Improve table docs (#700)

Co-authored-by: misraved <[email protected]>

.github/workflows/steampipe-anywhere.yml

@@ -0,0 +1,12 @@
+name: Release Steampipe Anywhere Components
+
+on:
+  push:
+    tags:
+      - 'v*'
+
+
+jobs:
+  anywhere_publish_workflow:
+    uses: turbot/steampipe-workflows/.github/workflows/steampipe-anywhere.yml@main
+    secrets: inherit

README.md

@@ -23,6 +23,18 @@ Run a query:
 select name, disk_state from azure_compute_disk where disk_state = 'Unattached'
 ```
 
+## Engines
+
+This plugin is available for the following engines:
+
+| Engine        | Description
+|---------------|------------------------------------------
+| [Steampipe](https://steampipe.io/docs) | The Steampipe CLI exposes APIs and services as a high-performance relational database, giving you the ability to write SQL-based queries to explore dynamic data. Mods extend Steampipe's capabilities with dashboards, reports, and controls built with simple HCL. The Steampipe CLI is a turnkey solution that includes its own Postgres database, plugin management, and mod support.
+| [Postgres FDW](https://steampipe.io/docs/steampipe_postgres/index) | Steampipe Postgres FDWs are native Postgres Foreign Data Wrappers that translate APIs to foreign tables. Unlike Steampipe CLI, which ships with its own Postgres server instance, the Steampipe Postgres FDWs can be installed in any supported Postgres database version.
+| [SQLite Extension](https://steampipe.io/docs//steampipe_sqlite/index) | Steampipe SQLite Extensions provide SQLite virtual tables that translate your queries into API calls, transparently fetching information from your API or service as you request it.
+| [Export](https://steampipe.io/docs/steampipe_export/index) | Steampipe Plugin Exporters provide a flexible mechanism for exporting information from cloud services and APIs. Each exporter is a stand-alone binary that allows you to extract data using Steampipe plugins without a database.
+| [Turbot Pipes](https://turbot.com/pipes/docs) | Turbot Pipes is the only intelligence, automation & security platform built specifically for DevOps. Pipes provide hosted Steampipe database instances, shared dashboards, snapshots, and more.
+
 ## Developing
 
 Prerequisites:
@@ -62,11 +74,17 @@ Further reading:
 - [Writing plugins](https://steampipe.io/docs/develop/writing-plugins)
 - [Writing your first table](https://steampipe.io/docs/develop/writing-your-first-table)
 
-## Contributing
+## Open Source & Contributing
+
+This repository is published under the [Apache 2.0](https://www.apache.org/licenses/LICENSE-2.0) (source code) and [CC BY-NC-ND](https://creativecommons.org/licenses/by-nc-nd/2.0/) (docs) licenses. Please see our [code of conduct](https://github.com/turbot/.github/blob/main/CODE_OF_CONDUCT.md). We look forward to collaborating with you!
+
+[Steampipe](https://steampipe.io) is a product produced from this open source software, exclusively by [Turbot HQ, Inc](https://turbot.com). It is distributed under our commercial terms. Others are allowed to make their own distribution of the software, but cannot use any of the Turbot trademarks, cloud services, etc. You can learn more in our [Open Source FAQ](https://turbot.com/open-source).
+
+## Get Involved
 
-Please see the [contribution guidelines](https://github.com/turbot/steampipe/blob/main/CONTRIBUTING.md) and our [code of conduct](https://github.com/turbot/steampipe/blob/main/CODE_OF_CONDUCT.md). All contributions are subject to the [Apache 2.0 open source license](https://github.com/turbot/steampipe-plugin-azure/blob/main/LICENSE).
+**[Join #steampipe on Slack →](https://turbot.com/community/join)**
 
-`help wanted` issues:
+Want to help but don't know where to start? Pick up one of the `help wanted` issues:
 
 - [Steampipe](https://github.com/turbot/steampipe/labels/help%20wanted)
 - [Azure Plugin](https://github.com/turbot/steampipe-plugin-azure/labels/help%20wanted)

docs/index.md

@@ -8,6 +8,7 @@ name: "azure"
 description: "Steampipe plugin for querying resource groups, virtual machines, storage accounts and more from Azure."
 og_description: "Query Azure with SQL! Open source CLI. No DB required."
 og_image: "/images/plugins/turbot/azure-social-graphic.png"
+engines: ["steampipe", "sqlite", "postgres", "export"]
 ---
 
 # Azure + Steampipe
@@ -326,7 +327,4 @@ connection "azure" {
 }
 ```
 
-## Get involved
 
-- Open source: https://github.com/turbot/steampipe-plugin-azure
-- Community: [Join #steampipe on Slack →](https://turbot.com/community/join)

docs/tables/azure_ad_group.md

@@ -1,14 +1,22 @@
-# Table: azure_ad_group
+---
+title: "Steampipe Table: azure_ad_group - Query Azure Active Directory Groups using SQL"
+description: "Allows users to query Azure Active Directory Groups, providing insights into group details, including identification, membership, and associated metadata."
+---
 
