From 8a0545092bcb3800cd338832a5bda06913c0192f Mon Sep 17 00:00:00 2001 From: Madhushree Ray Date: Tue, 12 Dec 2023 13:16:45 +0530 Subject: [PATCH] Improve table docs (#700) Co-authored-by: misraved --- .github/workflows/steampipe-anywhere.yml | 12 + README.md | 24 +- docs/LICENSE | 402 ++++++++++++++++++ docs/index.md | 4 +- docs/tables/azure_ad_group.md | 53 ++- docs/tables/azure_ad_service_principal.md | 73 +++- docs/tables/azure_ad_user.md | 54 ++- docs/tables/azure_alert_management.md | 106 ++++- docs/tables/azure_api_management.md | 61 ++- docs/tables/azure_app_configuration.md | 81 +++- docs/tables/azure_app_service_environment.md | 54 ++- docs/tables/azure_app_service_function_app.md | 66 ++- docs/tables/azure_app_service_plan.md | 57 ++- docs/tables/azure_app_service_web_app.md | 130 +++++- docs/tables/azure_app_service_web_app_slot.md | 139 +++++- docs/tables/azure_application_gateway.md | 108 ++++- docs/tables/azure_application_insight.md | 75 +++- .../azure_application_security_group.md | 37 +- docs/tables/azure_automation_account.md | 59 ++- docs/tables/azure_automation_variable.md | 82 +++- docs/tables/azure_bastion_host.md | 79 +++- docs/tables/azure_batch_account.md | 45 +- docs/tables/azure_cognitive_account.md | 79 +++- docs/tables/azure_compute_availability_set.md | 50 ++- docs/tables/azure_compute_disk.md | 79 +++- docs/tables/azure_compute_disk_access.md | 43 +- .../azure_compute_disk_encryption_set.md | 49 ++- .../azure_compute_disk_metric_read_ops.md | 51 ++- ...zure_compute_disk_metric_read_ops_daily.md | 51 ++- ...ure_compute_disk_metric_read_ops_hourly.md | 51 ++- .../azure_compute_disk_metric_write_ops.md | 54 ++- ...ure_compute_disk_metric_write_ops_daily.md | 51 ++- ...re_compute_disk_metric_write_ops_hourly.md | 51 ++- docs/tables/azure_compute_image.md | 53 ++- docs/tables/azure_compute_resource_sku.md | 54 ++- docs/tables/azure_compute_snapshot.md | 44 +- docs/tables/azure_compute_ssh_key.md | 39 +- docs/tables/azure_compute_virtual_machine.md | 163 ++++++- ..._virtual_machine_metric_cpu_utilization.md | 54 ++- ...al_machine_metric_cpu_utilization_daily.md | 51 ++- ...l_machine_metric_cpu_utilization_hourly.md | 51 ++- ...azure_compute_virtual_machine_scale_set.md | 44 +- ...ual_machine_scale_set_network_interface.md | 75 +++- ...re_compute_virtual_machine_scale_set_vm.md | 79 +++- docs/tables/azure_container_group.md | 115 ++++- docs/tables/azure_container_registry.md | 69 ++- docs/tables/azure_cosmosdb_account.md | 133 +++++- .../tables/azure_cosmosdb_mongo_collection.md | 86 +++- docs/tables/azure_cosmosdb_mongo_database.md | 56 ++- ...re_cosmosdb_restorable_database_account.md | 68 ++- docs/tables/azure_cosmosdb_sql_database.md | 51 ++- docs/tables/azure_data_factory.md | 55 ++- docs/tables/azure_data_factory_dataset.md | 41 +- docs/tables/azure_data_factory_pipeline.md | 27 +- .../azure_data_lake_analytics_account.md | 57 ++- docs/tables/azure_data_lake_store.md | 56 ++- docs/tables/azure_databox_edge_device.md | 42 +- docs/tables/azure_databricks_workspace.md | 96 ++++- docs/tables/azure_diagnostic_setting.md | 89 +++- docs/tables/azure_dns_zone.md | 54 ++- docs/tables/azure_eventgrid_domain.md | 56 ++- docs/tables/azure_eventgrid_topic.md | 56 ++- docs/tables/azure_eventhub_namespace.md | 90 +++- docs/tables/azure_express_route_circuit.md | 54 ++- docs/tables/azure_firewall.md | 59 ++- docs/tables/azure_firewall_policy.md | 103 ++++- docs/tables/azure_frontdoor.md | 117 ++++- docs/tables/azure_hdinsight_cluster.md | 81 +++- docs/tables/azure_healthcare_service.md | 91 +++- docs/tables/azure_hpc_cache.md | 57 ++- docs/tables/azure_hybrid_compute_machine.md | 44 +- ...ure_hybrid_kubernetes_connected_cluster.md | 44 +- docs/tables/azure_iothub.md | 41 +- docs/tables/azure_iothub_dps.md | 41 +- docs/tables/azure_key_vault.md | 102 ++++- docs/tables/azure_key_vault_deleted_vault.md | 43 +- docs/tables/azure_key_vault_key.md | 86 +++- docs/tables/azure_key_vault_key_version.md | 71 +++- ..._vault_managed_hardware_security_module.md | 42 +- docs/tables/azure_key_vault_secret.md | 86 +++- docs/tables/azure_kubernetes_cluster.md | 75 +++- .../azure_kubernetes_service_version.md | 101 ++++- docs/tables/azure_kusto_cluster.md | 72 +++- docs/tables/azure_lb.md | 43 +- docs/tables/azure_lb_backend_address_pool.md | 42 +- docs/tables/azure_lb_nat_rule.md | 57 ++- docs/tables/azure_lb_outbound_rule.md | 59 ++- docs/tables/azure_lb_probe.md | 58 ++- docs/tables/azure_lb_rule.md | 57 ++- docs/tables/azure_location.md | 35 +- docs/tables/azure_log_alert.md | 41 +- docs/tables/azure_log_profile.md | 26 +- docs/tables/azure_logic_app_workflow.md | 56 ++- .../azure_machine_learning_workspace.md | 56 ++- docs/tables/azure_management_group.md | 54 ++- docs/tables/azure_management_lock.md | 27 +- docs/tables/azure_mariadb_server.md | 73 +++- .../azure_monitor_activity_log_event.md | 164 ++++++- docs/tables/azure_mssql_elasticpool.md | 43 +- docs/tables/azure_mssql_managed_instance.md | 66 ++- docs/tables/azure_mssql_virtual_machine.md | 44 +- docs/tables/azure_mysql_flexible_server.md | 143 ++++++- docs/tables/azure_mysql_server.md | 232 +++++++++- docs/tables/azure_nat_gateway.md | 61 ++- docs/tables/azure_network_interface.md | 50 ++- docs/tables/azure_network_security_group.md | 64 ++- docs/tables/azure_network_watcher.md | 37 +- docs/tables/azure_network_watcher_flow_log.md | 68 ++- docs/tables/azure_policy_assignment.md | 52 ++- docs/tables/azure_policy_definition.md | 43 +- .../azure_postgresql_flexible_server.md | 74 +++- docs/tables/azure_postgresql_server.md | 138 +++++- docs/tables/azure_private_dns_zone.md | 51 ++- docs/tables/azure_provider.md | 38 +- docs/tables/azure_public_ip.md | 46 +- .../azure_recovery_services_backup_job.md | 48 ++- docs/tables/azure_recovery_services_vault.md | 42 +- docs/tables/azure_redis_cache.md | 75 +++- docs/tables/azure_resource_group.md | 37 +- docs/tables/azure_resource_link.md | 42 +- docs/tables/azure_role_assignment.md | 56 ++- docs/tables/azure_role_definition.md | 124 +++++- docs/tables/azure_route_table.md | 48 ++- docs/tables/azure_search_service.md | 43 +- ...azure_security_center_auto_provisioning.md | 41 +- .../azure_security_center_automation.md | 64 ++- docs/tables/azure_security_center_contact.md | 41 +- ...curity_center_jit_network_access_policy.md | 29 +- docs/tables/azure_security_center_setting.md | 39 +- .../azure_security_center_sub_assessment.md | 84 +++- ...re_security_center_subscription_pricing.md | 39 +- docs/tables/azure_service_fabric_cluster.md | 94 +++- docs/tables/azure_servicebus_namespace.md | 115 ++++- docs/tables/azure_signalr_service.md | 60 ++- docs/tables/azure_spring_cloud_service.md | 46 +- docs/tables/azure_sql_database.md | 61 ++- docs/tables/azure_sql_server.md | 103 ++++- docs/tables/azure_storage_account.md | 183 +++++++- docs/tables/azure_storage_blob.md | 56 ++- docs/tables/azure_storage_blob_service.md | 72 +++- docs/tables/azure_storage_container.md | 119 +++++- docs/tables/azure_storage_queue.md | 37 +- docs/tables/azure_storage_share_file.md | 67 ++- docs/tables/azure_storage_sync.md | 59 ++- docs/tables/azure_storage_table.md | 28 +- docs/tables/azure_storage_table_service.md | 43 +- docs/tables/azure_stream_analytics_job.md | 44 +- docs/tables/azure_subnet.md | 64 ++- docs/tables/azure_subscription.md | 29 +- docs/tables/azure_synapse_workspace.md | 89 +++- docs/tables/azure_tenant.md | 30 +- docs/tables/azure_virtual_network.md | 54 ++- docs/tables/azure_virtual_network_gateway.md | 45 +- 153 files changed, 9412 insertions(+), 860 deletions(-) create mode 100644 .github/workflows/steampipe-anywhere.yml create mode 100644 docs/LICENSE diff --git a/.github/workflows/steampipe-anywhere.yml b/.github/workflows/steampipe-anywhere.yml new file mode 100644 index 00000000..05092d63 --- /dev/null +++ b/.github/workflows/steampipe-anywhere.yml @@ -0,0 +1,12 @@ +name: Release Steampipe Anywhere Components + +on: + push: + tags: + - 'v*' + + +jobs: + anywhere_publish_workflow: + uses: turbot/steampipe-workflows/.github/workflows/steampipe-anywhere.yml@main + secrets: inherit diff --git a/README.md b/README.md index 14390051..38a0520f 100644 --- a/README.md +++ b/README.md @@ -23,6 +23,18 @@ Run a query: select name, disk_state from azure_compute_disk where disk_state = 'Unattached' ``` +## Engines + +This plugin is available for the following engines: + +| Engine | Description +|---------------|------------------------------------------ +| [Steampipe](https://steampipe.io/docs) | The Steampipe CLI exposes APIs and services as a high-performance relational database, giving you the ability to write SQL-based queries to explore dynamic data. Mods extend Steampipe's capabilities with dashboards, reports, and controls built with simple HCL. The Steampipe CLI is a turnkey solution that includes its own Postgres database, plugin management, and mod support. +| [Postgres FDW](https://steampipe.io/docs/steampipe_postgres/index) | Steampipe Postgres FDWs are native Postgres Foreign Data Wrappers that translate APIs to foreign tables. Unlike Steampipe CLI, which ships with its own Postgres server instance, the Steampipe Postgres FDWs can be installed in any supported Postgres database version. +| [SQLite Extension](https://steampipe.io/docs//steampipe_sqlite/index) | Steampipe SQLite Extensions provide SQLite virtual tables that translate your queries into API calls, transparently fetching information from your API or service as you request it. +| [Export](https://steampipe.io/docs/steampipe_export/index) | Steampipe Plugin Exporters provide a flexible mechanism for exporting information from cloud services and APIs. Each exporter is a stand-alone binary that allows you to extract data using Steampipe plugins without a database. +| [Turbot Pipes](https://turbot.com/pipes/docs) | Turbot Pipes is the only intelligence, automation & security platform built specifically for DevOps. Pipes provide hosted Steampipe database instances, shared dashboards, snapshots, and more. + ## Developing Prerequisites: @@ -62,11 +74,17 @@ Further reading: - [Writing plugins](https://steampipe.io/docs/develop/writing-plugins) - [Writing your first table](https://steampipe.io/docs/develop/writing-your-first-table) -## Contributing +## Open Source & Contributing + +This repository is published under the [Apache 2.0](https://www.apache.org/licenses/LICENSE-2.0) (source code) and [CC BY-NC-ND](https://creativecommons.org/licenses/by-nc-nd/2.0/) (docs) licenses. Please see our [code of conduct](https://github.com/turbot/.github/blob/main/CODE_OF_CONDUCT.md). We look forward to collaborating with you! + +[Steampipe](https://steampipe.io) is a product produced from this open source software, exclusively by [Turbot HQ, Inc](https://turbot.com). It is distributed under our commercial terms. Others are allowed to make their own distribution of the software, but cannot use any of the Turbot trademarks, cloud services, etc. You can learn more in our [Open Source FAQ](https://turbot.com/open-source). + +## Get Involved -Please see the [contribution guidelines](https://github.com/turbot/steampipe/blob/main/CONTRIBUTING.md) and our [code of conduct](https://github.com/turbot/steampipe/blob/main/CODE_OF_CONDUCT.md). All contributions are subject to the [Apache 2.0 open source license](https://github.com/turbot/steampipe-plugin-azure/blob/main/LICENSE). +**[Join #steampipe on Slack →](https://turbot.com/community/join)** -`help wanted` issues: +Want to help but don't know where to start? Pick up one of the `help wanted` issues: - [Steampipe](https://github.com/turbot/steampipe/labels/help%20wanted) - [Azure Plugin](https://github.com/turbot/steampipe-plugin-azure/labels/help%20wanted) diff --git a/docs/LICENSE b/docs/LICENSE new file mode 100644 index 00000000..236ac28a --- /dev/null +++ b/docs/LICENSE @@ -0,0 +1,402 @@ +Attribution-NonCommercial-NoDerivatives 4.0 International + +======================================================================= + +Creative Commons Corporation ("Creative Commons") is not a law firm and +does not provide legal services or legal advice. Distribution of +Creative Commons public licenses does not create a lawyer-client or +other relationship. Creative Commons makes its licenses and related +information available on an "as-is" basis. Creative Commons gives no +warranties regarding its licenses, any material licensed under their +terms and conditions, or any related information. Creative Commons +disclaims all liability for damages resulting from their use to the +fullest extent possible. + +Using Creative Commons Public Licenses + +Creative Commons public licenses provide a standard set of terms and +conditions that creators and other rights holders may use to share +original works of authorship and other material subject to copyright +and certain other rights specified in the public license below. The +following considerations are for informational purposes only, are not +exhaustive, and do not form part of our licenses. + + Considerations for licensors: Our public licenses are + intended for use by those authorized to give the public + permission to use material in ways otherwise restricted by + copyright and certain other rights. Our licenses are + irrevocable. Licensors should read and understand the terms + and conditions of the license they choose before applying it. + Licensors should also secure all rights necessary before + applying our licenses so that the public can reuse the + material as expected. Licensors should clearly mark any + material not subject to the license. This includes other CC- + licensed material, or material used under an exception or + limitation to copyright. More considerations for licensors: + wiki.creativecommons.org/Considerations_for_licensors + + Considerations for the public: By using one of our public + licenses, a licensor grants the public permission to use the + licensed material under specified terms and conditions. If + the licensor's permission is not necessary for any reason--for + example, because of any applicable exception or limitation to + copyright--then that use is not regulated by the license. Our + licenses grant only permissions under copyright and certain + other rights that a licensor has authority to grant. Use of + the licensed material may still be restricted for other + reasons, including because others have copyright or other + rights in the material. A licensor may make special requests, + such as asking that all changes be marked or described. + Although not required by our licenses, you are encouraged to + respect those requests where reasonable. More considerations + for the public: + wiki.creativecommons.org/Considerations_for_licensees + +======================================================================= + +Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 +International Public License + +By exercising the Licensed Rights (defined below), You accept and agree +to be bound by the terms and conditions of this Creative Commons +Attribution-NonCommercial-NoDerivatives 4.0 International Public +License ("Public License"). To the extent this Public License may be +interpreted as a contract, You are granted the Licensed Rights in +consideration of Your acceptance of these terms and conditions, and the +Licensor grants You such rights in consideration of benefits the +Licensor receives from making the Licensed Material available under +these terms and conditions. + + +Section 1 -- Definitions. + + a. Adapted Material means material subject to Copyright and Similar + Rights that is derived from or based upon the Licensed Material + and in which the Licensed Material is translated, altered, + arranged, transformed, or otherwise modified in a manner requiring + permission under the Copyright and Similar Rights held by the + Licensor. For purposes of this Public License, where the Licensed + Material is a musical work, performance, or sound recording, + Adapted Material is always produced where the Licensed Material is + synched in timed relation with a moving image. + + b. Copyright and Similar Rights means copyright and/or similar rights + closely related to copyright including, without limitation, + performance, broadcast, sound recording, and Sui Generis Database + Rights, without regard to how the rights are labeled or + categorized. For purposes of this Public License, the rights + specified in Section 2(b)(1)-(2) are not Copyright and Similar + Rights. + + c. Effective Technological Measures means those measures that, in the + absence of proper authority, may not be circumvented under laws + fulfilling obligations under Article 11 of the WIPO Copyright + Treaty adopted on December 20, 1996, and/or similar international + agreements. + + d. Exceptions and Limitations means fair use, fair dealing, and/or + any other exception or limitation to Copyright and Similar Rights + that applies to Your use of the Licensed Material. + + e. Licensed Material means the artistic or literary work, database, + or other material to which the Licensor applied this Public + License. + + f. Licensed Rights means the rights granted to You subject to the + terms and conditions of this Public License, which are limited to + all Copyright and Similar Rights that apply to Your use of the + Licensed Material and that the Licensor has authority to license. + + g. Licensor means the individual(s) or entity(ies) granting rights + under this Public License. + + h. NonCommercial means not primarily intended for or directed towards + commercial advantage or monetary compensation. For purposes of + this Public License, the exchange of the Licensed Material for + other material subject to Copyright and Similar Rights by digital + file-sharing or similar means is NonCommercial provided there is + no payment of monetary compensation in connection with the + exchange. + + i. Share means to provide material to the public by any means or + process that requires permission under the Licensed Rights, such + as reproduction, public display, public performance, distribution, + dissemination, communication, or importation, and to make material + available to the public including in ways that members of the + public may access the material from a place and at a time + individually chosen by them. + + j. Sui Generis Database Rights means rights other than copyright + resulting from Directive 96/9/EC of the European Parliament and of + the Council of 11 March 1996 on the legal protection of databases, + as amended and/or succeeded, as well as other essentially + equivalent rights anywhere in the world. + + k. You means the individual or entity exercising the Licensed Rights + under this Public License. Your has a corresponding meaning. + + +Section 2 -- Scope. + + a. License grant. + + 1. Subject to the terms and conditions of this Public License, + the Licensor hereby grants You a worldwide, royalty-free, + non-sublicensable, non-exclusive, irrevocable license to + exercise the Licensed Rights in the Licensed Material to: + + a. reproduce and Share the Licensed Material, in whole or + in part, for NonCommercial purposes only; and + + b. produce and reproduce, but not Share, Adapted Material + for NonCommercial purposes only. + + 2. Exceptions and Limitations. For the avoidance of doubt, where + Exceptions and Limitations apply to Your use, this Public + License does not apply, and You do not need to comply with + its terms and conditions. + + 3. Term. The term of this Public License is specified in Section + 6(a). + + 4. Media and formats; technical modifications allowed. The + Licensor authorizes You to exercise the Licensed Rights in + all media and formats whether now known or hereafter created, + and to make technical modifications necessary to do so. The + Licensor waives and/or agrees not to assert any right or + authority to forbid You from making technical modifications + necessary to exercise the Licensed Rights, including + technical modifications necessary to circumvent Effective + Technological Measures. For purposes of this Public License, + simply making modifications authorized by this Section 2(a) + (4) never produces Adapted Material. + + 5. Downstream recipients. + + a. Offer from the Licensor -- Licensed Material. Every + recipient of the Licensed Material automatically + receives an offer from the Licensor to exercise the + Licensed Rights under the terms and conditions of this + Public License. + + b. No downstream restrictions. You may not offer or impose + any additional or different terms or conditions on, or + apply any Effective Technological Measures to, the + Licensed Material if doing so restricts exercise of the + Licensed Rights by any recipient of the Licensed + Material. + + 6. No endorsement. Nothing in this Public License constitutes or + may be construed as permission to assert or imply that You + are, or that Your use of the Licensed Material is, connected + with, or sponsored, endorsed, or granted official status by, + the Licensor or others designated to receive attribution as + provided in Section 3(a)(1)(A)(i). + + b. Other rights. + + 1. Moral rights, such as the right of integrity, are not + licensed under this Public License, nor are publicity, + privacy, and/or other similar personality rights; however, to + the extent possible, the Licensor waives and/or agrees not to + assert any such rights held by the Licensor to the limited + extent necessary to allow You to exercise the Licensed + Rights, but not otherwise. + + 2. Patent and trademark rights are not licensed under this + Public License. + + 3. To the extent possible, the Licensor waives any right to + collect royalties from You for the exercise of the Licensed + Rights, whether directly or through a collecting society + under any voluntary or waivable statutory or compulsory + licensing scheme. In all other cases the Licensor expressly + reserves any right to collect such royalties, including when + the Licensed Material is used other than for NonCommercial + purposes. + + +Section 3 -- License Conditions. + +Your exercise of the Licensed Rights is expressly made subject to the +following conditions. + + a. Attribution. + + 1. If You Share the Licensed Material, You must: + + a. retain the following if it is supplied by the Licensor + with the Licensed Material: + + i. identification of the creator(s) of the Licensed + Material and any others designated to receive + attribution, in any reasonable manner requested by + the Licensor (including by pseudonym if + designated); + + ii. a copyright notice; + + iii. a notice that refers to this Public License; + + iv. a notice that refers to the disclaimer of + warranties; + + v. a URI or hyperlink to the Licensed Material to the + extent reasonably practicable; + + b. indicate if You modified the Licensed Material and + retain an indication of any previous modifications; and + + c. indicate the Licensed Material is licensed under this + Public License, and include the text of, or the URI or + hyperlink to, this Public License. + + For the avoidance of doubt, You do not have permission under + this Public License to Share Adapted Material. + + 2. You may satisfy the conditions in Section 3(a)(1) in any + reasonable manner based on the medium, means, and context in + which You Share the Licensed Material. For example, it may be + reasonable to satisfy the conditions by providing a URI or + hyperlink to a resource that includes the required + information. + + 3. If requested by the Licensor, You must remove any of the + information required by Section 3(a)(1)(A) to the extent + reasonably practicable. + + +Section 4 -- Sui Generis Database Rights. + +Where the Licensed Rights include Sui Generis Database Rights that +apply to Your use of the Licensed Material: + + a. for the avoidance of doubt, Section 2(a)(1) grants You the right + to extract, reuse, reproduce, and Share all or a substantial + portion of the contents of the database for NonCommercial purposes + only and provided You do not Share Adapted Material; + + b. if You include all or a substantial portion of the database + contents in a database in which You have Sui Generis Database + Rights, then the database in which You have Sui Generis Database + Rights (but not its individual contents) is Adapted Material; and + + c. You must comply with the conditions in Section 3(a) if You Share + all or a substantial portion of the contents of the database. + +For the avoidance of doubt, this Section 4 supplements and does not +replace Your obligations under this Public License where the Licensed +Rights include other Copyright and Similar Rights. + + +Section 5 -- Disclaimer of Warranties and Limitation of Liability. + + a. UNLESS OTHERWISE SEPARATELY UNDERTAKEN BY THE LICENSOR, TO THE + EXTENT POSSIBLE, THE LICENSOR OFFERS THE LICENSED MATERIAL AS-IS + AND AS-AVAILABLE, AND MAKES NO REPRESENTATIONS OR WARRANTIES OF + ANY KIND CONCERNING THE LICENSED MATERIAL, WHETHER EXPRESS, + IMPLIED, STATUTORY, OR OTHER. THIS INCLUDES, WITHOUT LIMITATION, + WARRANTIES OF TITLE, MERCHANTABILITY, FITNESS FOR A PARTICULAR + PURPOSE, NON-INFRINGEMENT, ABSENCE OF LATENT OR OTHER DEFECTS, + ACCURACY, OR THE PRESENCE OR ABSENCE OF ERRORS, WHETHER OR NOT + KNOWN OR DISCOVERABLE. WHERE DISCLAIMERS OF WARRANTIES ARE NOT + ALLOWED IN FULL OR IN PART, THIS DISCLAIMER MAY NOT APPLY TO YOU. + + b. TO THE EXTENT POSSIBLE, IN NO EVENT WILL THE LICENSOR BE LIABLE + TO YOU ON ANY LEGAL THEORY (INCLUDING, WITHOUT LIMITATION, + NEGLIGENCE) OR OTHERWISE FOR ANY DIRECT, SPECIAL, INDIRECT, + INCIDENTAL, CONSEQUENTIAL, PUNITIVE, EXEMPLARY, OR OTHER LOSSES, + COSTS, EXPENSES, OR DAMAGES ARISING OUT OF THIS PUBLIC LICENSE OR + USE OF THE LICENSED MATERIAL, EVEN IF THE LICENSOR HAS BEEN + ADVISED OF THE POSSIBILITY OF SUCH LOSSES, COSTS, EXPENSES, OR + DAMAGES. WHERE A LIMITATION OF LIABILITY IS NOT ALLOWED IN FULL OR + IN PART, THIS LIMITATION MAY NOT APPLY TO YOU. + + c. The disclaimer of warranties and limitation of liability provided + above shall be interpreted in a manner that, to the extent + possible, most closely approximates an absolute disclaimer and + waiver of all liability. + + +Section 6 -- Term and Termination. + + a. This Public License applies for the term of the Copyright and + Similar Rights licensed here. However, if You fail to comply with + this Public License, then Your rights under this Public License + terminate automatically. + + b. Where Your right to use the Licensed Material has terminated under + Section 6(a), it reinstates: + + 1. automatically as of the date the violation is cured, provided + it is cured within 30 days of Your discovery of the + violation; or + + 2. upon express reinstatement by the Licensor. + + For the avoidance of doubt, this Section 6(b) does not affect any + right the Licensor may have to seek remedies for Your violations + of this Public License. + + c. For the avoidance of doubt, the Licensor may also offer the + Licensed Material under separate terms or conditions or stop + distributing the Licensed Material at any time; however, doing so + will not terminate this Public License. + + d. Sections 1, 5, 6, 7, and 8 survive termination of this Public + License. + + +Section 7 -- Other Terms and Conditions. + + a. The Licensor shall not be bound by any additional or different + terms or conditions communicated by You unless expressly agreed. + + b. Any arrangements, understandings, or agreements regarding the + Licensed Material not stated herein are separate from and + independent of the terms and conditions of this Public License. + + +Section 8 -- Interpretation. + + a. For the avoidance of doubt, this Public License does not, and + shall not be interpreted to, reduce, limit, restrict, or impose + conditions on any use of the Licensed Material that could lawfully + be made without permission under this Public License. + + b. To the extent possible, if any provision of this Public License is + deemed unenforceable, it shall be automatically reformed to the + minimum extent necessary to make it enforceable. If the provision + cannot be reformed, it shall be severed from this Public License + without affecting the enforceability of the remaining terms and + conditions. + + c. No term or condition of this Public License will be waived and no + failure to comply consented to unless expressly agreed to by the + Licensor. + + d. Nothing in this Public License constitutes or may be interpreted + as a limitation upon, or waiver of, any privileges and immunities + that apply to the Licensor or You, including from the legal + processes of any jurisdiction or authority. + +======================================================================= + +Creative Commons is not a party to its public +licenses. Notwithstanding, Creative Commons may elect to apply one of +its public licenses to material it publishes and in those instances +will be considered the “Licensor.” The text of the Creative Commons +public licenses is dedicated to the public domain under the CC0 Public +Domain Dedication. Except for the limited purpose of indicating that +material is shared under a Creative Commons public license or as +otherwise permitted by the Creative Commons policies published at +creativecommons.org/policies, Creative Commons does not authorize the +use of the trademark "Creative Commons" or any other trademark or logo +of Creative Commons without its prior written consent including, +without limitation, in connection with any unauthorized modifications +to any of its public licenses or any other arrangements, +understandings, or agreements concerning use of licensed material. For +the avoidance of doubt, this paragraph does not form part of the +public licenses. + +Creative Commons may be contacted at creativecommons.org. \ No newline at end of file diff --git a/docs/index.md b/docs/index.md index a1359721..5cdb56ce 100644 --- a/docs/index.md +++ b/docs/index.md @@ -8,6 +8,7 @@ name: "azure" description: "Steampipe plugin for querying resource groups, virtual machines, storage accounts and more from Azure." og_description: "Query Azure with SQL! Open source CLI. No DB required." og_image: "/images/plugins/turbot/azure-social-graphic.png" +engines: ["steampipe", "sqlite", "postgres", "export"] --- # Azure + Steampipe @@ -326,7 +327,4 @@ connection "azure" { } ``` -## Get involved -- Open source: https://github.com/turbot/steampipe-plugin-azure -- Community: [Join #steampipe on Slack →](https://turbot.com/community/join) diff --git a/docs/tables/azure_ad_group.md b/docs/tables/azure_ad_group.md index d00de9c6..e004681e 100644 --- a/docs/tables/azure_ad_group.md +++ b/docs/tables/azure_ad_group.md @@ -1,14 +1,22 @@ -# Table: azure_ad_group +--- +title: "Steampipe Table: azure_ad_group - Query Azure Active Directory Groups using SQL" +description: "Allows users to query Azure Active Directory Groups, providing insights into group details, including identification, membership, and associated metadata." +--- -**Deprecated. Use [azuread_group](https://hub.steampipe.io/plugins/turbot/azuread/tables/azuread_group) instead.** +# Table: azure_ad_group - Query Azure Active Directory Groups using SQL -Azure Active Directory groups is used to manage access to your cloud-based apps, on-premises apps, and your resources. +Azure Active Directory (Azure AD) is Microsoft's cloud-based identity and access management service. It helps your employees sign in and access resources in external resources, such as Microsoft Office 365, the Azure portal, and thousands of other SaaS applications. Azure AD Groups are collections of users and can be used to simplify the assignment of access rights to resources in Azure AD. + +## Table Usage Guide + +The `azure_ad_group` table provides insights into Azure Active Directory Groups within Microsoft Azure. As a system administrator, explore group-specific details through this table, including identification, membership, and associated metadata. Utilize it to manage access to resources, understand group composition, and maintain security compliance across your organization. ## Examples ### Basic info +Explore the groups within your Azure Active Directory to determine which ones have email capabilities enabled. This is useful for auditing purposes, ensuring that only necessary groups have email functions activated. -```sql +```sql+postgres select display_name, object_id, @@ -19,10 +27,21 @@ from azure_ad_group; ``` +```sql+sqlite +select + display_name, + object_id, + mail, + mail_enabled, + mail_nickname +from + azure_ad_group; +``` ### List of AD groups where security is not enabled +Determine the areas in which the security feature is not enabled in your Azure Active Directory groups. This can be useful for identifying potential vulnerabilities and taking corrective action to enhance your system's security. -```sql +```sql+postgres select display_name, object_id, @@ -33,10 +52,21 @@ where not security_enabled; ``` +```sql+sqlite +select + display_name, + object_id, + security_enabled +from + azure_ad_group +where + security_enabled = 0; +``` ### List of AD groups where mail is not enabled +Explore which Azure Active Directory groups do not have mail enabled. This is useful to identify potential communication gaps within your organization. -```sql +```sql+postgres select display_name, mail, @@ -46,3 +76,14 @@ from where not mail_enabled; ``` + +```sql+sqlite +select + display_name, + mail, + mail_enabled +from + azure_ad_group +where + mail_enabled is not 1; +``` \ No newline at end of file diff --git a/docs/tables/azure_ad_service_principal.md b/docs/tables/azure_ad_service_principal.md index 6e2ea65b..52ad220d 100644 --- a/docs/tables/azure_ad_service_principal.md +++ b/docs/tables/azure_ad_service_principal.md @@ -1,14 +1,22 @@ -# Table: azure_ad_service_principal +--- +title: "Steampipe Table: azure_ad_service_principal - Query Azure Active Directory Service Principals using SQL" +description: "Allows users to query Azure Active Directory Service Principals, specifically the details about the service principals in the Azure Active Directory." +--- -**Deprecated. Use [azuread_service_principal](https://hub.steampipe.io/plugins/turbot/azuread/tables/azuread_service_principal) instead.** +# Table: azure_ad_service_principal - Query Azure Active Directory Service Principals using SQL -An Azure service principal is an identity created for use with applications, hosted services, and automated tools to access Azure resources. +An Azure Active Directory Service Principal is a security identity used by user-created applications, services, and automation tools to access specific Azure resources. It allows these resources to be secured by using Azure AD role-based access control. This identity is used to authenticate to Azure AD and obtain tokens to access resources. + +## Table Usage Guide + +The `azure_ad_service_principal` table provides insights into Service Principals within Azure Active Directory. As a Security Engineer, utilize this table to explore details about service principals, including their app roles, display names, and associated metadata. Use it to uncover information about service principals, such as those with specific permissions, their associated application IDs, and the verification of OAuth2 permissions. ## Examples ### List of ad service principals where service principal account is disabled +Determine the areas in which Azure ad service principals are disabled. This can be useful for identifying potential security risks or troubleshooting access issues. -```sql +```sql+postgres select object_id, object_type, @@ -20,10 +28,22 @@ where not account_enabled; ``` +```sql+sqlite +select + object_id, + object_type, + display_name, + account_enabled +from + azure_ad_service_principal +where + account_enabled = 0; +``` ### List of ad service principals where app role assignment is not required +Identify instances where ad service principals in Azure do not require an app role assignment. This can be useful to streamline access control and reduce unnecessary role assignments. -```sql +```sql+postgres select object_id, display_name, @@ -34,10 +54,21 @@ where not app_role_assignment_required; ``` +```sql+sqlite +select + object_id, + display_name, + app_role_assignment_required +from + azure_ad_service_principal +where + app_role_assignment_required = 0; +``` ### Application role info of service principals +Explore the roles assigned to service principals within your Azure Active Directory. This query helps in understanding the permissions and access controls for each service principal, thereby assisting in maintaining secure and efficient system operations. -```sql +```sql+postgres select object_id, approle ->> 'allowedMemberTypes' as allowed_member_types, @@ -51,10 +82,24 @@ from cross join jsonb_array_elements(app_roles) as approle; ``` +```sql+sqlite +select + object_id, + json_extract(approle.value, '$.allowedMemberTypes') as allowed_member_types, + json_extract(approle.value, '$.description') as description, + json_extract(approle.value, '$.displayName') as display_name, + json_extract(approle.value, '$.isEnabled') as isEnabled, + json_extract(approle.value, '$.id') as id, + json_extract(approle.value, '$.value') as id +from + azure_ad_service_principal, + json_each(app_roles) as approle; +``` ### Oauth 2.0 permission info of ad service principal +This query is useful for gaining insights into the permissions associated with your Azure advertising service principal. It allows you to assess whether certain permissions are enabled and understand their specific descriptions and display names, helping to maintain proper access control in your Azure environment. -```sql +```sql+postgres select object_id, perm ->> 'adminConsentDescription' as admin_consent_description, @@ -67,3 +112,17 @@ from azure_ad_service_principal cross join jsonb_array_elements(oauth2_permissions) as perm; ``` + +```sql+sqlite +select + object_id, + json_extract(perm.value, '$.adminConsentDescription') as admin_consent_description, + json_extract(perm.value, '$.adminConsentDisplayName') as admin_consent_display_name, + json_extract(perm.value, '$.id') as id, + json_extract(perm.value, '$.isEnabled') as is_enabled, + json_extract(perm.value, '$.type') as type, + json_extract(perm.value, '$.value') as value +from + azure_ad_service_principal, + json_each(oauth2_permissions) as perm; +``` \ No newline at end of file diff --git a/docs/tables/azure_ad_user.md b/docs/tables/azure_ad_user.md index 1c9a6db3..3fade1ad 100644 --- a/docs/tables/azure_ad_user.md +++ b/docs/tables/azure_ad_user.md @@ -1,14 +1,22 @@ -# Table: azure_ad_user +--- +title: "Steampipe Table: azure_ad_user - Query Azure Active Directory Users using SQL" +description: "Allows users to query Azure Active Directory Users, providing details of user profiles including user details, email addresses, and department information." +--- -**Deprecated. Use [azuread_user](https://hub.steampipe.io/plugins/turbot/azuread/tables/azuread_user) instead.** +# Table: azure_ad_user - Query Azure Active Directory Users using SQL -Azure Active Directory (Azure AD) is Microsoft's cloud-based identity and access management service, which helps employees sign in and access resources. +Azure Active Directory (Azure AD) is Microsoft's cloud-based identity and access management service. It helps your employees sign in and access resources in external resources, such as Microsoft Office 365, the Azure portal, and thousands of other SaaS applications. Azure AD also includes a full suite of identity management capabilities including multi-factor authentication, device registration, role-based access control, user provisioning, and more. + +## Table Usage Guide + +The `azure_ad_user` table provides insights into user profiles within Azure Active Directory. As a system administrator, explore user-specific details through this table, including user details, email addresses, and department information. Utilize it to uncover information about users, such as their roles, access controls, and associated metadata. ## Examples ### Basic active directory user info +Determine the areas in which active directory users are currently active within the Azure environment. This query is beneficial in managing user access and maintaining security standards. -```sql +```sql+postgres select display_name, user_principal_name, @@ -20,10 +28,22 @@ from azure_ad_user; ``` +```sql+sqlite +select + display_name, + user_principal_name, + given_name, + mail, + account_enabled, + object_id +from + azure_ad_user; +``` ### List of guest users in the active directory +Identify instances where guest users are present in the active directory to maintain security and access control. This query is useful in managing permissions and keeping track of external users in your system. -```sql +```sql+postgres select display_name, user_principal_name, @@ -36,10 +56,23 @@ where user_type = 'Guest'; ``` +```sql+sqlite +select + display_name, + user_principal_name, + mail, + user_type, + usage_location +from + azure_ad_user +where + user_type = 'Guest'; +``` ### Password profile info of each user +This example helps in understanding the password policies applied to each user within the Azure Active Directory. It aids in determining whether users are required to change their passwords at their next login or if the password change policy is enforced, thereby assisting in maintaining security standards. -```sql +```sql+postgres select display_name, user_principal_name, @@ -49,3 +82,12 @@ from azure_ad_user; ``` +```sql+sqlite +select + display_name, + user_principal_name, + json_extract(additional_properties, '$.passwordProfile.enforceChangePasswordPolicy') as enforce_change_password_policy, + json_extract(additional_properties, '$.passwordProfile.forceChangePasswordNextLogin') as change_password_next_login +from + azure_ad_user; +``` \ No newline at end of file diff --git a/docs/tables/azure_alert_management.md b/docs/tables/azure_alert_management.md index 07dc6fd7..e839f21f 100644 --- a/docs/tables/azure_alert_management.md +++ b/docs/tables/azure_alert_management.md @@ -1,13 +1,20 @@ -# Table: azure_alert_management +--- +title: "Steampipe Table: azure_alert_management - Query Azure Alert Management using SQL" +description: "Allows users to query Azure Alert Management, providing a centralized way to monitor and respond to issues across applications and infrastructure." +--- -Azure Alert Management is a service and set of tools within Microsoft Azure that allows you to monitor and respond to issues across your applications and infrastructure. It provides a centralized way to set up and manage alerts for various Azure resources, including virtual machines, databases, web applications, and more. Azure Alert Management helps you stay informed about the health and performance of your Azure resources and take appropriate actions when predefined conditions are met. +# Table: azure_alert_management - Query Azure Alert Management using SQL -**Important notes:** +Azure Alert Management is a service within Microsoft Azure that offers a set of tools for monitoring and responding to issues across various Azure resources. It enables users to set up and manage alerts for resources such as virtual machines, databases, web applications, and more. The service helps maintain awareness of the health and performance of Azure resources and facilitates appropriate actions when predefined conditions are met. + +## Table Usage Guide + +The `azure_alert_management` table provides insights into the alert management system within Microsoft Azure. As a system administrator, you can explore alert-specific details through this table, including alert status, severity, and associated metadata. Use it to identify and respond to potential issues across your Azure resources, ensuring optimal performance and security. -- This table offers access to alert management details for the past 30 days. If no value is specified in the query parameter (`time_range`) within the WHERE clause, the default value will be set to `1d`(One Day). +**Important notes:** +- This table offers access to alert management details for the past 30 days. If no value is specified in the query parameter (`time_range`) within the `where` clause, the default value will be set to `1d`(One Day). - For improved performance, it is advised that you use the optional qual to limit the result set. - This table supports optional quals. Queries with optional quals are optimized to use Alert Management filters. Optional quals are supported for the following columns: - - `target_resource`: Filter by the target resource (full ARM ID). The default value selects all resources. - `target_resource_type`: Filter by target resource type. The default value selects all resource types. - `resource_group`: Filter by target resource group name. The default value selects all resource groups. @@ -21,12 +28,26 @@ Azure Alert Management is a service and set of tools within Microsoft Azure that - `severity`: Filter by severity. The default value selects all severities. For details, refer to the [severity documentation](https://learn.microsoft.com/en-us/rest/api/monitor/alertsmanagement/alerts/get-all?tabs=HTTP#severity). - `alert_state`: Filter by the state of the alert instance. The default value selects all states. For details, refer to the [alert state documentation](https://learn.microsoft.com/en-us/rest/api/monitor/alertsmanagement/alerts/get-all?tabs=HTTP#alertstate). - `time_range`: Filter by the time range, choosing from the listed values in the [API documentation](https://learn.microsoft.com/en-us/rest/api/monitor/alertsmanagement/alerts/get-all?tabs=HTTP#timerange). The default value is 1 day. - +v ## Examples ### Basic info +Determine the areas in which Azure's alert management system is currently active. This allows you to understand the overall health and status of your alerts, helping you to manage and respond to potential issues more effectively. + +```sql+postgres +select + name, + id, + type, + target_resource, + signal_type, + alert_state, + monitor_condition +from + azure_alert_management; +``` -```sql +```sql+sqlite select name, id, @@ -40,8 +61,24 @@ from ``` ### List fired alerts +Explore which alerts have been triggered in your Azure environment to gain insights into potential issues or areas of concern. This helps in proactive problem management and maintaining system stability. -```sql +```sql+postgres +select + name, + id, + type, + signal_type, + alert_state, + monitor_service, + monitor_condition +from + azure_alert_management +where + monitor_condition = 'Fired'; +``` + +```sql+sqlite select name, id, @@ -57,8 +94,23 @@ where ``` ### List alerts within the last 7 days +Explore recent alerts by identifying those that have been generated within the last week. This is useful for maintaining awareness of recent activity and potential issues in your Azure environment. + +```sql+postgres +select + name, + id, + target_resource, + target_resource_type, + alert_rule, + time_range +from + azure_alert_management +where + time_range = '7d'; +``` -```sql +```sql+sqlite select name, id, @@ -73,8 +125,24 @@ where ``` ### List critical alerts +Determine the areas in which critical alerts are present in your Azure resources. This is beneficial for prioritizing and addressing issues that have the highest severity level. + +```sql+postgres +select + name, + id, + target_resource, + target_resource_type, + severity, + alert_state, + monitor_service +from + azure_alert_management +where + severity = 'Sev0'; +``` -```sql +```sql+sqlite select name, id, @@ -90,8 +158,9 @@ where ``` ### List alerts of VMInsights monitoring service +This example allows users to identify any alerts associated with the VMInsights monitoring service in Azure. This can be useful for administrators who need to quickly assess the status and details of these alerts for troubleshooting or system management purposes. -```sql +```sql+postgres select name, id, @@ -105,3 +174,18 @@ from where monitor_service = 'VMInsights'; ``` + +```sql+sqlite +select + name, + id, + target_resource, + monitor_service, + alert_rule, + alert_state, + source_created_id +from + azure_alert_management +where + monitor_service = 'VMInsights'; +``` \ No newline at end of file diff --git a/docs/tables/azure_api_management.md b/docs/tables/azure_api_management.md index 359d1293..b4622100 100644 --- a/docs/tables/azure_api_management.md +++ b/docs/tables/azure_api_management.md @@ -1,12 +1,22 @@ -# Table: azure_api_management +--- +title: "Steampipe Table: azure_api_management - Query Azure API Management Services using SQL" +description: "Allows users to query Azure API Management Services, specifically providing insights into the management of APIs for both on-premises and cloud solutions." +--- -Azure API Management is a fully managed service that enables customers to publish, secure, transform, maintain, and monitor APIs. +# Table: azure_api_management - Query Azure API Management Services using SQL + +Azure API Management is a solution that allows organizations to publish, manage, secure, and analyze their APIs in a unified way. It provides the core competencies to ensure a successful API program through developer engagement, business insights, analytics, security, and protection. Azure API Management enables you to create an API gateway and developer portal in minutes. + +## Table Usage Guide + +The `azure_api_management` table provides insights into API management services within Azure. As a DevOps engineer, leverage this table to explore details about your API management services, including their configurations, locations, and associated resources. Utilize it to manage and secure your APIs, monitor their performance, and understand their usage patterns. ## Examples ### Public and private IP address info of each API management +Determine the areas in which each API management system operates by understanding their public and private IP addresses. This aids in assessing network accessibility and identifying potential security concerns. -```sql +```sql+postgres select name, public_ip_addresses, @@ -15,10 +25,19 @@ from azure_api_management; ``` +```sql+sqlite +select + name, + public_ip_addresses, + private_ip_addresses +from + azure_api_management; +``` ### API management publisher info +Explore the publisher details associated with your Azure API management to maintain effective communication and ensure smooth operations. This allows you to identify who is in charge of specific APIs, facilitating efficient management and collaboration. -```sql +```sql+postgres select name, publisher_name, @@ -27,10 +46,19 @@ from azure_api_management; ``` +```sql+sqlite +select + name, + publisher_name, + publisher_email +from + azure_api_management; +``` ### List of premium API managements and their computing capacity +Identify instances where premium API management services are being used and assess their computing capacity. This can be useful in evaluating your resource allocation and optimizing your API management strategy. -```sql +```sql+postgres select name, sku_name, @@ -41,10 +69,21 @@ where sku_name = 'Premium'; ``` +```sql+sqlite +select + name, + sku_name, + sku_capacity +from + azure_api_management +where + sku_name = 'Premium'; +``` ### List of API management without application tag key +Determine the areas in which API management in Azure lacks an 'application' tag. This could be useful for managing and organizing your resources, as well as ensuring compliance with tagging policies. -```sql +```sql+postgres select name, tags @@ -53,3 +92,13 @@ from where not tags :: JSONB ? 