  • github_my_star (#369)
  • github_stargazer (#370)
  • github_tag (#371)
  • github_rate_limit (#368)
  • github_community_profile (#367)
  • github_license (#366)
  • github_organization_member (#364)
  • github_team_member (#364)
  • github_user (#364)
  • github_my_team (#363)
  • github_team (#363)
  • github_commit (#362)
  • github_my_organization (#361)
  • github_organization (#361)
  • github_organization_external_identity (#361)
  • github_branch (#360)
  • github_branch_protection (#360)
  • github_repository_collaborator (#365)
  • github_repository_deployment (#365)
  • github_repository_environment (#365)
  • github_repository_vulnerability_alert (#365)
  • github_issue (#359)
  • github_issue_comment (#359)
  • github_pull_request (#359)
  • github_pull_request_comment (#359)
  • github_pull_request_review (#359)

Bug fixes

• Fixed the invalid Go module path of the plugin. (#27)

What's new?

• New tables added: (Thanks @gabrielsoltz for the new plugin!)
  • semgrep_deployment
  • semgrep_finding
  • semgrep_project

What's new?

• Added the following controls across the benchmarks: (#49)
  • bigquery_table_deletion_protection_enabled
  • bigtable_instance_deletion_protection_enabled
  • spanner_database_deletion_protection_enabled
  • spanner_database_drop_protection_enabled

What's new?

• Added the following controls across the benchmarks: (#47)
  • appservice_environment_zone_redundant_enabled
  • appservice_function_app_public_access_disabled
  • appservice_plan_zone_redundant
  • appservice_web_app_public_access_disabled
  • eventhub_namespace_uses_latest_tls_version
  • eventhub_namespace_zone_redundant
  • kubernetes_cluster_critical_pods_on_system_nodes
  • kubernetes_cluster_os_disk_ephemeral
  • redis_cache_standard_replication_enabled
  • sql_database_ledger_enabled
  • sql_database_zone_redundant_enabled

What's new?

• Added the following controls across the benchmarks: (#98)
  • docdb_cluster_backup_retention_period_7
  • lambda_permission_restricted_service_permission
  • neptune_cluster_backup_retention_period_7
  • neptune_cluster_copy_tags_to_snapshot_enabled
  • neptune_cluster_iam_authentication_enabled

Bug fixes

• Fixed the index doc by removing unsupported images. (#334)

Enhancements

• Added the following controls to the All Controls benchmark: (#733)
  • api_gateway_rest_api_public_endpoint_with_authorizer
  • dlm_ebs_snapshot_lifecycle_policy_enabled
  • docdb_cluster_instance_encryption_at_rest_enabled
  • ebs_volume_snapshot_exists
  • elasticache_cluster_no_public_subnet
  • iam_role_no_administrator_access_policy_attached
  • iam_user_access_key_unused_45
  • iam_user_console_access_unused_45
  • neptune_db_cluster_no_public_subnet

Bug fixes

• Fixed missing closing tag in index doc. (#331)

Bug fixes

• Fixed ad_guest_user_reviewed_monthly, iam_deprecated_account_with_owner_roles, iam_external_user_with_read_permission, iam_external_user_with_write_permission, iam_user_not_allowed_to_create_security_group and iam_user_not_allowed_to_register_application queries to remove duplicate benchmark results. (#228)

Bug fixes

• Fixed the plugin brand colour.

What's new?

• New tables added
  • hubspot_blog_post
  • hubspot_company
  • hubspot_contact
  • hubspot_deal
  • hubspot_domain
  • hubspot_hub_db
  • hubspot_owner
  • hubspot_ticket

Bug fixes

• Fixed the plugin to pass the namespace qualifier to the kubernetes API client when querying namespace scoped resources. (#181) (Thanks @pdecat for the contribution!!)

Bug fixes

• Fixed the GetConfig of github_team_repository table to include support for dynamic GraphQL queries. (#379)
• Fixed the example queries in github_commit doc file. (#377)
• Fixed the example queries in github_search_issue doc file to filter out results from the API. (#378)

What's new?