-**Deprecated. Use [azuread_group](https://hub.steampipe.io/plugins/turbot/azuread/tables/azuread_group) instead.**
+# Table: azure_ad_group - Query Azure Active Directory Groups using SQL
 
-Azure Active Directory groups is used to manage access to your cloud-based apps, on-premises apps, and your resources.
+Azure Active Directory (Azure AD) is Microsoft's cloud-based identity and access management service. It helps your employees sign in and access resources in external resources, such as Microsoft Office 365, the Azure portal, and thousands of other SaaS applications. Azure AD Groups are collections of users and can be used to simplify the assignment of access rights to resources in Azure AD.
+
+## Table Usage Guide
+
+The `azure_ad_group` table provides insights into Azure Active Directory Groups within Microsoft Azure. As a system administrator, explore group-specific details through this table, including identification, membership, and associated metadata. Utilize it to manage access to resources, understand group composition, and maintain security compliance across your organization.
 
 ## Examples
 
 ### Basic info
+Explore the groups within your Azure Active Directory to determine which ones have email capabilities enabled. This is useful for auditing purposes, ensuring that only necessary groups have email functions activated.
 
-```sql
+```sql+postgres
 select
   display_name,
   object_id,
@@ -19,10 +27,21 @@ from
   azure_ad_group;
 ```
 
+```sql+sqlite
+select
+  display_name,
+  object_id,
+  mail,
+  mail_enabled,
+  mail_nickname
+from
+  azure_ad_group;
+```
 
 ### List of AD groups where security is not enabled
+Determine the areas in which the security feature is not enabled in your Azure Active Directory groups. This can be useful for identifying potential vulnerabilities and taking corrective action to enhance your system's security.
 
-```sql
+```sql+postgres
 select
   display_name,
   object_id,
@@ -33,10 +52,21 @@ where
   not security_enabled;
 ```
 
+```sql+sqlite
+select
+  display_name,
+  object_id,
+  security_enabled
+from
+  azure_ad_group
+where
+  security_enabled = 0;
+```
 
 ### List of AD groups where mail is not enabled
+Explore which Azure Active Directory groups do not have mail enabled. This is useful to identify potential communication gaps within your organization.
 
-```sql
+```sql+postgres
 select
   display_name,
   mail,
@@ -46,3 +76,14 @@ from
 where
   not mail_enabled;
 ```
+
+```sql+sqlite
+select
+  display_name,
+  mail,
+  mail_enabled
+from
+  azure_ad_group
+where
+  mail_enabled is not 1;
+```

docs/tables/azure_ad_service_principal.md

@@ -1,14 +1,22 @@
-# Table: azure_ad_service_principal
+---
+title: "Steampipe Table: azure_ad_service_principal - Query Azure Active Directory Service Principals using SQL"
+description: "Allows users to query Azure Active Directory Service Principals, specifically the details about the service principals in the Azure Active Directory."
+---
 
-**Deprecated. Use [azuread_service_principal](https://hub.steampipe.io/plugins/turbot/azuread/tables/azuread_service_principal) instead.**
+# Table: azure_ad_service_principal - Query Azure Active Directory Service Principals using SQL
 
-An Azure service principal is an identity created for use with applications, hosted services, and automated tools to access Azure resources.
+An Azure Active Directory Service Principal is a security identity used by user-created applications, services, and automation tools to access specific Azure resources. It allows these resources to be secured by using Azure AD role-based access control. This identity is used to authenticate to Azure AD and obtain tokens to access resources.
+
+## Table Usage Guide
+
+The `azure_ad_service_principal` table provides insights into Service Principals within Azure Active Directory. As a Security Engineer, utilize this table to explore details about service principals, including their app roles, display names, and associated metadata. Use it to uncover information about service principals, such as those with specific permissions, their associated application IDs, and the verification of OAuth2 permissions.
 
 ## Examples
 
 ### List of ad service principals where service principal account is disabled
+Determine the areas in which Azure ad service principals are disabled. This can be useful for identifying potential security risks or troubleshooting access issues.
 
-```sql
+```sql+postgres
 select
   object_id,
   object_type,
@@ -20,10 +28,22 @@ where
   not account_enabled;
 ```
 
+```sql+sqlite
+select
+  object_id,
+  object_type,
+  display_name,
+  account_enabled
+from
+  azure_ad_service_principal
+where
+  account_enabled = 0;
+```
 
 ### List of ad service principals where app role assignment is not required
+Identify instances where ad service principals in Azure do not require an app role assignment. This can be useful to streamline access control and reduce unnecessary role assignments.
 