'application'; ``` + +```sql+sqlite +select + name, + tags +from + azure_api_management +where + json_extract(tags, '$.application') is null; +``` \ No newline at end of file diff --git a/docs/tables/azure_app_configuration.md b/docs/tables/azure_app_configuration.md index b205d983..aae4c899 100644 --- a/docs/tables/azure_app_configuration.md +++ b/docs/tables/azure_app_configuration.md @@ -1,12 +1,33 @@ -# Table: azure_app_configuration +--- +title: "Steampipe Table: azure_app_configuration - Query Azure App Configuration using SQL" +description: "Allows users to query App Configurations in Azure, providing insights into application settings and feature management." +--- -Azure App Configuration provides a service to centrally manage application settings and feature flags. App Configuration is used to store all the settings for your application and secure their accesses in one place. +# Table: azure_app_configuration - Query Azure App Configuration using SQL + +Azure App Configuration is a service within Microsoft Azure that provides a way to centrally manage application settings and feature flags. It helps developers to separate configuration from code, making applications more modular and scalable. Azure App Configuration is fully managed, which allows developers to focus on code rather than managing and distributing configuration. + +## Table Usage Guide + +The `azure_app_configuration` table provides insights into application configurations within Microsoft Azure. As a developer or DevOps engineer, you can explore configuration-specific details through this table, including settings, feature management, and associated metadata. Utilize it to manage and monitor application settings, understand feature flags, and ensure the scalability and modularity of your applications. ## Examples ### Basic info +Explore which Azure App configurations are currently active and when they were created. This is useful for understanding the status and timeline of your app's setup and deployment. -```sql +```sql+postgres +select + id, + name, + type, + provisioning_state, + creation_date +from + azure_app_configuration; +``` + +```sql+sqlite select id, name, @@ -18,8 +39,22 @@ from ``` ### List public network access enabled app configurations +Explore which app configurations in Azure have public network access enabled. This can be beneficial in assessing potential security risks and ensuring appropriate network access settings are in place. + +```sql+postgres +select + id, + name, + type, + provisioning_state, + public_network_access +from + azure_app_configuration +where + public_network_access = 'Enabled'; +``` -```sql +```sql+sqlite select id, name, @@ -33,8 +68,9 @@ where ``` ### List app configurations with user assigned identities +This query is useful to identify and analyze the configurations of apps that have user-assigned identities within your Azure environment. It helps in managing and auditing access control, thereby enhancing the security of your applications. -```sql +```sql+postgres select id, name, @@ -52,9 +88,14 @@ where ); ``` +```sql+sqlite +Error: SQLite does not support regexp_split_to_array function. +``` + ### List private endpoint connection details for app configurations +Explore the status and details of private connections for app configurations in Azure. This can help identify any required actions or understand the provisioning state for these connections. -```sql +```sql+postgres select name as app_config_name, id as app_config_id, @@ -69,9 +110,25 @@ from jsonb_array_elements(private_endpoint_connections) as connections; ``` +```sql+sqlite +select + name as app_config_name, + c.id as app_config_id, + json_extract(connections.value, '$.id') as connection_id, + json_extract(connections.value, '$.privateEndpointPropertyId') as connection_private_endpoint_property_id, + json_extract(connections.value, '$.privateLinkServiceConnectionStateActionsRequired') as connection_actions_required, + json_extract(connections.value, '$.privateLinkServiceConnectionStateDescription') as connection_description, + json_extract(connections.value, '$.privateLinkServiceConnectionStateStatus') as connection_status, + json_extract(connections.value, '$.provisioningState') as connection_provisioning_state +from + azure_app_configuration as c, + json_each(private_endpoint_connections) as connections; +``` + ### List encryption details for app configurations +Explore encryption specifics for your applications, particularly focusing on identity client IDs and key identifiers. This is useful for assessing the security measures in place for your app configurations. -```sql +```sql+postgres select name as app_config_name, id as app_config_id, @@ -80,3 +137,13 @@ select from azure_app_configuration; ``` + +```sql+sqlite +select + name as app_config_name, + id as app_config_id, + json_extract(encryption, '$.keyVaultProperties.identityClientId') as key_vault_identity_client_id, + json_extract(encryption, '$.keyVaultProperties.keyIdentifier') as key_vault_key_identifier +from + azure_app_configuration; +``` \ No newline at end of file diff --git a/docs/tables/azure_app_service_environment.md b/docs/tables/azure_app_service_environment.md index c4c7c8da..699ba2ee 100644 --- a/docs/tables/azure_app_service_environment.md +++ b/docs/tables/azure_app_service_environment.md @@ -1,12 +1,32 @@ -# Table: azure_app_service_environment +--- +title: "Steampipe Table: azure_app_service_environment - Query Azure App Service Environments using SQL" +description: "Allows users to query Azure App Service Environments, providing comprehensive details about the app service environments in your Azure account." +--- -The Azure App Service Environment provides a fully isolated and dedicated environment for securely running App Service apps at high scale. +# Table: azure_app_service_environment - Query Azure App Service Environments using SQL + +Azure App Service Environment is a fully isolated and dedicated environment for securely running App Service apps at high scale. This service is designed for application workloads that require high scale, isolation, and secure network access. It provides a fully isolated and dedicated environment for running applications of almost any scale. + +## Table Usage Guide + +The `azure_app_service_environment` table provides insights into App Service Environments within Azure. As a DevOps engineer, you can explore specific details about these environments, including the number of workers, the status of the environment, and the virtual network integration. This table is useful for understanding the scale, isolation, and security of your app services, and to identify any potential issues or areas for optimization. ## Examples ### List of app service environments which are not healthy +Uncover the details of Azure App Service environments that are currently not in a healthy state. This can be useful for identifying potential issues that may be affecting the performance or availability of your applications. + +```sql+postgres +select + name, + is_healthy_environment +from + azure_app_service_environment +where + not is_healthy_environment; +``` -```sql +```sql+sqlite select name, is_healthy_environment @@ -17,8 +37,20 @@ where ``` ### Virtual network info of each app service environment +Explore the virtual network configurations of each app service environment to gain insights into the internal load balancing mode and understand the network segregation. This is useful in assessing the security and isolation measures within your Azure App Service Environment. + +```sql+postgres +select + name, + vnet_name, + vnet_subnet_name, + vnet_resource_group_name, + internal_load_balancing_mode +from + azure_app_service_environment; +``` -```sql +```sql+sqlite select name, vnet_name, @@ -30,8 +62,9 @@ from ``` ### List cluster settings details +Explore the configuration details of your Azure App Service Environment to understand the specifics of your cluster settings. This can aid in managing your resources more effectively and troubleshooting potential issues. -```sql +```sql+postgres select name, id, @@ -41,3 +74,14 @@ from azure_app_service_environment, jsonb_array_elements(cluster_settings) as settings; ``` + +```sql+sqlite +select + name, + id, + json_extract(settings.value, '$.name') as settings_name, + json_extract(settings.value, '$.value') as settings_value +from + azure_app_service_environment, + json_each(cluster_settings) as settings; +``` \ No newline at end of file diff --git a/docs/tables/azure_app_service_function_app.md b/docs/tables/azure_app_service_function_app.md index 6e06768a..aa4f02bf 100644 --- a/docs/tables/azure_app_service_function_app.md +++ b/docs/tables/azure_app_service_function_app.md @@ -1,12 +1,22 @@ -# Table: azure_app_service_function_app +--- +title: "Steampipe Table: azure_app_service_function_app - Query Azure App Service Function Apps using SQL" +description: "Allows users to query Azure App Service Function Apps, specifically providing access to configuration details, app settings, and connection strings." +--- -A function app is the container that hosts the execution of individual functions. +# Table: azure_app_service_function_app - Query Azure App Service Function Apps using SQL + +Azure App Service Function Apps is a service within Microsoft Azure that allows developers to host and run functions in the cloud without having to manage any infrastructure. It offers an event-driven, compute-on-demand experience that extends the existing Azure App Service platform. With Azure Function Apps, developers can quickly create serverless applications that scale and integrate with other services. + +## Table Usage Guide + +The `azure_app_service_function_app` table provides insights into Function Apps within Azure App Service. As a developer or DevOps engineer, explore Function App-specific details through this table, including configuration settings, app settings, and connection strings. Utilize it to uncover information about Function Apps, such as their runtime versions, hosting details, and the state of always-on functionality. ## Examples ### List of app functions which accepts HTTP traffic +Determine the areas in which Azure app services function apps are configured to accept HTTP traffic, which can be useful for identifying potential security risks associated with unencrypted data transmission. -```sql +```sql+postgres select name, https_only, @@ -18,10 +28,22 @@ where not https_only; ``` +```sql+sqlite +select + name, + https_only, + kind, + region +from + azure_app_service_function_app +where + https_only = 0; +``` ### List of all unreserved app function +Discover the segments that comprise all unreserved function apps in Azure. This query is useful in managing resources and ensuring optimal performance by identifying potential areas for reallocation. -```sql +```sql+postgres select name, reserved, @@ -32,10 +54,21 @@ where not reserved; ``` +```sql+sqlite +select + name, + reserved, + resource_group +from + azure_app_service_function_app +where + reserved = 0; +``` ### Outbound IP addresses and possible outbound IP addresses info of each function app +Gain insights into the outbound IP addresses associated with each function app, as well as potential outbound IP addresses. This information can be useful for managing network security and understanding your app's communication pathways. -```sql +```sql+postgres select name, outbound_ip_addresses, @@ -44,10 +77,19 @@ from azure_app_service_function_app; ``` +```sql+sqlite +select + name, + outbound_ip_addresses, + possible_outbound_ip_addresses +from + azure_app_service_function_app; +``` ### List of app functions where client certificate mode is disabled. +Identify instances where the client certificate mode is disabled in your Azure app functions. This can help enhance security by pinpointing areas where client authentication is not enforced. -```sql +```sql+postgres select name, client_cert_enabled, @@ -58,3 +100,15 @@ from where not client_cert_enabled; ``` + +```sql+sqlite +select + name, + client_cert_enabled, + kind, + region +from + azure_app_service_function_app +where + client_cert_enabled = 0; +``` \ No newline at end of file diff --git a/docs/tables/azure_app_service_plan.md b/docs/tables/azure_app_service_plan.md index 079716c0..0d39cb1b 100644 --- a/docs/tables/azure_app_service_plan.md +++ b/docs/tables/azure_app_service_plan.md @@ -1,12 +1,22 @@ -# Table: azure_app_service_plan +--- +title: "Steampipe Table: azure_app_service_plan - Query Azure App Service Plans using SQL" +description: "Allows users to query Azure App Service Plans, providing insights into the capacity and scale of the app services running in an Azure subscription." +--- -An App Service plan defines a set of compute resources for a web app to run. These compute resources are analogous to the server farm in conventional web hosting. +# Table: azure_app_service_plan - Query Azure App Service Plans using SQL + +Azure App Service Plan is a service within Microsoft Azure that defines a set of compute resources for a web app to run. These compute resources are analogous to the server farm in conventional web hosting. It specifies the number of VM instances to allocate, the size of each instance, and the pricing tier. + +## Table Usage Guide + +The `azure_app_service_plan` table provides insights into the App Service Plans within Microsoft Azure. As a Cloud Engineer, explore App Service Plan-specific details through this table, including the number of web apps, capacity, maximum number of workers, and other associated metadata. Utilize it to uncover information about each App Service Plan, such as its current status, tier, and the geographical location of the data center where the plan is running. ## Examples ### App service plan SKU info +Explore the details of your Azure App Service Plan to understand the specifics of your service tier and capacity. This can help you assess if your current plan aligns with your application's requirements and if there is a need for scaling or downgrading. -```sql +```sql+postgres select name, sku_family, @@ -18,10 +28,22 @@ from azure_app_service_plan; ``` +```sql+sqlite +select + name, + sku_family, + sku_name, + sku_size, + sku_tier, + sku_capacity +from + azure_app_service_plan; +``` ### List of Hyper-V container app service plan +Explore which Azure App Service Plans are using Hyper-V containers. This can help determine the areas in which these specific types of containers are being utilized, aiding in resource management and optimization. -```sql +```sql+postgres select name, hyper_v, @@ -33,10 +55,22 @@ where hyper_v; ``` +```sql+sqlite +select + name, + hyper_v, + kind, + region +from + azure_app_service_plan +where + hyper_v = 1; +``` ### List of App service plan that owns spot instances +Explore which Azure App Service Plans are utilizing spot instances. This is useful for managing costs and understanding the distribution of your resources. -```sql +```sql+postgres select name, is_spot, @@ -47,4 +81,17 @@ from azure_app_service_plan where is_spot; +``` + +```sql+sqlite +select + name, + is_spot, + kind, + region, + resource_group +from + azure_app_service_plan +where + is_spot = 1; ``` \ No newline at end of file diff --git a/docs/tables/azure_app_service_web_app.md b/docs/tables/azure_app_service_web_app.md index 5abb830c..5d5648bd 100644 --- a/docs/tables/azure_app_service_web_app.md +++ b/docs/tables/azure_app_service_web_app.md @@ -1,12 +1,31 @@ -# Table: azure_app_service_web_app +--- +title: "Steampipe Table: azure_app_service_web_app - Query Azure App Service Web Apps using SQL" +description: "Allows users to query Azure App Service Web Apps, providing insights into the configuration, status, and metadata of web applications hosted on the Azure App Service platform." +--- -Azure App Service is an HTTP-based service for hosting web applications, REST APIs, and mobile back ends. +# Table: azure_app_service_web_app - Query Azure App Service Web Apps using SQL + +Azure App Service is a fully managed platform for building, deploying, and scaling web applications. It supports a variety of programming languages, tools, and frameworks, including both Microsoft-specific and third-party software and systems. With Azure App Service, you can quickly build, deploy, and scale enterprise-grade web, mobile, and API apps running on any platform. + +## Table Usage Guide + +The `azure_app_service_web_app` table provides insights into web applications hosted on Azure App Service. As a developer or system administrator, you can use this table to examine the configuration, status, and metadata of these applications. It can be particularly useful for monitoring and managing your web applications, ensuring they are correctly configured, running smoothly, and adhering to your organization's operational and security policies. ## Examples ### Outbound IP addresses and possible outbound IP addresses info of each web app +Explore which web applications in your Azure App Service have specific outbound IP addresses. This is useful for understanding the network behavior of your applications, particularly for security monitoring or compliance purposes. + +```sql+postgres +select + name, + outbound_ip_addresses, + possible_outbound_ip_addresses +from + azure_app_service_web_app; +``` -```sql +```sql+sqlite select name, outbound_ip_addresses, @@ -16,8 +35,9 @@ from ``` ### List web apps which accepts HTTP traffics (i.e HTTPS only is disabled) +Determine the areas in which web applications are accepting HTTP traffic, indicating that the more secure HTTPS-only mode is disabled. This can be useful for identifying potential security risks in your Azure App Service. -```sql +```sql+postgres select name, https_only, @@ -29,9 +49,22 @@ where not https_only; ``` +```sql+sqlite +select + name, + https_only, + kind, + region +from + azure_app_service_web_app +where + https_only = 0; +``` + ### List of web app where client certificate mode is disabled +Determine the areas in which web applications are potentially vulnerable due to disabled client certificate mode. This is crucial for enhancing security measures and ensuring data protection. -```sql +```sql+postgres select name, client_cert_enabled, @@ -43,9 +76,33 @@ where not client_cert_enabled; ``` +```sql+sqlite +select + name, + client_cert_enabled, + kind, + region +from + azure_app_service_web_app +where + client_cert_enabled = 0; +``` + ### Host names of each web app +Determine the areas in which your web applications are hosted. This aids in understanding their geographical distribution and aids in resource management. + +```sql+postgres +select + name, + host_names, + kind, + region, + resource_group +from + azure_app_service_web_app; +``` -```sql +```sql+sqlite select name, host_names, @@ -57,8 +114,9 @@ from ``` ### List web apps with latest HTTP version +Determine the areas in which web applications are running on the latest HTTP version across different regions. This can be useful for ensuring applications are up-to-date and taking advantage of the latest protocol features for performance and security. -```sql +```sql+postgres select name, enabled, @@ -69,9 +127,21 @@ where (configuration -> 'properties' ->> 'http20Enabled')::boolean; ``` +```sql+sqlite +select + name, + enabled, + region +from + azure_app_service_web_app +where + json_extract(configuration, '$.properties.http20Enabled') = 'true'; +``` + ### List web apps that have FTP deployments set to disabled +Determine the areas in which web applications have FTP deployments disabled, allowing for a better understanding of security measures in place and potential areas of vulnerability. -```sql +```sql+postgres select name, configuration -> 'properties' ->> 'ftpsState' as ftps_state @@ -81,9 +151,32 @@ where configuration -> 'properties' ->> 'ftpsState' <> 'AllAllowed'; ``` +```sql+sqlite +select + name, + json_extract(json_extract(configuration, '$.properties'), '$.ftpsState') as ftps_state +from + azure_app_service_web_app +where + json_extract(json_extract(configuration, '$.properties'), '$.ftpsState') <> 'AllAllowed'; +``` + ### List web apps that have managed service identity disabled +Determine the areas in which web apps are operating without a managed service identity, which is a key security feature. This could be used to identify potential vulnerabilities and improve overall system security. + +```sql+postgres +select + name, + enabled, + region, + identity +from + azure_app_service_web_app +where + identity = '{}'; +``` -```sql +```sql+sqlite select name, enabled, @@ -96,11 +189,12 @@ where ``` ### Get the storage information associated to a particular app +Explore the storage details linked to a specific application in Azure's App Service. This can help you understand the configuration and enablement status of your storage in a particular region, which can be crucial for optimizing resource allocation and management. -```sql +```sql+postgres select name, - nabled, + enabled, region, identity storage_info_value @@ -109,4 +203,18 @@ from where resource_group = 'demo' and name = 'web-app-test-storage-info'; +``` + +```sql+sqlite +select + name, + enabled, + region, + identity, + storage_info_value +from + azure_app_service_web_app +where + resource_group = 'demo' + and name = 'web-app-test-storage-info'; ``` \ No newline at end of file diff --git a/docs/tables/azure_app_service_web_app_slot.md b/docs/tables/azure_app_service_web_app_slot.md index a4405989..3b69a00f 100644 --- a/docs/tables/azure_app_service_web_app_slot.md +++ b/docs/tables/azure_app_service_web_app_slot.md @@ -1,12 +1,37 @@ -# Table: azure_app_service_web_app +--- +title: "Steampipe Table: azure_app_service_web_app_slot - Query Azure App Service Web App Slots using SQL" +description: "Allows users to query Azure App Service Web App Slots, providing insights into the configuration, status, and metadata of each slot." +--- -When you deploy your web app on Linux, mobile back end, or API app to Azure App Service, you can use a separate deployment slot instead of the default production slot when running in the Standard, Premium, or Isolated App Service plan tier. Deployment slots are live apps with their host names. App content and configuration elements can be swapped between two deployment slots, including the production slot. +# Table: azure_app_service_web_app_slot - Query Azure App Service Web App Slots using SQL + +Azure App Service Web App Slots are live apps with their own hostnames. They are part of Azure App Service and are designed to help developers handle app deployments. With slots, you can deploy your apps in a controlled manner and avoid downtime. + +## Table Usage Guide + +The `azure_app_service_web_app_slot` table provides insights into Azure App Service Web App Slots. As a developer or DevOps engineer, you can use this table to get detailed information about each slot, including its configuration, status, and metadata. This can be particularly useful when managing app deployments and ensuring smooth transitions between different versions of your app. ## Examples ### Basic info +Explore which web app slots are currently active within the Azure App Service. This allows you to assess their status, identify the ones that have been recently modified, and understand their configuration for better management and optimization. -```sql +```sql+postgres +select + name, + app_name, + id, + kind, + state, + type, + last_modified_time_utc, + repository_site_name, + enabled +from + azure_app_service_web_app_slot; +``` + +```sql+sqlite select name, app_name, @@ -22,8 +47,9 @@ from ``` ### List slots where the apps are enabled +Examine the active slots within Azure's app service to understand where applications are currently operational. This is useful for managing resources, ensuring optimal app performance, and identifying potential areas for scaling or re-allocation. -```sql +```sql+postgres select name, app_name, @@ -39,9 +65,26 @@ where enabled; ``` +```sql+sqlite +select + name, + app_name, + state, + type, + reserved, + server_farm_id, + target_swap_slot, + enabled +from + azure_app_service_web_app_slot +where + enabled = 1; +``` + ### List slots that accept HTTP traffic (i.e only HTTPS is disabled) +Determine the areas in your Azure App Service where only HTTP traffic is allowed, which could potentially expose your web applications to security risks. This query is useful to identify these areas and implement necessary security measures to restrict traffic to HTTPS only. -```sql +```sql+postgres select name, https_only, @@ -53,9 +96,33 @@ where not https_only; ``` +```sql+sqlite +select + name, + https_only, + kind, + region +from + azure_app_service_web_app_slot +where + https_only = 0; +``` + ### Host names of each slot +Determine the areas in which your Azure App Service Web App Slots are being utilized. This can help you understand the distribution of your resources across different regions and resource groups, aiding in efficient resource management. + +```sql+postgres +select + name, + host_names, + kind, + region, + resource_group +from + azure_app_service_web_app_slot; +``` -```sql +```sql+sqlite select name, host_names, @@ -67,8 +134,20 @@ from ``` ### List enabled host names +Determine the areas in which host names are enabled to ensure the proper functioning of your Azure App Service Web App Slots. This allows you to manage and monitor your web applications effectively. + +```sql+postgres +select + name, + id, + type, + kind, + enabled_host_names +from + azure_app_service_web_app_slot; +``` -```sql +```sql+sqlite select name, id, @@ -80,8 +159,9 @@ from ``` ### Get slot swap status of each slot +This query allows you to monitor the status of slot swaps in your Azure App Service Web App Slots. It's useful for keeping track of your deployment process and ensuring smooth transitions between different versions of your web applications. -```sql +```sql+postgres select name, type, @@ -92,9 +172,21 @@ from azure_app_service_web_app_slot; ``` +```sql+sqlite +select + name, + type, + json_extract(slot_swap_status, '$.SlotSwapStatus') as slot_swap_status, + json_extract(slot_swap_status, '$.SourceSlotName') as source_slot_name, + json_extract(slot_swap_status, '$.DestinationSlotName') as destination_slot_name +from + azure_app_service_web_app_slot; +``` + ### Get site config details of each slot +Explore the configuration details of each slot in your Azure App Service Web App to understand the settings of individual workers and software versions. This can be useful for performance tuning and troubleshooting. -```sql +```sql+postgres select name, id, @@ -122,3 +214,32 @@ select from azure_app_service_web_app_slot; ``` + +```sql+sqlite +select + name, + id, + json_extract(site_config, '$.NumberOfWorkers') as number_of_workers, + json_extract(site_config, '$.DefaultDocuments') as DefaultDocuments, + json_extract(site_config, '$.NetFrameworkVersion') as NetFrameworkVersion, + json_extract(site_config, '$.PhpVersion') as PhpVersion, + json_extract(site_config, '$.PythonVersion') as PythonVersion, + json_extract(site_config, '$.NodeVersion') as NodeVersion, + json_extract(site_config, '$.PowerShellVersion') as PowerShellVersion, + json_extract(site_config, '$.LinuxFxVersion') as LinuxFxVersion, + json_extract(site_config, '$.WindowsFxVersion') as WindowsFxVersion, + json_extract(site_config, '$.RequestTracingEnabled') as RequestTracingEnabled, + json_extract(site_config, '$.RequestTracingExpirationTime') as RequestTracingExpirationTime, + json_extract(site_config, '$.RemoteDebuggingEnabled') as RemoteDebuggingEnabled, + json_extract(site_config, '$.RemoteDebuggingVersion') as RemoteDebuggingVersion, + json_extract(site_config, '$.HTTPLoggingEnabled') as HTTPLoggingEnabled, + json_extract(site_config, '$.DetailedErrorLoggingEnabled') as DetailedErrorLoggingEnabled, + json_extract(site_config, '$.PublishingUsername') as PublishingUsername, + json_extract(site_config, '$.AppSettings') as AppSettings, + json_extract(site_config, '$.ConnectionStrings') as ConnectionStrings, + json_extract(site_config, '$.MachineKey') as MachineKey, + json_extract(site_config, '$.HandlerMappings') as HandlerMappings, + json_extract(site_config, '$.DocumentRoot') as DocumentRoot +from + azure_app_service_web_app_slot; +``` \ No newline at end of file diff --git a/docs/tables/azure_application_gateway.md b/docs/tables/azure_application_gateway.md index d6173a45..19b69afc 100644 --- a/docs/tables/azure_application_gateway.md +++ b/docs/tables/azure_application_gateway.md @@ -1,12 +1,22 @@ -# Table: azure_application_gateway +--- +title: "Steampipe Table: azure_application_gateway - Query Azure Application Gateways using SQL" +description: "Allows users to query Azure Application Gateways, providing detailed information about the configuration and status of each gateway." +--- -Azure Application Gateway is a web traffic load balancer that enables you to manage traffic to your web applications. Traditional load balancers operate at the transport layer (OSI layer 4 - TCP and UDP) and route traffic based on source IP address and port, to a destination IP address and port. Application Gateway can make routing decisions based on additional attributes of an HTTP request, for example URI path or host headers. +# Table: azure_application_gateway - Query Azure Application Gateways using SQL + +Azure Application Gateway is a web traffic load balancer that enables you to manage traffic to your web applications. It operates at the application layer (Layer 7) of the Open Systems Interconnection (OSI) network stack, and can route traffic based on various attributes of an HTTP request. The gateway also provides SSL offloading, which removes the SSL-based encryption from incoming traffic. + +## Table Usage Guide + +The `azure_application_gateway` table provides insights into Application Gateways within Azure. As a Network Administrator, explore gateway-specific details through this table, including backend pools, listeners, rules, and associated metadata. Utilize it to uncover information about gateways, such as their health status, configured rules, and the verification of SSL certificates. ## Examples ### Basic info +Explore the general information of your Azure application gateways to gain insights into their types, provisioning states, and regions. This allows you to effectively manage and monitor your gateways, ensuring optimal performance and resource allocation. -```sql +```sql+postgres select id, name, @@ -17,9 +27,21 @@ from azure_application_gateway; ``` -### List web application firewall configurations for application gateway +```sql+sqlite +select + id, + name, + type, + provisioning_state, + region +from + azure_application_gateway; +``` + +### List web application firewall configurations for application gateway +Determine the configurations of your web application firewall for an application gateway. This query aids in understanding the firewall's operational settings, such as enabled status, file upload limits, and rule set details, which are crucial for maintaining optimal security and performance. -```sql +```sql+postgres select id, name, @@ -36,9 +58,27 @@ from azure_application_gateway; ``` -### List http listeners for application gateway +```sql+sqlite +select + id, + name, + web_application_firewall_configuration as disabled_rule_groups, + json_extract(web_application_firewall_configuration, '$.enabled') as enabled, + web_application_firewall_configuration as exclusions, + json_extract(web_application_firewall_configuration, '$.fileUploadLimitInMb') as file_upload_limit_in_mb, + json_extract(web_application_firewall_configuration, '$.firewallMode') as firewall_mode, + json_extract(web_application_firewall_configuration, '$.maxRequestBodySizeInKb') as max_request_body_size_in_kb, + json_extract(web_application_firewall_configuration, '$.requestBodyCheck') as request_body_check, + json_extract(web_application_firewall_configuration, '$.ruleSetType') as rule_set_type, + json_extract(web_application_firewall_configuration, '$.ruleSetVersion') as rule_set_version +from + azure_application_gateway; +``` + +### List http listeners for application gateway +Explore the configuration of HTTP listeners in an application gateway to understand the protocol requirements and server name indication settings. This can be particularly useful in identifying potential security weak points and optimizing network performance. -```sql +```sql+postgres select id, name, @@ -53,9 +93,25 @@ from jsonb_array_elements(http_listeners) as listeners; ``` -### List backend http settings collection for application gateway +```sql+sqlite +select + g.id, + name, + json_extract(listeners.value, '$.id') as listener_id, + json_extract(listeners.value, '$.name') as listener_name, + json_extract(listeners.value, '$.properties.frontendPort') as listener_frontend_port, + json_extract(listeners.value, '$.properties.hostNames') as listener_host_names, + json_extract(listeners.value, '$.properties.protocol') as listener_protocol, + json_extract(listeners.value, '$.properties.requireServerNameIndication') as listener_require_server_name_indication +from + azure_application_gateway as g, + json_each(http_listeners) as listeners; +``` -```sql +### List backend http settings collection for application gateway +Analyze the settings to understand the configuration of your application gateway's backend HTTP settings. This could be useful for assessing aspects like affinity based on cookies, host name selection from backend address, port, protocol, and request timeout. + +```sql+postgres select id, name, @@ -71,9 +127,26 @@ from jsonb_array_elements(backend_http_settings_collection) as settings; ``` -### List frontend IP configurations for application gateway +```sql+sqlite +select + g.id, + name, + json_extract(settings.value, '$.id') as settings_id, + json_extract(settings.value, '$.name') as settings_name, + json_extract(settings.value, '$.properties.cookieBasedAffinity') as settings_cookie_based_affinity, + json_extract(settings.value, '$.properties.pickHostNameFromBackendAddress') as settings_pick_host_name_from_backend_address, + json_extract(settings.value, '$.properties.port') as settings_port, + json_extract(settings.value, '$.properties.protocol') as settings_protocol, + json_extract(settings.value, '$.properties.requestTimeout') as settings_request_timeout +from + azure_application_gateway as g, + json_each(backend_http_settings_collection) as settings; +``` + +### List frontend IP configurations for application gateway +This query is useful for gaining insights into the IP configurations of your application gateway in Azure. It allows you to understand both the public and private allocation methods, which is critical for managing network access and security. -```sql +```sql+postgres select id, name, @@ -85,3 +158,16 @@ from azure_application_gateway, jsonb_array_elements(frontend_ip_configurations) as config; ``` + +```sql+sqlite +select + g.id, + name, + json_extract(config.value, '$.id') as config_id, + json_extract(config.value, '$.name') as config_name, + json_extract(config.value, '$.properties.publicIPAddress') as config_public_ip_address, + json_extract(config.value, '$.properties.privateIPAllocationMethod') as config_private_ip_allocation_method +from + azure_application_gateway as g, + json_each(frontend_ip_configurations) as config; +``` \ No newline at end of file diff --git a/docs/tables/azure_application_insight.md b/docs/tables/azure_application_insight.md index f7afa305..1f78b102 100644 --- a/docs/tables/azure_application_insight.md +++ b/docs/tables/azure_application_insight.md @@ -1,12 +1,33 @@ -# Table: azure_application_insight +--- +title: "Steampipe Table: azure_application_insight - Query Azure Application Insights using SQL" +description: "Allows users to query Application Insights, providing insights into application performance, usage, and availability." +--- -Application Insights is an extension of Azure Monitor and provides Application Performance Monitoring (also known as “APM”) features. +# Table: azure_application_insight - Query Azure Application Insights using SQL + +Application Insights is a service within Microsoft Azure that allows you to monitor and respond to issues across your applications. It provides a centralized way to set up and manage telemetry for various Azure resources, including web applications, databases, and more. Application Insights helps you stay informed about the performance, usage, and availability of your Azure applications and take appropriate actions when predefined conditions are met. + +## Table Usage Guide + +The `azure_application_insight` table provides insights into Application Insights within Microsoft Azure. As a DevOps engineer, explore application-specific details through this table, including telemetry, performance metrics, and associated metadata. Utilize it to uncover information about applications, such as their usage patterns, performance metrics, and the availability status. ## Examples ### Basic info +Explore the details of your Azure Application Insights such as the type, retention period, and region, to better understand and manage your application monitoring settings. This can be particularly useful for optimizing resource allocation and ensuring adherence to data retention policies. + +```sql+postgres +select + name, + kind, + retention_in_days, + region, + resource_group +from + azure_application_insight; +``` -```sql +```sql+sqlite select name, kind, @@ -18,8 +39,22 @@ from ``` ### List application insights having retention period less than 30 days +Explore which Azure Application Insights have a retention period of less than 30 days. This is useful in identifying potential data loss risks due to short retention periods. -```sql +```sql+postgres +select + name, + kind, + retention_in_days, + region, + resource_group +from + azure_application_insight +where + retention_in_days < 30; +``` + +```sql+sqlite select name, kind, @@ -33,8 +68,9 @@ where ``` ### List insights that can be queried publicly +Explore which Azure application insights are accessible via public network. This is useful in determining what information is available for public querying, aiding in data transparency and accessibility assessments. -```sql +```sql+postgres select name, kind, @@ -47,9 +83,23 @@ where public_network_access_for_query ? 'Enabled'; ``` +```sql+sqlite +select + name, + kind, + retention_in_days, + region, + resource_group +from + azure_application_insight +where + json_extract(public_network_access_for_query, '$.Enabled') is not null; +``` + ### List insights that allow ingestion publicly +Explore which Azure Application Insights have public network access enabled for data ingestion. This query is useful for identifying potential security risks and ensuring data privacy standards are met. -```sql +```sql+postgres select name, kind, @@ -60,4 +110,17 @@ from azure_application_insight where public_network_access_for_ingestion ? 'Enabled'; +``` + +```sql+sqlite +select + name, + kind, + retention_in_days, + region, + resource_group +from + azure_application_insight +where + json_extract(public_network_access_for_ingestion, '$.Enabled') is not null; ``` \ No newline at end of file diff --git a/docs/tables/azure_application_security_group.md b/docs/tables/azure_application_security_group.md index 014750a8..11a5de07 100644 --- a/docs/tables/azure_application_security_group.md +++ b/docs/tables/azure_application_security_group.md @@ -1,12 +1,22 @@ -# Table: azure_application_security_groups +--- +title: "Steampipe Table: azure_application_security_group - Query Azure Application Security Groups using SQL" +description: "Allows users to query Azure Application Security Groups, providing insights into security configuration and potential network vulnerabilities." +--- -Application security groups enable you to configure network security as a natural extension of an application's structure, allowing you to group virtual machines and define network security policies based on those groups. +# Table: azure_application_security_group - Query Azure Application Security Groups using SQL + +An Azure Application Security Group is a logical representation of an application in Azure. It allows for the grouping of servers based on applications for security and isolation of network traffic. This provides a more natural way to apply and manage security policies based on applications rather than explicit IP addresses or subnets. + +## Table Usage Guide + +The `azure_application_security_group` table provides insights into Application Security Groups within Azure. As a security analyst, explore application-specific details through this table, including security configurations, associated network interfaces, and potential vulnerabilities. Utilize it to uncover information about applications, such as those with weak security settings, the relationships between applications and network interfaces, and the verification of security policies. ## Examples ### Basic info +Explore which applications are grouped together in Azure, and determine the areas in which these groups are deployed. This can aid in understanding the organization and distribution of your applications across different regions. -```sql +```sql+postgres select name, region, @@ -15,10 +25,19 @@ from azure_application_security_group; ``` +```sql+sqlite +select + name, + region, + resource_group +from + azure_application_security_group; +``` ### List of application security group without application tag key +Identify instances where Azure application security groups lack the 'application' tag key. This can help streamline organization and management of security groups. -```sql +```sql+postgres select name, tags @@ -27,3 +46,13 @@ from where not tags :: JSONB ? 