• New tables added
  • gcp_vertex_ai_endpoint (#513)

Bug fixes

• Fixed the retention_policy column of gcp_storage_bucket table to correctly return data instead of null. (#502)

What's new?

• New tables added
  • aws_lambda_event_source_mapping (#1874) (Thanks @nickman for the contribution!)

Enhancements

• Added the resource_record_set_limit column to aws_route53_zone table. (#1969) (Thanks @keyolk for the contribution!)

What's new?

• New tables added
  • jira_issue_comment (#103)
  • jira_issue_worklog (#104)

Enhancements

• Added the properties column to jira_project table. (#105)

Bug fixes

• Fixed typo in the docs/index.md file. (#102) (Thanks @adrfrank for the contribution!)
• Fixed the jira_issue table by enhancing case insensitivity support for the status column. (#90)

What's new?

• Added CIS v3.0.0 benchmark (steampipe check benchmark.cis_v300). (#57)

Breaking Changes

• Removed the following tables using the search API that no longer work due to API limitations. These tables will be added back if functionality can be restored.
  • linkedin_company_employee
  • linkedin_company_past_employee
  • linkedin_connection
  • linkedin_search_company
  • linkedin_search_profile

Bug fixes

• Fixed the compute_firewall_allow_tcp_connections_proxied_by_iap query to correctly include all the ports and source IP ranges. (#128) (Thanks @saisirishreddy for the contribution!)

What's new?

• Encapsulate plugin server so it is possible to use it in-process as well as via GRPC. (#719)
• Add steampipe field to _ctx column, containing sdk version. (#712)

Bug fixes

• Remove plugin has no connections error when deleting and then re-adding a connection. (#725)
• Fix potential divide by zero bug when setting cache size

Enhancements

• Added the dns_mx_dmarc_record_enabled control to the dns_mx_best_practices benchmark. (#20)

Bug fixes

• Fixed dashboard localhost URLs in README and index doc. (#23)

Enhancements

• Added the run_started_at column to github_actions_repository_workflow_run table. (#358) (Thanks @mridang for the contribution!)

What's new?

• New tables added
  • aws_fms_policy (#1851)
  • aws_fms_app_list (#1851)
  • aws_transfer_server (#1909) (Thanks @jramosf for the contribution!)

Enhancements

• Added the features column to aws_guardduty_detector table. (#1958)

What's new?_

• Added the new All Controls benchmark (steampipe check benchmark.all_controls). This new benchmark includes 109 service-specific controls. (#127)

• Updated the plugin dependency section of the following mods to use min_version instead of version:
  • Alicloud Insights
  • AWS Insights
  • AWS Tags
  • Azure Insights
  • Digitalocean Insights
  • Docker Compliance
  • GCP Insights
  • GCP Labels
  • Github Compliance
  • Github Insights
  • Gitlab Insights
  • Hackernews Insights
  • IBM Insights
  • Kubernetes Insights
  • Microsoft 365 Compliance
  • OCI Compliance
  • OCI Insights
  • OCI Thrifty
  • Snowflake Compliance
  • Tailscale Compliance
  • Terraform AWS Compliance
  • Terraform Azure Compliance
  • Terraform GCP Compliance
  • Terraform OCI Compliance
  • Turbot Guardrails Insights

Breaking changes

• Updated the plugin dependency section of the mod to use min_version instead of version. (#82)