-```sql
+```sql+postgres
 select
   object_id,
   display_name,
@@ -34,10 +54,21 @@ where
   not app_role_assignment_required;
 ```
 
+```sql+sqlite
+select
+  object_id,
+  display_name,
+  app_role_assignment_required
+from
+  azure_ad_service_principal
+where
+  app_role_assignment_required = 0;
+```
 
 ### Application role info of service principals
+Explore the roles assigned to service principals within your Azure Active Directory. This query helps in understanding the permissions and access controls for each service principal, thereby assisting in maintaining secure and efficient system operations.
 
-```sql
+```sql+postgres
 select
   object_id,
   approle ->> 'allowedMemberTypes' as allowed_member_types,
@@ -51,10 +82,24 @@ from
   cross join jsonb_array_elements(app_roles) as approle;
 ```
 
+```sql+sqlite
+select
+  object_id,
+  json_extract(approle.value, '$.allowedMemberTypes') as allowed_member_types,
+  json_extract(approle.value, '$.description') as description,
+  json_extract(approle.value, '$.displayName') as display_name,
+  json_extract(approle.value, '$.isEnabled') as isEnabled,
+  json_extract(approle.value, '$.id') as id,
+  json_extract(approle.value, '$.value') as id
+from
+  azure_ad_service_principal,
+  json_each(app_roles) as approle;
+```
 
 ### Oauth 2.0 permission info of ad service principal
+This query is useful for gaining insights into the permissions associated with your Azure advertising service principal. It allows you to assess whether certain permissions are enabled and understand their specific descriptions and display names, helping to maintain proper access control in your Azure environment.
 
-```sql
+```sql+postgres
 select
   object_id,
   perm ->> 'adminConsentDescription' as admin_consent_description,
@@ -67,3 +112,17 @@ from
   azure_ad_service_principal
   cross join jsonb_array_elements(oauth2_permissions) as perm;
 ```
+
+```sql+sqlite
+select
+  object_id,
+  json_extract(perm.value, '$.adminConsentDescription') as admin_consent_description,
+  json_extract(perm.value, '$.adminConsentDisplayName') as admin_consent_display_name,
+  json_extract(perm.value, '$.id') as id,
+  json_extract(perm.value, '$.isEnabled') as is_enabled,
+  json_extract(perm.value, '$.type') as type,
+  json_extract(perm.value, '$.value') as value
+from
+  azure_ad_service_principal,
+  json_each(oauth2_permissions) as perm;
+```

docs/tables/azure_ad_user.md

@@ -1,14 +1,22 @@
-# Table: azure_ad_user
+---
+title: "Steampipe Table: azure_ad_user - Query Azure Active Directory Users using SQL"
+description: "Allows users to query Azure Active Directory Users, providing details of user profiles including user details, email addresses, and department information."
+---
 
-**Deprecated. Use [azuread_user](https://hub.steampipe.io/plugins/turbot/azuread/tables/azuread_user) instead.**
+# Table: azure_ad_user - Query Azure Active Directory Users using SQL
 
-Azure Active Directory (Azure AD) is Microsoft's cloud-based identity and access management service, which helps employees sign in and access resources.
+Azure Active Directory (Azure AD) is Microsoft's cloud-based identity and access management service. It helps your employees sign in and access resources in external resources, such as Microsoft Office 365, the Azure portal, and thousands of other SaaS applications. Azure AD also includes a full suite of identity management capabilities including multi-factor authentication, device registration, role-based access control, user provisioning, and more.
+
+## Table Usage Guide
+
+The `azure_ad_user` table provides insights into user profiles within Azure Active Directory. As a system administrator, explore user-specific details through this table, including user details, email addresses, and department information. Utilize it to uncover information about users, such as their roles, access controls, and associated metadata.
 
 ## Examples
 
 ### Basic active directory user info
+Determine the areas in which active directory users are currently active within the Azure environment. This query is beneficial in managing user access and maintaining security standards.
 
-```sql
+```sql+postgres
 select
   display_name,
   user_principal_name,
@@ -20,10 +28,22 @@ from
   azure_ad_user;
 ```
 
+```sql+sqlite
+select
+  display_name,
+  user_principal_name,
+  given_name,
+  mail,
+  account_enabled,
+  object_id
+from
+  azure_ad_user;
+```
 
 ### List of guest users in the active directory
+Identify instances where guest users are present in the active directory to maintain security and access control. This query is useful in managing permissions and keeping track of external users in your system.
 
-```sql
+```sql+postgres
 select
   display_name,
   user_principal_name,
@@ -36,10 +56,23 @@ where
   user_type = 'Guest';
 ```
 
+```sql+sqlite
+select
+  display_name,
+  user_principal_name,
+  mail,
+  user_type,
+  usage_location
+from
+  azure_ad_user
+where
+  user_type = 'Guest';
+```
 
 ### Password profile info of each user
+This example helps in understanding the password policies applied to each user within the Azure Active Directory. It aids in determining whether users are required to change their passwords at their next login or if the password change policy is enforced, thereby assisting in maintaining security standards.
 
-```sql
+```sql+postgres
 select
   display_name,
   user_principal_name,
@@ -49,3 +82,12 @@ from
   azure_ad_user;
 ```
 
+```sql+sqlite
+select
+  display_name,
+  user_principal_name,
+  json_extract(additional_properties, '$.passwordProfile.enforceChangePasswordPolicy') as enforce_change_password_policy,
+  json_extract(additional_properties, '$.passwordProfile.forceChangePasswordNextLogin') as change_password_next_login
+from
+  azure_ad_user;
+```