'application'; ``` + +```sql+sqlite +select + name, + tags +from + azure_application_security_group +where + json_extract(tags, '$.application') is null; +``` \ No newline at end of file diff --git a/docs/tables/azure_automation_account.md b/docs/tables/azure_automation_account.md index 13c4e66b..ea7ec933 100644 --- a/docs/tables/azure_automation_account.md +++ b/docs/tables/azure_automation_account.md @@ -1,12 +1,32 @@ -# Table: azure_automation_account +--- +title: "Steampipe Table: azure_automation_account - Query Azure Automation Accounts using SQL" +description: "Allows users to query Azure Automation Accounts, providing insights into the configuration, status, and metadata of each account." +--- - Automation accounts allow you to isolate your Automation resources, runbooks, assets, and configurations from the resources of other accounts. You can use Automation accounts to separate resources into separate logical environments or delegated responsibilities. +# Table: azure_automation_account - Query Azure Automation Accounts using SQL + +Azure Automation is a service in Microsoft Azure that allows you to automate your Azure management tasks and to orchestrate actions across external systems from right within Azure. It enables you to automate frequent, time-consuming, and error-prone cloud management tasks. Azure Automation account is a container for holding your automation resources in Azure. + +## Table Usage Guide + +The `azure_automation_account` table provides insights into Automation Accounts within Microsoft Azure. As a cloud administrator, you can use this table to explore account-specific details, such as the configuration, status, and associated metadata. Leverage it to monitor and manage your automation resources, ensuring they are configured correctly and operating as expected. ## Examples ### Basic info +Explore which automation accounts are currently active within your Azure environment. This can be helpful for managing resources and understanding the types of automation accounts in use. + +```sql+postgres +select + name, + id, + resource_group, + type +from + azure_automation_account; +``` -```sql +```sql+sqlite select name, id, @@ -17,8 +37,9 @@ from ``` ### List accounts that are created in last 30 days +Explore which accounts were established in the past month. This can help in tracking recent activity and understanding the growth pattern of your accounts. -```sql +```sql+postgres select name, id, @@ -31,9 +52,23 @@ where creation_time >= now() - interval '30' day; ``` +```sql+sqlite +select + name, + id, + resource_group, + type, + creation_time +from + azure_automation_account +where + creation_time >= datetime('now', '-30 day'); +``` + ### List accounts that are suspended +Determine the areas in your Azure automation accounts where accounts are suspended. This query can be useful in identifying potential issues or disruptions in your automation workflows. -```sql +```sql+postgres select name, id, @@ -46,3 +81,17 @@ from where state = 'AccountStateSuspended'; ``` + +```sql+sqlite +select + name, + id, + resource_group, + type, + creation_time, + state +from + azure_automation_account +where + state = 'AccountStateSuspended'; +``` \ No newline at end of file diff --git a/docs/tables/azure_automation_variable.md b/docs/tables/azure_automation_variable.md index ba1f6af2..2c77e04e 100644 --- a/docs/tables/azure_automation_variable.md +++ b/docs/tables/azure_automation_variable.md @@ -1,12 +1,34 @@ -# Table: azure_automation_variable +--- +title: "Steampipe Table: azure_automation_variable - Query Azure Automation Variables using SQL" +description: "Allows users to query Azure Automation Variables, providing a comprehensive view of all variables that are used within Azure Automation." +--- -Variable assets are values that are available to all runbooks and DSC configurations in your Automation account. You can manage them from the Azure portal, from PowerShell, within a runbook, or in a DSC configuration. +# Table: azure_automation_variable - Query Azure Automation Variables using SQL + +Azure Automation is a cloud-based service offered by Microsoft Azure that allows organizations to automate and configure certain tasks across their Azure and non-Azure environments. It provides a way to manage, monitor, and act upon the infrastructure resources in a scalable and reliable manner. Azure Automation Variables are entities within this service that store values which can be used in runbooks, DSC configurations, and other features of Azure Automation. + +## Table Usage Guide + +The `azure_automation_variable` table provides insights into Azure Automation Variables within Azure Automation. As a DevOps engineer, explore variable-specific details through this table, including the type of value it holds, whether it is encrypted, and its associated metadata. Utilize it to uncover information about variables, such as their current values, and the automation accounts they are associated with. ## Examples ### Basic info +Analyze the settings to understand the encryption status of variables in your Azure automation accounts. This will help in assessing the security posture of your automation workflows. + +```sql+postgres +select + id, + name, + account_name, + type, + is_encrypted, + value +from + azure_automation_variable; +``` -```sql +```sql+sqlite select id, name, @@ -19,8 +41,23 @@ from ``` ### List variables that are unencrypted +Discover the segments that are unencrypted within your Azure Automation variables. This can be beneficial in identifying potential security risks and ensuring data protection standards are met. + +```sql+postgres +select + id, + name, + account_name, + type, + is_encrypted, + value +from + azure_automation_variable +where + not is_encrypted; +``` -```sql +```sql+sqlite select id, name, @@ -35,8 +72,9 @@ where ``` ### List variables created in last 30 days +Explore the recent changes in your Azure Automation environment by identifying variables that were created within the last 30 days. This can help you monitor and control your automation tasks, ensuring they align with your current needs and standards. -```sql +```sql+postgres select id, name, @@ -51,9 +89,25 @@ where creation_time >= now() - interval '30' day; ``` +```sql+sqlite +select + id, + name, + account_name, + creation_time, + type, + is_encrypted, + value +from + azure_automation_variable +where + creation_time >= datetime('now', '-30 day'); +``` + ### Get details of a variable +Discover the specifics of a particular variable within a given account and resource group. This is useful in understanding the variable's attributes, such as its type and encryption status, which can aid in managing and securing your Azure automation tasks. -```sql +```sql+postgres select id, name, @@ -68,3 +122,19 @@ where and name = 'turbot' and resource_group = 'turbot_rg'; ``` + +```sql+sqlite +select + id, + name, + account_name, + type, + is_encrypted, + value +from + azure_automation_variable +where + account_name = 'turbot_account' + and name = 'turbot' + and resource_group = 'turbot_rg'; +``` \ No newline at end of file diff --git a/docs/tables/azure_bastion_host.md b/docs/tables/azure_bastion_host.md index d3edd54b..87aeca9a 100644 --- a/docs/tables/azure_bastion_host.md +++ b/docs/tables/azure_bastion_host.md @@ -1,12 +1,33 @@ -# Table: azure_bastion_host +--- +title: "Steampipe Table: azure_bastion_host - Query Azure Bastion Hosts using SQL" +description: "Allows users to query Azure Bastion Hosts, providing detailed information about the secure, fully managed network virtual appliance that provides seamless RDP and SSH connectivity to your virtual machines over the Secure Sockets Layer (SSL)." +--- -Azure Bastion is a service you deploy that lets you connect to a virtual machine using your browser and the Azure portal, or via the native SSH or RDP client already installed on your local computer. The Azure Bastion service is a fully platform-managed PaaS service that you provision inside your virtual network. It provides secure and seamless RDP/SSH connectivity to your virtual machines directly from the Azure portal over TLS. When you connect via Azure Bastion, your virtual machines don't need a public IP address, agent, or special client software. +# Table: azure_bastion_host - Query Azure Bastion Hosts using SQL + +Azure Bastion is a fully managed network virtual appliance that provides seamless RDP and SSH connectivity to your virtual machines over the Secure Sockets Layer (SSL). This service is provisioned directly in your Virtual Network (VNet) and supports all VMs in your VNet using SSL without any exposure through public IP addresses. It enables secure and seamless RDP/SSH connectivity to your virtual machines directly from the Azure portal over SSL. + +## Table Usage Guide + +The `azure_bastion_host` table provides insights into Azure Bastion Hosts within Microsoft Azure. As a network administrator, explore details about these hosts through this table, including their locations, subnet IDs, and provisioning states. Utilize it to uncover information about hosts, such as their public IP addresses, scale units, and tags, helping ensure secure and seamless connectivity to your virtual machines. ## Examples ### Basic info +Explore which Azure Bastion hosts are being used by checking their provision status and location. This can aid in understanding the distribution of resources and their operational state across different regions and groups. + +```sql+postgres +select + name, + dns_name, + provisioning_state, + region, + resource_group +from + azure_bastion_host; +``` -```sql +```sql+sqlite select name, dns_name, @@ -18,8 +39,22 @@ from ``` ### List bastion hosts that are in failed state +Determine the areas in which Azure Bastion hosts are not provisioned successfully. This query is useful in identifying and troubleshooting the failed instances, allowing for prompt resolution and minimizing downtime. + +```sql+postgres +select + name, + dns_name, + provisioning_state, + region, + resource_group +from + azure_bastion_host +where + provisioning_state = 'Failed'; +``` -```sql +```sql+sqlite select name, dns_name, @@ -33,8 +68,9 @@ where ``` ### Get subnet details associated with each host +This query is useful for identifying the specific subnet details associated with each host within your Azure environment. It can provide valuable insights for network management, helping to understand the distribution of hosts across different subnets. -```sql +```sql+postgres select h.name as bastion_host_name, s.id as subnet_id, @@ -48,9 +84,24 @@ where s.id = ip -> 'properties' -> 'subnet' ->> 'id'; ``` +```sql+sqlite +select + h.name as bastion_host_name, + s.id as subnet_id, + s.name as subnet_name, + address_prefix +from + azure_bastion_host h, + json_each(h.ip_configurations) ip, + azure_subnet s +where + s.id = json_extract(ip.value, '$.properties.subnet.id'); +``` + ### Get IP configuration details associated with each host +This query is used to analyze the IP configuration details associated with each host in the Azure Bastion service. It can help in understanding the allocation method and SKU of each IP configuration, thereby providing insights into the network setup of your Azure resources. -```sql +```sql+postgres select h.name as bastion_host_name, i.name as ip_configuration_name, @@ -64,4 +115,20 @@ from azure_public_ip i where i.id = ip -> 'properties' -> 'publicIPAddress' ->> 'id'; +``` + +```sql+sqlite +select + h.name as bastion_host_name, + i.name as ip_configuration_name, + ip_configuration_id, + ip_address, + public_ip_allocation_method, + sku_name as ip_configuration_sku +from + azure_bastion_host h, + json_each(ip_configurations) ip, + azure_public_ip i +where + i.id = json_extract(ip.value, '$.properties.publicIPAddress.id'); ``` \ No newline at end of file diff --git a/docs/tables/azure_batch_account.md b/docs/tables/azure_batch_account.md index ab28422e..e3427c96 100644 --- a/docs/tables/azure_batch_account.md +++ b/docs/tables/azure_batch_account.md @@ -1,12 +1,34 @@ -# Table: azure_batch_account +--- +title: "Steampipe Table: azure_batch_account - Query Azure Batch Accounts using SQL" +description: "Allows users to query Azure Batch Accounts, specifically retrieving details such as the account name, resource group, location, and subscription ID." +--- -An Azure Batch account is a uniquely identified entity within the Batch service. Most Batch solutions use Azure Storage for storing resource files and output files, so each Batch account is usually associated with a corresponding storage account. +# Table: azure_batch_account - Query Azure Batch Accounts using SQL + +Azure Batch is a cloud-based job scheduling service that parallelizes and distributes the processing of large volumes of data across many computers. It is designed to manage and run hundreds to thousands of tasks concurrently. This service reduces the time and cost associated with processing large amounts of data. + +## Table Usage Guide + +The `azure_batch_account` table provides insights into Batch Accounts within Azure Batch service. As a data engineer, explore account-specific details through this table, including account name, resource group, location, and subscription ID. Utilize it to uncover information about accounts, such as those with specific locations, the resource groups they belong to, and the verification of subscription IDs. ## Examples ### Basic info +Explore which Azure Batch accounts are currently provisioned, along with their dedicated core quotas and regional locations. This can be particularly useful for managing resources and optimizing cloud infrastructure. + +```sql+postgres +select + name, + id, + type, + provisioning_state, + dedicated_core_quota, + region +from + azure_batch_account; +``` -```sql +```sql+sqlite select name, id, @@ -19,8 +41,9 @@ from ``` ### List failed batch accounts +Identify instances where Azure batch account provisioning has failed. This is useful for troubleshooting and understanding the areas where resource allocation has been unsuccessful. -```sql +```sql+postgres select name, id, @@ -33,3 +56,17 @@ from where provisioning_state = 'Failed'; ``` + +```sql+sqlite +select + name, + id, + type, + provisioning_state, + dedicated_core_quota, + region +from + azure_batch_account +where + provisioning_state = 'Failed'; +``` \ No newline at end of file diff --git a/docs/tables/azure_cognitive_account.md b/docs/tables/azure_cognitive_account.md index 2451f514..15e48a2f 100644 --- a/docs/tables/azure_cognitive_account.md +++ b/docs/tables/azure_cognitive_account.md @@ -1,12 +1,33 @@ -# Table: azure_cognitive_account +--- +title: "Steampipe Table: azure_cognitive_account - Query Azure Cognitive Services Accounts using SQL" +description: "Allows users to query Azure Cognitive Services Accounts, providing insights into various cognitive services such as AI, speech analysis, language understanding, and search capabilities." +--- -Azure Cognitive Services are cloud-based services with REST APIs and client library SDKs available to help you build cognitive intelligence into your applications. You can add cognitive features to your applications without having artificial intelligence (AI) or data science skills. Azure Cognitive Services comprise various AI services that enable you to build cognitive solutions that can see, hear, speak, understand, and even make decisions. +# Table: azure_cognitive_account - Query Azure Cognitive Services Accounts using SQL + +Azure Cognitive Services is a collection of AI services and cognitive APIs to help you build intelligent apps. These services enable you to easily add cognitive features into your applications. The features include vision, speech, language, knowledge, and search capabilities. + +## Table Usage Guide + +The `azure_cognitive_account` table offers insights into the Azure Cognitive Services Accounts. As a developer or AI engineer, you can explore details about these accounts, such as the types of cognitive services being used, their configurations, and associated metadata. This information can be crucial for understanding the cognitive capabilities integrated into your applications and for optimizing their performance and usage. ## Examples ### Basic info +Determine the areas in which your Azure Cognitive Service accounts are provisioned, to better understand your resource usage and management. This is particularly useful for identifying any inconsistencies in provisioning and for gaining insights into your overall Azure resource allocation. + +```sql+postgres +select + name, + id, + kind, + type, + provisioning_state +from + azure_cognitive_account; +``` -```sql +```sql+sqlite select name, id, @@ -18,8 +39,23 @@ from ``` ### List accounts with enabled public network access +Discover the segments that have public network access enabled on their accounts. This is beneficial for identifying potential security risks and ensuring appropriate network access controls are in place. -```sql +```sql+postgres +select + name, + id, + kind, + type, + provisioning_state, + public_network_access +from + azure_cognitive_account +where + public_network_access = 'Enabled'; +``` + +```sql+sqlite select name, id, @@ -34,8 +70,9 @@ where ``` ### List private endpoint connection details for accounts +Determine the details of private endpoint connections for Azure cognitive accounts. This can help in managing and monitoring the security and access control of your cognitive services in Azure. -```sql +```sql+postgres select name, id, @@ -49,9 +86,24 @@ from jsonb_array_elements(private_endpoint_connections) as connections; ``` +```sql+sqlite +select + name, + a.id, + json_extract(connections.value, '$.ID') as connection_id, + json_extract(connections.value, '$.Name') as connection_name, + json_extract(connections.value, '$.PrivateEndpointID') as property_private_endpoint_id, + connections.value as property_private_link_service_connection_state, + json_extract(connections.value, '$.Type') as connection_type +from + azure_cognitive_account as a, + json_each(private_endpoint_connections) as connections; +``` + ### List diagnostic setting details for accounts +Determine the diagnostic settings of Azure cognitive accounts to understand how they're configured. This is useful for auditing and managing account settings for optimal performance and security. -```sql +```sql+postgres select name, id, @@ -65,3 +117,18 @@ from azure_cognitive_account, jsonb_array_elements(diagnostic_settings) as settings; ``` + +```sql+sqlite +select + name, + a.id, + json_extract(settings.value, '$.id') as settings_id, + json_extract(settings.value, '$.name') as settings_name, + settings.value -> 'properties' -> 'logs' as settings_properties_logs, + settings.value -> 'properties' -> 'metrics' as settings_properties_metrics, + json_extract(settings.value, '$.properties.workspaceId') as settings_properties_workspaceId, + json_extract(settings.value, '$.type') as settings_type +from + azure_cognitive_account as a, + json_each(diagnostic_settings) as settings; +``` \ No newline at end of file diff --git a/docs/tables/azure_compute_availability_set.md b/docs/tables/azure_compute_availability_set.md index 13232a08..8b5858e1 100644 --- a/docs/tables/azure_compute_availability_set.md +++ b/docs/tables/azure_compute_availability_set.md @@ -1,12 +1,22 @@ -# Table: azure_compute_availability_set +--- +title: "Steampipe Table: azure_compute_availability_set - Query Azure Compute Availability Sets using SQL" +description: "Allows users to query Azure Compute Availability Sets, providing insights into the availability of resources within an Azure Resource Group." +--- -An Availability Set is a logical grouping capability for isolating VM resources from each other when they're deployed. +# Table: azure_compute_availability_set - Query Azure Compute Availability Sets using SQL + +Azure Compute Availability Sets are a high-availability feature for providing redundant compute resources in Azure. They enable you to ensure that your application is available during planned and unplanned maintenance. Availability Sets are a strategy for achieving high availability and fault tolerance in Azure by ensuring that VM resources are located across multiple isolated hardware nodes in a cluster. + +## Table Usage Guide + +The `azure_compute_availability_set` table provides insights into the availability sets within Azure Compute. As a system administrator, explore availability set-specific details through this table, including fault domains, update domains, and associated metadata. Use it to uncover information about availability sets, such as those with high fault tolerance and the verification of update policies. ## Examples ### Basic info +Analyze the settings to understand the count of fault domains and update domains within your Azure Compute availability sets across different regions. This is beneficial for managing and optimizing your cloud resources, ensuring balanced workloads and high availability. -```sql +```sql+postgres select name, platform_fault_domain_count, @@ -16,10 +26,20 @@ from azure_compute_availability_set; ``` +```sql+sqlite +select + name, + platform_fault_domain_count, + platform_update_domain_count, + region +from + azure_compute_availability_set; +``` ### List of availability sets which does not use managed disks configuration +Determine the areas in which Azure availability sets are not utilizing the managed disks configuration. This can be useful in identifying potential opportunities for optimization and cost reduction. -```sql +```sql+postgres select name, sku_name @@ -29,10 +49,20 @@ where sku_name = 'Classic'; ``` +```sql+sqlite +select + name, + sku_name +from + azure_compute_availability_set +where + sku_name = 'Classic'; +``` ### List of availability sets without application tag key +Explore which Azure Compute availability sets are missing an 'application' tag. This is useful for identifying areas in your infrastructure that may lack important metadata, potentially impacting resource management and organization. -```sql +```sql+postgres select name, tags @@ -41,3 +71,13 @@ from where not tags :: JSONB ? 'application'; ``` + +```sql+sqlite +select + name, + tags +from + azure_compute_availability_set +where + json_extract(tags, '$.application') is null; +``` \ No newline at end of file diff --git a/docs/tables/azure_compute_disk.md b/docs/tables/azure_compute_disk.md index 9e003d7e..1bf6dc7a 100644 --- a/docs/tables/azure_compute_disk.md +++ b/docs/tables/azure_compute_disk.md @@ -1,12 +1,22 @@ -# Table: azure_compute_disk +--- +title: "Steampipe Table: azure_compute_disk - Query Azure Compute Disks using SQL" +description: "Allows users to query Azure Compute Disks, specifically providing details about each disk's properties including its type, size, location, and encryption settings." +--- -Azure Managed Disks are the new and recommended disk storage offering for use with Azure virtual machines for persistent storage of data. +# Table: azure_compute_disk - Query Azure Compute Disks using SQL + +Azure Compute Disk is a resource within Microsoft Azure that allows you to create and manage disks for your virtual machines. These disks can be used as system disks or data disks and come in different types, including standard HDD, standard SSD, and premium SSD. Azure Compute Disk also supports disk encryption for enhanced security. + +## Table Usage Guide + +The `azure_compute_disk` table provides insights into the disks used in Azure Compute. As a system administrator or developer, you can explore disk-specific details through this table, including the type, size, location, and encryption settings of each disk. Utilize it to manage disk resources effectively, ensuring optimal allocation and enhanced security. ## Examples ### List of all premium tier compute disks +Determine the areas in which premium tier compute disks are being utilized across your Azure environment. This can help in resource management and cost optimization by identifying areas of high-end usage. -```sql +```sql+postgres select name, sku_name, @@ -17,10 +27,21 @@ where sku_tier = 'Premium'; ``` +```sql+sqlite +select + name, + sku_name, + sku_tier +from + azure_compute_disk +where + sku_tier = 'Premium'; +``` ### List of unattached disks +Discover the segments that consist of unused storage resources within your Azure infrastructure. This can aid in optimizing resource allocation and reducing unnecessary costs. -```sql +```sql+postgres select name, disk_state @@ -30,10 +51,20 @@ where disk_state = 'Unattached'; ``` +```sql+sqlite +select + name, + disk_state +from + azure_compute_disk +where + disk_state = 'Unattached'; +``` ### Size and performance info of each disk +Gain insights into the performance and size of each disk in your Azure Compute service. This helps in optimizing resource allocation and identifying potential performance bottlenecks. -```sql +```sql+postgres select name, disk_size_gb as disk_size, @@ -45,10 +76,22 @@ from azure_compute_disk; ``` +```sql+sqlite +select + name, + disk_size_gb as disk_size, + disk_iops_read_only as disk_iops_read_only, + disk_iops_read_write as provision_iops, + disk_iops_mbps_read_write as bandwidth, + disk_iops_mbps_read_only as disk_mbps_read_write +from + azure_compute_disk; +``` ### List of compute disks which are not available in multiple az +Determine the areas in which Azure Compute Disks are not available across multiple availability zones. This is useful for identifying potential vulnerabilities in your system's redundancy and disaster recovery capabilities. -```sql +```sql+postgres select name, az, @@ -60,10 +103,22 @@ where zones is not null; ``` +```sql+sqlite +select + name, + az.value as az, + region +from + azure_compute_disk, + json_each(zones) az +where + zones is not null; +``` ### List of compute disks which are not encrypted with customer key +Discover the segments that utilize compute disks not encrypted with a customer key, enabling you to identify potential security risks and take necessary actions to enhance data protection. -```sql +```sql+postgres select name, encryption_type @@ -72,3 +127,13 @@ from where encryption_type <> 'EncryptionAtRestWithCustomerKey'; ``` + +```sql+sqlite +select + name, + encryption_type +from + azure_compute_disk +where + encryption_type != 'EncryptionAtRestWithCustomerKey'; +``` \ No newline at end of file diff --git a/docs/tables/azure_compute_disk_access.md b/docs/tables/azure_compute_disk_access.md index f01634a9..e7bd2fab 100644 --- a/docs/tables/azure_compute_disk_access.md +++ b/docs/tables/azure_compute_disk_access.md @@ -1,12 +1,33 @@ -# Table: azure_compute_disk_access +--- +title: "Steampipe Table: azure_compute_disk_access - Query Azure Compute Disk Accesses using SQL" +description: "Allows users to query Azure Compute Disk Accesses, providing detailed information about access configurations and their related resources." +--- -Disk access resource is required to use private link to export and import managed disks, first you create a disk access resource and link it to a virtual network in the same subscription by creating a private endpoint. Then, associate a disk or a snapshot with a disk access instance. +# Table: azure_compute_disk_access - Query Azure Compute Disk Accesses using SQL + +Azure Compute Disk Access is a feature within Microsoft Azure that enables granular access control to managed disks. It provides a secure way to authorize specific virtual machines to access specific managed disks. Azure Compute Disk Access enhances the security and management of your Azure resources by controlling access at the disk level. + +## Table Usage Guide + +The `azure_compute_disk_access` table provides insights into disk access configurations within Azure Compute. As a Security Analyst, explore disk access-specific details through this table, including access locations, permissions, and associated virtual machines. Utilize it to uncover information about disk accesses, such as those with specific permissions, the relationships between disk accesses and virtual machines, and the verification of access policies. ## Examples ### Basic info +Explore the fundamental details of your Azure disk access resources to understand their status and organization. This can help in managing resources and ensuring optimal utilization. + +```sql+postgres +select + name, + id, + type, + provisioning_state, + resource_group +from + azure_compute_disk_access; +``` -```sql +```sql+sqlite select name, id, @@ -18,8 +39,9 @@ from ``` ### List failed disk accesses +Explore which disk accesses in your Azure Compute resource have failed. This is beneficial for identifying potential issues with your resources and taking necessary corrective actions. -```sql +```sql+postgres select name, id, @@ -31,3 +53,16 @@ from where provisioning_state = 'Failed'; ``` + +```sql+sqlite +select + name, + id, + type, + provisioning_state, + resource_group +from + azure_compute_disk_access +where + provisioning_state = 'Failed'; +``` \ No newline at end of file diff --git a/docs/tables/azure_compute_disk_encryption_set.md b/docs/tables/azure_compute_disk_encryption_set.md index cb9c97bb..283c74e5 100644 --- a/docs/tables/azure_compute_disk_encryption_set.md +++ b/docs/tables/azure_compute_disk_encryption_set.md @@ -1,12 +1,22 @@ -# Table: azure_compute_disk_encryption_set +--- +title: "Steampipe Table: azure_compute_disk_encryption_set - Query Azure Compute Disk Encryption Sets using SQL" +description: "Allows users to query Azure Compute Disk Encryption Sets, specifically the encryption settings and associated metadata, providing insights into data security and compliance." +--- -Disk Encryption Set simplifies the key management for managed disks. When a disk encryption set is created, a system-assigned managed identity is created in Azure Active Directory (AD) and associated with the disk encryption set. +# Table: azure_compute_disk_encryption_set - Query Azure Compute Disk Encryption Sets using SQL + +Azure Compute Disk Encryption Sets is a resource within Microsoft Azure that manages the encryption of Azure Disk Storage. It provides a centralized way to manage and enforce encryption policies for data at rest. Azure Compute Disk Encryption Sets help you meet organizational security and compliance commitments. + +## Table Usage Guide + +The `azure_compute_disk_encryption_set` table provides insights into encryption sets within Azure Compute Disk. As a security analyst, explore encryption set-specific details through this table, including encryption settings, associated keys, and metadata. Utilize it to uncover information about encryption sets, such as those with outdated keys, the associations between encryption sets and disks, and the verification of encryption policies. ## Examples ### Key vault associated with each disk encryption set +Determine the areas in which a specific key vault is associated with each disk encryption set. This can be useful for understanding the security configuration of your Azure resources and identifying potential vulnerabilities. -```sql +```sql+postgres select name, split_part(active_key_source_vault_id, '/', 9) as vault_name, @@ -15,10 +25,15 @@ from azure_compute_disk_encryption_set; ``` +```sql+sqlite +Error: SQLite does not support split_part function. +``` + ### List of encryption sets which are not using customer managed key +Determine the areas in which disk encryption sets in Azure are not utilizing customer-managed keys. This is useful for identifying potential security vulnerabilities where data is not being encrypted using customer's keys. -```sql +```sql+postgres select name, encryption_type @@ -31,10 +46,34 @@ where ); ``` +```sql+sqlite +select + name, + encryption_type +from + azure_compute_disk_encryption_set +where + ( + encryption_type != 'EncryptionAtRestWithPlatformAndCustomerKeys' + and encryption_type != 'EncryptionAtRestWithCustomerKey' + ); +``` + ### Identity info of each disk encryption set +Assess the elements within each disk encryption set to gain insights into their identity information. This can help in managing and tracking the sets effectively across your network. + +```sql+postgres +select + name, + identity_type, + identity_principal_id, + identity_tenant_id +from + azure_compute_disk_encryption_set; +``` -```sql +```sql+sqlite select name, identity_type, diff --git a/docs/tables/azure_compute_disk_metric_read_ops.md b/docs/tables/azure_compute_disk_metric_read_ops.md index 03b106bd..a66778fa 100644 --- a/docs/tables/azure_compute_disk_metric_read_ops.md +++ b/docs/tables/azure_compute_disk_metric_read_ops.md @@ -1,12 +1,37 @@ -# Table: azure_compute_disk_metric_read_ops +--- +title: "Steampipe Table: azure_compute_disk_metric_read_ops - Query Azure Compute Disk Metrics using SQL" +description: "Allows users to query Azure Compute Disk Metrics, specifically read operations, providing insights into disk performance and potential bottlenecks." +--- -Azure Monitor metrics provide data about the performance of your systems. The `azure_compute_disk_metric_read_ops` table provides metric statistics at 5 minutes intervals for the most recent 5 days. +# Table: azure_compute_disk_metric_read_ops - Query Azure Compute Disk Metrics using SQL + +Azure Compute Disk Metrics is a resource within Microsoft Azure that allows you to monitor and analyze the performance of your Azure managed disks. It provides detailed information about read and write operations, throughput, and latency for your disks. Azure Compute Disk Metrics helps you understand disk performance and identify potential bottlenecks or performance issues. + +## Table Usage Guide + +The `azure_compute_disk_metric_read_ops` table provides insights into read operations on Azure managed disks. As a system administrator or DevOps engineer, explore disk-specific details through this table, including the number of read operations, the time of the operations, and associated metadata. Utilize it to monitor and analyze disk performance, identify potential bottlenecks, and optimize disk usage. ## Examples ### Basic info +Explore the performance of Azure compute disks over time by assessing the minimum, maximum, and average read operations. This can help determine potential bottlenecks and optimize disk usage for better system performance. -```sql +```sql+postgres +select + name, + timestamp, + minimum, + maximum, + average, + sample_count +from + azure_compute_disk_metric_read_ops +order by + name, + timestamp; +``` + +```sql+sqlite select name, timestamp, @@ -22,8 +47,9 @@ order by ``` ### Operations Over 10 Bytes average +Determine the performance of Azure Compute Disks by identifying instances where the average read operations exceed 10 bytes. This is useful to monitor and optimize disk usage for improved system performance. -```sql +```sql+postgres select name, timestamp, @@ -39,3 +65,20 @@ order by name, timestamp; ``` + +```sql+sqlite +select + name, + timestamp, + round(minimum,2) as min_read_ops, + round(maximum,2) as max_read_ops, + round(average,2) as avg_read_ops, + sample_count +from + azure_compute_disk_metric_read_ops +where + average > 10 +order by + name, + timestamp; +``` \ No newline at end of file diff --git a/docs/tables/azure_compute_disk_metric_read_ops_daily.md b/docs/tables/azure_compute_disk_metric_read_ops_daily.md index e9bb1817..f10ec0e9 100644 --- a/docs/tables/azure_compute_disk_metric_read_ops_daily.md +++ b/docs/tables/azure_compute_disk_metric_read_ops_daily.md @@ -1,12 +1,37 @@ -# Table: azure_compute_disk_metric_read_ops_daily +--- +title: "Steampipe Table: azure_compute_disk_metric_read_ops_daily - Query Azure Compute Disk Metrics using SQL" +description: "Allows users to query Azure Compute Disk Metrics, specifically the daily read operations, providing insights into disk read performance and potential bottlenecks." +--- -Azure Monitor metrics provide data about the performance of your systems. The `azure_compute_disk_metric_read_ops_daily` table provides metric statistics at 24 hours intervals for the most recent 1 year. +# Table: azure_compute_disk_metric_read_ops_daily - Query Azure Compute Disk Metrics using SQL + +Azure Compute Disk Metrics is a feature within Microsoft Azure that provides data about the performance of Azure managed disks. It provides detailed information about disk read operations, write operations, and other disk performance metrics. This feature helps users monitor and optimize the performance of their Azure managed disks. + +## Table Usage Guide + +The `azure_compute_disk_metric_read_ops_daily` table provides insights into the daily read operations of Azure managed disks. As a system administrator or DevOps engineer, use this table to monitor disk performance and identify potential bottlenecks or performance issues. This table can be particularly useful in optimizing disk usage and ensuring efficient operation of your Azure resources. ## Examples ### Basic info +Explore the daily read operations on Azure compute disks to gain insights into the average, minimum, and maximum operations, along with the sample count. This is useful for tracking disk usage patterns and identifying any unusual activity or potential bottlenecks. -```sql +```sql+postgres +select + name, + timestamp, + minimum, + maximum, + average, + sample_count +from + azure_compute_disk_metric_read_ops_daily +order by + name, + timestamp; +``` + +```sql+sqlite select name, timestamp, @@ -22,8 +47,9 @@ order by ``` ### Operations Over 10 Bytes average +This query is used to monitor the performance of Azure Compute Disk operations by identifying those with an average read operation count exceeding 10 per day. It allows for effective resource management by highlighting areas where usage may be higher than expected. -```sql +```sql+postgres select name, timestamp, @@ -39,3 +65,20 @@ order by name, timestamp; ``` + +```sql+sqlite +select + name, + timestamp, + round(minimum,2) as min_read_ops, + round(maximum,2) as max_read_ops, + round(average,2) as avg_read_ops, + sample_count +from + azure_compute_disk_metric_read_ops_daily +where + average > 10 +order by + name, + timestamp; +``` \ No newline at end of file diff --git a/docs/tables/azure_compute_disk_metric_read_ops_hourly.md b/docs/tables/azure_compute_disk_metric_read_ops_hourly.md index b9946142..3b1bddb7 100644 --- a/docs/tables/azure_compute_disk_metric_read_ops_hourly.md +++ b/docs/tables/azure_compute_disk_metric_read_ops_hourly.md @@ -1,12 +1,37 @@ -# Table: azure_compute_disk_metric_read_ops_hourly +--- +title: "Steampipe Table: azure_compute_disk_metric_read_ops_hourly - Query Azure Compute Disk Metrics using SQL" +description: "Allows users to query Azure Compute Disk Metrics, specifically the hourly read operations count, providing insights into disk usage patterns and potential performance issues." +--- -Azure Monitor metrics provide data about the performance of your systems. The `azure_compute_disk_metric_read_ops_hourly` table provides metric statistics at 1 hour intervals for the most recent 60 days. +# Table: azure_compute_disk_metric_read_ops_hourly - Query Azure Compute Disk Metrics using SQL + +Azure Compute Disks are data storage units available in Microsoft Azure. They are used to store data for Azure Virtual Machines and other services. Azure Compute Disks provide high-performance, durable storage for I/O-intensive workloads. + +## Table Usage Guide + +The `azure_compute_disk_metric_read_ops_hourly` table provides insights into read operations of Azure Compute Disks on an hourly basis. As a system administrator or a DevOps engineer, explore disk-specific details through this table, including the number of read operations, the time of operations, and associated metadata. Utilize it to monitor disk performance, identify usage patterns, and detect potential performance issues. ## Examples ### Basic info +Assess the elements within the Azure compute disk's read operations on an hourly basis. This can help in identifying patterns, understanding usage trends, and planning for capacity or performance optimization. -```sql +```sql+postgres +select + name, + timestamp, + minimum, + maximum, + average, + sample_count +from + azure_compute_disk_metric_read_ops_hourly +order by + name, + timestamp; +``` + +```sql+sqlite select name, timestamp, @@ -22,8 +47,9 @@ order by ``` ### Operations Over 10 Bytes average +This query is used to monitor disk read operations on Azure, specifically focusing on instances where the average read operation exceeds 10 bytes. This is useful for identifying potential performance issues or bottlenecks in the system, allowing for proactive management and optimization of resources. -```sql +```sql+postgres select name, timestamp, @@ -39,3 +65,20 @@ order by name, timestamp; ``` + +```sql+sqlite +select + name, + timestamp, + round(minimum,2) as min_read_ops, + round(maximum,2) as max_read_ops, + round(average,2) as avg_read_ops, + sample_count +from + azure_compute_disk_metric_read_ops_hourly +where + average > 10 +order by + name, + timestamp; +``` \ No newline at end of file diff --git a/docs/tables/azure_compute_disk_metric_write_ops.md b/docs/tables/azure_compute_disk_metric_write_ops.md index ab2544d1..9b530e1c 100644 --- a/docs/tables/azure_compute_disk_metric_write_ops.md +++ b/docs/tables/azure_compute_disk_metric_write_ops.md @@ -1,12 +1,37 @@ -# Table: azure_compute_disk_metric_write_ops +--- +title: "Steampipe Table: azure_compute_disk_metric_write_ops - Query Azure Compute Disk Metrics using SQL" +description: "Allows users to query Azure Compute Disk Metrics, specifically the write operations, providing insights into disk usage and potential performance issues." +--- -Azure Monitor metrics provide data about the performance of your systems. The `azure_compute_disk_metric_write_ops` table provides metric statistics at 5 minutes intervals for the most recent 5 days. +# Table: azure_compute_disk_metric_write_ops - Query Azure Compute Disk Metrics using SQL + +Azure Compute Disk Metrics is a feature within Microsoft Azure that allows monitoring and analysis of disk performance and usage. It offers detailed information on various metrics, such as write operations, enabling users to understand disk behavior and identify potential performance issues. This feature is crucial for maintaining optimal disk performance and managing storage resources efficiently. + +## Table Usage Guide + +The `azure_compute_disk_metric_write_ops` table provides insights into write operations on Azure Compute Disks. As a system administrator or DevOps engineer, you can explore disk-specific details through this table, including the number of write operations, to understand disk usage patterns and potential performance bottlenecks. Utilize it to monitor and optimize disk performance, and ensure efficient resource management in your Azure environment. ## Examples ### Basic info +Explore which Azure compute disk has the most write operations over time. This can help optimize disk usage by identifying high-usage periods and potentially underutilized resources. -```sql +```sql+postgres +select + name, + timestamp, + minimum, + maximum, + average, + sample_count +from + azure_compute_disk_metric_write_ops +order by + name, + timestamp; +``` + +```sql+sqlite select name, timestamp, @@ -22,8 +47,9 @@ order by ``` ### Operations Over 10 Bytes average +Determine the areas in which the average write operations on Azure compute disks exceed 10 bytes. This can be useful in identifying potential bottlenecks or high usage periods, enabling proactive management and optimization of disk resources. -```sql +```sql+postgres select name, timestamp, @@ -33,8 +59,26 @@ select sample_count from azure_compute_disk_metric_write_ops -where average > 10 +where + average > 10 order by name, timestamp; ``` + +```sql+sqlite +select + name, + timestamp, + round(minimum,2) as min_write_ops, + round(maximum,2) as max_write_ops, + round(average,2) as avg_write_ops, + sample_count +from + azure_compute_disk_metric_write_ops +where + average > 10 +order by + name, + timestamp; +``` \ No newline at end of file diff --git a/docs/tables/azure_compute_disk_metric_write_ops_daily.md b/docs/tables/azure_compute_disk_metric_write_ops_daily.md index 96ec0edc..3f0c2aef 100644 --- a/docs/tables/azure_compute_disk_metric_write_ops_daily.md +++ b/docs/tables/azure_compute_disk_metric_write_ops_daily.md @@ -1,12 +1,37 @@ -# Table: azure_compute_disk_metric_write_ops_daily +--- +title: "Steampipe Table: azure_compute_disk_metric_write_ops_daily - Query Azure Compute Disk Metrics using SQL" +description: "Allows users to query Azure Compute Disk Metrics, specifically focusing on daily write operations. This provides valuable insights into disk usage and performance." +--- -Azure Monitor metrics provide data about the performance of your systems. The `azure_compute_disk_metric_write_ops_daily` table provides metric statistics at 24 hours intervals for the most recent 1 year. +# Table: azure_compute_disk_metric_write_ops_daily - Query Azure Compute Disk Metrics using SQL + +Azure Compute Disk is a resource within Microsoft Azure that provides scalable and secure disk storage for Azure Virtual Machines. It offers high-performance, highly durable block storage for your mission-critical workloads. You can use it to persist data by writing it to the disk, or to read data from the disk. + +## Table Usage Guide + +The `azure_compute_disk_metric_write_ops_daily` table provides insights into daily write operations on Azure Compute Disks. As a system administrator or a DevOps engineer, you can use this table to monitor disk performance and usage, enabling you to proactively address any potential issues. This can help you ensure optimal performance and availability of your Azure resources. ## Examples ### Basic info +Analyze the daily write operations on Azure compute disks to understand their usage patterns and performance metrics. This query can be useful in identifying potential bottlenecks or areas for optimization in your storage infrastructure. -```sql +```sql+postgres +select + name, + timestamp, + minimum, + maximum, + average, + sample_count +from + azure_compute_disk_metric_write_ops_daily +order by + name, + timestamp; +``` + +```sql+sqlite select name, timestamp, @@ -22,8 +47,9 @@ order by ``` ### Operations Over 10 Bytes average +Determine the areas in which the average daily write operations on Azure Compute Disk exceed 10 bytes. This can help optimize disk usage by identifying potential inefficiencies or areas of high activity. -```sql +```sql+postgres select name, timestamp, @@ -39,3 +65,20 @@ order by name, timestamp; ``` + +```sql+sqlite +select + name, + timestamp, + round(minimum,2) as min_write_ops, + round(maximum,2) as max_write_ops, + round(average,2) as avg_write_ops, + sample_count +from + azure_compute_disk_metric_write_ops_daily +where + average > 10 +order by + name, + timestamp; +``` \ No newline at end of file diff --git a/docs/tables/azure_compute_disk_metric_write_ops_hourly.md b/docs/tables/azure_compute_disk_metric_write_ops_hourly.md index a514ed5e..c2be337c 100644 --- a/docs/tables/azure_compute_disk_metric_write_ops_hourly.md +++ b/docs/tables/azure_compute_disk_metric_write_ops_hourly.md @@ -1,12 +1,37 @@ -# Table: azure_compute_disk_metric_write_ops_hourly +--- +title: "Steampipe Table: azure_compute_disk_metric_write_ops_hourly - Query Azure Compute Disk Metrics using SQL" +description: "Allows users to query Azure Compute Disk Metrics, specifically the hourly write operations, providing insights into disk usage patterns and potential anomalies." +--- -Azure Monitor metrics provide data about the performance of your systems. The `azure_compute_disk_metric_write_ops_hourly` table provides metric statistics at 1 hour intervals for the most recent 60 days. +# Table: azure_compute_disk_metric_write_ops_hourly - Query Azure Compute Disk Metrics using SQL + +Azure Compute Disk Metrics is a service within Microsoft Azure that allows users to monitor and track the performance of their Azure disks. It provides detailed data about the number of read and write operations, the amount of data transferred, and the latency of these operations. This service is crucial for understanding disk usage patterns, identifying potential bottlenecks, and optimizing performance. + +## Table Usage Guide + +The `azure_compute_disk_metric_write_ops_hourly` table provides insights into the hourly write operations of Azure Compute Disks. As a system administrator or DevOps engineer, explore disk-specific details through this table, including the number of write operations and the time of these operations. Utilize it to understand disk usage patterns, identify potential performance bottlenecks, and optimize your Azure disk configurations. ## Examples ### Basic info +Explore the performance of Azure compute disks over time by tracking the minimum, maximum, and average write operations per hour. This can help in identifying usage patterns, planning capacity, and troubleshooting performance issues. -```sql +```sql+postgres +select + name, + timestamp, + minimum, + maximum, + average, + sample_count +from + azure_compute_disk_metric_write_ops_hourly +order by + name, + timestamp; +``` + +```sql+sqlite select name, timestamp, @@ -22,8 +47,9 @@ order by ``` ### Operations Over 10 Bytes average +This query is used to track the performance of Azure compute disks, specifically focusing on those with an average of more than 10 write operations per hour. By doing so, it helps in identifying potential bottlenecks and ensuring optimal disk performance. -```sql +```sql+postgres select name, timestamp, @@ -39,3 +65,20 @@ order by name, timestamp; ``` + +```sql+sqlite +select + name, + timestamp, + round(minimum,2) as min_write_ops, + round(maximum,2) as max_write_ops, + round(average,2) as avg_write_ops, + sample_count +from + azure_compute_disk_metric_write_ops_hourly +where + average > 10 +order by + name, + timestamp; +``` \ No newline at end of file diff --git a/docs/tables/azure_compute_image.md b/docs/tables/azure_compute_image.md index c8a5dc43..477e0c67 100644 --- a/docs/tables/azure_compute_image.md +++ b/docs/tables/azure_compute_image.md @@ -1,12 +1,22 @@ -# Table: azure_compute_image +--- +title: "Steampipe Table: azure_compute_image - Query Azure Compute Images using SQL" +description: "Allows users to query Azure Compute Images, providing detailed information about the virtual machine images available in Azure." +--- -Compute Engine offers many preconfigured public images that have compatible Linux or Windows operating systems. Compute Engine uses selected image to create a persistent boot disk for each instance. +# Table: azure_compute_image - Query Azure Compute Images using SQL + +Azure Compute Images are pre-configured operating system images used to create virtual machines within the Azure platform. These images include a set of pre-installed applications and configurations, which can be used to quickly deploy new virtual machines. Azure Compute Images provide a convenient way to manage and maintain consistent configurations across multiple virtual machines. + +## Table Usage Guide + +The `azure_compute_image` table provides insights into Azure Compute Images within Azure. As a DevOps engineer, explore image-specific details through this table, including image versions, operating system types, and associated metadata. Utilize it to uncover information about images, such as those with specific versions, the operating system types, and the verification of configurations. ## Examples ### Basic compute image info +This query allows you to gain insights into the basic information of your Azure compute images, including their name, type, and region. It's particularly useful when you need to understand the specifics of the source virtual machine associated with each image. -```sql +```sql+postgres select name, type, @@ -17,10 +27,14 @@ from azure_compute_image; ``` +```sql+sqlite +Error: SQLite does not support split_part function. +``` ### Storage profile's OS disk info of each compute image +Determine the size, type, and status of your operating system disk within each compute image in Azure. This query can help you manage your storage resources more effectively by identifying potential areas for optimization. -```sql +```sql+postgres select name, storage_profile_os_disk_size_gb, @@ -32,10 +46,22 @@ from azure_compute_image; ``` +```sql+sqlite +select + name, + storage_profile_os_disk_size_gb, + storage_profile_os_disk_snapshot_id, + storage_profile_os_disk_storage_account_type, + storage_profile_os_disk_state, + storage_profile_os_disk_type +from + azure_compute_image; +``` ### List of compute images where disk storage type is Premium_LRS +This example helps you identify the compute images that use Premium_LRS as their disk storage type. Understanding the storage type of your compute images can assist in optimizing performance and cost in your Azure environment. -```sql +```sql+postgres select name, split_part(disk -> 'managedDisk' ->> 'id', '/', 9) as disk_name, @@ -49,10 +75,14 @@ where disk ->> 'storageAccountType' = 'Premium_LRS'; ``` +```sql+sqlite +Error: SQLite does not support split or string_to_array functions. +``` ### List of compute images which do not have owner or app_id tag key +Explore which Azure compute images lack either an owner or app_id tag, helping to identify potential issues with image management and organization. This can be useful for maintaining a clean and efficient cloud environment. -```sql +```sql+postgres select id, name @@ -62,3 +92,14 @@ where tags -> 'owner' is null or tags -> 'app_id' is null; ``` + +```sql+sqlite +select + id, + name +from + azure_compute_image +where + json_extract(tags, '$.owner') is null + or json_extract(tags, '$.app_id') is null; +``` \ No newline at end of file diff --git a/docs/tables/azure_compute_resource_sku.md b/docs/tables/azure_compute_resource_sku.md index 31d9dfec..b5069234 100644 --- a/docs/tables/azure_compute_resource_sku.md +++ b/docs/tables/azure_compute_resource_sku.md @@ -1,12 +1,22 @@ -# Table: azure_compute_resource_sku +--- +title: "Steampipe Table: azure_compute_resource_sku - Query Azure Compute Resource SKUs using SQL" +description: "Allows users to query Azure Compute Resource SKUs, providing details on available virtual machines, their capabilities, restrictions, and pricing tiers." +--- -Types of sku available for azure compute resources. +# Table: azure_compute_resource_sku - Query Azure