Bug fixes

• Updated the docs to include the correct links for the nsa_cisa_v1 benchmark. (#80) (Thanks @aniketh-varma for the contribution!)
• Fixed the following queries to cast the data to boolean format. (#79)
  • cronjob_container_privilege_disabled
  • cronjob_host_network_access_disabled
  • cronjob_hostpid_hostipc_sharing_disabled
  • cronjob_immutable_container_filesystem
  • cronjob_non_root_container
  • daemonset_container_privilege_disabled
  • daemonset_host_network_access_disabled
  • daemonset_hostpid_hostipc_sharing_disabled
  • daemonset_immutable_container_filesystem
  • daemonset_non_root_container
  • deployment_container_privilege_disabled
  • deployment_host_network_access_disabled
  • deployment_hostpid_hostipc_sharing_disabled
  • deployment_immutable_container_filesystem
  • deployment_non_root_container
  • job_container_privilege_disabled
  • job_host_network_access_disabled
  • job_hostpid_hostipc_sharing_disabled
  • job_immutable_container_filesystem
  • job_non_root_container
  • pod_container_privilege_disabled
  • pod_immutable_container_filesystem
  • pod_non_root_container
  • pod_service_account_token_enabled
  • pod_template_container_privilege_disabled
  • pod_template_immutable_container_filesystem
  • replicaset_container_privilege_disabled
  • replicaset_host_network_access_disabled
  • replicaset_hostpid_hostipc_sharing_disabled
  • replicaset_immutable_container_filesystem
  • replicaset_non_root_container
  • replication_controller_container_privilege_disabled
  • replication_controller_host_network_access_disabled
  • replication_controller_hostpid_hostipc_sharing_disabled
  • replication_controller_immutable_container_filesystem
  • replication_controller_non_root_container
  • statefulset_container_privilege_disabled
  • statefulset_host_network_access_disabled
  • statefulset_hostpid_hostipc_sharing_disabled
  • statefulset_immutable_container_filesystem
  • statefulset_non_root_container

Breaking changes

• Updated the plugin dependency section of the mod to use min_version instead of version. (#130)

Bug fixes

• Fixed the kms_key_separation_of_duties_enforced query to ensure that separation of duties is enforced while assigning KMS-related roles to users. (#132)

Breaking changes

• Updated the plugin dependency section of the mod to use min_version instead of version. (#222)

Bug fixes

• Fixed the compute_vm_tcp_udp_access_restricted_internet query to ensure internet-facing virtual machines are protected with network security groups. (#224)

Breaking changes

• Updated the plugin dependency section of the mod to use min_version instead of version. (#34)

Bug fixes

• Fixed the README and index docs to correctly reference the well_architected_framework_security benchmark. (#25)

Breaking changes

• Updated the plugin dependency section of the mod to use min_version instead of version. (#161)
• Renamed the control lambda_function_with_graviton2 to lambda_function_with_graviton in order to maintain consistency. (#158) (Thanks @bluedoors for the contribution!)

Breaking changes

• Updated the plugin dependency section of the mod to use min_version instead of version. (#45)

Bug fixes

• Fixed the README to include correct links to the benchmarks. (#47) (Thanks @vil02 for the contribution!)

Breaking changes

• Updated the plugin dependency section of the mod to use min_version instead of version. (#728)

Enhancements

• Added the following controls to the All Controls benchmark: (#727)
  • glue_connection_ssl_enabled
  • vpc_peering_connection_route_table_least_privilege

Bug fixes

• Fixed the description of the name column in aws_organizations_account table. (#1947) (Thanks @badideasforsale for the contribution!)

Dependencies

• Recompiled plugin with steampipe-plugin-sdk v5.6.3 which addresses the issue of expired credentials being intermittently retained in the connection cache. (#1956)

Bug fixes

• Fixed expired credentials sometimes being left in the connection cache. Update connection cache to use a backing store per connection, rather than a shared backing store. (#699)

What's new?

• New tables added
  • azure_alert_management (#685)
  • azure_databricks_workspace (#692)
  • azure_monitor_activity_log_event (#684)
  • azure_recovery_services_backup_job (#681)

Enhancements

• Added the contact_info column to linkedin_profile table. (#5)

Bug fixes

• Fixed the required quals of github_issue and github_pull_request tables to correctly return data instead of an error. (#355)

What's new

• Updated github_issue, github_my_issue, github_pull_request, github_search_issue, and github_search_pull_request tables to only include nested and user permission columns in GraphQL request when requested. This should result in faster queries and large scale queries completing more consistently. (#342)

Bug fixes

• Fixed vanta_computer table queries failing due to inclusion of deprecated API field requiresLocationServices in fetchDomainEndpoints query. (#19) (Thanks @eric-glb for the contribution!)