Compute Resource SKUs using SQL + +Azure Compute Resource SKUs represent the purchasable SKUs of Azure virtual machines. These SKUs detail the capabilities, restrictions, and pricing tiers of the available virtual machines. This information is crucial for understanding the options and limitations when deploying Azure virtual machines. + +## Table Usage Guide + +The `azure_compute_resource_sku` table provides insights into Azure Compute Resource SKUs. As a cloud architect or DevOps engineer, use this table to explore the capabilities, restrictions, and pricing tiers of available Azure virtual machines. Utilize it to make informed decisions on the deployment and scaling of Azure virtual machines based on their SKU details. ## Examples ### Compute resources sku info +Explore the different tiers, sizes, and types of compute resources available in your Azure environment. This can help you understand your options and plan your resource allocation more effectively. -```sql +```sql+postgres select name, tier, @@ -17,10 +27,21 @@ from azure_compute_resource_sku; ``` +```sql+sqlite +select + name, + tier, + size, + family, + kind +from + azure_compute_resource_sku; +``` ### Azure compute resources and their capacity +Analyze the settings to understand the capacity range of Azure compute resources. This can help in assessing the scalability of your resources and planning for future capacity needs. -```sql +```sql+postgres select name, default_capacity, @@ -30,10 +51,20 @@ from azure_compute_resource_sku; ``` +```sql+sqlite +select + name, + default_capacity, + maximum_capacity, + minimum_capacity +from + azure_compute_resource_sku; +``` ### List of all premium type disks and location +Determine the areas in which premium type disks are located to optimize resource management and allocation strategies. This can be particularly useful in identifying potential cost savings or efficiency improvements. -```sql +```sql+postgres select name, resource_type tier, @@ -44,4 +75,17 @@ from where resource_type = 'disks' and tier = 'Premium'; +``` + +```sql+sqlite +select + name, + resource_type as tier, + json_each.value as location +from + azure_compute_resource_sku, + json_each(locations) +where + resource_type = 'disks' + and tier = 'Premium'; ``` \ No newline at end of file diff --git a/docs/tables/azure_compute_snapshot.md b/docs/tables/azure_compute_snapshot.md index 326678dd..212f7d8e 100644 --- a/docs/tables/azure_compute_snapshot.md +++ b/docs/tables/azure_compute_snapshot.md @@ -1,12 +1,22 @@ -# Table: azure_compute_snapshot +--- +title: "Steampipe Table: azure_compute_snapshot - Query Azure Compute Snapshots using SQL" +description: "Allows users to query Azure Compute Snapshots, specifically the snapshot details including status, creation time, and disk size, providing insights into the state and usage of virtual machine disk snapshots." +--- -A snapshot is a full, read-only copy of a virtual hard drive (VHD). +# Table: azure_compute_snapshot - Query Azure Compute Snapshots using SQL + +Azure Compute Snapshots are a resource within Microsoft Azure that allows you to create point-in-time backups of Azure managed disks, native blobs, or other data. These snapshots are read-only and can be used for data backup, disaster recovery, or migrating data across different regions or subscriptions. Azure Compute Snapshots help ensure data durability and accessibility, and are crucial for maintaining data integrity and system resilience in Azure. + +## Table Usage Guide + +The `azure_compute_snapshot` table provides insights into the snapshots within Azure Compute. As a system administrator or DevOps engineer, explore snapshot-specific details through this table, including creation time, disk size, and status. Utilize it to uncover information about snapshots, such as those associated with specific virtual machines, the state of these snapshots, and their usage for data backup or disaster recovery. ## Examples ### Disk info of each snapshot +Discover the specifics of each snapshot in your Azure Compute service, such as disk size and region, to better manage your storage resources and understand where your data is physically located. -```sql +```sql+postgres select name, split_part(disk_access_id, '/', 8) as disk_name, @@ -17,10 +27,14 @@ from azure_compute_snapshot; ``` +```sql+sqlite +Error: SQLite does not support split_part function. +``` ### List of snapshots which are publicly accessible +Determine the areas in which snapshots are set to be publicly accessible. This is useful for identifying potential security risks and ensuring appropriate access controls are in place. -```sql +```sql+postgres select name, network_access_policy @@ -30,10 +44,20 @@ where network_access_policy = 'AllowAll'; ``` +```sql+sqlite +select + name, + network_access_policy +from + azure_compute_snapshot +where + network_access_policy = 'AllowAll'; +``` ### List of all incremental type snapshots +Explore which snapshots in your Azure Compute resources are of the incremental type. This can help manage storage efficiently and reduce costs by identifying and focusing on snapshots that only capture changes since the last snapshot. -```sql +```sql+postgres select name, incremental @@ -41,4 +65,14 @@ from azure_compute_snapshot where incremental; +``` + +```sql+sqlite +select + name, + incremental +from + azure_compute_snapshot +where + incremental = 1; ``` \ No newline at end of file diff --git a/docs/tables/azure_compute_ssh_key.md b/docs/tables/azure_compute_ssh_key.md index 73168e3c..31ef47ae 100644 --- a/docs/tables/azure_compute_ssh_key.md +++ b/docs/tables/azure_compute_ssh_key.md @@ -1,12 +1,32 @@ -# Table: azure_compute_ssh_key +--- +title: "Steampipe Table: azure_compute_ssh_key - Query Azure Compute SSH Keys using SQL" +description: "Allows users to query Azure Compute SSH Keys, providing insights into the SSH keys associated with virtual machines in Azure Compute." +--- -Azure SSH public key used by VMs. +# Table: azure_compute_ssh_key - Query Azure Compute SSH Keys using SQL + +Azure Compute SSH Key is a resource in Microsoft Azure that allows users to manage SSH keys for virtual machines. These keys are used for secure shell login to VM instances. Azure Compute SSH Key provides a secure way to access VMs without needing to manage passwords. + +## Table Usage Guide + +The `azure_compute_ssh_key` table enables users to gain insights into the SSH keys associated with their Azure Compute virtual machines. As a system administrator or DevOps engineer, leverage this table to manage and audit SSH keys, ensuring secure and appropriate access to VM instances. This table is beneficial in maintaining security best practices, identifying unused or unnecessary keys, and enforcing compliance with organizational access policies. ## Examples ### Retrieve SSH public key by name +Discover the segments that have specific SSH public keys associated with them in your Azure Compute instances. This helps ensure secure access to your instances by verifying the SSH keys in use. + +```sql+postgres +select + name, + public_key +from + azure_compute_ssh_key +where + name = 'key-name.'; +``` -```sql +```sql+sqlite select name, public_key @@ -17,8 +37,9 @@ where ``` ### List compute virtual machines using SSH public key +The query is used to identify which virtual machines are utilizing a specific SSH public key. This can be useful for security audits, ensuring only authorized keys are in use. -```sql +```sql+postgres select m.name as machine_name, k.name as ssh_key_name @@ -27,3 +48,13 @@ from jsonb_array_elements(linux_configuration_ssh_public_keys) as s left join azure_compute_ssh_key as k on k.public_key = s ->> 'keyData'; ``` + +```sql+sqlite +select + m.name as machine_name, + k.name as ssh_key_name +from + azure_compute_virtual_machine as m, + json_each(linux_configuration_ssh_public_keys) as s + left join azure_compute_ssh_key as k on k.public_key = json_extract(s.value, '$.keyData'); +``` \ No newline at end of file diff --git a/docs/tables/azure_compute_virtual_machine.md b/docs/tables/azure_compute_virtual_machine.md index 49256f01..87d8ba45 100644 --- a/docs/tables/azure_compute_virtual_machine.md +++ b/docs/tables/azure_compute_virtual_machine.md @@ -1,12 +1,37 @@ -# Table: azure_compute_virtual_machine +--- +title: "Steampipe Table: azure_compute_virtual_machine - Query Azure Compute Virtual Machines using SQL" +description: "Allows users to query Azure Compute Virtual Machines, providing detailed information about the configuration, status, and other operational aspects of each virtual machine." +--- -Azure Virtual Machines (VM) is one of several types of on-demand, scalable computing resources that Azure offers. +# Table: azure_compute_virtual_machine - Query Azure Compute Virtual Machines using SQL + +Azure Compute is a service within Microsoft Azure that allows you to run applications on virtual machines in the cloud. It provides scalable, on-demand compute capacity in the cloud and lets you create and manage virtual machines to run applications. Azure Compute supports a range of operating systems, languages, tools, and frameworks. + +## Table Usage Guide + +The `azure_compute_virtual_machine` table provides insights into the virtual machines within Azure Compute. As a system administrator, you can explore detailed information about each virtual machine, including its configuration, status, and operational aspects. Utilize this table to manage and monitor your virtual machines effectively, ensuring optimal performance and resource usage. ## Examples ### Virtual machine configuration info +Explore the configuration of your virtual machines to gain insights into their power state, IP addresses, size, operating system, and image details. This can help in managing resources and ensuring optimal performance of your virtual machines. -```sql +```sql+postgres +select + name, + power_state, + private_ips, + public_ips, + vm_id, + size, + os_type, + image_offer, + image_sku +from + azure_compute_virtual_machine; +``` + +```sql+sqlite select name, power_state, @@ -22,8 +47,19 @@ from ``` ### Virtual machine count in each region +Analyze the distribution of virtual machines across different regions. This information can be useful for understanding your infrastructure's geographical spread and planning resource allocation. + +```sql+postgres +select + region, + count(name) +from + azure_compute_virtual_machine +group by + region; +``` -```sql +```sql+sqlite select region, count(name) @@ -34,8 +70,9 @@ group by ``` ### List of VMs whose OS disk is not encrypted by customer managed key +Determine the areas in which virtual machines are potentially vulnerable due to their operating system disk not being encrypted by a customer-managed key. This query is useful in identifying security risks and enhancing data protection measures. -```sql +```sql+postgres select vm.name, disk.encryption_type @@ -46,9 +83,33 @@ where not disk.encryption_type = 'EncryptionAtRestWithCustomerKey'; ``` +```sql+sqlite +select + vm.name, + disk.encryption_type +from + azure_compute_disk as disk + join azure_compute_virtual_machine as vm on disk.name = vm.os_disk_name +where + disk.encryption_type != 'EncryptionAtRestWithCustomerKey'; +``` + ### List of VMs provisioned with undesired(for example Standard_D8s_v3 and Standard_DS3_v3 is desired) sizes. +Determine the areas in which virtual machines have been provisioned with non-standard sizes. This is useful for identifying potential inefficiencies or areas for optimization in your Azure Compute resources. -```sql +```sql+postgres +select + size, + count(*) as count +from + azure_compute_virtual_machine +where + size not in ('Standard_D8s_v3', 'Standard_DS3_v3') +group by + size; +``` + +```sql+sqlite select size, count(*) as count @@ -61,8 +122,21 @@ group by ``` ### Availability set info of VMs +Explore the relationship between virtual machines and their respective availability sets in Azure, including fault domain count, update domain count and SKU name. This can be beneficial for understanding the resilience and update strategy of your virtual machines. + +```sql+postgres +select + vm.name vm_name, + aset.name availability_set_name, + aset.platform_fault_domain_count, + aset.platform_update_domain_count, + aset.sku_name +from + azure_compute_availability_set as aset + join azure_compute_virtual_machine as vm on lower(aset.id) = lower(vm.availability_set_id); +``` -```sql +```sql+sqlite select vm.name vm_name, aset.name availability_set_name, @@ -75,8 +149,20 @@ from ``` ### List of all spot type VM and their eviction policy +Explore which virtual machines are of the spot type and understand their eviction policies. This can be useful in managing costs and resource allocation in an Azure environment. -```sql +```sql+postgres +select + name, + vm_id, + eviction_policy +from + azure_compute_virtual_machine +where + priority = 'Spot'; +``` + +```sql+sqlite select name, vm_id, @@ -88,8 +174,9 @@ where ``` ### Disk Storage Summary, by VM +This query is useful to gain insights into the disk storage usage across all virtual machines in an Azure environment. It helps in managing and optimizing storage resources by providing a summary of the number and total size of disks used by each virtual machine. -```sql +```sql+postgres select vm.name, count(d) as num_disks, @@ -103,9 +190,24 @@ order by vm.name; ``` +```sql+sqlite +select + vm.name, + count(d.disk_size_gb) as num_disks, + sum(d.disk_size_gb) as total_disk_size_gb +from + azure_compute_virtual_machine as vm + left join azure_compute_disk as d on lower(vm.id) = lower(d.managed_by) +group by + vm.name +order by + vm.name; +``` + ### View Network Security Group Rules for a VM +Explore the security rules applied to a specific virtual machine within your network. This can be useful for auditing security configurations and identifying potential vulnerabilities. -```sql +```sql+postgres select vm.name, nsg.name, @@ -120,9 +222,25 @@ where and vm.name = 'warehouse-01'; ``` +```sql+sqlite +select + vm.name, + nsg.name, + security_rules +from + azure_compute_virtual_machine as vm, + json_each(vm.network_interfaces) as vm_nic, + azure_network_security_group as nsg, + json_each(nsg.network_interfaces) as nsg_int +where + lower(json_extract(vm_nic.value, '$.id')) = lower(json_extract(nsg_int.value, '$.id')) + and vm.name = 'warehouse-01'; +``` + ### List virtual machines with user assigned identities +This example helps you identify the virtual machines in your Azure environment that are configured with user-assigned identities. This is useful for understanding your identity management practices, specifically in scenarios where you want to delegate permissions to resources in your Azure environment. -```sql +```sql+postgres select name, identity -> 'type' as identity_type, @@ -139,9 +257,21 @@ where ); ``` +```sql+sqlite +select + name, + json_extract(identity, '$.type') as identity_type, + identity_user_assignedidentities +from + azure_compute_virtual_machine +where + instr(identity_type, 'UserAssigned') > 0; +``` + ### List security profile details +Determine the areas in which encryption is being used at host level within Azure's virtual machines. This can be useful for assessing security measures and identifying potential vulnerabilities. -```sql +```sql+postgres select name, vm_id, @@ -149,3 +279,12 @@ select from azure_compute_virtual_machine; ``` + +```sql+sqlite +select + name, + vm_id, + json_extract(security_profile, '$.encryptionAtHost') as encryption_at_host +from + azure_compute_virtual_machine; +``` \ No newline at end of file diff --git a/docs/tables/azure_compute_virtual_machine_metric_cpu_utilization.md b/docs/tables/azure_compute_virtual_machine_metric_cpu_utilization.md index dcde1adb..2c6e1c0a 100644 --- a/docs/tables/azure_compute_virtual_machine_metric_cpu_utilization.md +++ b/docs/tables/azure_compute_virtual_machine_metric_cpu_utilization.md @@ -1,12 +1,37 @@ -# Table: azure_compute_virtual_machine_metric_cpu_utilization +--- +title: "Steampipe Table: azure_compute_virtual_machine_metric_cpu_utilization - Query Azure Compute Virtual Machine Metrics using SQL" +description: "Allows users to query Azure Compute Virtual Machine CPU Utilization Metrics, providing insights into the CPU usage of virtual machines." +--- -Azure Monitor metrics provide data about the performance of your systems. The `azure_compute_virtual_machine_metric_cpu_utilization` table provides metric statistics at 5 minutes intervals for the most recent 5 days. +# Table: azure_compute_virtual_machine_metric_cpu_utilization - Query Azure Compute Virtual Machine Metrics using SQL + +Azure Compute is a service within Microsoft Azure that allows you to deploy and manage virtual machines. These virtual machines can be used to run applications, host databases, and perform other computing tasks. The CPU utilization metric provides information on the percentage of total CPU resources that are being used by a virtual machine. + +## Table Usage Guide + +The `azure_compute_virtual_machine_metric_cpu_utilization` table provides insights into the CPU utilization of virtual machines within Azure Compute. As a system administrator or DevOps engineer, explore CPU-specific details through this table, including the percentage of total CPU resources that are being used. Utilize it to monitor the performance of your virtual machines, identify those that are under heavy load, and make informed decisions about resource allocation and scaling. ## Examples ### Basic info +Determine the areas in which your Azure virtual machines' CPU utilization varies over time. This query helps you analyze performance trends and optimize resource allocation for improved efficiency. -```sql +```sql+postgres +select + name, + timestamp, + minimum, + maximum, + average, + sample_count +from + azure_compute_virtual_machine_metric_cpu_utilization +order by + name, + timestamp; +``` + +```sql+sqlite select name, timestamp, @@ -22,8 +47,9 @@ order by ``` ### CPU Over 80% average +Determine the areas in which the average CPU usage of Azure virtual machines exceeds 80%. This can be useful to identify potential performance issues and optimize resource allocation. -```sql +```sql+postgres select name, timestamp, @@ -33,8 +59,26 @@ select sample_count from azure_compute_virtual_machine_metric_cpu_utilization -where average > 80 +where + average > 80 order by name, timestamp; ``` + +```sql+sqlite +select + name, + timestamp, + round(minimum,2) as min_cpu, + round(maximum,2) as max_cpu, + round(average,2) as avg_cpu, + sample_count +from + azure_compute_virtual_machine_metric_cpu_utilization +where + average > 80 +order by + name, + timestamp; +``` \ No newline at end of file diff --git a/docs/tables/azure_compute_virtual_machine_metric_cpu_utilization_daily.md b/docs/tables/azure_compute_virtual_machine_metric_cpu_utilization_daily.md index 6d3b0a96..dbdd4ac9 100644 --- a/docs/tables/azure_compute_virtual_machine_metric_cpu_utilization_daily.md +++ b/docs/tables/azure_compute_virtual_machine_metric_cpu_utilization_daily.md @@ -1,12 +1,37 @@ -# Table: azure_compute_virtual_machine_metric_cpu_utilization_daily +--- +title: "Steampipe Table: azure_compute_virtual_machine_metric_cpu_utilization_daily - Query Azure Compute Virtual Machines using SQL" +description: "Allows users to query Azure Compute Virtual Machine metrics, specifically the daily CPU utilization, providing insights into resource usage patterns and potential performance issues." +--- -Azure Monitor metrics provide data about the performance of your systems. The `azure_compute_virtual_machine_metric_cpu_utilization_daily` table provides metric statistics at 24 hours intervals for the most recent 1 year. +# Table: azure_compute_virtual_machine_metric_cpu_utilization_daily - Query Azure Compute Virtual Machines using SQL + +Azure Compute is a service within Microsoft Azure that offers scalable and secure virtual machines. These virtual machines provide the power to support large-scale, mission-critical applications. They allow users to deploy a wide range of computing solutions in an agile manner. + +## Table Usage Guide + +The `azure_compute_virtual_machine_metric_cpu_utilization_daily` table provides insights into the daily CPU utilization of Azure Compute Virtual Machines. As a system administrator or DevOps engineer, explore VM-specific CPU utilization details through this table to identify resource usage patterns and potential performance bottlenecks. Utilize it to monitor and optimize the performance of your Azure Compute resources effectively. ## Examples ### Basic info +Explore the performance metrics of Azure virtual machines on a daily basis to gain insights into CPU utilization trends. This can help identify instances of resource overload or inefficiency, assisting in better resource management and planning. -```sql +```sql+postgres +select + name, + timestamp, + minimum, + maximum, + average, + sample_count +from + azure_compute_virtual_machine_metric_cpu_utilization_daily +order by + name, + timestamp; +``` + +```sql+sqlite select name, timestamp, @@ -22,8 +47,9 @@ order by ``` ### CPU Over 80% average +This example helps to pinpoint specific instances where the average CPU utilization of Azure virtual machines exceeds 80%. It's useful in identifying potential performance issues and ensuring efficient resource allocation. -```sql +```sql+postgres select name, timestamp, @@ -39,3 +65,20 @@ order by name, timestamp; ``` + +```sql+sqlite +select + name, + timestamp, + round(minimum,2) as min_cpu, + round(maximum,2) as max_cpu, + round(average,2) as avg_cpu, + sample_count +from + azure_compute_virtual_machine_metric_cpu_utilization_daily +where + average > 80 +order by + name, + timestamp; +``` \ No newline at end of file diff --git a/docs/tables/azure_compute_virtual_machine_metric_cpu_utilization_hourly.md b/docs/tables/azure_compute_virtual_machine_metric_cpu_utilization_hourly.md index b6564078..d923d7ad 100644 --- a/docs/tables/azure_compute_virtual_machine_metric_cpu_utilization_hourly.md +++ b/docs/tables/azure_compute_virtual_machine_metric_cpu_utilization_hourly.md @@ -1,12 +1,37 @@ -# Table: azure_compute_virtual_machine_metric_cpu_utilization_hourly +--- +title: "Steampipe Table: azure_compute_virtual_machine_metric_cpu_utilization_hourly - Query Azure Compute Virtual Machine Metrics using SQL" +description: "Allows users to query Azure Compute Virtual Machine Metrics, specifically the hourly CPU utilization, providing insights into resource usage and potential performance bottlenecks." +--- -Azure Monitor metrics provide data about the performance of your systems. The `azure_compute_virtual_machine_metric_cpu_utilization_hourly` table provides metric statistics at 1 hour intervals for the most recent 60 days. +# Table: azure_compute_virtual_machine_metric_cpu_utilization_hourly - Query Azure Compute Virtual Machine Metrics using SQL + +Azure Compute is a service within Microsoft Azure that provides scalable and secure virtual machines. It allows users to deploy and manage applications across a global network of Microsoft-managed data centers. Azure Compute provides a variety of virtual machine configurations to handle different workloads and performance requirements. + +## Table Usage Guide + +The `azure_compute_virtual_machine_metric_cpu_utilization_hourly` table provides insights into the CPU utilization of Azure Compute Virtual Machines on an hourly basis. As a system administrator or DevOps engineer, explore machine-specific details through this table, including CPU usage patterns, peak usage times, and potential performance bottlenecks. Utilize it to monitor and manage resource allocation, ensuring optimal performance and cost-effectiveness of your Azure Compute resources. ## Examples ### Basic info +Explore the utilization of virtual machine CPU over time to identify patterns or trends. This could help in efficient resource allocation and performance optimization. -```sql +```sql+postgres +select + name, + timestamp, + minimum, + maximum, + average, + sample_count +from + azure_compute_virtual_machine_metric_cpu_utilization_hourly +order by + name, + timestamp; +``` + +```sql+sqlite select name, timestamp, @@ -22,8 +47,9 @@ order by ``` ### CPU Over 80% average +Determine the areas in which the average CPU utilization exceeds 80% on Azure's virtual machines. This can be useful for identifying potential performance issues and ensuring efficient resource allocation. -```sql +```sql+postgres select name, timestamp, @@ -39,3 +65,20 @@ order by name, timestamp; ``` + +```sql+sqlite +select + name, + timestamp, + round(minimum,2) as min_cpu, + round(maximum,2) as max_cpu, + round(average,2) as avg_cpu, + sample_count +from + azure_compute_virtual_machine_metric_cpu_utilization_hourly +where + average > 80 +order by + name, + timestamp; +``` \ No newline at end of file diff --git a/docs/tables/azure_compute_virtual_machine_scale_set.md b/docs/tables/azure_compute_virtual_machine_scale_set.md index 303fe324..0bfec60b 100644 --- a/docs/tables/azure_compute_virtual_machine_scale_set.md +++ b/docs/tables/azure_compute_virtual_machine_scale_set.md @@ -1,12 +1,33 @@ -# Table: azure_compute_virtual_machine_scale_set +--- +title: "Steampipe Table: azure_compute_virtual_machine_scale_set - Query Azure Compute Virtual Machine Scale Sets using SQL" +description: "Allows users to query Azure Compute Virtual Machine Scale Sets, specifically providing details about the scale set configuration, capacity, and status." +--- -Azure virtual machine scale sets let you create and manage a group of load balanced VMs. The number of VM instances can automatically increase or decrease in response to demand or a defined schedule. Scale sets provide high availability to your applications, and allow you to centrally manage, configure, and update a large number of VMs. +# Table: azure_compute_virtual_machine_scale_set - Query Azure Compute Virtual Machine Scale Sets using SQL + +Azure Compute Virtual Machine Scale Sets are a service within Microsoft Azure that allows you to create and manage a group of identical, load balanced VMs. They enable you to centrally manage, configure, and update a large number of VMs in minutes to provide highly available applications. The scale set adjusts the number of VMs in response to demand or a defined schedule. + +## Table Usage Guide + +The `azure_compute_virtual_machine_scale_set` table provides insights into Azure Compute Virtual Machine Scale Sets within Microsoft Azure. As a system administrator or DevOps engineer, explore scale set-specific details through this table, including configuration, capacity, and status. Utilize it to uncover information about scale sets, such as their current capacity, configuration details, and overall status, aiding in efficient management and monitoring of your virtual machine resources. ## Examples ### Basic info +Explore the configuration of your virtual machine scale sets in Azure to identify their associated regions and resource groups. This can help you manage and organize your resources more efficiently. + +```sql+postgres +select + name, + id, + identity, + region, + resource_group +from + azure_compute_virtual_machine_scale_set; +``` -```sql +```sql+sqlite select name, id, @@ -18,8 +39,9 @@ from ``` ### List Standard tier virtual machine scale set +Determine the areas in which standard-tier virtual machine scale sets are being used within your Azure Compute environment. This query helps to understand resource allocation and cost management. -```sql +```sql+postgres select name, id, @@ -28,5 +50,17 @@ select from azure_compute_virtual_machine_scale_set where - sku_tier = 'Standard'; + sku_tier = 'Standard'; ``` + +```sql+sqlite +select + name, + id, + sku_name, + sku_tier +from + azure_compute_virtual_machine_scale_set +where + sku_tier = 'Standard'; +``` \ No newline at end of file diff --git a/docs/tables/azure_compute_virtual_machine_scale_set_network_interface.md b/docs/tables/azure_compute_virtual_machine_scale_set_network_interface.md index 092f4ff4..7f46b151 100644 --- a/docs/tables/azure_compute_virtual_machine_scale_set_network_interface.md +++ b/docs/tables/azure_compute_virtual_machine_scale_set_network_interface.md @@ -1,12 +1,34 @@ -# Table: azure_compute_virtual_machine_scale_set_network_interface +--- +title: "Steampipe Table: azure_compute_virtual_machine_scale_set_network_interface - Query Azure Compute Virtual Machine Scale Sets Network Interfaces using SQL" +description: "Allows users to query Azure Compute Virtual Machine Scale Sets Network Interfaces, providing detailed information about the network interfaces of each scale set." +--- -A network interface enables an Azure VM to communicate with internet, Azure, and on-premises resources. +# Table: azure_compute_virtual_machine_scale_set_network_interface - Query Azure Compute Virtual Machine Scale Sets Network Interfaces using SQL + +A Network Interface within Azure Compute Virtual Machine Scale Sets is a virtual network interface card (NIC) attached to a Virtual Machine Scale Set in Azure. It provides the interconnection between a Virtual Machine Scale Set and the underlying Azure virtual network. Each Network Interface can have one or more IP configurations associated with it. + +## Table Usage Guide + +The `azure_compute_virtual_machine_scale_set_network_interface` table provides insights into the network interfaces associated with Azure Compute Virtual Machine Scale Sets. As a network administrator, you can use this table to explore details about each network interface, including its IP configurations, subnet information, and associated scale set. This can be particularly useful for managing network connectivity and troubleshooting network-related issues within your Azure Compute Virtual Machine Scale Sets. ## Examples ### Basic info +Explore the status and location of your Azure virtual machine scale sets to gain insights into their deployment and management. This is useful for assessing the distribution and provisioning of your resources across different regions and groups. -```sql +```sql+postgres +select + name, + id, + scale_set_name, + provisioning_state, + region, + resource_group +from + azure_compute_virtual_machine_scale_set_network_interface; +``` + +```sql+sqlite select name, id, @@ -19,8 +41,9 @@ from ``` ### List network interfaces with IP forwarding rule enabled +Determine the areas in which IP forwarding is enabled on network interfaces for better control and management of network traffic. This is particularly useful in scenarios where data packets need to be redirected or rerouted for specific purposes. -```sql +```sql+postgres select name, id, @@ -32,9 +55,22 @@ where enable_ip_forwarding; ``` +```sql+sqlite +select + name, + id, + enable_ip_forwarding, + scale_set_name +from + azure_compute_virtual_machine_scale_set_network_interface +where + enable_ip_forwarding = 1; +``` + ### List network interfaces with accelerated networking enabled +Explore which network interfaces are utilizing accelerated networking within your Azure virtual machine scale sets. This information can be useful for optimizing network performance and troubleshooting connectivity issues. -```sql +```sql+postgres select name, id, @@ -46,9 +82,22 @@ where enable_accelerated_networking; ``` +```sql+sqlite +select + name, + id, + enable_accelerated_networking, + scale_set_name +from + azure_compute_virtual_machine_scale_set_network_interface +where + enable_accelerated_networking = 1; +``` + ### Get scale set virtual machine details for scale set network interface +This query helps to map network interfaces to their corresponding virtual machines within a specified scale set. It's particularly useful for managing and monitoring network traffic and performance across multiple instances within a scale set. -```sql +```sql+postgres select i.name as name, i.id as id, @@ -61,3 +110,17 @@ from where i.virtual_machine ->> 'id' = v.id; ``` + +```sql+sqlite +select + i.name as name, + i.id as id, + v.instance_id as instance_id, + v.scale_set_name as scale_set_name, + v.sku_name as vm_sku_name +from + azure_compute_virtual_machine_scale_set_network_interface as i, + azure_compute_virtual_machine_scale_set_vm as v +where + json_extract(i.virtual_machine, '$.id') = v.id; +``` \ No newline at end of file diff --git a/docs/tables/azure_compute_virtual_machine_scale_set_vm.md b/docs/tables/azure_compute_virtual_machine_scale_set_vm.md index 347ae295..6f8c2d9c 100644 --- a/docs/tables/azure_compute_virtual_machine_scale_set_vm.md +++ b/docs/tables/azure_compute_virtual_machine_scale_set_vm.md @@ -1,12 +1,35 @@ -# Table: azure_compute_virtual_machine_scale_set_vm +--- +title: "Steampipe Table: azure_compute_virtual_machine_scale_set_vm - Query Azure Compute Virtual Machine Scale Set VMs using SQL" +description: "Allows users to query Azure Compute Virtual Machine Scale Set VMs, providing insights into the configuration, state, and associated metadata of each virtual machine in a scale set." +--- -You can scale the number of virtual machines in the scale set manually, or define rules to autoscale based on resource usage like CPU, memory demand, or network traffic. An Azure load balancer then distributes traffic to the virtual machine instances in the scale set. +# Table: azure_compute_virtual_machine_scale_set_vm - Query Azure Compute Virtual Machine Scale Set VMs using SQL + +Azure Compute Virtual Machine Scale Sets are a group of identical, load-balanced VMs. They are designed to support true auto-scale, no pre-provisioning of VMs is required, and they let you centrally manage, configure, and update a large number of VMs. With auto-scale, VMs get automatically created and added to a load balancer and get removed when not in use. + +## Table Usage Guide + +The `azure_compute_virtual_machine_scale_set_vm` table provides insights into the individual virtual machines within an Azure Virtual Machine Scale Set. As a system administrator, you can explore VM-specific details through this table, including the current state, configuration, and associated metadata. This table is useful for monitoring the status and performance of each VM in a scale set, enabling efficient resource management and troubleshooting. ## Examples ### Basic info +Analyze the settings to understand the distribution and organization of your virtual machine scale sets in Azure. This can be helpful to manage resources and monitor regional deployment of your virtual machines effectively. + +```sql+postgres +select + name, + scale_set_name, + instance_id, + id, + vm_id, + region, + resource_group +from + azure_compute_virtual_machine_scale_set_vm; +``` -```sql +```sql+sqlite select name, scale_set_name, @@ -20,8 +43,9 @@ from ``` ### List Standard tier scale set virtual machine +Determine the areas in which standard tier virtual machine scale sets are being used within your Azure environment. This allows for efficient resource allocation and cost management. -```sql +```sql+postgres select name, scale_set_name, @@ -34,9 +58,36 @@ where sku_tier = 'Standard'; ``` +```sql+sqlite +select + name, + scale_set_name, + id, + sku_name, + sku_tier +from + azure_compute_virtual_machine_scale_set_vm +where + sku_tier = 'Standard'; +``` + ### List all virtual machines under a specific scale set +Explore which virtual machines are part of a particular scale set in Azure. This is useful for managing resources and understanding the distribution of your virtual machines within specific scale sets. -```sql +```sql+postgres +select + name, + scale_set_name, + id, + sku_name, + sku_tier +from + azure_compute_virtual_machine_scale_set_vm +where + scale_set_name = 'my_vm_scale'; +``` + +```sql+sqlite select name, scale_set_name, @@ -50,8 +101,9 @@ where ``` ### View Network Security Group Rules for a virtual machine +Determine the security rules applied to a specific virtual machine within a network. This is useful for assessing the security measures in place and identifying any potential vulnerabilities or areas for improvement. -```sql +```sql+postgres select vm.name, nsg.name, @@ -64,4 +116,19 @@ from where lower(vm_nic ->> 'id') = lower(nsg_int ->> 'id') and vm.name = 'warehouse-01'; +``` + +```sql+sqlite +select + vm.name, + nsg.name, + security_rules +from + azure_compute_virtual_machine_scale_set_vm as vm, + json_each(vm.virtual_machine_network_profile) as vm_nic, + azure_network_security_group as nsg, + json_each(nsg.network_interfaces) as nsg_int +where + lower(json_extract(vm_nic.value, '$.id')) = lower(json_extract(nsg_int.value, '$.id')) + and vm.name = 'warehouse-01'; ``` \ No newline at end of file diff --git a/docs/tables/azure_container_group.md b/docs/tables/azure_container_group.md index cde851eb..b8e8119e 100644 --- a/docs/tables/azure_container_group.md +++ b/docs/tables/azure_container_group.md @@ -1,12 +1,34 @@ -# Table: azure_container_group +--- +title: "Steampipe Table: azure_container_group - Query Azure Container Groups using SQL" +description: "Allows users to query Azure Container Groups, providing detailed information about each container group's configuration, status, and metadata." +--- -An Azure Container Group is a specific type of Azure Container Instances resource that allows you to group multiple containers together and run them as a single unit. A container group can contain one or more containers that are tightly coupled and need to be deployed and managed together. For example, you may have a microservices-based application that consists of multiple containers, such as a front-end container, a back-end container, and a database container. You can create an Azure Container Group to deploy and manage all these containers as a single entity. +# Table: azure_container_group - Query Azure Container Groups using SQL + +Azure Container Groups is a service within Microsoft Azure that allows you to manage multiple containers as a single entity. It provides a way to deploy, manage, and scale containers together, simplifying the process of managing multi-container applications. Azure Container Groups helps you to deploy applications quickly and efficiently, without the need to manage the underlying infrastructure. + +## Table Usage Guide + +The `azure_container_group` table provides insights into Container Groups within Microsoft Azure. As a DevOps engineer, explore group-specific details through this table, including container configurations, statuses, and associated metadata. Utilize it to uncover information about container groups, such as those with specific configurations, the statuses of various container groups, and the verification of metadata. ## Examples ### Basic info +Analyze the settings to understand the configuration of your Azure container groups. This can help in managing and optimizing your resources by identifying the regions, restart policies, and other key details. -```sql +```sql+postgres +select + name, + id, + provisioning_state, + restart_policy, + sku, + region +from + azure_container_group; +``` + +```sql+sqlite select name, id, @@ -19,8 +41,9 @@ from ``` ### Get encryption details of each group +This query helps to analyze the encryption details of each group within your Azure Container service. It is useful for assessing your security setup and ensuring that encryption keys are properly configured and up-to-date across all regions. -```sql +```sql+postgres select name, encryption_properties ->> 'VaultBaseURL' as vault_base_url, @@ -31,9 +54,21 @@ from azure_container_group; ``` +```sql+sqlite +select + name, + json_extract(encryption_properties, '$.VaultBaseURL') as vault_base_url, + json_extract(encryption_properties, '$.KeyName') as key_name, + json_extract(encryption_properties, '$.KeyVersion') as key_version, + region +from + azure_container_group; +``` + ### List groups that have restart policy set to `OnFailure` +Identify the groups in your Azure Container service that have been configured to restart only when a failure occurs. This could be beneficial in managing resources and avoiding unnecessary restarts. -```sql +```sql+postgres select name, restart_policy, @@ -45,9 +80,32 @@ where restart_policy = "OnFailure"; ``` +```sql+sqlite +select + name, + restart_policy, + provisioning_state, + type +from + azure_container_group +where + restart_policy = 'OnFailure'; +``` + ### Count groups by operation type +Analyze the distribution of Azure container groups based on their operating system type. This can help in understanding the usage pattern of different OS types within your Azure container groups. -```sql +```sql+postgres +select + os_type, + count(name) as group_count +from + azure_container_group +group by + os_type; +``` + +```sql+sqlite select os_type, count(name) as group_count @@ -58,8 +116,9 @@ group by ``` ### Get IP address details of each group +Discover the segments that provide information about IP addresses associated with each group. This is useful in understanding the network connectivity and accessibility of these groups within the Azure container ecosystem. -```sql +```sql+postgres select name, ip_address -> 'Ports' as ports, @@ -71,9 +130,22 @@ from azure_container_group; ``` +```sql+sqlite +select + name, + json_extract(ip_address, '$.Ports') as ports, + json_extract(ip_address, '$.Type') as ip_address_type, + json_extract(ip_address, '$.IP') as ip, + json_extract(ip_address, '$.DNSNameLabel') as dns_name_label, + json_extract(ip_address, '$.Fqdn') as fqdn +from + azure_container_group; +``` + ### Get image registry credential details of each group +Determine the credentials of image registries for each container group in Azure. This is useful for managing and verifying access to different image registries. -```sql +```sql+postgres select name, i ->> 'Server' as server, @@ -86,9 +158,23 @@ from jsonb_array_elements(image_registry_credentials) as i; ``` +```sql+sqlite +select + name, + json_extract(i.value, '$.Server') as server, + json_extract(i.value, '$.Username') as username, + json_extract(i.value, '$.Password') as password, + json_extract(i.value, '$.Identity') as identity, + json_extract(i.value, '$.IdentityURL') as identity_url +from + azure_container_group, + json_each(image_registry_credentials) as i; +``` + ### Get DNS configuration details of each group +This query allows you to gain insights into the DNS configuration details for each Azure container group. It's particularly useful for system administrators who need to manage or troubleshoot network settings across multiple container groups. -```sql +```sql+postgres select name, id, @@ -98,3 +184,14 @@ select from azure_container_group; ``` + +```sql+sqlite +select + name, + id, + json_extract(dns_config, '$.NameServers') as name_servers, + json_extract(dns_config, '$.SearchDomains') as search_domains, + json_extract(dns_config, '$.Options') as options +from + azure_container_group; +``` \ No newline at end of file diff --git a/docs/tables/azure_container_registry.md b/docs/tables/azure_container_registry.md index e5514fe9..231962f7 100644 --- a/docs/tables/azure_container_registry.md +++ b/docs/tables/azure_container_registry.md @@ -1,12 +1,34 @@ -# Table: azure_container_registry +--- +title: "Steampipe Table: azure_container_registry - Query Azure Container Registries using SQL" +description: "Allows users to query Azure Container Registries, providing insights into the status, SKU, network access, and other critical details." +--- -The Azure container registry is Microsoft's own hosting platform for Docker images. It is a private registry where you can store and manage private docker container images and other related artifacts. These images can then be pulled and run locally or used for container-based deployments to hosting platforms. +# Table: azure_container_registry - Query Azure Container Registries using SQL + +Azure Container Registry is a managed Docker registry service provided by Microsoft Azure for storing and managing Docker images. It is integrated with Azure DevOps, Azure Kubernetes Service (AKS), Docker CLI, and other popular open-source tools. Azure Container Registry allows developers to build, store, and manage container images for Azure deployments in a central registry. + +## Table Usage Guide + +The `azure_container_registry` table provides insights into Azure Container Registries within Microsoft Azure. As a DevOps engineer, explore registry-specific details through this table, including the status, SKU, network access, and other critical details. Utilize it to uncover information about registries, such as those with private network access, the SKU tier, and the verification of admin user-enabled status. ## Examples ### Basic info +Explore the status and details of your Azure Container Registry instances, including their creation date and geographical location, to gain insights into the distribution and management of your resources. This can be particularly useful for auditing purposes, resource allocation, and strategizing regional deployment. -```sql +```sql+postgres +select + name, + id, + provisioning_state, + creation_date, + sku_tier, + region +from + azure_container_registry; +``` + +```sql+sqlite select name, id, @@ -19,8 +41,9 @@ from ``` ### List registries not encrypted with a customer-managed key +Determine the areas in which container registries in your Azure environment are not encrypted with a customer-managed key. This can help in identifying potential security gaps and ensuring better data protection. -```sql +```sql+postgres select name, encryption ->> 'status' as encryption_status, @@ -29,9 +52,19 @@ from azure_container_registry; ``` +```sql+sqlite +select + name, + json_extract(encryption, '$.status') as encryption_status, + region +from + azure_container_registry; +``` + ### List registries not configured with virtual network service endpoint +Determine the areas in which registries are not configured with a virtual network service endpoint. This is useful in identifying potential security risks where network access is allowed without restrictions. -```sql +```sql+postgres select name, network_rule_set ->> 'defaultAction' as network_rule_default_action, @@ -43,9 +76,22 @@ where and network_rule_set ->> 'defaultAction' = 'Allow'; ``` +```sql+sqlite +select + name, + json_extract(network_rule_set, '$.defaultAction') as network_rule_default_action, + json_extract(network_rule_set, '$.virtualNetworkRules') as virtual_network_rules +from + azure_container_registry +where + network_rule_set is not null + and json_extract(network_rule_set, '$.defaultAction') = 'Allow'; +``` + ### List registries with admin user account enabled +Determine the areas in which administrative user accounts are activated within your Azure Container Registries. This is beneficial to ascertain potential security risks and maintain best practices for access control. -```sql +```sql+postgres select name, admin_user_enabled, @@ -55,3 +101,14 @@ from where admin_user_enabled; ``` + +```sql+sqlite +select + name, + admin_user_enabled, + region +from + azure_container_registry +where + admin_user_enabled; +``` \ No newline at end of file diff --git a/docs/tables/azure_cosmosdb_account.md b/docs/tables/azure_cosmosdb_account.md index 221dd1c7..1144dc53 100644 --- a/docs/tables/azure_cosmosdb_account.md +++ b/docs/tables/azure_cosmosdb_account.md @@ -1,12 +1,22 @@ -# Table: azure_cosmosdb_account +--- +title: "Steampipe Table: azure_cosmosdb_account - Query Azure Cosmos DB Accounts using SQL" +description: "Allows users to query Azure Cosmos DB Accounts, providing detailed information about each account's configurations, properties, and associated resources." +--- -Azure Cosmos DB is a fully managed NoSQL database service for modern app development. +# Table: azure_cosmosdb_account - Query Azure Cosmos DB Accounts using SQL + +Azure Cosmos DB is a globally distributed, multi-model database service designed for scalable and high-performance modern applications. It provides native support for NoSQL and OSS APIs, including MongoDB, Cassandra, Gremlin, et al. With turnkey global distribution and transparent multi-master replication, it offers single-digit millisecond latency, and 99.999% availability. + +## Table Usage Guide + +The `azure_cosmosdb_account` table provides insights into Azure Cosmos DB Accounts within Azure's database services. As a database administrator or developer, explore account-specific details through this table, including configurations, properties, and associated resources. Utilize it to uncover information about accounts, such as their replication policies, failover policies, and the verification of virtual network rules. ## Examples ### List of database accounts where automatic failover is not enabled +Explore which database accounts in Azure CosmosDB do not have automatic failover enabled. This is useful to identify potential risks and ensure high availability and disaster recovery in your database setup. -```sql +```sql+postgres select name, region, @@ -18,9 +28,33 @@ where not enable_automatic_failover; ``` +```sql+sqlite +select + name, + region, + enable_automatic_failover, + resource_group +from + azure_cosmosdb_account +where + enable_automatic_failover = 0; +``` + ### List of database accounts which allows traffic from all networks, including the public Internet. +Explore which database accounts are potentially exposed to security risks by allowing traffic from all networks, including the public internet. This can be useful to identify potential vulnerabilities and improve security measures. -```sql +```sql+postgres +select + name, + region, + virtual_network_rules +from + azure_cosmosdb_account +where + virtual_network_rules = '[]'; +``` + +```sql+sqlite select name, region, @@ -32,8 +66,9 @@ where ``` ### List of database accounts where multiple write location is not enabled +Identify the Azure Cosmos DB accounts that do not have multiple write locations enabled. This can be useful in pinpointing potential areas of risk or inefficiency, as enabling multiple write locations can enhance data redundancy and availability. -```sql +```sql+postgres select name, region, @@ -44,9 +79,21 @@ where not enable_multiple_write_locations; ``` +```sql+sqlite +select + name, + region, + enable_multiple_write_locations +from + azure_cosmosdb_account +where + enable_multiple_write_locations = 0; +``` + ### Failover policy info for the database accounts +Determine the areas in which your Azure CosmosDB accounts have their failover policies set. This helps in understanding the priority and location of failover events, thereby assisting in ensuring high availability and disaster recovery strategies. -```sql +```sql+postgres select name, fp ->> 'failoverPriority' as failover_priority, @@ -56,9 +103,31 @@ from cross join jsonb_array_elements(failover_policies) as fp; ``` +```sql+sqlite +select + name, + json_extract(fp.value, '$.failoverPriority') as failover_priority, + json_extract(fp.value, '$.locationName') as location_name +from + azure_cosmosdb_account, + json_each(failover_policies) as fp; +``` + ### Consistency policy info for each account +Discover the segments that detail the consistency policy for each account, useful for understanding the database account offer type and the default consistency level. This aids in managing data consistency and staleness across your Azure Cosmos DB accounts. + +```sql+postgres +select + name, + consistency_policy_max_interval, + consistency_policy_max_staleness_prefix, + database_account_offer_type, + default_consistency_level +from + azure_cosmosdb_account; +``` -```sql +```sql+sqlite select name, consistency_policy_max_interval, @@ -70,8 +139,9 @@ from ``` ### Get backup policy for accounts having periodic backups enabled +Determine the backup policies of accounts with periodic backups enabled. This is useful for understanding the frequency and retention of backups, as well as the redundancy of storage, ensuring data safety and availability. -```sql +```sql+postgres select name, region, @@ -84,9 +154,23 @@ where backup_policy ->> 'type' = 'Periodic'; ``` +```sql+sqlite +select + name, + region, + json_extract(backup_policy, '$.periodicModeProperties.backupIntervalInMinutes') as backup_interval_mins, + json_extract(backup_policy, '$.periodicModeProperties.backupRetentionIntervalInHours') as backup_retention_interval_hrs, + json_extract(backup_policy, '$.periodicModeProperties.backupStorageRedundancy') as backup_storage_redundancy +from + azure_cosmosdb_account +where + json_extract(backup_policy, '$.type') = 'Periodic'; +``` + ### Get private endpoint connection details for each account +Explore the connection details of each private endpoint linked to your account. This can help you assess the status and type of each connection, enabling better management and troubleshooting of your network resources. -```sql +```sql+postgres select c ->> 'PrivateEndpointConnectionName' as private_endpoint_connection_name, c ->> 'PrivateEndpointConnectionType' as private_endpoint_connection_type, @@ -101,9 +185,25 @@ from jsonb_array_elements(private_endpoint_connections) as c; ``` +```sql+sqlite +select + json_extract(c.value, '$.PrivateEndpointConnectionName') as private_endpoint_connection_name, + json_extract(c.value, '$.PrivateEndpointConnectionType') as private_endpoint_connection_type, + json_extract(c.value, '$.PrivateEndpointId') as private_endpoint_id, + json_extract(c.value, '$.PrivateLinkServiceConnectionStateActionsRequired') as private_link_service_connection_state_actions_required, + json_extract(c.value, '$.PrivateLinkServiceConnectionStateDescription') as private_link_service_connection_state_description, + json_extract(c.value, '$.PrivateLinkServiceConnectionStateStatus') as private_link_service_connection_state_status, + json_extract(c.value, '$.ProvisioningState') as provisioning_state, + json_extract(c.value, '$.PrivateEndpointConnectionId') as private_endpoint_connection_id +from + azure_cosmosdb_account, + json_each(private_endpoint_connections) as c; +``` + ### Get details of accounts restored from backup +The example demonstrates how to identify the instances where Azure Cosmos DB accounts have been restored from a backup. This can be particularly useful for auditing purposes, to ensure data integrity and to track any unauthorized restorations. -```sql +```sql+postgres select name, restore_parameters ->> 'restoreMode' as restore_mode, @@ -114,4 +214,17 @@ from azure_cosmosdb_account, jsonb_array_elements(restore_parameters -> 'databasesToRestore') d, jsonb_array_elements_text(d -> 'collectionNames') c; +``` + +```sql+sqlite +select + a.name, + json_extract(a.restore_parameters, '$.restoreMode') as restore_mode, + json_extract(a.restore_parameters, '$.restoreSource') as restore_source, + json_extract(d.value, '$.databaseName') as restored_database_name, + json_extract(c.value, '$') as restored_collection_name +from + azure_cosmosdb_account a, + json_each(json_extract(a.restore_parameters, '$.databasesToRestore')) as d, + json_each(json_extract(d.value, '$.collectionNames')) as c; ``` \ No newline at end of file diff --git a/docs/tables/azure_cosmosdb_mongo_collection.md b/docs/tables/azure_cosmosdb_mongo_collection.md index 8c8d337d..479b083d 100644 --- a/docs/tables/azure_cosmosdb_mongo_collection.md +++ b/docs/tables/azure_cosmosdb_mongo_collection.md @@ -1,14 +1,41 @@ -# Table: azure_cosmosdb_mongo_collection +--- +title: "Steampipe Table: azure_cosmosdb_mongo_collection - Query Azure Cosmos DB Mongo Collections using SQL" +description: "Allows users to query Azure Cosmos DB Mongo Collections, providing insights into the collection's properties such as name, resource group, account name, and more." +--- -An Azure Cosmos DB container is where data is stored. Unlike most relational databases which scale up with larger VM sizes, Azure Cosmos DB scales out. A collection is a grouping of MongoDB documents. +# Table: azure_cosmosdb_mongo_collection - Query Azure Cosmos DB Mongo Collections using SQL -**You must specify the CosmosDB Mongo Database Name** in the `where` clause (`where database_name=''`). +Azure Cosmos DB is a globally distributed, multi-model database service for any scale. It offers multiple well-defined consistency models, guaranteed single-digit-millisecond read and write latencies at the 99th percentile, and guaranteed 99.999% high availability with multi-homing. In particular, the Mongo Collection is a resource within the Azure Cosmos DB that represents a group of MongoDB documents. + +## Table Usage Guide + +The `azure_cosmosdb_mongo_collection` table provides insights into Mongo Collections within Azure Cosmos DB. As a database administrator, explore collection-specific details through this table, including the collection's name, resource group, account name, and more. Utilize it to uncover information about collections, such as their properties, the associated database, and the verification of their configurations. + +**Important notes:** +- You must specify the `database_name = ''` in the `where` clause to query this table. ## Examples ### Basic info +This query is used to gain insights into the relationship between Azure CosmosDB Mongo collections and databases. It can be used to manage and analyze the distribution of resources across different databases and regions, which is crucial for optimizing resource usage and performance. + +```sql+postgres +select + c.name, + c.database_name, + c.account_name, + c.region, + c.resource_group, + c.shard_key, + c.id +from + azure_cosmosdb_mongo_collection c, + azure_cosmosdb_mongo_database d +where + c.database_name = d.name; +``` -```sql +```sql+sqlite select c.name, c.database_name, @@ -25,8 +52,9 @@ where ``` ### Collection count by cosmos DB database name +Discover the segments that have a significant number of collections in your Azure Cosmos DB. This is beneficial for understanding database usage and managing resource allocation effectively. -```sql +```sql+postgres select c.database_name, count(c.name) as collection_count @@ -39,9 +67,21 @@ group by database_name; ``` +```sql+sqlite +select + c.database_name, + count(c.name) as collection_count +from + azure_cosmosdb_mongo_collection c + join azure_cosmosdb_mongo_database d on c.database_name = d.name +group by + c.database_name; +``` + ### Get throughput settings for each collection +Analyze the settings to understand the throughput configurations for each collection in your Azure Cosmos DB. This helps in optimizing resource utilization and managing the performance of your database. -```sql +```sql+postgres select c.name as collection_name, c.database_name, @@ -58,9 +98,27 @@ where c.database_name = d.name; ``` +```sql+sqlite +select + c.name as collection_name, + c.database_name, + c.account_name, + json_extract(c.throughput_settings, '$.Name') as name, + json_extract(c.throughput_settings, '$.ResourceThroughput') as throughput, + json_extract(c.throughput_settings, '$.AutoscaleSettingsMaxThroughput') as maximum_throughput, + json_extract(c.throughput_settings, '$.ResourceMinimumThroughput') as minimum_throughput, + json_extract(c.throughput_settings, '$.ID') as id +from + azure_cosmosdb_mongo_collection c, + azure_cosmosdb_mongo_database d +where + c.database_name = d.name; +``` + ### Get index keys in each collection +Determine the areas in which specific index keys are used across different collections in Azure Cosmos DB. This is beneficial for optimizing database performance and understanding data distribution across your collections. -```sql +```sql+postgres select c.name as collection_name, c.database_name, @@ -72,4 +130,18 @@ from jsonb_array_elements(indexes) i where c.database_name = d.name; +``` + +```sql+sqlite +select + c.name as collection_name, + c.database_name, + c.account_name, + json_extract(i.value, '$.key.keys') as index_keys +from + azure_cosmosdb_mongo_collection c, + azure_cosmosdb_mongo_database d, + json_each(indexes) as i +where + c.database_name = d.name; ``` \ No newline at end of file diff --git a/docs/tables/azure_cosmosdb_mongo_database.md b/docs/tables/azure_cosmosdb_mongo_database.md index c207c88a..550c99ae 100644 --- a/docs/tables/azure_cosmosdb_mongo_database.md +++ b/docs/tables/azure_cosmosdb_mongo_database.md @@ -1,12 +1,22 @@ -# Table: azure_cosmosdb_mongo_database +--- +title: "Steampipe Table: azure_cosmosdb_mongo_database - Query Azure Cosmos DB MongoDB Databases using SQL" +description: "Allows users to query Azure Cosmos DB MongoDB Databases, providing comprehensive details about each MongoDB database within an Azure Cosmos DB account." +--- -MongoDB is a cross-platform document-oriented database program. Classified as a NoSQL database program, MongoDB uses JSON-like documents with optional schemas. +# Table: azure_cosmosdb_mongo_database - Query Azure Cosmos DB MongoDB Databases using SQL + +Azure Cosmos DB is a globally distributed, multi-model database service for managing data at planet-scale. It's built to power today's IoT and mobile apps, and tomorrow's AI-hungry future. The MongoDB API allows you to use Azure Cosmos DB as a fully managed NoSQL database to build modern and scalable applications. + +## Table Usage Guide + +The `azure_cosmosdb_mongo_database` table provides detailed information about each MongoDB database within an Azure Cosmos DB account. As a database administrator or developer, you can use this table to gain insights into your MongoDB databases, including their properties, configuration settings, and associated metadata. This table is particularly useful for auditing, managing, and optimizing your Azure Cosmos DB MongoDB databases. ## Examples ### Basic info +Explore the performance and location details of your Azure Cosmos DB Mongo databases. This query can help you understand the maximum throughput settings and actual throughput, which can be useful for optimizing your database's performance and managing resources effectively. -```sql +```sql+postgres select name, autoscale_settings_max_throughput, @@ -18,10 +28,32 @@ from azure_cosmosdb_mongo_database; ``` +```sql+sqlite +select + name, + autoscale_settings_max_throughput, + throughput, + account_name, + region, + resource_group +from + azure_cosmosdb_mongo_database; +``` ### Database count by cosmosdb account name +Determine the number of databases linked to each CosmosDB account in Azure. This is useful for understanding the distribution and organization of databases across different accounts in your Azure environment. -```sql +```sql+postgres +select + account_name, + count(name) as database_count +from + azure_cosmosdb_mongo_database +group by + account_name; +``` + +```sql+sqlite select account_name, count(name) as database_count @@ -32,8 +64,9 @@ group by ``` ### Get throughput settings for each database +Determine the areas in which throughput settings for each database in your Azure CosmosDB MongoDB can be optimized. This query can help in understanding the current configuration and identifying potential areas for performance improvement. -```sql +```sql+postgres select name, account_name, @@ -44,4 +77,17 @@ select throughput_settings ->> 'ID' as id from azure_cosmosdb_mongo_database; +``` + +```sql+sqlite +select + name, + account_name, + json_extract(throughput_settings, '$.Name') as name, + json_extract(throughput_settings, '$.ResourceThroughput') as throughput, + json_extract(throughput_settings, '$.AutoscaleSettingsMaxThroughput') as maximum_throughput, + json_extract(throughput_settings, '$.ResourceMinimumThroughput') as minimum_throughput, + json_extract(throughput_settings, '$.ID') as id +from + azure_cosmosdb_mongo_database; ``` \ No newline at end of file diff --git a/docs/tables/azure_cosmosdb_restorable_database_account.md b/docs/tables/azure_cosmosdb_restorable_database_account.md index f5125449..07fabca1 100644 --- a/docs/tables/azure_cosmosdb_restorable_database_account.md +++ b/docs/tables/azure_cosmosdb_restorable_database_account.md @@ -1,12 +1,33 @@ -# Table: azure_cosmosdb_restorable_database_account +--- +title: "Steampipe Table: azure_cosmosdb_restorable_database_account - Query Azure Cosmos DB Restorable Database Accounts using SQL" +description: "Allows users to query Azure Cosmos DB Restorable Database Accounts, providing insights into the restorable Azure Cosmos DB accounts within a specified time range." +--- -Azure Cosmos DB restorable account helps to recover a Cosmos DB account from an accidental write, delete operation, or to restore data into any region. +# Table: azure_cosmosdb_restorable_database_account - Query Azure Cosmos DB Restorable Database Accounts using SQL + +Azure Cosmos DB is a fully managed NoSQL database service for modern app development. It offers turnkey global distribution, guarantees single-digit millisecond latencies at the 99th percentile, and guarantees high availability with multi-homing capabilities and low latencies anywhere in the world. A Restorable Database Account in Azure Cosmos DB is a resource that can be used to restore the account to a previous state. + +## Table Usage Guide + +The `azure_cosmosdb_restorable_database_account` table provides insights into restorable Azure Cosmos DB accounts within a specified time range. As a database administrator, explore account-specific details through this table, including the creation time, deletion time, and restorable time range. Utilize it to uncover information about accounts, such as those that are recently deleted, the time range within which the account can be restored, and the verification of restore locations. ## Examples ### Basic Info +Explore which Azure Cosmos DB accounts can be restored, pinpointing their specific locations and the time they were created. This is useful for assessing the elements within your resource group and planning for disaster recovery scenarios. -```sql +```sql+postgres +select + name, + region, + account_name, + creation_time, + resource_group +from + azure_cosmosdb_restorable_database_account; +``` + +```sql+sqlite select name, region, @@ -18,8 +39,9 @@ from ``` ### Get the regions that the database accounts can be restored from +Explore which regions your database accounts can be restored from, providing useful insights for disaster recovery planning and risk management. This allows you to identify potential fallback locations in case of regional outages or disruptions. -```sql +```sql+postgres select name, region, @@ -30,9 +52,21 @@ from azure_cosmosdb_restorable_database_account; ``` +```sql+sqlite +select + name, + region, + json_extract(restorable_locations, '$.LocationName') as restorable_location, + json_extract(restorable_locations, '$.CreationTime') as regional_database_account_creation_time, + json_extract(restorable_locations, '$.RegionalDatabaseAccountInstanceID') as restorable_location_database_instance_id +from + azure_cosmosdb_restorable_database_account; +``` + ### Get the accounts having point-in-time recovery enabled +Discover the Azure CosmosDB accounts that have point-in-time recovery enabled. This is useful for identifying accounts that may require additional backup strategies or have higher potential for data recovery in the event of data loss. -```sql +```sql+postgres select ra.account_name, ra.name as restorable_database_account_name, @@ -46,9 +80,21 @@ where and ra.subscription_id = a.subscription_id; ``` +```sql+sqlite +select + ra.account_name, + ra.name as restorable_database_account_name, + creation_time, + ra.id as restorable_database_account_id +from + azure_cosmosdb_restorable_database_account ra + join azure_cosmosdb_account a on ra.account_name = a.name and ra.subscription_id = a.subscription_id; +``` + ### Get the restorable account count per api type +Determine the number of restorable accounts for each API type to manage and optimize your Azure Cosmos DB resources. This can be useful for understanding your capacity and planning for potential disaster recovery scenarios. -```sql +```sql+postgres select api_type, count(ra.*) as accounts @@ -56,4 +102,14 @@ from azure_cosmosdb_restorable_database_account ra group by api_type; +``` + +```sql+sqlite +select + api_type, + count(*) as accounts +from + azure_cosmosdb_restorable_database_account ra +group by + api_type; ``` \ No newline at end of file diff --git a/docs/tables/azure_cosmosdb_sql_database.md b/docs/tables/azure_cosmosdb_sql_database.md index 44fe87da..2330362b 100644 --- a/docs/tables/azure_cosmosdb_sql_database.md +++ b/docs/tables/azure_cosmosdb_sql_database.md @@ -1,12 +1,22 @@ -# Table: azure_cosmosdb_sql_database +--- +title: "Steampipe Table: azure_cosmosdb_sql_database - Query Azure Cosmos DB SQL Databases using SQL" +description: "Allows users to query Azure Cosmos DB SQL Databases, providing data on the properties, configurations, and usage metrics of each database." +--- -Azure Cosmos DB is a global distributed, multi-model database that is used in a wide range of applications and use cases. +# Table: azure_cosmosdb_sql_database - Query Azure Cosmos DB SQL Databases using SQL + +Azure Cosmos DB is a globally distributed, multi-model database service designed for scalable and high-performance modern applications. It is a fully managed NoSQL database for modern app development with guaranteed single-digit millisecond response times and 99.999-percent availability backed by SLAs, automatic and instant scalability, and open source APIs for MongoDB and Cassandra. A SQL Database in Azure Cosmos DB is a schema-less JSON database engine with SQL querying capabilities. + +## Table Usage Guide + +The `azure_cosmosdb_sql_database` table provides detailed insights into SQL Databases within Azure Cosmos DB. As a database administrator or developer, you can explore database-specific details through this table, including throughput settings, indexing policies, and associated metadata. Utilize it to monitor database performance, manage configurations, and ensure optimal resource utilization. ## Examples ### Basic info +Explore which Azure CosmosDB SQL databases are tied to specific accounts and regions. This can be helpful in managing resources and understanding the distribution of databases across different regions and accounts. -```sql +```sql+postgres select name, account_name, @@ -17,10 +27,21 @@ from azure_cosmosdb_sql_database; ``` +```sql+sqlite +select + name, + account_name, + database_users, + region, + resource_group +from + azure_cosmosdb_sql_database; +``` ### Database count per cosmosdb accounts +Determine the number of databases associated with each CosmosDB account to better manage resources and plan for scaling needs. -```sql +```sql+postgres select account_name, count(name) as database_count @@ -30,10 +51,20 @@ group by account_name; ``` +```sql+sqlite +select + account_name, + count(name) as database_count +from + azure_cosmosdb_sql_database +group by + account_name; +``` ### List of sql databases without application tag key +Identify Azure Cosmos DB SQL databases that have not been tagged with an 'application' key. This can be useful in managing and organizing databases, particularly in larger systems where proper tagging can streamline operations and maintenance. -```sql +```sql+postgres select name, tags @@ -41,4 +72,14 @@ from azure_cosmosdb_sql_database where not tags :: JSONB ? 'application'; +``` + +```sql+sqlite +select + name, + tags +from + azure_cosmosdb_sql_database +where + json_extract(tags, '$.application') is null; ``` \ No newline at end of file diff --git a/docs/tables/azure_data_factory.md b/docs/tables/azure_data_factory.md index 238ad115..bd2f200e 100644 --- a/docs/tables/azure_data_factory.md +++ b/docs/tables/azure_data_factory.md @@ -1,12 +1,22 @@ -# Table: azure_data_factory +--- +title: "Steampipe Table: azure_data_factory - Query Azure Data Factory using SQL" +description: "Allows users to query Azure Data Factories, providing insights into the orchestration and automation of ETL workflows in Azure." +--- -Azure Data Factory is the platform that solves such data scenarios. It is the cloud-based ETL and data integration service that allows to create data-driven workflows for orchestrating data movement and transforming data at scale. +# Table: azure_data_factory - Query Azure Data Factory using SQL + +Azure Data Factory is a cloud-based data integration service that allows you to create data-driven workflows for orchestrating and automating data movement and data transformation. It provides a platform to produce trusted information from raw data across various sources. With Azure Data Factory, users can create and schedule data-driven workflows (called pipelines) that can ingest data from disparate data stores. + +## Table Usage Guide + +The `azure_data_factory` table provides insights into Azure Data Factories within your Azure environment. As a Data Engineer or Data Scientist, you can explore details of each data factory, including its location, provisioning state, and creation time, among other attributes. Utilize it to manage and monitor your data integration pipelines, analyze data factory performance, and ensure compliance with your organizational policies. ## Examples ### Basic info +Explore the basic details of your Azure Data Factory resources to understand their current provisioning state and type. This can be useful for auditing and managing your resources efficiently. -```sql +```sql+postgres select name, id, @@ -17,10 +27,21 @@ from azure_data_factory; ``` +```sql+sqlite +select + name, + id, + type, + provisioning_state, + etag +from + azure_data_factory; +``` ### List system assigned identity type factories +Discover the segments that use system-assigned identities within your Azure Data Factory resources. This is useful for understanding the distribution of identity types, which can aid in managing access and permissions. -```sql +```sql+postgres select name, id, @@ -32,10 +53,22 @@ where identity ->> 'type' = 'SystemAssigned'; ``` +```sql+sqlite +select + name, + id, + type, + json_extract(identity, '$.type') as identity_type +from + azure_data_factory +where + json_extract(identity, '$.type') = 'SystemAssigned'; +``` ### List factories with public network access enabled +Determine the areas in which factories have public network access enabled. This is useful for identifying potential security vulnerabilities within your Azure data factories. -```sql +```sql+postgres select name, id, @@ -46,3 +79,15 @@ from where public_network_access = 'Enabled'; ``` + +```sql+sqlite +select + name, + id, + type, + public_network_access +from + azure_data_factory +where + public_network_access = 'Enabled'; +``` \ No newline at end of file diff --git a/docs/tables/azure_data_factory_dataset.md b/docs/tables/azure_data_factory_dataset.md index 29519202..28e76ac8 100644 --- a/docs/tables/azure_data_factory_dataset.md +++ b/docs/tables/azure_data_factory_dataset.md @@ -1,12 +1,32 @@ -# Table: azure_data_factory_dataset +--- +title: "Steampipe Table: azure_data_factory_dataset - Query Azure Data Factory Datasets using SQL" +description: "Allows users to query Azure Data Factory Datasets, specifically data processing and transformation details, providing insights into data handling and potential anomalies." +--- -Azure Data Factory datasets identify data within different data stores, such as tables, files, folders, and documents. +# Table: azure_data_factory_dataset - Query Azure Data Factory Datasets using SQL + +Azure Data Factory is a cloud-based data integration service that allows you to create data-driven workflows for orchestrating and automating data movement and data transformation. It enables the creation of various types of inputs and outputs such as files, tables, and SQL query results. Azure Data Factory allows you to integrate the data silos and drive transformational insights. + +## Table Usage Guide + +The `azure_data_factory_dataset` table provides insights into datasets within Azure Data Factory. As a Data Analyst, explore dataset-specific details through this table, including the structure, schema, and associated metadata. Utilize it to uncover information about datasets, such as data processing and transformation details, the relationships between datasets, and the verification of data schemas. ## Examples ### Basic info +This query is useful for gaining insights into various datasets in your Azure Data Factory. It allows you to view basic information such as name, ID, and type, which can be helpful for managing your data resources effectively. -```sql +```sql+postgres +select + name, + id, + etag, + type +from + azure_data_factory_dataset; +``` + +```sql+sqlite select name, id, @@ -17,8 +37,9 @@ from ``` ### List relational table type datasets +Explore which datasets in your Azure Data Factory are of the 'RelationalTable' type. This can be beneficial in understanding your data structure and management, especially when working with relational databases. -```sql +```sql+postgres select name, id, @@ -28,4 +49,16 @@ from azure_data_factory_dataset where properties ->> 'type' = 'RelationalTable'; +``` + +```sql+sqlite +select + name, + id, + type, + json_extract(properties, '$.type') as dataset_type +from + azure_data_factory_dataset +where + json_extract(properties, '$.type') = 'RelationalTable'; ``` \ No newline at end of file diff --git a/docs/tables/azure_data_factory_pipeline.md b/docs/tables/azure_data_factory_pipeline.md index 790f3671..381336b4 100644 --- a/docs/tables/azure_data_factory_pipeline.md +++ b/docs/tables/azure_data_factory_pipeline.md @@ -1,12 +1,22 @@ -# Table: azure_data_factory_pipeline +--- +title: "Steampipe Table: azure_data_factory_pipeline - Query Azure Data Factory Pipelines using SQL" +description: "Allows users to query Azure Data Factory Pipelines, providing insights into pipeline configurations, statuses, and activities." +--- -A Data Factory pipeline is a logical grouping of activities that together perform a task. The activities in a pipeline define actions to perform on data. +# Table: azure_data_factory_pipeline - Query Azure Data Factory Pipelines using SQL + +Azure Data Factory is a cloud-based data integration service that orchestrates and automates the movement and transformation of data. It allows users to create, schedule, and manage data pipelines. These pipelines can ingest data from disparate data stores, transform the data by using compute services such as Azure HDInsight Hadoop, Azure Databricks, and Azure SQL Database. + +## Table Usage Guide + +The `azure_data_factory_pipeline` table provides insights into the pipelines within Azure Data Factory. As a data engineer or data scientist, explore pipeline-specific details through this table, including pipeline configurations, statuses, and activities. This table can be utilized to manage and monitor data pipelines, ensuring optimal data flow and transformation. ## Examples ### Basic info +Determine the areas in which Azure Data Factory Pipelines are used in your system. This query is handy when you need to understand the distribution and usage of these pipelines across your infrastructure for better management and optimization. -```sql +```sql+postgres select name, id, @@ -16,3 +26,14 @@ select from azure_data_factory_pipeline; ``` + +```sql+sqlite +select + name, + id, + factory_name, + type, + etag +from + azure_data_factory_pipeline; +``` \ No newline at end of file diff --git a/docs/tables/azure_data_lake_analytics_account.md b/docs/tables/azure_data_lake_analytics_account.md index 690cf909..cb3a7ea9 100644 --- a/docs/tables/azure_data_lake_analytics_account.md +++ b/docs/tables/azure_data_lake_analytics_account.md @@ -1,12 +1,32 @@ -# Table: azure_data_lake_analytics_account +--- +title: "Steampipe Table: azure_data_lake_analytics_account - Query Azure Data Lake Analytics Accounts using SQL" +description: "Allows users to query Azure Data Lake Analytics Accounts, providing insights into the configuration, state, and other critical details of these resources." +--- -Azure Data Lake Analytics is an on-demand analytics job service that simplifies big data. Instead of deploying, configuring, and tuning hardware, you write queries to transform your data and extract valuable insights. The analytics service can handle jobs of any scale instantly by setting the dial for how much power you need. You only pay for your job when it is running, making it cost-effective. +# Table: azure_data_lake_analytics_account - Query Azure Data Lake Analytics Accounts using SQL + +Azure Data Lake Analytics is an on-demand analytics job service that simplifies big data. Instead of deploying, configuring, and tuning hardware, you write queries to transform your data and extract valuable insights. The analytics service can handle jobs of any scale instantly by setting the dial for how much power you need. + +## Table Usage Guide + +The `azure_data_lake_analytics_account` table provides insights into the Azure Data Lake Analytics Accounts within Azure. As a Data Analyst or a Data Engineer, explore account-specific details through this table, including the current state, the level of commitment, and the associated metadata. Utilize it to uncover information about accounts, such as their provisioning state, firewall state, and the maximum degree of parallelism per job, which can aid in optimizing data processing and analytics tasks. ## Examples ### Basic info +Analyze the settings to understand the status and type of your Azure Data Lake Analytics accounts. This can help in managing resources and identifying any accounts that may be in an unexpected state. -```sql +```sql+postgres +select + name, + id, + type, + provisioning_state +from + azure_data_lake_analytics_account; +``` + +```sql+sqlite select name, id, @@ -17,8 +37,22 @@ from ``` ### List suspended data lake analytics accounts +Determine the areas in which your data lake analytics accounts are suspended. This allows you to manage resources efficiently by identifying and addressing any issues with these accounts. + +```sql+postgres +select + name, + id, + type, + state, + provisioning_state +from + azure_data_lake_analytics_account +where + state = 'Suspended'; +``` -```sql +```sql+sqlite select name, id, @@ -32,8 +66,9 @@ where ``` ### List data lake analytics accounts with firewall disabled +Explore which Data Lake analytics accounts have their firewall disabled in order to identify potential security vulnerabilities. This can assist in maintaining robust security practices and preventing unauthorized access. -```sql +```sql+postgres select name, id, @@ -44,3 +79,15 @@ from where firewall_state = 'Disabled'; ``` + +```sql+sqlite +select + name, + id, + type, + provisioning_state +from + azure_data_lake_analytics_account +where + firewall_state = 'Disabled'; +``` \ No newline at end of file diff --git a/docs/tables/azure_data_lake_store.md b/docs/tables/azure_data_lake_store.md index 095bbb0e..3dd0b4de 100644 --- a/docs/tables/azure_data_lake_store.md +++ b/docs/tables/azure_data_lake_store.md @@ -1,12 +1,32 @@ -# Table: azure_data_lake_store +--- +title: "Steampipe Table: azure_data_lake_store - Query Azure Data Lake Store using SQL" +description: "Allows users to query Azure Data Lake Stores, providing insights into the data storage and analytics service in Azure." +--- -Azure Data Lake Storage is an enterprise-wide hyper-scale repository for big data analytic workloads. Azure Data Lake enables you to capture data of any size, type, and ingestion speed in one single place for operational and exploratory analytics. +# Table: azure_data_lake_store - Query Azure Data Lake Store using SQL + +Azure Data Lake Store is a hyper-scale repository for big data analytic workloads in Azure. It allows you to store and analyze petabyte-size files and trillions of objects. Azure Data Lake Store offers high-speed integration with Azure HDInsight, Azure Data Factory, and Azure Machine Learning. + +## Table Usage Guide + +The `azure_data_lake_store` table provides insights into the data storage and analytics service in Azure. As a data engineer or data scientist, explore details about your Azure Data Lake Stores through this table, including their properties, encryption settings, and firewalls rules. Utilize it to manage and monitor your data lake stores, ensuring they are configured according to your organization's security and compliance policies. ## Examples ### Basic info +Explore the general information of your Azure Data Lake Store resources to understand their current state and type. This can help in monitoring the provisioning status and managing these resources effectively. -```sql +```sql+postgres +select + name, + id, + type, + provisioning_state +from + azure_data_lake_store; +``` + +```sql+sqlite select name, id, @@ -17,8 +37,21 @@ from ``` ### List data lake stores with encryption disabled +Explore which Azure data lake stores have disabled encryption, a potential security risk. This can be useful in auditing and improving your data security measures. -```sql +```sql+postgres +select + name, + id, + type, + provisioning_state +from + azure_data_lake_store +where + encryption_state = 'Disabled'; +``` + +```sql+sqlite select name, id, @@ -31,8 +64,9 @@ where ``` ### List data lake stores with firewall disabled +Discover the segments that utilize Azure Data Lake stores with disabled firewalls, enabling you to identify potential security risks and take necessary precautions. This is particularly useful for ensuring optimal security measures are in place and avoiding potential data breaches. -```sql +```sql+postgres select name, id, @@ -43,3 +77,15 @@ from where firewall_state = 'Disabled'; ``` + +```sql+sqlite +select + name, + id, + type, + provisioning_state +from + azure_data_lake_store +where + firewall_state = 'Disabled'; +``` \ No newline at end of file diff --git a/docs/tables/azure_databox_edge_device.md b/docs/tables/azure_databox_edge_device.md index 68b021e1..6dd2e9a1 100644 --- a/docs/tables/azure_databox_edge_device.md +++ b/docs/tables/azure_databox_edge_device.md @@ -1,12 +1,33 @@ -# Table: azure_databox_edge_device +--- +title: "Steampipe Table: azure_databox_edge_device - Query Azure Databox Edge Devices using SQL" +description: "Allows users to query Azure Databox Edge Devices, providing insights into the device's status, SKU, model description, and more." +--- -Azure Data Box Gateway is a storage solution that enables you to seamlessly send data to Azure. This article provides you an overview of the Azure Data Box Gateway solution, benefits, key capabilities, and the scenarios where you can deploy this device. +# Table: azure_databox_edge_device - Query Azure Databox Edge Devices using SQL + +Azure Databox Edge is a physical network appliance, shipped by Microsoft, that brings computation and storage capabilities to the edge of your network. It acts as a storage gateway, creating a link between your site and Azure storage. This device provides AI-enabled edge compute, network and storage capabilities. + +## Table Usage Guide + +The `azure_databox_edge_device` table provides insights into Azure Databox Edge Devices within Microsoft Azure. As an IT administrator, explore device-specific details through this table, including the device's status, SKU, model description, and more. Utilize it to uncover information about the devices, such as their capacity, serial numbers, and the verification of device settings. ## Examples ### Basic info +Explore the status and geographical distribution of your Azure Databox Edge devices. This allows for efficient management and monitoring of your devices across different regions. -```sql +```sql+postgres +select + name, + id, + type, + data_box_edge_device_status, + region +from + azure_databox_edge_device; +``` + +```sql+sqlite select name, id, @@ -18,8 +39,9 @@ from ``` ### List offline data box edge devices +Determine the areas in which Azure Databox Edge devices are currently offline. This can be useful for identifying potential network issues or maintenance needs in your infrastructure. -```sql +```sql+postgres select name, id, @@ -30,3 +52,15 @@ from where data_box_edge_device_status = 'Offline'; ``` + +```sql+sqlite +select + name, + id, + type, + data_box_edge_device_status +from + azure_databox_edge_device +where + data_box_edge_device_status = 'Offline'; +``` \ No newline at end of file diff --git a/docs/tables/azure_databricks_workspace.md b/docs/tables/azure_databricks_workspace.md index 03024402..060bda13 100644 --- a/docs/tables/azure_databricks_workspace.md +++ b/docs/tables/azure_databricks_workspace.md @@ -1,12 +1,34 @@ -# Table: azure_databricks_workspace +--- +title: "Steampipe Table: azure_databricks_workspace - Query Azure Databricks Workspaces using SQL" +description: "Allows users to query Azure Databricks Workspaces, providing insights into the configuration, status, and properties of each workspace." +--- -A workspace is an environment for accessing all of your Azure Databricks assets. A workspace organizes objects (notebooks, libraries, dashboards, and experiments) into folders and provides access to data objects and computational resources. +# Table: azure_databricks_workspace - Query Azure Databricks Workspaces using SQL + +Azure Databricks Workspace is a feature within Microsoft Azure that offers an interactive workspace for big data analytics and machine learning. It provides a centralized environment for collaborative projects, allowing users to write in multiple languages, visualize data, and share insights. Azure Databricks Workspace supports the full lifecycle of big data analytics, from data preparation to exploration, and from model training to production. + +## Table Usage Guide + +The `azure_databricks_workspace` table provides insights into Azure Databricks Workspaces within Microsoft Azure. As a data scientist or data analyst, you can explore workspace-specific details through this table, including configuration, status, and properties of each workspace. Use it to uncover information about workspaces, such as their location, SKU, managed private network, and provisioning status. ## Examples ### Basic info +Explore the various Azure Databricks workspaces within your organization to gain insights into their creation dates and associated SKU details. This can be useful for tracking resource usage and understanding your workspace configuration. + +```sql+postgres +select + name, + id, + workspace_id, + workspace_url, + created_date_time, + sku +from + azure_databricks_workspace; +``` -```sql +```sql+sqlite select name, id, @@ -19,8 +41,9 @@ from ``` ### List workspaces created in the last 30 days +Discover the segments that have been recently added to your workspace within the past month. This is especially useful for keeping track of new additions and managing growth in your workspace. -```sql +```sql+postgres select name, id, @@ -34,9 +57,24 @@ where created_date_time >= now() - interval '30' day; ``` +```sql+sqlite +select + name, + id, + workspace_id, + workspace_url, + created_date_time, + sku +from + azure_databricks_workspace +where + created_date_time >= datetime('now', '-30 days'); +``` + ### List failed workspaces +Determine the areas in which Azure Databricks workspaces have failed. This can be useful in identifying issues and troubleshooting the workspaces that are not successfully provisioned. -```sql +```sql+postgres select name, id, @@ -50,9 +88,24 @@ where provisioning_state = 'Failed'; ``` +```sql+sqlite +select + name, + id, + workspace_id, + workspace_url, + created_date_time, + sku +from + azure_databricks_workspace +where + provisioning_state = 'Failed'; +``` + ### List all encrypted workspaces +Identify instances where workspaces in Azure Databricks are encrypted. This is useful for ensuring data security and compliance with encryption standards. -```sql +```sql+postgres select name, id, @@ -66,9 +119,24 @@ where parameters -> 'Encryption' is not null; ``` +```sql+sqlite +select + name, + id, + workspace_id, + workspace_url, + created_date_time, + sku +from + azure_databricks_workspace +where + json_extract(parameters, '$.Encryption') is not null; +``` + ### List workspaces that allow public IP +Determine the areas in which Azure Databricks workspaces are configured to allow public IP access. This query can be used to identify potential security vulnerabilities and ensure best practices for data protection. -```sql +```sql+postgres select name, id, @@ -81,3 +149,17 @@ from where parameters -> 'enableNoPublicIp' ->> 'value' = 'false'; ``` + +```sql+sqlite +select + name, + id, + workspace_id, + workspace_url, + created_date_time, + sku +from + azure_databricks_workspace +where + json_extract(json_extract(parameters, '$.enableNoPublicIp'), '$.value') = 'false'; +``` \ No newline at end of file diff --git a/docs/tables/azure_diagnostic_setting.md b/docs/tables/azure_diagnostic_setting.md index 8392b812..dc5c7e51 100644 --- a/docs/tables/azure_diagnostic_setting.md +++ b/docs/tables/azure_diagnostic_setting.md @@ -1,12 +1,31 @@ -# Table: azure_diagnostic_setting +--- +title: "Steampipe Table: azure_diagnostic_setting - Query Azure Diagnostic Settings using SQL" +description: "Allows users to query Azure Diagnostic Settings, specifically the configuration of logs and metrics for Azure resources." +--- -Azure diagnostic settings are used to send platform logs and metrics to different destinations. +# Table: azure_diagnostic_setting - Query Azure Diagnostic Settings using SQL + +Azure Diagnostic Settings is a feature within Microsoft Azure that allows users to configure the collection of metrics and logs for Azure resources. It provides a centralized way to manage and route these logs and metrics to different destinations such as Azure Monitor Logs, Azure Event Hubs, and Azure Monitor Metrics. Azure Diagnostic Settings is essential for monitoring the performance and health of Azure resources, and for responding to issues that may arise. + +## Table Usage Guide + +The `azure_diagnostic_setting` table provides insights into the diagnostic settings of Azure resources. As a DevOps engineer or system administrator, you can use this table to explore the configuration of logs and metrics for your Azure resources. It can be particularly useful for monitoring the health and performance of these resources, and for setting up alerts based on specific conditions. ## Examples ### Basic info +Determine the types of diagnostic settings currently in use within your Azure environment. This can help in understanding the configuration and organization of your resources, aiding in efficient management and troubleshooting. -```sql +```sql+postgres +select + name, + id, + type +from + azure_diagnostic_setting; +``` + +```sql+sqlite select name, id, @@ -16,8 +35,9 @@ from ``` ### List diagnostic settings that capture Alert category logs +Determine the areas in which diagnostic settings are actively monitoring alerts. This is beneficial for ensuring your system is properly tracking potential issues and maintaining overall operational health. -```sql +```sql+postgres select name, id, @@ -30,9 +50,23 @@ where and l ->> 'enabled' = 'true'; ``` +```sql+sqlite +select + name, + s.id, + s.type +from + azure_diagnostic_setting as s, + json_each(logs) as l +where + json_extract(l.value, '$.category') = 'Alert' + and json_extract(l.value, '$.enabled') = 'true'; +``` + ### List diagnostic settings that capture Security category logs +Determine the areas in which diagnostic settings are configured to monitor security-related activities. This is useful for ensuring security measures are properly logged and can aid in identifying potential security risks or breaches. -```sql +```sql+postgres select name, id, @@ -45,9 +79,23 @@ where and l ->> 'enabled' = 'true'; ``` +```sql+sqlite +select + name, + s.id, + s.type +from + azure_diagnostic_setting as s, + json_each(logs) as l +where + json_extract(l.value, '$.category') = 'Security' + and json_extract(l.value, '$.enabled') = 'true'; +``` + ### List diagnostic settings that capture Policy category logs +Explore which diagnostic settings in Azure are set to capture logs in the 'Policy' category. This is useful to ensure that policy-related activities are being properly logged for auditing and troubleshooting purposes. -```sql +```sql+postgres select name, id, @@ -60,9 +108,23 @@ where and l ->> 'enabled' = 'true'; ``` +```sql+sqlite +select + name, + s.id, + s.type +from + azure_diagnostic_setting as s, + json_each(logs) as l +where + json_extract(l.value, '$.category') = 'Policy' + and json_extract(l.value, '$.enabled') = 'true'; +``` + ### List diagnostic settings that capture Administrative category logs +Discover the segments that are capturing administrative logs in your Azure diagnostic settings. This can be useful in maintaining security and compliance by ensuring that administrative activities are being properly monitored and logged. -```sql +```sql+postgres select name, id, @@ -74,3 +136,16 @@ where l ->> 'category' = 'Administrative' and l ->> 'enabled' = 'true'; ``` + +```sql+sqlite +select + name, + s.id, + s.type +from + azure_diagnostic_setting as s, + json_each(logs) as l +where + json_extract(l.value, '$.category') = 'Administrative' + and json_extract(l.value, '$.enabled') = 'true'; +``` \ No newline at end of file diff --git a/docs/tables/azure_dns_zone.md b/docs/tables/azure_dns_zone.md index 399c31c8..28182b9f 100644 --- a/docs/tables/azure_dns_zone.md +++ b/docs/tables/azure_dns_zone.md @@ -1,12 +1,31 @@ -# Table: azure_dns_zone +--- +title: "Steampipe Table: azure_dns_zone - Query Azure DNS Zones using SQL" +description: "Allows users to query Azure DNS Zones, providing detailed information about each DNS zone within the Azure environment." +--- -Azure DNS zone is used to host the DNS records for a particular domain. Please note that this table only retrieves public DNS zones, use the `azure_private_dns_zone` table for private DNS zones. +# Table: azure_dns_zone - Query Azure DNS Zones using SQL + +Azure DNS is a hosting service for DNS domains, providing name resolution using Microsoft Azure infrastructure. By hosting domains in Azure, it provides you with the same reliability and performance provided to Microsoft’s global network. Azure DNS also supports private DNS domains. + +## Table Usage Guide + +The `azure_dns_zone` table provides insights into DNS zones within Microsoft Azure. As a network administrator, explore DNS zone-specific details through this table, including record sets, number of record sets, and associated metadata. Utilize it to uncover information about DNS zones, such as those with certain properties, the relationships between different zones, and the verification of DNS settings. ## Examples ### Basic info +This query allows you to analyze the configuration of your Azure DNS zones. It helps you identify instances where specific tags are used, providing insights into the organization and management of your resources. + +```sql+postgres +select + name, + resource_group, + tags +from + azure_dns_zone; +``` -```sql +```sql+sqlite select name, resource_group, @@ -16,8 +35,19 @@ from ``` ### List public DNS zones with record sets +Explore which public DNS zones in your Azure environment contain more than one record set. This can help in managing and organizing your DNS records effectively. -```sql +```sql+postgres +select + name, + resource_group +from + azure_dns_zone +where + number_of_record_sets > 1; +``` + +```sql+sqlite select name, resource_group @@ -28,8 +58,9 @@ where ``` ### List public DNS zones with delegated name servers +Determine the areas in which public DNS zones are utilizing delegated name servers, which can be beneficial for those seeking to manage or troubleshoot their DNS configurations. -```sql +```sql+postgres select name, resource_group, @@ -40,3 +71,16 @@ where zone_type = 'Public' and ns not like '%.azure-dns.