What's new?

• The Sentry base URL can now be set through the base_url config argument or SENTRY_URL environment variable. (#11) (Thanks @beudbeud for the contribution!)

What's new?

• The Prometheus address (address) can now be set with the PROMETHEUS_URL environment variable. (#23) (Thanks @beudbeud for the contribution!)

Bug fixes

• Fixed README to include correct reference to the All Controls benchmark. (#218) (Thanks @vil02 for the contribution!)

Enhancements

• Added the following controls to the All Controls benchmark: (#722)
  • athena_workgroup_enforce_configuration_enabled
  • iam_inline_policy_no_administrative_privileges

Bug fixes

• Fixed README to include correct reference to the All Controls benchmark. (#721) (Thanks @vil02 for the contribution!)
• Fixed typos in several compliance control descriptions. (#719) (Thanks @pdecat for the contribution!)

Enhancements

• Improved documentation and descriptions for the aws_iam_role table. (#1940)
• Replaced uses of rand.Seed with latest rand.NewSource. (#1933)

Enhancements

• Added additional dashboard and query docs and updated metadata descriptions in docs. (#323)

What's new?

• Added 11 new controls across the benchmarks for the following services: (#39)
  • Application Gateway
  • Automation
  • Cognitive Search
  • Compute
  • Frontdoor
  • Network
  • PostgreSQL

Bug fixes

• Removed custom plugin level retryer which was unnecessary as the plugin already uses the AWS SDK retryer. (#1932)
• The plugin now retries errors with the error code UnknownError. These are often thrown by services like SNS when performing a large number of requests. (#1932)

The remaining 94 Turbot Steampipe plugins have been updated to use steampipe-plugin-sdk v5.6.2, which prevents nil pointer reference errors for implicit hydrate configs.

Bug fixes

• Fixed queries to correctly return data for connection_name and tags dimensions instead of an error. (#73)

Enhancements

• Updated the following queries to use url as the resource column: (#35)
  • default_branch_all_build_steps_as_code
  • default_branch_pipeline_locks_external_dependencies_for_build_process
  • default_branch_pipeline_must_have_jobs_with_sbom_generation
  • default_branch_pipelines_scan_for_vulnerabilities
  • default_branch_pipelines_scanners_set_to_prevent_sensitive_data
  • org_member_mfa_enabled
  • repo_inactive_members_review
  • repo_deletion_limited_to_trusted_users
  • repo_issue_deletion_limited_to_trusted_users
  • repo_webhook_package_registery_security_settings_enabled

What's new?

• New tables added
  • gcp_artifact_registry_repository (#496)
  • gcp_cloud_run_service (#497)

The following 21 Turbot Steampipe plugins have been updated to use steampipe-plugin-sdk v5.6.2, which prevents nil pointer reference errors for implicit hydrate configs:

• Alibaba Cloud
• AWS CloudFormation
• Azure
• Azure Active Directory
• CSV
• DigitalOcean
• Docker
• Docker Hub
• Exec
• GCP
• GitHub
• IBM Cloud
• Jira
• Microsoft 365
• Net
• Okta
• OpenShift
• Oracle Cloud Infrastructure
• Salesforce
• Turbot Pipes
• Zoom

Breaking changes

• Removed instances column from terraform_resource table. (#64)
• All arguments and lifecycle columns now return null instead of {} if empty. (#64)

Enhancements

• Added address, attributes, and attributes_std columns to terraform_resource table. (#64)

Bug fixes

• Fixed the start_line, end_line and source column values in the terraform_resource table to return correct values regardless of file indentation. (#64)
• Fixed the plugin to check all files even if a non-existent file name is provided in any file_paths config arg. (#67)