%.'; ``` + +```sql+sqlite +select + name, + resource_group, + ns.value as ns +from + azure_dns_zone, + json_each(name_servers) as ns +where + zone_type = 'Public' + and ns.value not like '%.azure-dns.%.'; +``` \ No newline at end of file diff --git a/docs/tables/azure_eventgrid_domain.md b/docs/tables/azure_eventgrid_domain.md index c22e6acc..0c964043 100644 --- a/docs/tables/azure_eventgrid_domain.md +++ b/docs/tables/azure_eventgrid_domain.md @@ -1,12 +1,32 @@ -# Table: azure_eventgrid_domain +--- +title: "Steampipe Table: azure_eventgrid_domain - Query Azure Event Grid Domains using SQL" +description: "Allows users to query Azure Event Grid Domains, specifically providing details about the domain name, resource group, location, input schema, metric resource id, and other related data." +--- -An event domain is a management tool for large numbers of Event Grid topics related to the same application. You can think of it as a meta-topic that can have thousands of individual topics. +# Table: azure_eventgrid_domain - Query Azure Event Grid Domains using SQL + +Azure Event Grid Domain is a management tool within Microsoft Azure that allows you to route events from your apps and services to specific handlers. It provides a centralized way to manage and route events that occur within your applications, including virtual machines, databases, web applications, and more. Azure Event Grid Domain helps you stay informed about the events occurring in your Azure resources and take appropriate actions when certain conditions are met. + +## Table Usage Guide + +The `azure_eventgrid_domain` table provides insights into Event Grid Domains within Microsoft Azure. As a DevOps engineer, explore domain-specific details through this table, including domain name, resource group, location, input schema, and metric resource id. Utilize it to uncover information about the events routing, such as the domain's endpoint, the input schema of the domain, and the provisioning state of the domain. ## Examples ### Basic info +Discover the segments that have been provisioned within your Azure EventGrid domain. This query is useful for gaining insights into the current state of your domain, including identifying the type and status of each segment. + +```sql+postgres +select + name, + id, + type, + provisioning_state +from + azure_eventgrid_domain; +``` -```sql +```sql+sqlite select name, id, @@ -17,8 +37,21 @@ from ``` ### List domains not configured with private endpoint connections +Identify instances where Azure EventGrid domains are not configured with private endpoint connections. This can be useful for pinpointing potential security gaps in your network infrastructure. + +```sql+postgres +select + name, + id, + type, + private_endpoint_connections +from + azure_eventgrid_domain +where + private_endpoint_connections is null; +``` -```sql +```sql+sqlite select name, id, @@ -31,8 +64,9 @@ where ``` ### List domains with local authentication disabled +Identify instances where domains have local authentication disabled within Azure's event grid. This can be useful to assess potential security risks and ensure compliance with security policies. -```sql +```sql+postgres select name, id, @@ -43,3 +77,15 @@ from where disable_local_auth; ``` + +```sql+sqlite +select + name, + id, + type, + disable_local_auth +from + azure_eventgrid_domain +where + disable_local_auth = 1; +``` \ No newline at end of file diff --git a/docs/tables/azure_eventgrid_topic.md b/docs/tables/azure_eventgrid_topic.md index 6457672f..d9e7fdbc 100644 --- a/docs/tables/azure_eventgrid_topic.md +++ b/docs/tables/azure_eventgrid_topic.md @@ -1,12 +1,32 @@ -# Table: azure_eventgrid_topic +--- +title: "Steampipe Table: azure_eventgrid_topic - Query Azure Event Grid Topics using SQL" +description: "Allows users to query Azure Event Grid Topics, providing insights into the event routing service which helps in efficiently and reliably routing events from any source, to any destination, at any scale." +--- -The event grid topic provides an endpoint where the source sends events. The publisher creates the event grid topic, and decides whether an event source needs one topic or more than one topic. A topic is used for a collection of related events. To respond to certain types of events, subscribers decide which topics to subscribe to. +# Table: azure_eventgrid_topic - Query Azure Event Grid Topics using SQL + +Azure Event Grid is a service within Microsoft Azure that enables the development of event-based applications and simplifies the creation of serverless workflows. It is a fully managed intelligent event routing service that uses a publish-subscribe model for uniform event consumption. Event Grid efficiently and reliably routes events from any source, to any destination, at any scale. + +## Table Usage Guide + +The `azure_eventgrid_topic` table provides insights into Azure Event Grid Topics within Microsoft Azure. As a developer or system administrator, explore topic-specific details through this table, including event routing details, message retention policy, and associated metadata. Utilize it to uncover information about topics, such as those with specific event types, the routing policies, and the verification of event schemas. ## Examples ### Basic info +Gain insights into the status and details of your Azure EventGrid topics. This query is useful in monitoring the provisioning state and type of each topic, helping ensure smooth operation of your event-driven applications. + +```sql+postgres +select + name, + id, + type, + provisioning_state +from + azure_eventgrid_topic; +``` -```sql +```sql+sqlite select name, id, @@ -17,8 +37,21 @@ from ``` ### List domains not configured with private endpoint connections +Determine the areas in which domains are not set up with private endpoint connections. This can help in identifying potential security risks and ensuring all domains are properly configured. + +```sql+postgres +select + name, + id, + type, + private_endpoint_connections +from + azure_eventgrid_topic +where + private_endpoint_connections is null; +``` -```sql +```sql+sqlite select name, id, @@ -31,8 +64,9 @@ where ``` ### List domains with local authentication disabled +Explore which domains have local authentication disabled to ensure high security. This is useful for identifying potential weak spots in your system's security configuration. -```sql +```sql+postgres select name, id, @@ -43,3 +77,15 @@ from where disable_local_auth; ``` + +```sql+sqlite +select + name, + id, + type, + disable_local_auth +from + azure_eventgrid_topic +where + disable_local_auth = 1; +``` \ No newline at end of file diff --git a/docs/tables/azure_eventhub_namespace.md b/docs/tables/azure_eventhub_namespace.md index 19eec8ad..b8dcafae 100644 --- a/docs/tables/azure_eventhub_namespace.md +++ b/docs/tables/azure_eventhub_namespace.md @@ -1,12 +1,33 @@ -# Table: azure_eventhub_namespace +--- +title: "Steampipe Table: azure_eventhub_namespace - Query Azure Event Hubs Namespaces using SQL" +description: "Allows users to query Azure Event Hubs Namespaces, providing insights into the details of each namespace, including its name, region, resource group, SKU, and more." +--- -An Event Hubs namespace provides DNS integrated network endpoints and a range of access control and network integration management features such as IP filtering, virtual network service endpoint, and Private Link and is the management container for one of multiple Event Hub instances (or topics, in Kafka parlance). +# Table: azure_eventhub_namespace - Query Azure Event Hubs Namespaces using SQL + +Azure Event Hubs is a big data streaming platform and event ingestion service. It can receive and process millions of events per second. A namespace is a scoping container for Event Hubs under an Azure subscription. + +## Table Usage Guide + +The `azure_eventhub_namespace` table provides insights into Azure Event Hubs Namespaces. As a Data Engineer, you can explore namespace-specific details through this table, including its name, region, resource group, SKU, and more. Utilize it to manage and monitor the health and performance of your Azure Event Hubs Namespaces. ## Examples ### Basic info +Discover the segments that provide you with a comprehensive overview of your Azure EventHub namespaces. This includes details like the provisioning status and creation date, which can help you track and manage your resources more effectively. + +```sql+postgres +select + name, + id, + type, + provisioning_state, + created_at +from + azure_eventhub_namespace; +``` -```sql +```sql+sqlite select name, id, @@ -18,8 +39,9 @@ from ``` ### List namespaces not configured to use virtual network service endpoint +Determine the areas in which Azure EventHub namespaces are not utilizing the virtual network service endpoint. This query is beneficial in identifying potential security loopholes, as these namespaces might be exposed to risks without the added protection of a virtual network. -```sql +```sql+postgres select name, id, @@ -31,9 +53,34 @@ where network_rule_set -> 'properties' -> 'virtualNetworkRules' = '[]'; ``` +```sql+sqlite +select + name, + id, + type, + json_extract(network_rule_set, '$.properties.virtualNetworkRules') as virtual_network_rules +from + azure_eventhub_namespace +where + json_extract(network_rule_set, '$.properties.virtualNetworkRules') = '[]'; +``` + ### List unencrypted namespaces +Discover the segments that are unencrypted within the Azure EventHub namespace. This is useful for identifying potential security vulnerabilities where sensitive data might not be adequately protected. + +```sql+postgres +select + name, + id, + type, + encryption +from + azure_eventhub_namespace +where + encryption is null; +``` -```sql +```sql+sqlite select name, id, @@ -46,8 +93,21 @@ where ``` ### List namespaces with auto-inflate disabled +Identify the Azure EventHub namespaces where the auto-inflate feature is turned off. This can be useful to pinpoint potential resource limitations or throttling issues in your Azure EventHub service. + +```sql+postgres +select + name, + id, + type, + is_auto_inflate_enabled +from + azure_eventhub_namespace +where + not is_auto_inflate_enabled; +``` -```sql +```sql+sqlite select name, id, @@ -60,8 +120,9 @@ where ``` ### List private endpoint connection details +Determine the details of private endpoint connections within your Azure EventHub Namespace. This can help understand the state and type of connections, which is useful for managing and troubleshooting your network connectivity. -```sql +```sql+postgres select name, id, @@ -75,3 +136,18 @@ from azure_eventhub_namespace, jsonb_array_elements(private_endpoint_connections) as connections; ``` + +```sql+sqlite +select + name, + n.id, + json_extract(connections.value, '$.id') as connection_id, + json_extract(connections.value, '$.name') as connection_name, + json_extract(connections.value, '$.privateEndpointPropertyID') as property_private_endpoint_id, + json_extract(connections.value, '$.provisioningState') as property_provisioning_state, + connections.value as property_private_link_service_connection_state, + json_extract(connections.value, '$.type') as connection_type +from + azure_eventhub_namespace as n, + json_each(private_endpoint_connections) as connections; +``` \ No newline at end of file diff --git a/docs/tables/azure_express_route_circuit.md b/docs/tables/azure_express_route_circuit.md index 71357c30..ce28c40f 100644 --- a/docs/tables/azure_express_route_circuit.md +++ b/docs/tables/azure_express_route_circuit.md @@ -1,12 +1,32 @@ -# Table: azure_express_route_circuit +--- +title: "Steampipe Table: azure_express_route_circuit - Query Azure Express Route Circuits using SQL" +description: "Allows users to query Azure Express Route Circuits, providing detailed information about each circuit's configuration, status, and performance." +--- -An ExpressRoute circuit represents a logical connection between your on-premises infrastructure and Microsoft cloud services through a connectivity provider. You can order multiple ExpressRoute circuits. Each circuit can be in the same or different regions, and can be connected to your premises through different connectivity providers. +# Table: azure_express_route_circuit - Query Azure Express Route Circuits using SQL + +Azure Express Route Circuits is a dedicated connectivity option in Microsoft Azure that enables users to create private connections between Azure datacenters and infrastructure on their premises or in a colocation environment. It provides a more reliable, faster, and lower-latency network connection than typical internet-based connections. Express Route Circuits are highly beneficial for bandwidth-heavy tasks, data migration, and secure connectivity needs. + +## Table Usage Guide + +The `azure_express_route_circuit` table provides insights into Express Route Circuits within Microsoft Azure. As a Network Administrator, explore circuit-specific details through this table, including peering information, service provider details, and bandwidth. Utilize it to monitor the performance and status of each Express Route Circuit, ensuring optimal connectivity and performance for your Azure resources. ## Examples ### Basic info +Explore the status and settings of your Azure Express Route Circuits to understand their operational capabilities and provisioning state. This can assist in managing and optimizing your network connectivity. -```sql +```sql+postgres +select + name, + id, + allow_classic_operations, + circuit_provisioning_state +from + azure_express_route_circuit; +``` + +```sql+sqlite select name, id, @@ -17,8 +37,9 @@ from ``` ### List express route circuits with global reach enabled +Explore the express route circuits in your Azure environment that have global reach enabled. This is useful for assessing the scale of your network connectivity and understanding the associated costs. -```sql +```sql+postgres select name, sku_tier, @@ -29,9 +50,21 @@ where global_reach_enabled; ``` +```sql+sqlite +select + name, + sku_tier, + sku_name +from + azure_express_route_circuit +where + global_reach_enabled = 1; +``` + ### List premium express route circuits +Explore which express route circuits in your Azure environment are categorized as 'Premium'. This can be useful for understanding your network infrastructure and identifying areas for potential cost optimization. -```sql +```sql+postgres select name, sku_tier, @@ -41,3 +74,14 @@ from where sku_tier = 'Premium'; ``` + +```sql+sqlite +select + name, + sku_tier, + sku_name +from + azure_express_route_circuit +where + sku_tier = 'Premium'; +``` \ No newline at end of file diff --git a/docs/tables/azure_firewall.md b/docs/tables/azure_firewall.md index e4716814..bc2612c1 100644 --- a/docs/tables/azure_firewall.md +++ b/docs/tables/azure_firewall.md @@ -1,12 +1,22 @@ -# Table: azure_firewall +--- +title: "Steampipe Table: azure_firewall - Query Azure Firewalls using SQL" +description: "Allows users to query Azure Firewalls, providing insights into the configuration, status, and rules of each firewall in the Azure ecosystem." +--- -Azure Firewall is a managed, cloud-based network security service that protects your Azure Virtual Network resources. It's a fully stateful firewall as a service with built-in high availability and unrestricted cloud scalability. +# Table: azure_firewall - Query Azure Firewalls using SQL + +Azure Firewall is a managed, cloud-based network security service that protects your Azure Virtual Network resources. It's a fully stateful firewall as a service with built-in high availability and unrestricted cloud scalability. Azure Firewall can centrally create, enforce, and log application and network connectivity policies across subscriptions and virtual networks. + +## Table Usage Guide + +The `azure_firewall` table provides insights into the firewalls within Azure. As a security engineer, explore firewall-specific details through this table, including rules, configurations, and associated metadata. Utilize it to uncover information about firewalls, such as their current status, applied rules, and the verification of connectivity policies. ## Examples ### Azure firewall location and availability zone count info +Analyze the number of availability zones for each Azure firewall and their respective regions to manage and optimize your resource distribution effectively. This can help in improving your application's resilience and availability across different regions. -```sql +```sql+postgres select name, region, @@ -15,9 +25,19 @@ from azure_firewall; ``` +```sql+sqlite +select + name, + region, + json_array_length(availability_zones) as availability_zones_count +from + azure_firewall; +``` + ### Basic IP configuration info +This query helps you analyze your Azure firewall's IP configuration. By running this, you can gain insights into details like private IP address, allocation method, associated public IP address ID, and the virtual network it is part of, which can be crucial for network management and security purposes. -```sql +```sql+postgres select name, ip #> '{properties, privateIPAddress}' private_ip_address, @@ -33,9 +53,25 @@ from cross join jsonb_array_elements(ip_configurations) as ip; ``` +```sql+sqlite +Error: SQLite does not support split or string_to_array functions. +``` + ### List the premium category firewalls +Discover the segments that are using premium category firewalls in your Azure environment. This can help you understand where higher levels of security have been implemented. + +```sql+postgres +select + name, + sku_tier, + sku_name +from + azure_firewall +where + sku_tier = 'Premium'; +``` -```sql +```sql+sqlite select name, sku_tier, @@ -47,8 +83,9 @@ where ``` ### List of firewalls where threat intel mode is off +Determine the areas in your Azure network where your firewalls are potentially vulnerable due to the threat intelligence mode being turned off. This can help enhance your network security by identifying and rectifying these weak points. -```sql +```sql+postgres select name, threat_intel_mode @@ -57,3 +94,13 @@ from where threat_intel_mode = 'Off'; ``` + +```sql+sqlite +select + name, + threat_intel_mode +from + azure_firewall +where + threat_intel_mode = 'Off'; +``` \ No newline at end of file diff --git a/docs/tables/azure_firewall_policy.md b/docs/tables/azure_firewall_policy.md index 1247b26a..42aff314 100644 --- a/docs/tables/azure_firewall_policy.md +++ b/docs/tables/azure_firewall_policy.md @@ -1,12 +1,36 @@ -# Table: azure_firewall_policy +--- +title: "Steampipe Table: azure_firewall_policy - Query Azure Firewall Policies using SQL" +description: "Allows users to query Azure Firewall Policies, providing insights into the rules and settings that govern network traffic flow at the application and network level." +--- -Azure Firewall Policy is the recommended method to configure your Azure Firewall. It's a global resource that can be used across multiple Azure Firewall instances in Secured Virtual Hubs and Hub Virtual Networks. Policies work across regions and subscriptions. +# Table: azure_firewall_policy - Query Azure Firewall Policies using SQL + +Azure Firewall Policy is a resource in Microsoft Azure that allows you to create, enforce, and log application and network connectivity policies across subscriptions and virtual networks. It provides centralized network and application rule collections that can be referenced by multiple Azure Firewalls. Azure Firewall Policy simplifies management and reduces errors with its ability to manage all Azure Firewalls through Azure Policy and Azure Management Groups. + +## Table Usage Guide + +The `azure_firewall_policy` table provides insights into Firewall Policies within Microsoft Azure. As a Network Administrator, explore policy-specific details through this table, including rules, settings, and associated metadata. Utilize it to uncover information about policies, such as those governing network traffic flow at the application and network level, providing a centralized way to manage and enforce network connectivity policies. ## Examples ### Basic info +Explore the characteristics of your Azure firewall policies such as their provisioning state, tier, base and child policies, and the region they're set up in. This helps in understanding the configuration and status of your firewall policies, assisting in security management and planning. -```sql +```sql+postgres +select + name, + id, + type, + provisioning_state, + sku_tier, + base_policy, + child_policies, + region +from + azure_firewall_policy; +``` + +```sql+sqlite select name, id, @@ -21,8 +45,21 @@ from ``` ### List policies that are in failed state +Identify instances where certain policies have not been provisioned successfully. This is useful for troubleshooting and rectifying issues to ensure all policies are active and functional. + +```sql+postgres +select + name, + id, + dns_settings, + firewalls +from + azure_firewall_policy +where + provisioning_state = 'Failed'; +``` -```sql +```sql+sqlite select name, id, @@ -35,8 +72,9 @@ where ``` ### Get firewall details of each policy +This query is used to explore the firewall details associated with each policy in Azure. It provides valuable insights into the private and public IP addresses associated with each firewall, aiding in network security management and policy review. -```sql +```sql+postgres select p.name as firewall_policy_name, p.id as firewall_policy_id, @@ -51,9 +89,25 @@ where f.id = firewall ->> 'ID'; ``` +```sql+sqlite +select + p.name as firewall_policy_name, + p.id as firewall_policy_id, + f.id as firewall_id, + f.hub_private_ip_address, + f.hub_public_ip_address_count +from + azure_firewall_policy as p, + json_each(p.firewalls) as firewall, + azure_firewall as f +where + f.id = json_extract(firewall.value, '$.ID'); +``` + ### Get DNS setting details of each policy +This query helps to analyze the DNS settings for each policy in your Azure firewall. It's useful in understanding the server configurations, whether a proxy is enabled, and if a proxy is required for network rules, thus aiding in security and network management. -```sql +```sql+postgres select name, id, @@ -64,9 +118,21 @@ from azure_firewall_policy; ``` +```sql+sqlite +select + name, + id, + json_extract(dns_settings, '$.Servers') as servers, + json_extract(dns_settings, '$.EnableProxy') as enable_proxy, + json_extract(dns_settings, '$.RequireProxyForNetworkRules') as require_proxy_for_network_rules +from + azure_firewall_policy; +``` + ### List threat intel whitelist IP addresses of firewall policies +Determine the areas in which firewall policies have whitelisted IP addresses, which is beneficial for understanding potential security vulnerabilities and ensuring your network is protected from known threats. -```sql +```sql+postgres select name, id, @@ -76,9 +142,20 @@ from jsonb_array_elements_text(threat_intel_whitelist_ip_addresses) as i; ``` +```sql+sqlite +select + name, + p.id, + i.value as whitelist_ip_address +from + azure_firewall_policy as p, + json_each(threat_intel_whitelist_ip_addresses) as i; +``` + ### List threat intel whitelist FQDNs of firewall policies +Explore which firewall policies have specific domains whitelisted, providing a way to identify potential security vulnerabilities or unnecessary exceptions in your Azure firewall configuration. -```sql +```sql+postgres select name, id, @@ -86,4 +163,14 @@ select from azure_firewall_policy, jsonb_array_elements_text(threat_intel_whitelist_fqdns) as f; +``` + +```sql+sqlite +select + name, + p.id, + f.value as whitelist_fqdn +from + azure_firewall_policy as p, + json_each(threat_intel_whitelist_fqdns) as f; ``` \ No newline at end of file diff --git a/docs/tables/azure_frontdoor.md b/docs/tables/azure_frontdoor.md index c4a7d315..f3fa0964 100644 --- a/docs/tables/azure_frontdoor.md +++ b/docs/tables/azure_frontdoor.md @@ -1,12 +1,33 @@ -# Table: azure_frontdoor +--- +title: "Steampipe Table: azure_frontdoor - Query Azure Front Door Services using SQL" +description: "Allows users to query Azure Front Door Services, providing insights into the routing and acceleration of web traffic." +--- -Azure Front Door is a global, scalable entry-point that uses the Microsoft global edge network to create fast, secure, and widely scalable web applications. With Front Door, you can transform your global consumer and enterprise applications into robust, high-performing personalized modern applications with contents that reach a global audience through Azure. +# Table: azure_frontdoor - Query Azure Front Door Services using SQL + +Azure Front Door Service is a scalable and secure entry point that uses the global network infrastructure of Azure. It enables you to define, manage, and monitor the global routing for your web traffic by optimizing for best performance and instant global failover for high availability. With Azure Front Door Service, you can transform your global (multi-region) consumer and enterprise applications into robust, high-performance personalized modern applications. + +## Table Usage Guide + +The `azure_frontdoor` table provides insights into Azure Front Door Services within Azure. As a network engineer or a system administrator, explore details about your front door services such as resource group, subscription ID, and health probe settings through this table. Utilize it to uncover information about your front door services, such as the load balancing settings, routing rules, and backend pools, enabling you to optimize your web traffic routing and acceleration. ## Examples ### Basic info +Explore which Azure Front Door resources are currently being provisioned, providing insights into the state of your network infrastructure and helping to identify any potential issues or bottlenecks. -```sql +```sql+postgres +select + name, + id, + type, + provisioning_state, + cname +from + azure_frontdoor; +``` + +```sql+sqlite select name, id, @@ -18,8 +39,9 @@ from ``` ### List backend pools settings details +Determine the enforcement of certificate name checks and the send/receive timeout settings within your Azure Front Door service. This can help ensure secure connections and manage response times for your web applications. -```sql +```sql+postgres select name, id, @@ -29,9 +51,20 @@ from azure_frontdoor; ``` +```sql+sqlite +select + name, + id, + json_extract(backend_pools_settings, '$.enforceCertificateNameCheck') as settings_enforce_certificate_name_check, + json_extract(backend_pools_settings, '$.sendRecvTimeoutSeconds') as settings_send_recv_timeout_seconds +from + azure_frontdoor; +``` + ### List routing rules details +This query is useful for gaining insights into the specifics of routing rules within the Azure Front Door service. It allows users to analyze factors such as enabled states, resource states, accepted protocols, and route configurations, aiding in the optimization of network traffic routing. -```sql +```sql+postgres select name, id, @@ -48,9 +81,27 @@ from jsonb_array_elements(routing_rules) as rule; ``` +```sql+sqlite +select + name, + id, + json_extract(rule.value, '$.id') as rule_id, + json_extract(rule.value, '$.name') as rule_name, + json_extract(rule.value, '$.properties.enabledState') as rule_property_enabled_state, + json_extract(rule.value, '$.properties.resourceState') as rule_property_resource_state, + rule.value || json_extract(rule.value, '$.properties.acceptedProtocols') as rule_property_accepted_protocols, + rule.value || json_extract(rule.value, '$.properties.frontendEndpoints') as rule_property_frontend_endpoints, + rule.value || json_extract(rule.value, '$.properties.patternsToMatch') as rule_property_patterns_to_match, + rule.value || json_extract(rule.value, '$.properties.routeConfiguration') as rule_property_route_configuration +from + azure_frontdoor, + json_each(routing_rules) as rule; +``` + ### List load balancing settings details +Analyze the settings to understand the details of load balancing configurations in Azure Front Door. This is useful for assessing performance tuning and troubleshooting issues related to load distribution. -```sql +```sql+postgres select name, id, @@ -65,9 +116,25 @@ from jsonb_array_elements(load_balancing_settings) as setting; ``` +```sql+sqlite +select + name, + f.id, + json_extract(setting.value, '$.id') as setting_id, + json_extract(setting.value, '$.name') as setting_name, + json_extract(setting.value, '$.properties.additionalLatencyMilliseconds') as setting_property_additional_latency_milliseconds, + json_extract(setting.value, '$.properties.successfulSamplesRequired') as setting_property_successful_samples_required, + json_extract(setting.value, '$.properties.sampleSize') as setting_property_sample_size, + json_extract(setting.value, '$.properties.resourceState') as setting_property_resource_state +from + azure_frontdoor as f, + json_each(load_balancing_settings) as setting; +``` + ### List frontend endpoints details +Explore the specifics of your frontend endpoints to understand their configuration and properties. This can be useful for assessing the status, security settings, and session affinity details of your web application's frontend endpoints. -```sql +```sql+postgres select name, id, @@ -83,9 +150,26 @@ from jsonb_array_elements(frontend_endpoints) as endpoint; ``` +```sql+sqlite +select + name, + f.id, + json_extract(endpoint.value, '$.id') as endpoint_id, + json_extract(endpoint.value, '$.name') as endpoint_name, + json_extract(endpoint.value, '$.properties.hostName') as endpoint_property_host_name, + json_extract(endpoint.value, '$.properties.sessionAffinityEnabledState') as endpoint_property_session_affinity_enabled_state, + json_extract(endpoint.value, '$.properties.sessionAffinityTtlSeconds') as endpoint_property_session_affinity_ttl_seconds, + json_extract(endpoint.value, '$.properties.resourceState') as endpoint_property_resource_state, + endpoint.value as endpoint_property_web_application_firewall_policy_link +from + azure_frontdoor as f, + json_each(frontend_endpoints) as endpoint; +``` + ### List health probe settings details +Discover the specifics of health probe settings in your Azure Front Door service. This can help identify potential issues and optimize your network's performance by understanding the intervals, methods, and states of your health probes. -```sql +```sql+postgres select name, id, @@ -101,3 +185,20 @@ from azure_frontdoor, jsonb_array_elements(health_probe_settings) as setting; ``` + +```sql+sqlite +select + name, + f.id, + json_extract(setting.value, '$.id') as setting_id, + json_extract(setting.value, '$.name') as setting_name, + json_extract(setting.value, '$.properties.intervalInSeconds') as setting_property_interval_in_seconds, + json_extract(setting.value, '$.properties.healthProbeMethod') as setting_property_health_probe_method, + json_extract(setting.value, '$.properties.enabledState') as setting_property_enabled_state, + json_extract(setting.value, '$.properties.path') as setting_property_path, + json_extract(setting.value, '$.properties.protocol') as setting_property_protocol, + json_extract(setting.value, '$.properties.resourceState') as setting_property_resource_state +from + azure_frontdoor as f, + json_each(health_probe_settings) as setting; +``` \ No newline at end of file diff --git a/docs/tables/azure_hdinsight_cluster.md b/docs/tables/azure_hdinsight_cluster.md index a71a46c1..d7e664e9 100644 --- a/docs/tables/azure_hdinsight_cluster.md +++ b/docs/tables/azure_hdinsight_cluster.md @@ -1,12 +1,37 @@ -# Table: azure_hdinsight_cluster +--- +title: "Steampipe Table: azure_hdinsight_cluster - Query Azure HDInsight Clusters using SQL" +description: "Allows users to query Azure HDInsight Clusters, providing insights into the configurations, properties, and states of these clusters." +--- -Azure HDInsight is a managed, full-spectrum, open-source analytics service in the cloud for enterprises. You can use open-source frameworks such as Hadoop, Apache Spark, Apache Hive, LLAP, Apache Kafka, Apache Storm, R, and more. +# Table: azure_hdinsight_cluster - Query Azure HDInsight Clusters using SQL + +Azure HDInsight is a fully managed, open-source analytics service for enterprises. It provides big data cloud offerings and is built on Hadoop, Spark, R, and Hive, among others. It enables processing massive amounts of data and running big data workloads in the cloud. + +## Table Usage Guide + +The `azure_hdinsight_cluster` table provides insights into HDInsight clusters within Azure. As a data engineer or data scientist, you can use this table to explore cluster-specific details, including properties, configurations, and states. This table can be utilized to uncover information about clusters, such as their health, location, provisioning state, and type. ## Examples ### Basic info +Determine the status and details of your Azure HDInsight clusters to manage and optimize your big data analytics. This query is useful in understanding the configuration and operational state of your clusters, including their version details and creation date. + +```sql+postgres +select + name, + id, + provisioning_state, + type, + cluster_hdp_version, + cluster_id, + cluster_state, + cluster_version, + created_date +from + azure_hdinsight_cluster; +``` -```sql +```sql+sqlite select name, id, @@ -22,8 +47,9 @@ from ``` ### List clusters with encryption in transit enabled +Determine the clusters that have enhanced security measures in place, specifically, the encryption during data transit. This is useful for auditing and ensuring compliance with data security standards. -```sql +```sql+postgres select name, id, @@ -34,9 +60,21 @@ where (encryption_in_transit_properties ->> 'isEncryptionInTransitEnabled')::boolean; ``` +```sql+sqlite +select + name, + id, + json_extract(encryption_in_transit_properties, '$.isEncryptionInTransitEnabled') as is_encryption_in_transit_enabled +from + azure_hdinsight_cluster +where + json_extract(encryption_in_transit_properties, '$.isEncryptionInTransitEnabled') = 'true'; +``` + ### List disk encryption details +Explore the encryption details of your Azure HDInsight clusters. This can help you understand your security setup and ensure that the right encryption measures are in place. -```sql +```sql+postgres select name, id, @@ -45,14 +83,29 @@ select disk_encryption_properties ->> 'keyName' as key_name, disk_encryption_properties ->> 'keyVersion' as key_version, disk_encryption_properties ->> 'msiResourceId' as msi_resource_id, - disk_encryption_properties ->> 'vaultUri' as vault_uri + disk_encryption_properties ->> 'vaultUri' as vault_uri +from + azure_hdinsight_cluster; +``` + +```sql+sqlite +select + name, + id, + json_extract(disk_encryption_properties, '$.encryptionAlgorithm') as encryption_algorithm, + json_extract(disk_encryption_properties, '$.encryptionAtHost') as encryption_at_host, + json_extract(disk_encryption_properties, '$.keyName') as key_name, + json_extract(disk_encryption_properties, '$.keyVersion') as key_version, + json_extract(disk_encryption_properties, '$.msiResourceId') as msi_resource_id, + json_extract(disk_encryption_properties, '$.vaultUri') as vault_uri from azure_hdinsight_cluster; ``` ### List connectivity endpoint details +Explore the connectivity details of your HDInsight clusters in Azure. This query helps to understand the location, name, port, protocol, and private IP address of each endpoint, allowing for efficient cluster management and troubleshooting. -```sql +```sql+postgres select name, id, @@ -65,3 +118,17 @@ from azure_hdinsight_cluster, jsonb_array_elements(connectivity_endpoints) as endpoint; ``` + +```sql+sqlite +select + name, + c.id, + json_extract(endpoint.value, '$.location') as endpoint_location, + json_extract(endpoint.value, '$.name') as endpoint_name, + json_extract(endpoint.value, '$.port') as endpoint_port, + json_extract(endpoint.value, '$.protocol') as endpoint_protocol, + json_extract(endpoint.value, '$.privateIpAddress') as endpoint_private_ip_address +from + azure_hdinsight_cluster as c, + json_each(connectivity_endpoints) as endpoint; +``` \ No newline at end of file diff --git a/docs/tables/azure_healthcare_service.md b/docs/tables/azure_healthcare_service.md index 45311ec4..ce080fde 100644 --- a/docs/tables/azure_healthcare_service.md +++ b/docs/tables/azure_healthcare_service.md @@ -1,12 +1,35 @@ -# Table: azure_healthcare_service +--- +title: "Steampipe Table: azure_healthcare_service - Query Azure Healthcare Services using SQL" +description: "Allows users to query Azure Healthcare Services, providing insights into the health and performance of healthcare services and potential anomalies." +--- -Azure Healthcare APIs provides pipelines that help you manage protected health information (PHI) data at scale. +# Table: azure_healthcare_service - Query Azure Healthcare Services using SQL + +Azure Healthcare Services is a service within Microsoft Azure that allows users to manage and monitor health data in the cloud. It provides a centralized way to set up and manage healthcare services, including data protection, access control, and compliance features. Azure Healthcare Services helps users stay informed about the health and performance of their healthcare services and take appropriate actions when predefined conditions are met. + +## Table Usage Guide + +The `azure_healthcare_service` table provides insights into Healthcare Services within Microsoft Azure. As a healthcare data analyst, explore service-specific details through this table, including data protection measures, access control settings, and compliance features. Utilize it to uncover information about services, such as those with potential security risks, the access control settings of each service, and the compliance status of each service. ## Examples ### Basic info +Explore the characteristics and settings of your Azure Healthcare Services. This query can be useful for understanding the configuration and type of each service, which is essential for effective management and utilization of these services. + +```sql+postgres +select + name, + id, + kind, + type, + allow_credentials, + audience, + authority +from + azure_healthcare_service; +``` -```sql +```sql+sqlite select name, id, @@ -19,9 +42,22 @@ from azure_healthcare_service; ``` -### List healthcare services of fhir-R4 kind +### List healthcare services of fhir-R4 kind +Determine the areas in which specific healthcare services of 'fhir-R4' kind are utilized within the Azure platform. This can be helpful in assessing the usage and distribution of this particular type of service. -```sql +```sql+postgres +select + name, + id, + type, + kind +from + azure_healthcare_service +where + kind = 'fhir-R4'; +``` + +```sql+sqlite select name, id, @@ -34,8 +70,9 @@ where ``` ### List private endpoint connection details for healthcare service +Gain insights into the private connection details of your healthcare service. This query is useful for understanding the connection's state and type, which can assist in troubleshooting or optimizing your service's network configuration. -```sql +```sql+postgres select name, id, @@ -48,9 +85,23 @@ from jsonb_array_elements(private_endpoint_connections) as p; ``` +```sql+sqlite +select + name, + s.id, + json_extract(p.value, '$.PrivateEndpointConnectionId') as private_endpoint_connection_id, + json_extract(p.value, '$.ProvisioningState') as private_endpoint_provisioning_state, + json_extract(p.value, '$.PrivateEndpointConnectionName') as private_endpoint_connection_name, + json_extract(p.value, '$.PrivateEndpointConnectionType') as private_endpoint_connection_type +from + azure_healthcare_service, + json_each(private_endpoint_connections) as p; +``` + ### List diagnostic settings for healthcare service +Explore the diagnostic settings of your healthcare service to gain insights into its configuration and performance. This can be beneficial for identifying potential issues or areas for improvement in your service's setup. -```sql +```sql+postgres select name, id, @@ -63,9 +114,23 @@ from jsonb_array_elements(diagnostic_settings) as d; ``` +```sql+sqlite +select + name, + s.id, + json_extract(d.value, '$.id') as diagnostic_setting_id, + json_extract(d.value, '$.name') as diagnostic_setting_name, + json_extract(d.value, '$.type') as diagnostic_setting_type, + json_extract(d.value, '$.properties') as diagnostic_setting_properties +from + azure_healthcare_service as s, + json_each(diagnostic_settings) as d; +``` + ### List Cosmos DB configuration settings +Gain insights into the configuration settings of your Azure Cosmos DB within the healthcare service. This analysis can help optimize the database performance and security by understanding key vault key URI and offer throughput details. -```sql +```sql+postgres select name, id, @@ -74,3 +139,13 @@ select from azure_healthcare_service; ``` + +```sql+sqlite +select + name, + id, + json_extract(cosmos_db_configuration, '$.keyVaultKeyUri') as key_vault_key_uri, + json_extract(cosmos_db_configuration, '$.offerThroughput') as offer_throughput +from + azure_healthcare_service; +``` \ No newline at end of file diff --git a/docs/tables/azure_hpc_cache.md b/docs/tables/azure_hpc_cache.md index 3773e3af..1c60db2a 100644 --- a/docs/tables/azure_hpc_cache.md +++ b/docs/tables/azure_hpc_cache.md @@ -1,12 +1,33 @@ -# Table: azure_hpc_cache +--- +title: "Steampipe Table: azure_hpc_cache - Query Azure HPC Cache using SQL" +description: "Allows users to query Azure HPC Cache, specifically the operational details and status of the cache. This can provide insights into cache utilization, performance, and potential issues." +--- -Azure HPC Cache speeds access to your data for high-performance computing (HPC) tasks. By caching files in Azure, Azure HPC Cache brings the scalability of cloud computing to your existing workflow. This service can be used even for workflows where your data is stored across WAN links, such as in your local datacenter network-attached storage (NAS) environment. +# Table: azure_hpc_cache - Query Azure HPC Cache using SQL + +Azure HPC Cache is a service within Microsoft Azure that accelerates access to data in Azure Blob Storage for high-performance computing (HPC) applications. It provides a caching layer that allows HPC applications to access data as if it were local, improving performance and reducing latency. Azure HPC Cache is beneficial for workloads that require high-speed access to large datasets, such as genomics, financial risk modeling, and simulation. + +## Table Usage Guide + +The `azure_hpc_cache` table provides insights into Azure HPC Cache within Azure Storage. As a Data Engineer, explore cache-specific details through this table, including operational details, status, and performance metrics. Utilize it to uncover information about cache utilization, identify potential performance bottlenecks, and monitor cache status for potential issues. ## Examples ### Basic info +Explore which Azure HPC Cache instances are currently deployed in your environment. This is beneficial in understanding the overall usage and configuration of your Azure HPC Cache resources. + +```sql+postgres +select + id, + name, + type, + provisioning_state, + sku_name +from + azure_hpc_cache; +``` -```sql +```sql+sqlite select id, name, @@ -18,8 +39,9 @@ from ``` ### List network settings details +This query is used to analyze the network settings for Azure's high-performance cache service. It can help users understand and manage the network configurations for their cache services, including DNS search domains, MTU settings, NTP servers, DNS servers, and utility addresses. -```sql +```sql+postgres select id, name, @@ -32,9 +54,23 @@ from azure_hpc_cache; ``` +```sql+sqlite +select + id, + name, + json_extract(network_settings, '$.DNSSearchDomain') as dns_search_domain, + json_extract(network_settings, '$.Mtu') as mtu, + json_extract(network_settings, '$.NtpServer') as ntp_server, + network_settings as dns_servers, + network_settings as utility_addresses +from + azure_hpc_cache; +``` + ### List encryption settings details +Explore the encryption details of your Azure HPC cache to understand its security settings. This can be useful for assessing the security status of your data and ensuring it meets your organization's requirements. -```sql +```sql+postgres select id, name, @@ -44,3 +80,14 @@ select from azure_hpc_cache; ``` + +```sql+sqlite +select + id, + name, + json_extract(json_extract(encryption_settings, '$.keyEncryptionKey'), '$.keyUrl') as key_url, + json_extract(json_extract(json_extract(encryption_settings, '$.keyEncryptionKey'), '$.sourceVault'), '$.id') as source_vault_id, + json_extract(network_settings, '$.rotationToLatestKeyVersionEnabled') as rotation_to_latest_key_version_enabled +from + azure_hpc_cache; +``` \ No newline at end of file diff --git a/docs/tables/azure_hybrid_compute_machine.md b/docs/tables/azure_hybrid_compute_machine.md index 1ed52353..d58471cf 100644 --- a/docs/tables/azure_hybrid_compute_machine.md +++ b/docs/tables/azure_hybrid_compute_machine.md @@ -1,12 +1,33 @@ -# Table: azure_hybrid_compute_machine +--- +title: "Steampipe Table: azure_hybrid_compute_machine - Query Azure Hybrid Compute Machines using SQL" +description: "Allows users to query Azure Hybrid Compute Machines, providing insights into the configuration and status of hybrid machines in the Azure environment." +--- -Azure Arc enables you to manage servers running outside of Azure using Azure Resource Manager. Each server is represented in Azure as a hybrid compute machine resource. Once a server is managed with Azure Arc, you can deploy agents, scripts, or configurations to the machine using extensions. The Hybrid Compute API allows you to create, list, update and delete your Azure Arc enabled servers and any extensions associated with them. +# Table: azure_hybrid_compute_machine - Query Azure Hybrid Compute Machines using SQL + +Azure Hybrid Compute Machines are part of the Azure Arc service, which extends Azure services and management to any infrastructure. It enables management of Windows and Linux machines hosted outside of Azure, on the corporate network, or other cloud provider. This feature allows consistent Azure management across environments, providing a single control plane with access to the same familiar cloud-native Azure management experiences. + +## Table Usage Guide + +The `azure_hybrid_compute_machine` table provides insights into Azure Hybrid Compute Machines within Azure Arc. As a system administrator, explore machine-specific details through this table, including machine properties, operating system details, and status information. Utilize it to uncover information about machines, such as their current provisioning state, the version of the installed agent, and the time of the last agent heartbeat. ## Examples ### Basic info +This query provides a way to gain insights into the status and location of your Azure hybrid compute machines. This can be useful for managing resources and ensuring optimal performance across different regions. + +```sql+postgres +select + name, + id, + status, + provisioning_state, + region +from + azure_hybrid_compute_machine; +``` -```sql +```sql+sqlite select name, id, @@ -18,8 +39,23 @@ from ``` ### List disconnected machines +Explore which machines in your Azure hybrid computing environment are disconnected. This is useful to identify potential issues in your network and ensure all systems are functioning properly. + +```sql+postgres +select + name, + id, + type, + provisioning_state, + status, + region +from + azure_hybrid_compute_machine +where + status = 'Disconnected'; +``` -```sql +```sql+sqlite select name, id, diff --git a/docs/tables/azure_hybrid_kubernetes_connected_cluster.md b/docs/tables/azure_hybrid_kubernetes_connected_cluster.md index 9e67b678..f1e5c403 100644 --- a/docs/tables/azure_hybrid_kubernetes_connected_cluster.md +++ b/docs/tables/azure_hybrid_kubernetes_connected_cluster.md @@ -1,12 +1,33 @@ -# Table: azure_hybrid_kubernetes_connected_cluster +--- +title: "Steampipe Table: azure_hybrid_kubernetes_connected_cluster - Query Azure Hybrid Kubernetes Connected Clusters using SQL" +description: "Allows users to query Hybrid Kubernetes Connected Clusters in Azure, specifically