Enhancements

• Updated the queries to use the attributes_std and address columns from the terraform_resource table instead of arguments, type and name columns for better support of terraform state files. (#34)

Dependencies

• Terraform plugin v0.10.0 or higher is now required. (#34)

Enhancements

• Updated the queries to use the attributes_std and address columns from the terraform_resource table instead of arguments, type and name columns for better support of terraform state files. (#42)

Dependencies

• Terraform plugin v0.10.0 or higher is now required. (#42)

Enhancements

• Updated the queries to use the attributes_std and address columns from the terraform_resource table instead of arguments, type and name columns for better support of terraform state files. (#35)

Dependencies

• Terraform plugin v0.10.0 or higher is now required. (#35)

Enhancements

• Updated the queries to use the attributes_std and address columns from the terraform_resource table instead of arguments, type and name columns for better support of terraform state files. (#90)

Dependencies

• Terraform plugin v0.10.0 or higher is now required. (#90)

Bug fixes

• Fixed the plugin to prevent crashes when source_types config argument contains manifest but manifest_file_paths is not defined. (#177)

What's new?

• Added 39 new controls for the ClusterRoleBinding, CronJob, DaemonSet, Ingress, Job, Pod resource types to the all_controls benchmark. (#68)

Bug fixes

• Fixed the source_account_id column of aws_securityhub_finding table to correctly return data instead of null. (#1927) (Thanks @gabrielsoltz for the contribution!)
• Fixed the members column of aws_rds_db_cluster table to correctly return data instead of null. (#1926)

Bug fixes

• Added support for the missing mod-location flag to the steampipe variable list command. (#3942)

Bug fixes

• The initialise function is now being called for implicit hydrate configs (i.e. hydrate functions without explicit config), thereby preventing nil pointer reference errors when the hydrate function returns an error. (#683)

Whats new?

• Define rate and concurrency limits for plugin execution. (#3746)
• Define multiple instances of a plugin version using a plugin connection config block. (#3807)
• The maximum memory used by plugins and the CLI can now be specified either in plugin instance definitions or the new plugin options block. (#3807)
• New introspection tables steampipe_plugin and steampipe_plugin_limiter containing all configured plugin instances and limiters. (#3746)
• New introspection table steampipe_server_settings populated with server settings data during service startup. (#3462)
• Running plugin install with no arguments installs all referenced plugins. (#3451)
• New --output flag for plugin list cmd allows selection between json and table output. (#3368)
• Each plugin directory ncontains a version.json which can be used to recompose the global plugin versions.json if it is missing or corrupt. (#3492)
• Typing .cache in interactive prompt shows the current value of cache. (#2439)
• Steampipe commands bypass plugin requirement check if installed plugin is locally built. (#3643)
• New skip-config flag disables writing of default plugin config during plugin installation. (#3531, #2206)
• Logs are now written to file instead of console. (#2916)
• When plugin startup fails, report useful message in the CLI. (#3732)
• Users are warned to not have mod.sp files in home directory. (#2321)
• Updated messaging when service is started on an unavailable port. (#623)
• Log files are rotated if the process is active across date boundaries. (#125, #3825)
• Listen hosts may be selected when starting steampipe service. (#3505)
• Initialisation behaviour for the sample options has been changed: always copy a sample file (default.spc.sample), but only overwrite the default.spc file with the sample content if the existing file has not been modified. (#3431)
• Validation for the workspace profile cache settings. (#3646)
• Support OCI registries requiring authentication. (#2819)
• Compiled with Go 1.21. (#3763)

Bug fixes

• Plugin manager shutdown stalling intermittently due to deadlocks. (#3818)
• Temporary tables dropped in interactive prompt when pool connections recycled. (#3781,#3543)
• service start was not listening on network by default. (#3593)
• Multi line logs from plugins not rendered correctly in plugin logs. (#3678)
• .inspect panicking for long column descriptions. (#3709)
• Interactive prompt crashing when there is a code panic. (#3713)
• Incorrect zsh completion instructions.
• Steampipe should not create export files for cancelled control runs. (#3578)
• BuildFullResourceName not validating non empty arguments. (#3601)
• Spinner not showing when exporting check results. (#3577)
• stdin was consumed by query command even if there are arguments. (#1985)
• When exporting multiple benchmarks, results now merged the results into a single export. (#2380)
• Raise warning when pseudo-resources are ignored because of named HCL resources. (#1328)
• Database reinstalled unnecessarily if any FDW files were missing. (#2040)
• Improved error message when steampipe fails to parse a mod definition file because mod block does not exist. (#1198)
• Only install-dir and workspace flags should be global flags. All other flags should only apply to specific command. (#3542)
• Passing an empty list for list variables was not working. (#2094)
• Show deprecation warning for version field in require block of mod definition.
• Temporary directories were not always being cleaned up after plugin commands.
• plugin list returned nothing if no plugins were installed. (#3927)

Deprecations and migrations

• Table steampipe_connection_state renamed to steampipe_connection
• Removed migration and backward compatibility of data files from v0.13.0. (#3517)
• Removed deprecated workspace-chdir flag. (#3925)
• Migrated from cloud.steampipe.io to pipes.turbot.com. (#3724)
• Removed support for plugins which do not support multiple connections (i.e. using SDK < v4.0.0).
• Deprecated terminal options.

All 115 Turbot Steampipe plugins have been updated to use steampipe-plugin-sdk v5.6.1, which adds support for rate and concurrency limiters.

Limiters provide a simple, flexible interface to implement client-site rate limiting and concurrency thresholds at compile time or run time. You can use limiters to:

• Smooth the request rate from Steampipe to reduce load on the remote API or service
• Limit the number of parallel requests to reduce contention for client and network resources
• Avoid hitting server limits and throttling

For more information on getting started, please see Concurrency and Rate Limiting.

Deprecated

• The source_type config argument has been deprecated and will be removed in the next major version. Please use the source_types config argument instead. If both config arguments are set, source_types will take precedence. For backward compatibility, please see below for old and new value equivalents: (#167)
  • source_type = 'all': source_types = ["deployed", "helm", "manifest"]
  • source_type = 'deployed': source_types = ["deployed"]
  • source_type = 'helm': source_types = ["helm"]
  • source_type = 'manifest': source_types = ["manifest"]

What's new?

• Added the source_types config argument, which allows specifying a combination of source types to load per connection. (#167)

What's new?

• Added 350+ new controls across all resource types to the all_controls benchmark. (#64)

Enhancements

• Added path to default set of common_dimensions, so now any file paths will appear by default in the additional dimensions in control results. (#63)
• Added iac category to mod definition.

Dependencies

• Kubernetes plugin v0.23.0 or higher is now required.

Breaking changes

• Removed the output column in the exec_command table. This column has been replaced by the stdout_output and stderr_output columns. (#13)

What's new?

• Added stdout_output and stderr_output columns to the exec_command table. (#13)
• Added stream column to the exec_command_line table. (#13)
• Added plugin limiter exec_global with MaxConcurrency set to 15 in an effort to reduce abuse reports due to large number of concurrent remote connections. (#13)

Bug fixes

• Results from the exec_command table should now be consistent when using local and remote connections. (#13)

Dependencies

• Recompiled plugin with steampipe-plugin-sdk v5.6.0 which adds support for rate limiters. (#13)
• Recompiled plugin with Go 1.21. (#13)

What's new?

• Added CIS v1.6.0 benchmark (steampipe check docker_compliance.benchmark.cis_v160). (#4)

Enhancements

• Updated the Makefile to build the netgo package only for Darwin systems. (#1918)
• Added the configuration_settings column to aws_elastic_beanstalk_environment table. (#1916)

Bug fixes

• Fixed the table aws_dynamodb_backup to return nil instead of an error when backup does not exist. (#1914)

What's new?