detailing the configuration, status, and properties of each connected cluster." +--- -Hybrid Kubernetes Service allows you to manage your on-premise kubernetes clusters from azure by onboarding them to Azure Arc. The Hybrid Kubernetes API allows you to create, list, update and delete your Arc enabled kubernetes clusters. +# Table: azure_hybrid_kubernetes_connected_cluster - Query Azure Hybrid Kubernetes Connected Clusters using SQL + +Azure Hybrid Kubernetes Connected Clusters is a feature offered by Microsoft Azure that allows users to manage and govern Kubernetes clusters across on-premises, edge, and multi-cloud environments from a single pane of glass. Its unified approach offers consistent visibility, governance, and control across different environments, making it easier to manage Kubernetes resources. It provides a comprehensive view of all Kubernetes applications, irrespective of where they are running. + +## Table Usage Guide + +The `azure_hybrid_kubernetes_connected_cluster` table provides insights into Hybrid Kubernetes Connected Clusters within Microsoft Azure. As a DevOps engineer, this table can be utilized to explore cluster-specific details, including configuration, status, and associated properties. Use it to uncover information about clusters, such as their health status, the Kubernetes version they're running, and their connectivity state with Azure. ## Examples ### Basic info +Explore which Azure Hybrid Kubernetes clusters are currently connected and their respective provisioning states. This can help in assessing the overall health and status of your hybrid cloud infrastructure. + +```sql+postgres +select + name, + id, + connectivity_status, + provisioning_state, + region +from + azure_hybrid_kubernetes_connected_cluster; +``` -```sql +```sql+sqlite select name, id, @@ -18,8 +39,9 @@ from ``` ### List expired clusters +Explore which hybrid Kubernetes clusters in your Azure environment have expired connectivity. This is useful in maintaining an up-to-date and secure network by promptly addressing any expired clusters. -```sql +```sql+postgres select name, id, @@ -32,3 +54,17 @@ from where connectivity_status = 'Expired'; ``` + +```sql+sqlite +select + name, + id, + type, + provisioning_state, + connectivity_status, + region +from + azure_hybrid_kubernetes_connected_cluster +where + connectivity_status = 'Expired'; +``` \ No newline at end of file diff --git a/docs/tables/azure_iothub.md b/docs/tables/azure_iothub.md index bc0f7b4e..75054e3c 100644 --- a/docs/tables/azure_iothub.md +++ b/docs/tables/azure_iothub.md @@ -1,12 +1,32 @@ -# Table: azure_iothub +--- +title: "Steampipe Table: azure_iothub - Query Azure IoT Hub using SQL" +description: "Allows users to query Azure IoT Hubs, providing insights into the configurations, properties, and status of each IoT hub deployed in Azure." +--- -Azure IoT Hub is Microsoft’s Internet of Things connector to the cloud. It’s a fully managed cloud service that enables reliable and secure bi-directional communications between millions of IoT devices and a solution back end. +# Table: azure_iothub - Query Azure IoT Hub using SQL + +Azure IoT Hub is a managed service, hosted in the cloud, that acts as a central message hub for bi-directional communication between your IoT application and the devices it manages. It provides reliable and secure communication between millions of IoT devices and a cloud-hosted solution backend. Azure IoT Hub supports communications both from the device to the cloud and from the cloud to the device. + +## Table Usage Guide + +The `azure_iothub` table provides insights into IoT Hubs within Azure. As a IoT developer or cloud solutions architect, explore IoT Hub-specific details through this table, including configurations, properties, and status. Utilize it to uncover information about each IoT Hub, such as its SKU, location, and the number of devices it can support, to ensure optimal performance and resource allocation. ## Examples ### Basic info +Explore the basic characteristics of your Azure IoT Hub resources, such as their names, IDs, regions, and types. This can help you manage your resources more effectively by understanding their distribution and categorization. -```sql +```sql+postgres +select + name, + id, + region, + type +from + azure_iothub; +``` + +```sql+sqlite select name, id, @@ -17,8 +37,9 @@ from ``` ### List hubs which are not active +Determine the areas in which certain hubs within the Azure IoT platform are not currently active. This can help prioritize troubleshooting efforts or identify opportunities for resource optimization. -```sql +```sql+postgres select name, id, @@ -29,3 +50,15 @@ from where state <> 'Active'; ``` + +```sql+sqlite +select + name, + id, + region, + type +from + azure_iothub +where + state != 'Active'; +``` \ No newline at end of file diff --git a/docs/tables/azure_iothub_dps.md b/docs/tables/azure_iothub_dps.md index df15850a..93606602 100644 --- a/docs/tables/azure_iothub_dps.md +++ b/docs/tables/azure_iothub_dps.md @@ -1,12 +1,32 @@ -# Table: azure_iothub_dps +--- +title: "Steampipe Table: azure_iothub_dps - Query Azure IoT Hub Device Provisioning Services using SQL" +description: "Allows users to query Azure IoT Hub Device Provisioning Services, offering details about the status, registration, and configuration of each device." +--- -The IoT Hub Device Provisioning Service (DPS) is a helper service for IoT Hub that enables zero-touch, just-in-time provisioning to the right IoT hub without requiring human intervention, allowing customers to provision millions of devices in a secure and scalable manner. +# Table: azure_iothub_dps - Query Azure IoT Hub Device Provisioning Services using SQL + +Azure IoT Hub Device Provisioning Service is a helper service for IoT Hub that enables zero-touch, just-in-time provisioning to the right IoT hub without requiring human intervention, enabling customers to provision millions of devices in a secure and scalable manner. It provides a seamless, highly scalable way to register and provision IoT devices with an IoT hub. It enables customers to automate the process of registering devices with IoT Hub, reducing the complexity of initial device setup. + +## Table Usage Guide + +The `azure_iothub_dps` table provides insights into Device Provisioning Services within Azure IoT Hub. As an IoT developer, explore device-specific details through this table, including status, registration, and configuration. Utilize it to uncover information about devices, such as their provisioning status, the IoT hub they are associated with, and the attestation mechanism used. ## Examples ### Basic info +Explore which Azure IoT Hub Device Provisioning Services (DPS) are available and where they are located to better manage and distribute your IoT devices across different regions. This helps in planning and optimizing the distribution of your IoT devices. -```sql +```sql+postgres +select + name, + id, + region, + type +from + azure_iothub_dps; +``` + +```sql+sqlite select name, id, @@ -17,8 +37,9 @@ from ``` ### List iot hub dps which are not active +Determine the areas in which IoT Hub Device Provisioning Services within Azure are not currently active. This can be beneficial for identifying potential issues or areas of underutilization within your IoT network. -```sql +```sql+postgres select name, id, @@ -29,3 +50,15 @@ from where state <> 'Active'; ``` + +```sql+sqlite +select + name, + id, + region, + type +from + azure_iothub_dps +where + state != 'Active'; +``` \ No newline at end of file diff --git a/docs/tables/azure_key_vault.md b/docs/tables/azure_key_vault.md index 2097f42c..70989611 100644 --- a/docs/tables/azure_key_vault.md +++ b/docs/tables/azure_key_vault.md @@ -1,12 +1,22 @@ -# Table: azure_key_vault +--- +title: "Steampipe Table: azure_key_vault - Query Azure Key Vaults using SQL" +description: "Allows users to query Azure Key Vaults, specifically the keys, secrets, and certificates stored within them, providing insights into security and access management." +--- -Azure Key Vault is a cloud service used to manage keys, secrets, and certificates. +# Table: azure_key_vault - Query Azure Key Vaults using SQL + +Azure Key Vault is a service within Microsoft Azure that safeguards cryptographic keys and other secrets used by cloud apps and services. It allows you to securely store and tightly control access to tokens, passwords, certificates, API keys, and other secrets. Azure Key Vault simplifies the process of meeting the compliance needs for managing, protecting, and controlling access to sensitive business information. + +## Table Usage Guide + +The `azure_key_vault` table provides insights into the keys, secrets, and certificates stored within Azure Key Vaults. As a security administrator, explore vault-specific details through this table, including enabled status, recovery level, and associated metadata. Utilize it to uncover information about vaults, such as the access policies, tenant details, and the verification of enabled network rules. ## Examples ### List of key vaults where soft deletion is not enabled +Identify instances where key vaults in Azure are potentially vulnerable due to the lack of soft deletion feature. This can help in enhancing data security by pinpointing areas where improvements can be made. -```sql +```sql+postgres select name, id, @@ -18,10 +28,22 @@ where not soft_delete_enabled; ``` +```sql+sqlite +select + name, + id, + soft_delete_enabled, + soft_delete_retention_in_days +from + azure_key_vault +where + soft_delete_enabled = 0; +``` ### List of key vaults where soft deletion retention period is less than 30 days +Determine the areas in which the soft deletion retention period of key vaults in Azure is less than 30 days. This query can be used to pinpoint specific locations where data retention policies may need to be strengthened for better security. -```sql +```sql+postgres select name, id, @@ -33,10 +55,22 @@ where soft_delete_retention_in_days < 30; ``` +```sql+sqlite +select + name, + id, + soft_delete_enabled, + soft_delete_retention_in_days +from + azure_key_vault +where + soft_delete_retention_in_days < 30; +``` ### Key vaults access information +Determine the areas in which your Azure Key Vaults are being utilized by assessing whether they are enabled for deployment, disk encryption, or template deployment. This allows for a comprehensive understanding of your vault usage and can help optimize resource allocation. -```sql +```sql+postgres select name, id, @@ -47,10 +81,21 @@ from azure_key_vault; ``` +```sql+sqlite +select + name, + id, + enabled_for_deployment, + enabled_for_disk_encryption, + enabled_for_template_deployment +from + azure_key_vault; +``` ### List of premium category key vaults +Determine the areas in which premium category key vaults are being used within your Azure environment. This is useful for keeping track of high-security vaults and ensuring they are being used appropriately. -```sql +```sql+postgres select name, id, @@ -62,10 +107,22 @@ where sku_name = 'Premium'; ``` +```sql+sqlite +select + name, + id, + sku_name, + sku_family +from + azure_key_vault +where + sku_name = 'Premium'; +``` ### Key vaults access policies details for certificates, keys and secrets +Determine the access policies for certificates, keys, and secrets within Azure Key Vaults to enhance security and access management. This query is useful in understanding the permissions structure within your Key Vaults, which can aid in identifying potential security vulnerabilities. -```sql +```sql+postgres select name, policy -> 'permissionsCertificates' as certificates_permissions, @@ -76,10 +133,21 @@ from jsonb_array_elements(access_policies) as policy; ``` +```sql+sqlite +select + name, + json_extract(policy.value, '$.permissionsCertificates') as certificates_permissions, + json_extract(policy.value, '$.permissionsKeys') as keys_permissions, + json_extract(policy.value, '$.permissionsSecrets') as secrets_permissions +from + azure_key_vault, + json_each(access_policies) as policy; +``` ### List vaults with logging enabled +Determine the areas in which your Azure Key Vaults have logging enabled for auditing purposes. This can be useful to ensure compliance with security policies and regulations by identifying vaults that are actively recording and retaining audit events. -```sql +```sql+postgres select name, setting -> 'properties' ->> 'storageAccountId' storage_account_id, @@ -96,3 +164,21 @@ where and log ->> 'category' = 'AuditEvent' and (log -> 'retentionPolicy' ->> 'days')::integer > 0; ``` + +```sql+sqlite +select + name, + json_extract(setting.value, '$.properties.storageAccountId') storage_account_id, + json_extract(log.value, '$.category') category, + json_extract(log.value, '$.retentionPolicy.days') log_retention_days +from + azure_key_vault, + json_each(diagnostic_settings) as setting, + json_each(json_extract(setting.value, '$.properties.logs')) as log +where + diagnostic_settings is not null + and json_extract(setting.value, '$.properties.storageAccountId') <> '' + and json_extract(log.value, '$.enabled') = 1 + and json_extract(log.value, '$.category') = 'AuditEvent' + and json_extract(log.value, '$.retentionPolicy.days') > 0; +``` \ No newline at end of file diff --git a/docs/tables/azure_key_vault_deleted_vault.md b/docs/tables/azure_key_vault_deleted_vault.md index 42397844..fff95c88 100644 --- a/docs/tables/azure_key_vault_deleted_vault.md +++ b/docs/tables/azure_key_vault_deleted_vault.md @@ -1,12 +1,33 @@ -# Table: azure_key_vault_deleted_vault +--- +title: "Steampipe Table: azure_key_vault_deleted_vault - Query Azure Key Vaults using SQL" +description: "Allows users to query deleted Azure Key Vaults, providing insights into the historical and current deletions of Azure Key Vaults." +--- -Azure Key Vault's soft-delete feature allows recovery of the deleted vaults and deleted key vault objects. +# Table: azure_key_vault_deleted_vault - Query Azure Key Vaults using SQL + +Azure Key Vault is a cloud service for securely storing and accessing secrets. A secret is anything that you want to tightly control access to, such as API keys, passwords, certificates, or cryptographic keys. Azure Key Vault handles requesting and renewing Transport Layer Security (TLS) certificates. + +## Table Usage Guide + +The `azure_key_vault_deleted_vault` table provides insights into the deleted vaults within Azure Key Vault. As a security analyst, explore vault-specific details through this table, including deletion dates, recovery levels, and associated metadata. Utilize it to uncover information about deleted vaults, such as their scheduled purge dates, recovery ids, and the geographical location of the vaults. ## Examples ### Basic info +Discover the segments that have been deleted from your Azure Key Vault, including when they were deleted and when they are scheduled for permanent removal. This can be useful for auditing purposes, ensuring data integrity, and managing your digital assets. -```sql +```sql+postgres +select + name, + id, + type, + deletion_date, + scheduled_purge_date +from + azure_key_vault_deleted_vault; +``` + +```sql+sqlite select name, id, @@ -18,8 +39,9 @@ from ``` ### List deleted vaults with scheduled purge date more than 1 day +Explore which Azure Key Vaults have been deleted but are scheduled for purge after more than one day. This can be useful for reviewing and managing your data retention and recovery strategies. -```sql +```sql+postgres select name, id, @@ -31,3 +53,16 @@ from where scheduled_purge_date > (current_date - interval '1' day); ``` + +```sql+sqlite +select + name, + id, + type, + deletion_date, + scheduled_purge_date +from + azure_key_vault_deleted_vault +where + date(scheduled_purge_date) > date('now','-1 day'); +``` \ No newline at end of file diff --git a/docs/tables/azure_key_vault_key.md b/docs/tables/azure_key_vault_key.md index a68dd9b5..d9706c4f 100644 --- a/docs/tables/azure_key_vault_key.md +++ b/docs/tables/azure_key_vault_key.md @@ -1,12 +1,35 @@ -# Table: azure_key_vault_key +--- +title: "Steampipe Table: azure_key_vault_key - Query Azure Key Vault Keys using SQL" +description: "Allows users to query Azure Key Vault Keys, providing access to key details, including key type, key state, and key attributes." +--- -Azure Key Vault Keys are 'Cryptographic keys' used to encrypt information without releasing the private key to the consumer. It acts like a black box to encrypt and decrypt content using the RSA algorithm. The RSA algorithm, involves a public key and private key. +# Table: azure_key_vault_key - Query Azure Key Vault Keys using SQL + +Azure Key Vault is a service within Microsoft Azure that provides a secure store for secrets, keys, and certificates. It provides a centralized way to manage cryptographic keys and secrets in cloud applications, without having to maintain an in-house key management infrastructure. Azure Key Vault helps users safeguard cryptographic keys and secrets used by cloud apps and services. + +## Table Usage Guide + +The `azure_key_vault_key` table provides insights into keys within Azure Key Vault. As a security engineer, explore key-specific details through this table, including key type, key state, and key attributes. Utilize it to uncover information about keys, such as those with specific attributes, the state of the keys, and the verification of key properties. ## Examples ### Basic info +Explore the status and details of your Azure Key Vault keys to understand their configurations and keep track of their activity. This is useful for maintaining security and ensuring that keys are up-to-date and correctly enabled. -```sql +```sql+postgres +select + name, + vault_name, + enabled, + created_at, + updated_at, + key_type, + location +from + azure_key_vault_key; +``` + +```sql+sqlite select name, vault_name, @@ -20,8 +43,20 @@ from ``` ### List disabled keys +Identify instances where Azure Key Vault keys are disabled to ensure proper security measures are in place and access control is effectively managed. -```sql +```sql+postgres +select + name, + vault_name, + enabled +from + azure_key_vault_key +where + not enabled; +``` + +```sql+sqlite select name, vault_name, @@ -33,8 +68,20 @@ where ``` ### List keys with no expiration time set +Identify instances where certain keys within Azure's Key Vault service have not been assigned an expiration time. This could be useful in managing security practices, as keys without set expiration times could potentially pose a risk. + +```sql+postgres +select + name, + enabled, + expires_at +from + azure_key_vault_key +where + expires_at is null; +``` -```sql +```sql+sqlite select name, enabled, @@ -46,8 +93,9 @@ where ``` ### List keys which have never been updated +Discover the keys in your Azure Key Vault that have remained unmodified since their creation. This can be useful to identify any keys that may have been overlooked or forgotten, ensuring all keys are up-to-date and secure. -```sql +```sql+postgres select name, enabled, @@ -60,9 +108,23 @@ where and age(updated_at, created_at) = '00:00:00'; ``` +```sql+sqlite +select + name, + enabled, + created_at, + updated_at +from + azure_key_vault_key +where + enabled + and (strftime('%s', updated_at) - strftime('%s', created_at)) = 0; +``` + ### Count the number of keys by key vault +Determine the distribution of keys across various vaults to understand your security setup better. This can help identify any potential vaults that may be overloaded or underutilized. -```sql +```sql+postgres select vault_name, count(vault_name) as count @@ -71,3 +133,13 @@ from group by vault_name; ``` + +```sql+sqlite +select + vault_name, + count(vault_name) as count +from + azure_key_vault_key +group by + vault_name; +``` \ No newline at end of file diff --git a/docs/tables/azure_key_vault_key_version.md b/docs/tables/azure_key_vault_key_version.md index 138054cc..f777aba0 100644 --- a/docs/tables/azure_key_vault_key_version.md +++ b/docs/tables/azure_key_vault_key_version.md @@ -1,12 +1,35 @@ -# Table: azure_key_vault_key_version +--- +title: "Steampipe Table: azure_key_vault_key_version - Query Azure Key Vault Key Versions using SQL" +description: "Allows users to query Azure Key Vault Key Versions. This table provides detailed information about each version of a key in Azure Key Vault." +--- -Azure Key Vault Keys are 'Cryptographic keys' used to encrypt information without releasing the private key to the consumer. It acts like a black box to encrypt and decrypt content using the RSA algorithm. The RSA algorithm, involves a public key and private key. They can roll to a new version of the key, back it up, and do related tasks. +# Table: azure_key_vault_key_version - Query Azure Key Vault Key Versions using SQL + +Azure Key Vault is a service that provides a secure storage for secrets, keys, and certificates. It enables users to securely store and tightly control access to tokens, passwords, certificates, API keys, and other secrets. Azure Key Vault simplifies the process of meeting industry compliance and regulatory standards. + +## Table Usage Guide + +The `azure_key_vault_key_version` table provides insights into each version of a key stored in Azure Key Vault. As a security analyst, you can explore key-specific details through this table, including the key type, key state, and associated metadata. Use it to track the lifecycle of keys, verify the key state, and ensure compliance with security policies. ## Examples ### Basic info +Explore the status and details of various versions of keys in your Azure Key Vault. This will help you understand the lifecycle of your keys, their types, and their geographical locations, which can be crucial for managing security and compliance. + +```sql+postgres +select + name, + vault_name, + enabled, + created_at, + updated_at, + key_type, + location +from + azure_key_vault_key_version; +``` -```sql +```sql+sqlite select name, vault_name, @@ -20,8 +43,9 @@ from ``` ### List disabled key versions +Identify instances where key versions are disabled in Azure Key Vault, allowing you to review and manage your keys' security settings effectively. -```sql +```sql+postgres select name, key_name, @@ -33,9 +57,33 @@ where not enabled; ``` +```sql+sqlite +select + name, + key_name, + vault_name, + enabled +from + azure_key_vault_key_version +where + enabled = 0; +``` + ### List keys versions with no expiration time set +Explore which versions of keys in Azure Key Vault have not been assigned an expiration time. This is useful for identifying potential security risks and ensuring key management best practices are being followed. -```sql +```sql+postgres +select + name, + enabled, + expires_at +from + azure_key_vault_key_version +where + expires_at is null; +``` + +```sql+sqlite select name, enabled, @@ -47,8 +95,9 @@ where ``` ### Count the number of versions by key +Assess the elements within your Azure Key Vault by determining the quantity of versions for each key. This can be beneficial in managing key rotations and understanding the lifecycle of each key. -```sql +```sql+postgres select key_name, count(name) as key_version_count @@ -57,3 +106,13 @@ from group by key_name; ``` + +```sql+sqlite +select + key_name, + count(name) as key_version_count +from + azure_key_vault_key_version +group by + key_name; +``` \ No newline at end of file diff --git a/docs/tables/azure_key_vault_managed_hardware_security_module.md b/docs/tables/azure_key_vault_managed_hardware_security_module.md index 2fa2cf5f..e124f4e5 100644 --- a/docs/tables/azure_key_vault_managed_hardware_security_module.md +++ b/docs/tables/azure_key_vault_managed_hardware_security_module.md @@ -1,12 +1,34 @@ -# Table: azure_key_vault_managed_hardware_security_module +--- +title: "Steampipe Table: azure_key_vault_managed_hardware_security_module - Query Azure Key Vaults using SQL" +description: "Allows users to query Azure Key Vaults, specifically those managed by hardware security modules, providing insights into key management, encryption, and decryption services." +--- -Azure Key Vault Managed HSM is a fully managed, highly available, single-tenant, standards-compliant cloud service that enables you to safeguard cryptographic keys for your cloud applications, using FIPS 140-2 Level 3 validated HSMs. +# Table: azure_key_vault_managed_hardware_security_module - Query Azure Key Vaults using SQL + +Azure Key Vault is a service within Microsoft Azure that provides secure key management and cryptographic protection services. It offers solutions for securely storing and accessing secrets, keys, and certificates, while also providing logging for all key usage. A managed hardware security module (HSM) in Azure Key Vault provides cryptographic key storage in FIPS 140-2 Level 3 validated HSMs. + +## Table Usage Guide + +The `azure_key_vault_managed_hardware_security_module` table provides insights into Azure Key Vaults managed by hardware security modules. As a security engineer, explore vault-specific details through this table, including keys, secrets, and certificates, and their associated metadata. Utilize it to uncover information about key usage, key permissions, and the verification of cryptographic protection services. ## Examples ### Basic info +Explore the configuration of Azure's Key Vault Managed Hardware Security Module to understand its current settings and location. This is useful for auditing security measures and ensuring data is stored in the correct geographical region. -```sql +```sql+postgres +select + name, + id, + hsm_uri, + type, + enable_soft_delete, + region +from + azure_key_vault_managed_hardware_security_module; +``` + +```sql+sqlite select name, id, @@ -19,8 +41,9 @@ from ``` ### List soft delete disabled hsm managed key vaults +Identify instances where the soft delete feature is disabled in Azure Key Vault Managed Hardware Security Modules. This is useful for enhancing data security by ensuring that deleted data can be recovered. -```sql +```sql+postgres select name, id, @@ -29,4 +52,15 @@ from azure_key_vault_managed_hardware_security_module where not enable_soft_delete; +``` + +```sql+sqlite +select + name, + id, + enable_soft_delete +from + azure_key_vault_managed_hardware_security_module +where + enable_soft_delete = 0; ``` \ No newline at end of file diff --git a/docs/tables/azure_key_vault_secret.md b/docs/tables/azure_key_vault_secret.md index 9b99a729..7134d79a 100644 --- a/docs/tables/azure_key_vault_secret.md +++ b/docs/tables/azure_key_vault_secret.md @@ -1,12 +1,35 @@ -# Table: azure_key_vault_secret +--- +title: "Steampipe Table: azure_key_vault_secret - Query Azure Key Vault Secrets using SQL" +description: "Allows users to query Azure Key Vault Secrets, providing insights into the secrets stored in Azure Key Vaults, including their attributes, versions, and associated metadata." +--- -Azure Key Vault is a cloud service for securely storing and accessing secrets. A secret is anything that you want to tightly control access to, such as API keys, passwords, certificates, or cryptographic keys. +# Table: azure_key_vault_secret - Query Azure Key Vault Secrets using SQL + +Azure Key Vault Secret is a resource within Microsoft Azure that allows you to securely store and tightly control access to tokens, passwords, certificates, API keys, and other secrets. It provides a centralized way to manage application secrets and control their distribution. Azure Key Vault Secret helps maintain application secrets with a high level of security. + +## Table Usage Guide + +The `azure_key_vault_secret` table provides insights into the secrets stored in Azure Key Vaults. As a security engineer, explore secret-specific details through this table, including secret attributes, versions, and associated metadata. Utilize it to uncover information about secrets, such as their recovery level, enabled status, and expiration dates. ## Examples ### Basic info +Explore the status and details of your Azure Key Vault secrets. This query is useful to keep track of the secrets' status, enabling you to manage and monitor them effectively. -```sql +```sql+postgres +select + name, + id, + vault_name, + enabled, + created_at, + updated_at, + value +from + azure_key_vault_secret; +``` + +```sql+sqlite select name, id, @@ -20,8 +43,20 @@ from ``` ### List disabled secrets +Explore which secrets within the Azure Key Vault are currently disabled. This can help in managing access and maintaining the security of your vault. -```sql +```sql+postgres +select + name, + vault_name, + enabled +from + azure_key_vault_secret +where + not enabled; +``` + +```sql+sqlite select name, vault_name, @@ -33,8 +68,20 @@ where ``` ### List secrets that do not expire +Discover the segments that consist of non-expiring secrets within Azure's key vault. This can be useful in managing and identifying potential security risks associated with indefinite secret keys. + +```sql+postgres +select + name, + enabled, + expires_at +from + azure_key_vault_secret +where + expires_at is null; +``` -```sql +```sql+sqlite select name, enabled, @@ -46,8 +93,9 @@ where ``` ### List enabled secrets that have never been updated +Identify the enabled secrets within your Azure Key Vault that have remained unchanged since their creation. This is useful for security purposes and ensuring that secret keys are being regularly updated and managed properly. -```sql +```sql+postgres select name, enabled, @@ -60,9 +108,23 @@ where and age(updated_at, created_at) = '00:00:00'; ``` +```sql+sqlite +select + name, + enabled, + created_at, + updated_at +from + azure_key_vault_secret +where + enabled + and (julianday(updated_at) - julianday(created_at)) * 24 * 60 * 60 = 0; +``` + ### Count the number of secrets by vault +Assess the elements within your Azure Key Vault by counting the number of secrets each vault holds. This allows you to understand the distribution of secrets across your vaults, helping to manage and balance storage. -```sql +```sql+postgres select vault_name, count(vault_name) as count @@ -71,3 +133,13 @@ from group by vault_name; ``` + +```sql+sqlite +select + vault_name, + count(vault_name) as count +from + azure_key_vault_secret +group by + vault_name; +``` \ No newline at end of file diff --git a/docs/tables/azure_kubernetes_cluster.md b/docs/tables/azure_kubernetes_cluster.md index c22050cc..fa4c432b 100644 --- a/docs/tables/azure_kubernetes_cluster.md +++ b/docs/tables/azure_kubernetes_cluster.md @@ -1,12 +1,22 @@ -# Table: azure_kubernetes_cluster +--- +title: "Steampipe Table: azure_kubernetes_cluster - Query Azure Kubernetes Services using SQL" +description: "Allows users to query Azure Kubernetes Services, specifically providing information about the configuration, health and performance of each Kubernetes cluster deployed in Azure." +--- -Azure Kubernetes orchestrates clusters of virtual machines and schedules containers to run on those virtual machines based on their available compute resources and the resource requirements of each container. +# Table: azure_kubernetes_cluster - Query Azure Kubernetes Services using SQL + +Azure Kubernetes Service (AKS) is a managed container orchestration service provided by Microsoft Azure. AKS simplifies the deployment, scaling, and operations of Kubernetes, an open-source system for automating the deployment, scaling, and management of containerized applications. It provides developers with a scalable and highly available infrastructure that's ideal for deploying microservice apps. + +## Table Usage Guide + +The `azure_kubernetes_cluster` table provides insights into each Kubernetes cluster within Azure Kubernetes Service (AKS). As a DevOps engineer, you can use this table to explore details about each cluster, including its configuration, health status, and performance metrics. This information can be useful for monitoring the state of your clusters, troubleshooting issues, and optimizing resource usage. ## Examples ### Basic Info +Analyze the settings to understand the fundamental details of your Azure Kubernetes clusters. This information can help you monitor and manage your clusters more effectively by providing insights into aspects such as their location, type, and SKU. -```sql +```sql+postgres select name, id, @@ -17,10 +27,21 @@ from azure_kubernetes_cluster; ``` +```sql+sqlite +select + name, + id, + location, + type, + sku +from + azure_kubernetes_cluster; +``` ### List clusters with a system assigned identity +Identify instances where your Azure Kubernetes clusters are using a system assigned identity. This is useful in managing and securing cluster resources, as system assigned identities allow Azure to automatically manage the credentials. -```sql +```sql+postgres select name, id, @@ -34,10 +55,24 @@ where identity ->> 'type' = 'SystemAssigned'; ``` +```sql+sqlite +select + name, + id, + location, + type, + json_extract(identity, '$.type') as identity_type, + sku +from + azure_kubernetes_cluster +where + json_extract(identity, '$.type') = 'SystemAssigned'; +``` ### List clusters that have role-based access control (RBAC) disabled +Determine the areas in your Azure Kubernetes clusters where role-based access control (RBAC) is disabled. This can help enhance your security measures by identifying potential vulnerabilities and ensuring appropriate access controls are in place. -```sql +```sql+postgres select name, id, @@ -52,10 +87,25 @@ where not enable_rbac; ``` +```sql+sqlite +select + name, + id, + location, + type, + identity, + enable_rbac, + sku +from + azure_kubernetes_cluster +where + not enable_rbac; +``` ### List clusters with an undesirable version (older than 1.20.5) +Identify instances where your clusters are running on an outdated version (older than 1.20.5) in Azure Kubernetes. This is beneficial for maintaining system security and performance by ensuring your clusters are up-to-date. -```sql +```sql+postgres select name, id, @@ -67,3 +117,16 @@ from where kubernetes_version < '1.20.5'; ``` + +```sql+sqlite +select + name, + id, + location, + type, + kubernetes_version +from + azure_kubernetes_cluster +where + kubernetes_version < '1.20.5'; +``` \ No newline at end of file diff --git a/docs/tables/azure_kubernetes_service_version.md b/docs/tables/azure_kubernetes_service_version.md index 95be7988..2ed76ccb 100644 --- a/docs/tables/azure_kubernetes_service_version.md +++ b/docs/tables/azure_kubernetes_service_version.md @@ -1,14 +1,38 @@ -# Table: azure_kubernetes_service_version +--- +title: "Steampipe Table: azure_kubernetes_service_version - Query Azure Kubernetes Service Versions using SQL" +description: "Allows users to query Azure Kubernetes Service Versions, providing detailed information about the different versions of the Kubernetes service available in Azure." +--- -Azure AKS (Azure Kubernetes Service) orchestrator is a managed container orchestration service provided by Microsoft Azure. It simplifies the deployment, management, and scaling of containerized applications using Kubernetes. AKS allows you to deploy and manage containerized applications without the need to manage the underlying infrastructure. It provides automated Kubernetes upgrades, built-in monitoring and diagnostics, and seamless integration with other Azure services. AKS enables developers and DevOps teams to focus on application development and deployment, while Azure takes care of the underlying Kubernetes infrastructure. +# Table: azure_kubernetes_service_version - Query Azure Kubernetes Service Versions using SQL -**Note:** You need to pass the `location` in the where clause to query this table. +Azure Kubernetes Service (AKS) is a managed container orchestration service provided by Azure. It simplifies the deployment, scaling, and operations of containerized applications using Kubernetes, an open-source platform for automating deployment, scaling, and management of containerized applications. The service versions table provides information about the different versions of the Kubernetes service available in Azure. + +## Table Usage Guide + +The `azure_kubernetes_service_version` table provides insights into the different versions of Azure Kubernetes Service available. As a DevOps engineer or system administrator, you can use this table to understand the features, improvements, and fixes associated with each version of the service. This can help in making informed decisions when planning for version upgrades or when troubleshooting issues related to specific versions. + +**Important notes:** +- You must specify the `location` in the `where` clause to query this table. ## Examples ### Basic info +Discover the segments of Azure's Kubernetes service located in the 'eastus2' region to understand their orchestration types and versions. This can be useful to identify and manage services based on their orchestration details. + +```sql+postgres +select + name, + id, + type, + orchestrator_type, + orchestrator_version +from + azure_kubernetes_service_version +where + location = 'eastus2'; +``` -```sql +```sql+sqlite select name, id, @@ -22,8 +46,23 @@ where ``` ### List major kubernetes versions +Determine the major versions of Kubernetes orchestration service in the East US 2 region within Azure. This is useful for understanding the available Kubernetes versions in a specific location for planning deployments or upgrades. + +```sql+postgres +select + name, + id, + orchestrator_type, + orchestrator_version +from + azure_kubernetes_service_version +where + orchestrator_version = 'major' +and + location = 'eastus2'; +``` -```sql +```sql+sqlite select name, id, @@ -38,8 +77,24 @@ and ``` ### List kubernetes orchestrator type +Determine the areas in which Kubernetes is used as the orchestrator type within the Azure Kubernetes Service in the East US 2 region. This can be useful for organizations to assess their use of Kubernetes in specific geographical locations. -```sql +```sql+postgres +select + name, + id, + type, + orchestrator_type, + is_preview +from + azure_kubernetes_service_version +where + orchestrator_type = 'Kubernetes' +and + location = 'eastus2'; +``` + +```sql+sqlite select name, id, @@ -55,8 +110,24 @@ and ``` ### List kubernetes versions that are not in preview +Determine the versions of Kubernetes in the 'eastus2' location that are fully released and not in a preview stage. This could be useful for organizations planning to use stable versions of Kubernetes for their operations in the specified location. -```sql +```sql+postgres +select + name, + id, + orchestrator_type, + orchestrator_version, + is_preview +from + azure_kubernetes_service_version +where + not is_preview +and + location = 'eastus2'; +``` + +```sql+sqlite select name, id, @@ -72,8 +143,9 @@ and ``` ### Get upgrade details of each kubernetes version +Determine the upgrade details for each version of Kubernetes within a specific location. This can be useful for planning and managing version upgrades, especially in identifying whether the version is still in preview or fully released. -```sql +```sql+postgres select name, u ->> 'orchestratorType' as orchestrator_type, @@ -85,3 +157,16 @@ from where location = 'eastus2'; ``` + +```sql+sqlite +select + name, + json_extract(u.value, '$.orchestratorType') as orchestrator_type, + json_extract(u.value, '$.orchestratorVersion') as orchestrator_version, + json_extract(u.value, '$.isPreview') as is_preview +from + azure_kubernetes_service_version, + json_each(upgrades) as u +where + location = 'eastus2'; +``` \ No newline at end of file diff --git a/docs/tables/azure_kusto_cluster.md b/docs/tables/azure_kusto_cluster.md index 8e3aab8e..b3275006 100644 --- a/docs/tables/azure_kusto_cluster.md +++ b/docs/tables/azure_kusto_cluster.md @@ -1,12 +1,34 @@ -# Table: azure_kusto_cluster +--- +title: "Steampipe Table: azure_kusto_cluster - Query Azure Kusto Clusters using SQL" +description: "Allows users to query Azure Kusto Clusters, providing insights into the configuration, status, and metadata of each cluster." +--- -An Azure Data Explorer cluster (Previously known as Kusto) is a pair of engine and data management clusters which uses several Azure resources such as Azure Linux VM’s and Storage. The applicable VMs, Azure Storage, Azure Networking and Azure Load balancer costs are billed directly to the customer subscriptions, applications, websites, etc. +# Table: azure_kusto_cluster - Query Azure Kusto Clusters using SQL + +Azure Kusto is a big data, interactive analytics platform that enables high-performance data exploration, analysis, and visualization. It offers real-time insights on large volumes of streaming data and is used extensively for log and telemetry analytics. Azure Kusto Clusters are the compute resources for the Kusto Engine, which organizes the data and makes it available for querying. + +## Table Usage Guide + +The `azure_kusto_cluster` table provides insights into Azure Kusto Clusters within Microsoft Azure. As a data analyst or data engineer, explore details of each cluster through this table, including its configuration, status, and metadata. Utilize it to uncover information about clusters, such as their capacity, performance levels, and the data they hold. ## Examples ### Basic Info +Explore the key characteristics of your Azure Kusto clusters to better understand their configuration and location details. This can assist in managing resources efficiently and optimizing your data analytics operations. -```sql +```sql+postgres +select + name, + id, + location, + type, + sku_name, + uri +from + azure_kusto_cluster; +``` + +```sql+sqlite select name, id, @@ -19,8 +41,22 @@ from ``` ### List kusto clusters with standard sku tier +Identify instances where Azure Kusto clusters are operating on a standard SKU tier. This is useful to understand the distribution of your resources and manage costs effectively. -```sql +```sql+postgres +select + name, + id, + type, + sku_name, + sku_tier +from + azure_kusto_cluster +where + sku_tier = 'Standard'; +``` + +```sql+sqlite select name, id, @@ -34,8 +70,20 @@ where ``` ### List running kusto clusters +Identify instances where Azure Kusto clusters are currently active. This is useful for monitoring the operational status of your Azure resources and maintaining optimal performance. + +```sql+postgres +select + name, + id, + state +from + azure_kusto_cluster +where + state = 'Running'; +``` -```sql +```sql+sqlite select name, id, @@ -47,8 +95,9 @@ where ``` ### List the kusto clusters with system-assigned identity +Explore which Azure Kusto clusters are utilizing a system-assigned identity. This is useful for managing and understanding the security configuration of your Azure resources. -```sql +```sql+postgres select name, id, @@ -57,4 +106,15 @@ from azure_kusto_cluster where identity ->> 'type' = 'SystemAssigned'; +``` + +```sql+sqlite +select + name, + id, + state +from + azure_kusto_cluster +where + json_extract(identity, '$.type') = 'SystemAssigned'; ``` \ No newline at end of file diff --git a/docs/tables/azure_lb.md b/docs/tables/azure_lb.md index 99e826e8..972e97d8 100644 --- a/docs/tables/azure_lb.md +++ b/docs/tables/azure_lb.md @@ -1,12 +1,34 @@ -# Table: azure_lb +--- +title: "Steampipe Table: azure_lb - Query Azure Load Balancers using SQL" +description: "Allows users to query Azure Load Balancers, providing detailed information about their configuration, location, and operational status." +--- -Azure Load Balancer operates at layer 4 of the Open Systems Interconnection (OSI) model. It's the single point of contact for clients. Load balancer distributes inbound flows that arrive at the load balancer's front end to backend pool instances. These flows are according to configured load-balancing rules and health probes. The backend pool instances can be Azure Virtual Machines or instances in a virtual machine scale set. +# Table: azure_lb - Query Azure Load Balancers using SQL + +Azure Load Balancer is a high-performance, ultra low-latency Layer 4 load balancing service for all UDP and TCP protocols. It enables you to build highly scalable and highly available applications by providing automatic routing of network traffic to virtual machines. This service also provides health probes to detect the failure of an application on a virtual machine. + +## Table Usage Guide + +The `azure_lb` table provides insights into Load Balancers within Azure. As a Network Administrator, explore Load Balancer-specific details through this table, including configuration, location, and operational status. Utilize it to uncover information about Load Balancers, such as their health status, associated resources, and traffic routing rules. ## Examples ### Basic info +Explore which Azure Load Balancer resources are currently being provisioned in different regions. This is useful for managing and optimizing geographically distributed resources. -```sql +```sql+postgres +select + id, + name, + type, + provisioning_state, + etag, + region +from + azure_lb; +``` + +```sql+sqlite select id, name, @@ -19,8 +41,21 @@ from ``` ### List failed load balancers +Determine the areas in which load balancers have failed within your Azure environment. This can aid in troubleshooting and improving the reliability of your network infrastructure. + +```sql+postgres +select + id, + name, + type, + provisioning_state +from + azure_lb +where + provisioning_state = 'Failed'; +``` -```sql +```sql+sqlite select id, name, diff --git a/docs/tables/azure_lb_backend_address_pool.md b/docs/tables/azure_lb_backend_address_pool.md index 3f4ce930..02b65912 100644 --- a/docs/tables/azure_lb_backend_address_pool.md +++ b/docs/tables/azure_lb_backend_address_pool.md @@ -1,12 +1,33 @@ -# Table: azure_lb_backend_address_pool +--- +title: "Steampipe Table: azure_lb_backend_address_pool - Query Azure Load Balancer Backend Address Pools using SQL" +description: "Allows users to query Azure Load Balancer Backend Address Pools, providing insights into the configuration and status of backend address pools associated with Azure Load Balancers." +--- -An Azure load balancer's backend address pool consists of IP addresses associated with the virtual machine NICs. This pool is used to distribute traffic to the virtual machines behind the load balancer. +# Table: azure_lb_backend_address_pool - Query Azure Load Balancer Backend Address Pools using SQL + +A Backend Address Pool is a part of Azure Load Balancer, which contains IP addresses served by the load balancer. It is a critical component for defining the resource allocation and traffic distribution in the Azure Load Balancer. It provides a centralized way to manage and distribute network traffic among multiple resources, such as virtual machines. + +## Table Usage Guide + +The `azure_lb_backend_address_pool` table provides insights into the backend address pools associated with Azure Load Balancers. As a Network Administrator, explore pool-specific details through this table, including associated load balancers, network interfaces, and IP configurations. Utilize it to understand the distribution of network traffic, manage resource allocation, and ensure optimal load balancing across your Azure resources. ## Examples ### Basic info +Explore the status and type of your Azure load balancer's backend address pool to understand its current operational state and configuration. This helps in managing and troubleshooting your network traffic operations effectively. -```sql +```sql+postgres +select + id, + name, + load_balancer_name, + provisioning_state, + type +from + azure_lb_backend_address_pool; +``` + +```sql+sqlite select id, name, @@ -18,8 +39,9 @@ from ``` ### List failed load balancer backend address pools +Determine the areas in which Azure load balancer backend address pools have failed to provision. This can be useful for troubleshooting and identifying areas that require attention or modification. -```sql +```sql+postgres select id, name, @@ -30,3 +52,15 @@ from where provisioning_state = 'Failed'; ``` + +```sql+sqlite +select + id, + name, + type, + provisioning_state +from + azure_lb_backend_address_pool +where + provisioning_state = 'Failed'; +``` \ No newline at end of file diff --git a/docs/tables/azure_lb_nat_rule.md b/docs/tables/azure_lb_nat_rule.md index 5ac1f80f..48039b32 100644 --- a/docs/tables/azure_lb_nat_rule.md +++ b/docs/tables/azure_lb_nat_rule.md @@ -1,12 +1,33 @@ -# Table: azure_lb_nat_rule +--- +title: "Steampipe Table: azure_lb_nat_rule - Query Azure Load Balancer NAT Rules using SQL" +description: "Allows users to query Azure Load Balancer NAT Rules, providing insights into the network traffic routing configurations." +--- -An inbound NAT rule forwards incoming traffic sent to frontend IP address and port combination. The traffic is sent to a specific virtual machine or instance in the backend pool. Port forwarding is done by the same hash-based distribution as load balancing. +# Table: azure_lb_nat_rule - Query Azure Load Balancer NAT Rules using SQL + +Azure Load Balancer NAT Rules are part of the Azure Load Balancer service, which ensures high availability and network performance to your applications. NAT Rules are responsible for translating the public IP address and port of a packet to a private IP address and port. They play a crucial role in managing network traffic and routing. + +## Table Usage Guide + +The `azure_lb_nat_rule` table