• SetConnectionCacheOptions, a new GRPC endpoint to clear connection cache. (#678)

Enhancements

• Added the last_successful_login_time column to oci_identity_user table. (#547)

Enhancements

• Added the department column to azuread_user table. (#132)

Bug fixes

• Fixed the title column in azuread_device and azuread_user tables to correctly return data instead of null. (#134)

What's new?

• Define rate and concurrency limits for plugin execution. (#623)
• Diagnostics property added to _ctx column, containing information on hydrate calls and rate limiting (enabled by setting env var STEAMPIPE_DIAGNOSTIC_LEVEL=all)
• Support for JSONB operators in List hydrate functions. (#594)
• Type property added to ConnectionConfig protobuf definition to determine if a connection is an aggregator. (#590)
• When plugin startup fails, write a specially formatted string to stdout so plugin manager can parse the output and display a useful message. (#619)
• Support for multi-line log entries. (#612)
• Added Equals function for QualValue. (#646)

What's new?

• New tables added
  • kubernetes_pod_template (#170)

Enhancements

• Added 112 new controls to the All Controls benchmark for the following services: (#59)
  • CronJob
  • DaemonSet
  • Deployment
  • Job
  • Pod
  • ReplicaSet
  • ReplicationController
  • StatefulSet

What's new?

• Added support for querying on-premise Jira instances. This can be done by setting the personal_access_token config argument in the jira.spc file. (#86) (Thanks @juandspy for the contribution!)

Bug fixes

• Empty values will no longer be cached incorrectly for the github_my_repository, github_repository, and github_search_repository tables. (#340)
• Fixed github_team_repository table to include support for dynamic GraphQL queries. (#339)

What's new

• Update github_my_repository, github_repository, and github_search_repository tables to only include requested columns in GraphQL request. This should result in faster queries and large scale queries completing more consistently. (#338)

Dependencies

• Recompiled plugin with Go 1.21. (#338)

Bug fixes

• Fixed github_search_repository table queries failing when selecting the has_downloads, has_pages, hooks, network_count, subscribers_count, or topics columns. (#337)

Bug fixes

• Fixed the invalid memory address or nil pointer dereference errors when querying Terraform configuration or plan or state files that included null valued arguments. (#56)

Enhancements

• Added 90 new controls to the All Controls benchmark for the following services: (#56)
  • CronJob
  • DaemonSet
  • Deployment
  • Job
  • Pod
  • ReplicaSet
  • ReplicationController
  • StatefulSet

Bug fixes

• Fixed the role_with_wildcards_used control to correctly return data instead of an error. (#54)

Bug fixes

• Fixed the plugin to return nil instead of an error when the file/path specified in dockerfile_paths or docker_compose_file_paths config arguments does not exist. (#38)

Bug fixes

• Added the missing resource column in the queries of glue_data_catalog_encryption_settings_metadata_encryption_enabled and glue_data_catalog_encryption_settings_password_encryption_enabled controls. (#715)

Enhancements

• Added the resource_object and object columns to guardrails_notification and guardrails_resource tables respectively. (#7)

Bug fixes

• Added the missing S3 go-getter examples in the docs/index.md file.

Bug fixes

• Fixed the data type of capacity_reservation_specification column of aws_ec2_instance table to be of JSON type instead of STRING. (#1903)

Enhancements

• Added the iam_workload_identity_restricted control to the IAM benchmark. (#38)

Breaking changes

• Removed the dms_s3_endpoint_encryption_in_transit_enabled control from the DMS benchmark. (#84)

Enhancements

• Added the vpc_transfer_server_allows_only_secure_protocols control to the VPC benchmark. (#84)

Deprecations

• Deprecated domain column in net_certificate table, which has been replaced by the address column. Please note that the address column requires a port, e.g., github.com:443. This column will be removed in a future version. (#50)

What's new?

• Added address column to the net_certificate table to allow specifying a port with the domain name. (#50)

Bug fixes

• Updated the bitbucket.spc and index.md files to include details of BITBUCKET_USERNAME, BITBUCKET_PASSWORD, and BITBUCKET_API_BASE_URL environment variables. (#77)