provides insights into the NAT rules within Azure Load Balancer. As a network engineer, explore NAT rule-specific details through this table, including the associated load balancer, protocol, and ports. Utilize it to uncover information about NAT rules, such as their configuration, associated resources, and the effectiveness of the network routing. ## Examples ### Basic info +Explore which Azure Load Balancer NAT rules are currently in use and assess their provisioning states to ensure optimal performance and resource allocation. This query is particularly useful in managing and troubleshooting network traffic within your Azure environment. + +```sql+postgres +select + id, + name, + type, + provisioning_state, + etag +from + azure_lb_nat_rule; +``` -```sql +```sql+sqlite select id, name, @@ -18,8 +39,21 @@ from ``` ### List failed load balancer nat rules +Explore instances where load balancer NAT rules have failed in Azure. This helps in pinpointing areas of concern and aids in troubleshooting the issues for smooth operation. -```sql +```sql+postgres +select + id, + name, + type, + provisioning_state +from + azure_lb_nat_rule +where + provisioning_state = 'Failed'; +``` + +```sql+sqlite select id, name, @@ -32,8 +66,21 @@ where ``` ### List load balancer nat rules order by idle timeout +Analyze the settings to understand the order of NAT rules based on their idle timeout within a load balancer. This can be useful in optimizing system performance and managing network traffic more efficiently. + +```sql+postgres +select + id, + name, + type, + idle_timeout_in_minutes +from + azure_lb_nat_rule +order by + idle_timeout_in_minutes; +``` -```sql +```sql+sqlite select id, name, diff --git a/docs/tables/azure_lb_outbound_rule.md b/docs/tables/azure_lb_outbound_rule.md index 4564abf6..35c465b1 100644 --- a/docs/tables/azure_lb_outbound_rule.md +++ b/docs/tables/azure_lb_outbound_rule.md @@ -1,12 +1,33 @@ -# Table: azure_lb_outbound_rule +--- +title: "Steampipe Table: azure_lb_outbound_rule - Query Azure Load Balancer Outbound Rules using SQL" +description: "Allows users to query Azure Load Balancer Outbound Rules, specifically providing details about outbound rules configured for Azure Load Balancers." +--- -Outbound rules allow you to explicitly define SNAT(source network address translation) for a public standard load balancer. This configuration allows you to use the public IP(s) of your load balancer to provide outbound internet connectivity for your backend instances. +# Table: azure_lb_outbound_rule - Query Azure Load Balancer Outbound Rules using SQL + +Azure Load Balancer Outbound Rules are part of the Azure Load Balancer service, which allows you to manage and distribute network traffic. Outbound Rules in Azure Load Balancer provide you with the ability to control the outbound network traffic from a virtual network to the internet. They offer you the flexibility to scale and tune your outbound connectivity. + +## Table Usage Guide + +The `azure_lb_outbound_rule` table provides insights into the outbound rules of Azure Load Balancers. As a network administrator, you can use this table to get detailed information about each outbound rule, including the associated Load Balancer, the allocated outbound ports, and the protocol used. This can help you better understand your network traffic and potentially identify any configuration issues or areas for optimization. ## Examples ### Basic info +Determine the status and type of your Azure Load Balancer outbound rules to understand their current provisioning state and manage your network traffic more effectively. -```sql +```sql+postgres +select + id, + name, + type, + provisioning_state, + etag +from + azure_lb_outbound_rule; +``` + +```sql+sqlite select id, name, @@ -18,8 +39,21 @@ from ``` ### List failed load balancer outbound rules +Discover the segments that have failed in the provisioning process of outbound rules in Azure's load balancer. This can be useful to identify and troubleshoot problematic areas in your network infrastructure. + +```sql+postgres +select + id, + name, + type, + provisioning_state +from + azure_lb_outbound_rule +where + provisioning_state = 'Failed'; +``` -```sql +```sql+sqlite select id, name, @@ -32,8 +66,21 @@ where ``` ### List load balancer outbound rules order by idle timeout +Analyze the settings to understand the sequence of outbound rules for a load balancer based on their idle timeout duration. This can help in effective management and optimization of network resources. + +```sql+postgres +select + id, + name, + type, + idle_timeout_in_minutes +from + azure_lb_outbound_rule +order by + idle_timeout_in_minutes; +``` -```sql +```sql+sqlite select id, name, @@ -41,6 +88,6 @@ select idle_timeout_in_minutes from azure_lb_outbound_rule -order by +order by idle_timeout_in_minutes; ``` \ No newline at end of file diff --git a/docs/tables/azure_lb_probe.md b/docs/tables/azure_lb_probe.md index f69b41e8..1a9d0f1b 100644 --- a/docs/tables/azure_lb_probe.md +++ b/docs/tables/azure_lb_probe.md @@ -1,12 +1,34 @@ -# Table: azure_lb_probe +--- +title: "Steampipe Table: azure_lb_probe - Query Azure Load Balancer Probes using SQL" +description: "Allows users to query Azure Load Balancer Probes, providing valuable insights into the health and performance of the load balancer." +--- -When using load-balancing rules with Azure Load Balancer, you need to specify health probes to allow Load Balancer to detect the backend endpoint status. The configuration of the health probe and probe responses determine which backend pool instances will receive new flows. You can use health probes to detect the failure of an application on a backend endpoint. +# Table: azure_lb_probe - Query Azure Load Balancer Probes using SQL + +Azure Load Balancer Probes are a feature of Azure Load Balancer that enables monitoring of the health and performance of the load balancer. Probes are used to detect the health of the backend resources and make decisions about sending network traffic. They provide essential information to ensure the efficient and reliable operation of the load balancer. + +## Table Usage Guide + +The `azure_lb_probe` table provides insights into Azure Load Balancer Probes. Network administrators and DevOps engineers can use this table to monitor the health and performance of the load balancer, making it a valuable resource for maintaining optimal network performance. Furthermore, it can be utilized to detect anomalies and troubleshoot potential issues, ensuring the reliability and efficiency of the load balancer. ## Examples ### Basic info +Explore which Azure load balancer probes are currently in use to understand their configuration and state. This can help in managing network traffic and ensuring optimal performance. + +```sql+postgres +select + id, + name, + type, + provisioning_state, + load_balancer_name, + port +from + azure_lb_probe; +``` -```sql +```sql+sqlite select id, name, @@ -19,8 +41,21 @@ from ``` ### List failed load balancer probes +Discover the segments that have failed load balancer probes in your Azure environment. This information can help you identify potential issues and improve your resource management. + +```sql+postgres +select + id, + name, + type, + provisioning_state +from + azure_lb_probe +where + provisioning_state = 'Failed'; +``` -```sql +```sql+sqlite select id, name, @@ -33,8 +68,21 @@ where ``` ### List load balancer probes order by interval +Assess the elements within your Azure load balancer probes to prioritize them based on frequency of checks, allowing you to understand and manage the performance and availability of your services. + +```sql+postgres +select + id, + name, + type, + interval_in_seconds +from + azure_lb_probe +order by + interval_in_seconds; +``` -```sql +```sql+sqlite select id, name, diff --git a/docs/tables/azure_lb_rule.md b/docs/tables/azure_lb_rule.md index a0186e3a..a5482dc2 100644 --- a/docs/tables/azure_lb_rule.md +++ b/docs/tables/azure_lb_rule.md @@ -1,12 +1,33 @@ -# Table: azure_lb_rule +--- +title: "Steampipe Table: azure_lb_rule - Query Azure Load Balancer Rules using SQL" +description: "Allows users to query Azure Load Balancer Rules, providing insights into the rules defined for load balancing traffic." +--- -A load balancer rule is used to define how traffic is distributed to the VMs. You define the front-end IP configuration for the incoming traffic and the back-end IP pool to receive the traffic, along with the required source and destination port. +# Table: azure_lb_rule - Query Azure Load Balancer Rules using SQL + +An Azure Load Balancer Rule is a rule within Microsoft Azure that determines how network traffic is distributed among service endpoints in a load balancer. It provides a way to direct traffic based on a variety of parameters, including port, protocol, and IP address. These rules play a crucial role in ensuring the smooth operation and scalability of applications hosted on Azure. + +## Table Usage Guide + +The `azure_lb_rule` table provides insights into the rules defined within Azure Load Balancer. As a network engineer or a system administrator, you can explore rule-specific details through this table, including the load balancing algorithm used, health probe settings, and associated metadata. Utilize it to uncover information about the rules, such as those directing traffic to specific ports or using certain protocols, and to verify their configurations. ## Examples ### Basic info +Explore the configuration and status of Azure load balancer rules. This aids in understanding the type and provisioning state of each rule, which can help in managing and troubleshooting your Azure load balancer setup. + +```sql+postgres +select + id, + name, + type, + provisioning_state, + etag +from + azure_lb_rule; +``` -```sql +```sql+sqlite select id, name, @@ -18,8 +39,21 @@ from ``` ### List failed load balancer rules +Discover the segments that have unsuccessful load balancer rules, allowing you to focus on rectifying these specific areas to improve network traffic distribution. -```sql +```sql+postgres +select + id, + name, + type, + provisioning_state +from + azure_lb_rule +where + provisioning_state = 'Failed'; +``` + +```sql+sqlite select id, name, @@ -32,8 +66,21 @@ where ``` ### List load balancer rules order by idle timeout +Assess the elements within your load balancer rules to understand which ones have been idle for the longest time. This could help optimize resource allocation and improve system performance. + +```sql+postgres +select + id, + name, + type, + idle_timeout_in_minutes +from + azure_lb_rule +order by + idle_timeout_in_minutes; +``` -```sql +```sql+sqlite select id, name, diff --git a/docs/tables/azure_location.md b/docs/tables/azure_location.md index 6ecacdcf..6bfb0a8f 100644 --- a/docs/tables/azure_location.md +++ b/docs/tables/azure_location.md @@ -1,12 +1,22 @@ -# Table: azure_location +--- +title: "Steampipe Table: azure_location - Query Azure Locations using SQL" +description: "Allows users to query Azure Locations, specifically to retrieve metadata about the different geographical locations within the Azure platform." +--- -Azure offers the scale and data residency options you need to bring your apps closer to your users around the world. +# Table: azure_location - Query Azure Locations using SQL + +Azure Locations represent the geographical data centers where Azure resources are hosted. They are spread across the globe, enabling users to deploy resources near their customers to reduce latency and improve application performance. Each location is made up of one or more data centers equipped with server, storage, and networking hardware. + +## Table Usage Guide + +The `azure_location` table provides insights into the geographical locations within the Azure platform. As a cloud administrator or architect, explore location-specific details through this table, including name, regional display name, and longitude/latitude coordinates. Utilize it to plan your resource deployment strategy, ensuring optimal performance and compliance with data residency regulations. ## Examples ### Display name of each azure location +Explore which Azure locations are available by displaying their names. This is beneficial for understanding your geographic distribution options within the Azure platform. -```sql +```sql+postgres select name, display_name @@ -14,10 +24,27 @@ from azure_location; ``` +```sql+sqlite +select + name, + display_name +from + azure_location; +``` ### Latitude and Longitude of the azure locations +Determine the geographical coordinates of various Azure locations. This is useful for mapping out data centers or planning for geo-redundancy. + +```sql+postgres +select + name, + latitude, + longitude +from + azure_location; +``` -```sql +```sql+sqlite select name, latitude, diff --git a/docs/tables/azure_log_alert.md b/docs/tables/azure_log_alert.md index b8b7834e..7d088818 100644 --- a/docs/tables/azure_log_alert.md +++ b/docs/tables/azure_log_alert.md @@ -1,12 +1,32 @@ -# Table: azure_log_alert +--- +title: "Steampipe Table: azure_log_alert - Query Azure Log Alerts using SQL" +description: "Allows users to query Azure Log Alerts, providing insights into the log alerts set up within their Azure resources." +--- -Activity log alerts are the alerts that get activated when a new activity log event occurs that matches the conditions specified in the alert. +# Table: azure_log_alert - Query Azure Log Alerts using SQL + +Azure Log Alerts is a feature within Azure Monitor that allows users to create alert rules based on log search queries. When these queries return results that meet certain conditions, an alert is triggered. This feature is essential for monitoring, troubleshooting, and gaining insights into the operational health and performance of Azure resources. + +## Table Usage Guide + +The `azure_log_alert` table provides insights into log alerts within Azure Monitor. As a system administrator, explore alert-specific details through this table, including alert rules, conditions, actions, and associated metadata. Utilize it to uncover information about alerts, such as those triggered by certain log search queries, the conditions that cause alerts to be triggered, and the actions taken when alerts are triggered. ## Examples ### Basic info +Determine the status of alerts in your Azure log by identifying their name, ID, type, and whether they are enabled or not. This can help you manage and prioritize your alerts effectively. + +```sql+postgres +select + name, + id, + type, + enabled +from + azure_log_alert; +``` -```sql +```sql+sqlite select name, id, @@ -17,8 +37,9 @@ from ``` ### List log alerts that check for create policy assignment events +Determine the areas in which log alerts are set to monitor the creation of policy assignments in Azure. This can be useful in managing and tracking changes to policy assignments. -```sql +```sql+postgres select name, id, @@ -29,3 +50,15 @@ from where l ->> 'equals' = 'Microsoft.Authorization/policyAssignments/write'; ``` + +```sql+sqlite +select + name, + a.id, + type +from + azure_log_alert as a, + json_each(condition, '$.allOf') as l +where + json_extract(l.value, '$.equals') = 'Microsoft.Authorization/policyAssignments/write'; +``` \ No newline at end of file diff --git a/docs/tables/azure_log_profile.md b/docs/tables/azure_log_profile.md index fb674de5..5861033c 100644 --- a/docs/tables/azure_log_profile.md +++ b/docs/tables/azure_log_profile.md @@ -1,12 +1,32 @@ -# Table: azure_log_profile +--- +title: "Steampipe Table: azure_log_profile - Query Azure Log Profiles using SQL" +description: "Allows users to query Azure Log Profiles, providing insights into system-wide logging configurations that control how activity logs are exported." +--- -Log profiles are the legacy method for sending the Activity log to Azure storage or event hubs. Use the following procedure to continue working with a log profile or to disable it in preparation for migrating to a diagnostic setting. +# Table: azure_log_profile - Query Azure Log Profiles using SQL + +Azure Log Profiles are a system-wide logging configuration in Azure that controls how activity logs are exported. These profiles specify the storage account, event hub, or Log Analytics workspace where activity logs are sent. They are essential for managing and maintaining operational visibility in Azure environments. + +## Table Usage Guide + +The `azure_log_profile` table provides insights into system-wide logging configurations in Azure. As a security analyst, you can use this table to understand how activity logs are exported, including the destinations such as storage accounts, event hubs, or Log Analytics workspaces. This table is crucial in maintaining operational visibility and ensuring compliance with logging policies in your Azure environments. ## Examples ### Basic info +Explore the basic details of your Azure log profiles to understand their associations with storage accounts and service bus rules, which can be beneficial in managing and troubleshooting your Azure resources. + +```sql+postgres +select + name, + id, + storage_account_id, + service_bus_rule_id +from + azure_log_profile; +``` -```sql +```sql+sqlite select name, id, diff --git a/docs/tables/azure_logic_app_workflow.md b/docs/tables/azure_logic_app_workflow.md index d04ca1ca..c9120756 100644 --- a/docs/tables/azure_logic_app_workflow.md +++ b/docs/tables/azure_logic_app_workflow.md @@ -1,12 +1,32 @@ -# Table: azure_logic_app_workflow +--- +title: "Steampipe Table: azure_logic_app_workflow - Query Azure Logic App Workflows using SQL" +description: "Allows users to query Azure Logic App Workflows, specifically details regarding the configuration, status, and properties of each workflow, aiding in the management and monitoring of automated business processes." +--- -Azure Logic Apps helps you simplify and implement scalable integrations and workflows in the cloud. You can model and automate your process visually as a series of steps known as a workflow in the Logic App Designer. +# Table: azure_logic_app_workflow - Query Azure Logic App Workflows using SQL + +Azure Logic Apps is a cloud service that helps you schedule, automate, and orchestrate tasks, business processes, and workflows when you need to integrate apps, data, systems, and services across enterprises or organizations. Logic Apps simplifies how you design and build scalable solutions for app integration, data integration, system integration, enterprise application integration (EAI), and business-to-business (B2B) communication, whether in the cloud, on premises, or both. You can build workflows that automatically trigger and run whenever a specific event occurs or when new data meets the conditions that you defined. + +## Table Usage Guide + +The `azure_logic_app_workflow` table provides insights into Logic App Workflows within Azure. As a DevOps engineer, explore workflow-specific details through this table, including configuration, status, and associated properties. Utilize it to monitor and manage automated business processes, ensuring efficient data and system integration. ## Examples ### Basic info +Explore which Azure Logic App workflows are active or inactive and their associated types. This can be beneficial for identifying workflows that may need attention or tracking the variety of workflow types in use. -```sql +```sql+postgres +select + name, + id, + state, + type +from + azure_logic_app_workflow; +``` + +```sql+sqlite select name, id, @@ -17,8 +37,21 @@ from ``` ### List disabled workflows +This query allows you to identify all disabled workflows within your Azure Logic App, helping to manage and optimize your workflow processes. This could be particularly useful for troubleshooting, auditing, or improving efficiency by identifying unused or unnecessary workflows. -```sql +```sql+postgres +select + name, + id, + state, + type +from + azure_logic_app_workflow +where + state = 'Disabled'; +``` + +```sql+sqlite select name, id, @@ -31,8 +64,9 @@ where ``` ### List suspended workflows +Determine the areas in which Azure Logic App workflows are currently suspended. This is useful for troubleshooting and identifying workflows that may need attention or modification. -```sql +```sql+postgres select name, id, @@ -43,3 +77,15 @@ from where state = 'Suspended'; ``` + +```sql+sqlite +select + name, + id, + state, + type +from + azure_logic_app_workflow +where + state = 'Suspended'; +``` \ No newline at end of file diff --git a/docs/tables/azure_machine_learning_workspace.md b/docs/tables/azure_machine_learning_workspace.md index c29130b2..3582c0d6 100644 --- a/docs/tables/azure_machine_learning_workspace.md +++ b/docs/tables/azure_machine_learning_workspace.md @@ -1,12 +1,32 @@ -# Table: azure_machine_learning_workspace +--- +title: "Steampipe Table: azure_machine_learning_workspace - Query Azure Machine Learning Workspaces using SQL" +description: "Allows users to query Azure Machine Learning Workspaces, providing comprehensive information on configuration, status, and properties of each workspace." +--- -The workspace is the top-level resource for Azure Machine Learning, providing a centralized place to work with all the artifacts you create when you use Azure Machine Learning. The workspace keeps a history of all training runs, including logs, metrics, output, and a snapshot of your scripts. You use this information to determine which training run produces the best model. +# Table: azure_machine_learning_workspace - Query Azure Machine Learning Workspaces using SQL + +Azure Machine Learning is a cloud-based environment that enables developers to build, train, and deploy machine learning models. Workspaces in Azure Machine Learning are the top-level resource for the service, providing a centralized place to work with all the artifacts you create. A workspace is tied to an Azure subscription and the resources are used to run the workspace and its experiments. + +## Table Usage Guide + +The `azure_machine_learning_workspace` table provides insights into Azure Machine Learning Workspaces. As a data scientist or machine learning engineer, you can explore workspace-specific details through this table, including configurations, status, and properties. Utilize it to uncover information about workspace, such as its associated resources, location, and SKU details, enabling effective management and optimization of your machine learning experiments. ## Examples ### Basic info +Explore which Azure Machine Learning Workspaces are currently provisioned and understand their types. This can be useful for managing resources and understanding the distribution of workspace types within your Azure environment. + +```sql+postgres +select + name, + id, + type, + provisioning_state +from + azure_machine_learning_workspace; +``` -```sql +```sql+sqlite select name, id, @@ -17,8 +37,9 @@ from ``` ### List system assigned identity type workspace +Determine the areas in which system-assigned identities are used within Azure's machine learning workspace. This can help streamline system management by identifying where these automated identities are deployed. -```sql +```sql+postgres select name, id, @@ -30,9 +51,34 @@ where identity ->> 'type' = 'SystemAssigned'; ``` +```sql+sqlite +select + name, + id, + type, + json_extract(identity, '$.type') as identity_type +from + azure_machine_learning_workspace +where + json_extract(identity, '$.type') = 'SystemAssigned'; +``` + ### List key vault used by workspaces with soft deletion disabled +Determine the areas in which the key vault used by workspaces has soft deletion disabled. This is beneficial in identifying potential vulnerabilities and ensuring data protection and recovery strategies are in place. + +```sql+postgres +select + m.name as workspace_name, + m.id as workspace_id, + v.soft_delete_enabled +from + azure_machine_learning_workspace as m, + azure_key_vault as v +where + lower(m.key_vault) = lower(v.id) and not v.soft_delete_enabled; +``` -```sql +```sql+sqlite select m.name as workspace_name, m.id as workspace_id, diff --git a/docs/tables/azure_management_group.md b/docs/tables/azure_management_group.md index fb834008..351f9fbb 100644 --- a/docs/tables/azure_management_group.md +++ b/docs/tables/azure_management_group.md @@ -1,14 +1,36 @@ -# Table: azure_management_group +--- +title: "Steampipe Table: azure_management_group - Query Azure Management Groups using SQL" +description: "Allows users to query Azure Management Groups, providing a hierarchical structure for unified policy and access management across multiple Azure subscriptions." +--- -Management groups provide a governance scope above subscriptions. You organize subscriptions into management groups in the governance conditions you apply cascade by inheritance to all associated subscriptions. Management groups give you enterprise-grade management at a scale no matter what type of subscriptions you might have. However, all subscriptions within a single management group must trust the same Azure Active Directory (Azure AD) tenant. +# Table: azure_management_group - Query Azure Management Groups using SQL -Note: To query this table, you need to have at least read access to the specific management group. +Azure Management Groups offer a level of scope above subscriptions. They provide a hierarchical structure for unified policy and access management across multiple Azure subscriptions. Management groups allow you to organize subscriptions into containers called "management groups" and apply your governance conditions to the management groups. + +## Table Usage Guide + +The `azure_management_group` table provides insights into Management Groups within Azure. As a system administrator or a DevOps engineer, explore group-specific details through this table, including group hierarchy, subscription associations, and associated metadata. Utilize it to uncover information about groups, such as their structure, the subscriptions they contain, and the policies applied to them. + +**Important notes:** +- You need to have at least read access to the specific management group to query this table. ## Examples ### Basic info +Explore the management groups within your Azure environment to understand their types and the tenants they belong to. This can help in identifying who last updated these groups, aiding in accountability and tracking changes. + +```sql+postgres +select + id, + name, + type, + tenant_id, + updated_by +from + azure_management_group; +``` -```sql +```sql+sqlite select id, name, @@ -20,8 +42,9 @@ from ``` ### List children for management groups +Explore the updated information of Azure Management Groups, including the associated children groups. This is useful for understanding the hierarchical structure and changes made within your Azure Management Groups. -```sql +```sql+postgres select name, updated_by, @@ -30,9 +53,19 @@ from azure_management_group; ``` +```sql+sqlite +select + name, + updated_by, + children +from + azure_management_group; +``` + ### List parent details for management groups +Explore which management groups in Azure have been recently modified and by whom. This can provide insights into changes in the organizational structure and help maintain accountability. -```sql +```sql+postgres select name, updated_by, @@ -40,3 +73,12 @@ select from azure_management_group; ``` + +```sql+sqlite +select + name, + updated_by, + parent +from + azure_management_group; +``` \ No newline at end of file diff --git a/docs/tables/azure_management_lock.md b/docs/tables/azure_management_lock.md index 791ef30c..a36fe38e 100644 --- a/docs/tables/azure_management_lock.md +++ b/docs/tables/azure_management_lock.md @@ -1,12 +1,22 @@ -# Table: azure_management_lock +--- +title: "Steampipe Table: azure_management_lock - Query Azure Management Locks using SQL" +description: "Allows users to query Azure Management Locks, particularly their properties and associated resources, providing insights into the locks' configurations and status." +--- -Management locks help you prevent accidental deletion or modification of your Azure resources. +# Table: azure_management_lock - Query Azure Management Locks using SQL + +Azure Management Lock is a feature within Microsoft Azure that helps prevent accidental deletion or modification of Azure resources. It allows administrators to apply a 'CanNotDelete' or 'ReadOnly' lock on a subscription, resource group, or resource to protect it from being inadvertently deleted or modified. These locks can be used across various Azure resources, including virtual machines, storage accounts, and more. + +## Table Usage Guide + +The `azure_management_lock` table provides insights into Management Locks within Microsoft Azure. As an Azure administrator or a DevOps engineer, explore lock-specific details through this table, including their level (CanNotDelete or ReadOnly), scope, and associated resources. Utilize it to uncover information about locks, such as those applied on critical resources, to ensure their accidental deletion or modification is prevented. ## Examples ### List of resources where the management locks are applied +This example demonstrates how to identify resources that have management locks applied to them within the Azure environment. This could be useful for administrators who need to manage access controls or troubleshoot issues related to locked resources. -```sql +```sql+postgres select name, split_part(id, '/', 8) as resource_type, @@ -15,10 +25,15 @@ from azure_management_lock; ``` +```sql+sqlite +Error: SQLite does not support split_part function. +``` + ### Resources and lock levels +Uncover the details of specific Azure resources and their associated lock levels. This can help you assess what resources are locked at what level, aiding in security and access management. -```sql +```sql+postgres select name, split_part(id, '/', 8) as resource_type, @@ -27,3 +42,7 @@ select from azure_management_lock; ``` + +```sql+sqlite +Error: SQLite does not support split or string_to_array functions. +``` \ No newline at end of file diff --git a/docs/tables/azure_mariadb_server.md b/docs/tables/azure_mariadb_server.md index 6814c417..8a55e574 100644 --- a/docs/tables/azure_mariadb_server.md +++ b/docs/tables/azure_mariadb_server.md @@ -1,12 +1,34 @@ -# Table: azure_mariadb_server +--- +title: "Steampipe Table: azure_mariadb_server - Query Azure MariaDB Servers using SQL" +description: "Allows users to query Azure MariaDB Servers, offering insights into the configuration and status of these managed database service instances." +--- -Azure Database for MariaDB is a relational database service based on the open-source MariaDB Server engine. It's a fully managed database as a service offering that can handle mission-critical workloads with predictable performance and dynamic scalability. +# Table: azure_mariadb_server - Query Azure MariaDB Servers using SQL + +Azure MariaDB Server is a fully managed relational database service provided by Microsoft Azure. It is a scalable and flexible service that allows users to deploy highly available MariaDB databases in the cloud. Azure MariaDB Server provides automatic backups, patching, monitoring, and scaling of resources to ensure optimal performance and reliability. + +## Table Usage Guide + +The `azure_mariadb_server` table offers insights into the configuration and status of Azure MariaDB Server instances. As a database administrator, you can utilize this table to monitor and manage your MariaDB instances, including their performance, security settings, and backup configurations. This table is also beneficial for auditing purposes, allowing you to track changes and maintain compliance with organizational policies and standards. ## Examples ### Basic info +Explore the overall status and location of your Azure MariaDB servers. This query is useful in gaining insights into the versions, pricing tiers, visibility, and geographical distribution of your databases, aiding in resource management and cost optimization. -```sql +```sql+postgres +select + name, + version, + sku_name, + user_visible_state, + region, + resource_group +from + azure_mariadb_server; +``` + +```sql+sqlite select name, version, @@ -19,8 +41,21 @@ from ``` ### List servers with Geo-redundant backup disabled +Discover the segments that have disabled geo-redundant backup, a feature essential for data protection and disaster recovery, on their servers. This assists in identifying potential vulnerabilities in the system and aids in enhancing data security. + +```sql+postgres +select + name, + version, + region, + geo_redundant_backup_enabled +from + azure_mariadb_server +where + geo_redundant_backup_enabled = 'Disabled'; +``` -```sql +```sql+sqlite select name, version, @@ -33,8 +68,21 @@ where ``` ### List servers with SSL enabled +Identify instances where your Azure MariaDB servers have SSL enabled. This is useful for ensuring that your data transmissions are secure and encrypted. -```sql +```sql+postgres +select + name, + version, + region, + ssl_enforcement +from + azure_mariadb_server +where + ssl_enforcement = 'Enabled'; +``` + +```sql+sqlite select name, version, @@ -47,8 +95,9 @@ where ``` ### List servers with backup retention days greater than 90 days +Determine the areas in which servers on Azure MariaDB are configured to retain backups for more than 90 days. This can be useful for identifying servers with potentially excessive storage use or for compliance purposes. -```sql +```sql+postgres select name, version, @@ -59,3 +108,15 @@ from where backup_retention_days > 90; ``` + +```sql+sqlite +select + name, + version, + region, + backup_retention_days +from + azure_mariadb_server +where + backup_retention_days > 90; +``` \ No newline at end of file diff --git a/docs/tables/azure_monitor_activity_log_event.md b/docs/tables/azure_monitor_activity_log_event.md index 00cd8bca..203d9b15 100644 --- a/docs/tables/azure_monitor_activity_log_event.md +++ b/docs/tables/azure_monitor_activity_log_event.md @@ -1,9 +1,17 @@ -# Table: azure_monitor_activity_log_event +--- +title: "Steampipe Table: azure_monitor_activity_log_event - Query Azure Monitor Activity Log Events using SQL" +description: "Allows users to query Activity Log Events in Azure Monitor, providing insights into the operation logs and changes made in Azure resources." +--- -Azure Monitor Activity Log is a service in Microsoft Azure that provides insights into the operations that have been performed on resources in your Azure subscription. It captures a comprehensive set of data about each operation, including who performed the operation, what resources were involved, what operation was performed, and when it occurred. This information is crucial for auditing, compliance, and troubleshooting purposes. +# Table: azure_monitor_activity_log_event - Query Azure Monitor Activity Log Events using SQL -**Important notes:** +Azure Monitor Activity Log Events is a feature within Microsoft Azure that provides insights into the operational activities within your Azure resources. It enables you to categorize and analyze data about the status, event severity, and operations of your Azure resources. Azure Monitor Activity Log Events helps you stay informed about the activities and operations happening in your Azure environment. + +## Table Usage Guide +The `azure_monitor_activity_log_event` table provides insights into the operational activities within Azure Monitor. As a system administrator or a DevOps engineer, explore event-specific details through this table, including event category, event initiation, and associated metadata. Utilize it to uncover information about events, such as those related to service health, resource health, and administrative operations. + +**Important notes:** - This table can provide event details for the previous 90 days. - For improved performance, it is advised that you use the optional qual `event_timestamp` to limit the result set to a specific time period. - This table supports optional quals. Queries with optional quals are optimized to use Monitor Activity Log filters. Optional quals are supported for the following columns: @@ -16,8 +24,22 @@ Azure Monitor Activity Log is a service in Microsoft Azure that provides insight ## Examples ### Basic info +Explore the sequence and timing of events in your Azure Monitor Activity Log. This query can be used to gain insights into patterns of activity, identify potential issues, and track changes over time. -```sql +```sql+postgres +select + event_name, + event_data_id, + id, + correlation_id, + level, + resource_id, + event_timestamp +from + azure_monitor_activity_log_event; +``` + +```sql+sqlite select event_name, event_data_id, @@ -31,8 +53,23 @@ from ``` ### List events with event-level critical +This example helps identify critical events in your Azure activity log. By doing so, it allows you to promptly respond to potential issues or security threats. + +```sql+postgres +select + event_name, + id, + operation_name, + event_timestamp, + level, + caller +from + azure_monitor_activity_log_event +where + level = 'EventLevelCritical'; +``` -```sql +```sql+sqlite select event_name, id, @@ -47,8 +84,9 @@ where ``` ### List events that occurred over the last five minutes +Track recent activities in your Azure environment by identifying events that have taken place within the last five minutes. This is useful for real-time monitoring and immediate response to changes or incidents. -```sql +```sql+postgres select event_name, event_timestamp, @@ -62,9 +100,24 @@ where event_timestamp >= now() - interval '5 minutes'; ``` +```sql+sqlite +select + event_name, + event_timestamp, + operation_name, + resource_id, + resource_type, + status +from + azure_monitor_activity_log_event +where + event_timestamp >= datetime('now', '-5 minutes'); +``` + ### List ordered events that occurred in the past five to ten minutes +Determine the sequence of events that transpired in the recent past. This can be useful to track and analyze real-time activities, helping to identify patterns or anomalies for prompt action. -```sql +```sql+postgres select event_name, id, @@ -80,9 +133,26 @@ order by event_timestamp asc; ``` +```sql+sqlite +select + event_name, + id, + submission_timestamp, + event_timestamp, + category, + sub_status +from + azure_monitor_activity_log_event +where + event_timestamp between (datetime('now', '-10 minutes')) and (datetime('now', '-5 minutes')) +order by + event_timestamp asc; +``` + ### Get authorization details for events +Determine the authorization details associated with various events to help manage permissions and access control in your Azure environment. This can help in identifying any unauthorized activities or potential security risks. -```sql +```sql+postgres select event_name, authorization_info ->> 'Action' as authorization_action, @@ -92,9 +162,20 @@ from azure_monitor_activity_log_event; ``` +```sql+sqlite +select + event_name, + json_extract(authorization_info, '$.Action') as authorization_action, + json_extract(authorization_info, '$.Role') as authorization_role, + json_extract(authorization_info, '$.Scope') as authorization_scope +from + azure_monitor_activity_log_event; +``` + ### Get HTTP request details of events +Explore the specifics of HTTP requests in event logs to identify potential security threats or unusual activity. This could be useful in troubleshooting, security audits, or monitoring network traffic. -```sql +```sql+postgres select event_name, operation_name, @@ -107,11 +188,39 @@ from azure_monitor_activity_log_event; ``` +```sql+sqlite +select + event_name, + operation_name, + event_timestamp, + json_extract(http_request, '$.ClientRequestID') as client_request_id, + json_extract(http_request, '$.ClientIPAddress') as ClientIPAddress, + json_extract(http_request, '$.Method') as method, + json_extract(http_request, '$.URI') as uri +from + azure_monitor_activity_log_event; +``` + ## Filter examples ### List evens by resource group +Discover the segments that are active within a specific resource group in Azure Monitor's activity log. This can be particularly useful for tracking and managing operations, resources, and statuses associated with specific events. + +```sql+postgres +select + event_name, + id, + resource_id, + operation_name, + resource_type, + status +from + azure_monitor_activity_log_event +where + resource_group = 'my_rg'; +``` -```sql +```sql+sqlite select event_name, id, @@ -126,8 +235,24 @@ where ``` ### List events for a resource provider +Explore the activities associated with a specific resource provider on Azure. This query is useful for tracking operations, event names, and statuses related to a particular network resource provider, helping you understand its activity and performance. -```sql +```sql+postgres +select + event_name, + id, + resource_id, + operation_name, + resource_provider_name, + resource_type, + status +from + azure_monitor_activity_log_event +where + resource_provider_name = 'Microsoft.Network'; +``` + +```sql+sqlite select event_name, id, @@ -143,8 +268,9 @@ where ``` ### List events for a particular resource +Discover the segments that have undergone recent changes in a specific resource within your Azure environment. This is particularly useful for tracking changes and maintaining security compliance. -```sql +```sql+postgres select event_name, id, @@ -157,3 +283,17 @@ from where resource_id = '/subscriptions/hsjekr16-f95f-4771-bbb5-8237jsa349sl/resourceGroups/my_rg/providers/Microsoft.Network/publicIPAddresses/test-backup-ip'; ``` + +```sql+sqlite +select + event_name, + id, + resource_id, + event_timestamp, + correlation_id, + resource_provider_name +from + azure_monitor_activity_log_event +where + resource_id = '/subscriptions/hsjekr16-f95f-4771-bbb5-8237jsa349sl/resourceGroups/my_rg/providers/Microsoft.Network/publicIPAddresses/test-backup-ip'; +``` \ No newline at end of file diff --git a/docs/tables/azure_mssql_elasticpool.md b/docs/tables/azure_mssql_elasticpool.md index 5c050e6e..e3b45cae 100644 --- a/docs/tables/azure_mssql_elasticpool.md +++ b/docs/tables/azure_mssql_elasticpool.md @@ -1,12 +1,33 @@ -# Table: azure_mssql_elasticpool +--- +title: "Steampipe Table: azure_mssql_elasticpool - Query Azure SQL Database Elastic Pools using SQL" +description: "Allows users to query Azure SQL Database Elastic Pools, providing insights into their configuration, performance, and usage statistics." +--- -Azure SQL Database elastic pools are a simple, cost-effective solution for managing and scaling multiple databases that have varying and unpredictable usage demands. +# Table: azure_mssql_elasticpool - Query Azure SQL Database Elastic Pools using SQL + +Azure SQL Database Elastic Pools are a simple, cost-effective solution for managing and scaling multiple databases that have varying and unpredictable usage demands. They provide a resource model that allows databases to use resources as needed, within certain limits, while also providing a level of isolation from other databases. Azure SQL Database Elastic Pools are particularly useful for SaaS providers who need to manage and scale multiple databases with varying and unpredictable usage. + +## Table Usage Guide + +The `azure_mssql_elasticpool` table provides insights into Azure SQL Database Elastic Pools within Azure. As a database administrator or DevOps engineer, explore details about each elastic pool, including its configuration, performance metrics, and usage statistics. Utilize it to understand the resource usage and performance of your elastic pools, and to identify potential areas for optimization or scaling. ## Examples ### Basic info +Explore which Microsoft SQL Server elastic pools in your Azure environment are zone redundant and their current state to manage resource allocation effectively. This query is useful for assessing the distribution of Database Transaction Units (DTUs) across your environment. -```sql +```sql+postgres +select + name, + id, + state, + dtu, + zone_redundant +from + azure_mssql_elasticpool; +``` + +```sql+sqlite select name, id, @@ -18,8 +39,9 @@ from ``` ### List zone redundant elastic pools +Explore which elastic pools in Azure SQL are zone redundant. This query is useful for understanding the distribution and resilience of your database resources across different zones. -```sql +```sql+postgres select name, id, @@ -31,3 +53,16 @@ from where zone_redundant; ``` + +```sql+sqlite +select + name, + id, + state, + dtu, + zone_redundant +from + azure_mssql_elasticpool +where + zone_redundant = 1; +``` \ No newline at end of file diff --git a/docs/tables/azure_mssql_managed_instance.md b/docs/tables/azure_mssql_managed_instance.md index ed37f4b4..ede2c786 100644 --- a/docs/tables/azure_mssql_managed_instance.md +++ b/docs/tables/azure_mssql_managed_instance.md @@ -1,12 +1,33 @@ -# Table: azure_mssql_managed_instance +--- +title: "Steampipe Table: azure_mssql_managed_instance - Query Azure SQL Managed Instances using SQL" +description: "Allows users to query Azure SQL Managed Instances, providing a comprehensive view of the settings, configurations, and health status of these resources." +--- -Azure SQL Managed Instance is the intelligent, scalable cloud database service that combines the broadest SQL Server database engine compatibility with all the benefits of a fully managed and evergreen platform as a service. +# Table: azure_mssql_managed_instance - Query Azure SQL Managed Instances using SQL + +Azure SQL Managed Instance is a fully managed SQL Server Database Engine hosted in Azure cloud. It provides most of the SQL Server's capabilities, allowing you to migrate SQL server workloads to Azure with minimal changes. With built-in intelligence that learns your unique database patterns and adaptive performance tuning based on AI, SQL Managed Instance is a best-in-class database service. + +## Table Usage Guide + +The `azure_mssql_managed_instance` table provides insights into Azure SQL Managed Instances. As a DBA or a cloud architect, you can explore specific details about these instances, including their settings, configurations, and health status. Use this table to monitor and manage your SQL instances effectively, ensuring optimal performance and resource utilization. ## Examples ### Basic info +Explore the status and security settings of your managed instances in Azure's SQL service. This query is useful for understanding the licensing and encryption standards used across your instances, helping you maintain compliance and security in your database management. + +```sql+postgres +select + name, + id, + state, + license_type, + minimal_tls_version +from + azure_mssql_managed_instance; +``` -```sql +```sql+sqlite select name, id, @@ -18,8 +39,9 @@ from ``` ### List managed instances with public endpoint enabled +Identify instances where Azure's managed SQL servers have their public data endpoint enabled. This helps in assessing the elements within your setup that might be exposed to potential security risks. -```sql +```sql+postgres select name, id, @@ -32,9 +54,23 @@ where public_data_endpoint_enabled; ``` +```sql+sqlite +select + name, + id, + state, + license_type, + minimal_tls_version +from + azure_mssql_managed_instance +where + public_data_endpoint_enabled = 1; +``` + ### List security alert policies of the managed instances +Explore the security alert policies of managed instances to understand their configurations, such as creation time, disabled alerts, and retention days. This can help in assessing the security measures in place and identifying areas for improvement. -```sql +```sql+postgres select name, id, @@ -53,3 +89,23 @@ from azure_mssql_managed_instance, jsonb_array_elements(security_alert_policies) as policy; ``` + +```sql+sqlite +select + name, + i.id, + json_extract(policy.value, '$.creationTime') as policy_creation_time, + json_extract(policy.value, '$.disabledAlerts') as policy_disabled_alerts, + json_extract(policy.value, '$.emailAccountAdmins') as policy_email_account_admins, + json_extract(policy.value, '$.emailAddresses') as policy_email_addresses, + json_extract(policy.value, '$.id') as policy_id, + json_extract(policy.value, '$.name') as policy_name, + json_extract(policy.value, '$.retentionDays') as policy_retention_days, + json_extract(policy.value, '$.state') as policy_state, + json_extract(policy.value, '$.storageAccountAccessKey') as policy_storage_account_access_key, + json_extract(policy.value, '$.storageEndpoint') as policy_storage_endpoint, + json_extract(policy.value, '$.type') as policy_type +from + azure_mssql_managed_instance as i, + json_each(security_alert_policies) as policy; +``` \ No newline at end of file diff --git a/docs/tables/azure_mssql_virtual_machine.md b/docs/tables/azure_mssql_virtual_machine.md index 54c373e7..2b249b7d 100644 --- a/docs/tables/azure_mssql_virtual_machine.md +++ b/docs/tables/azure_mssql_virtual_machine.md @@ -1,12 +1,35 @@ -# Table: azure_mssql_virtual_machine +--- +title: "Steampipe Table: azure_mssql_virtual_machine - Query Azure SQL Server Virtual Machines using SQL" +description: "Allows users to query Azure SQL Server Virtual Machines, specifically providing insights into the configuration, status, and operational aspects of the SQL Server instances running on Azure Virtual Machines." +--- -Azure SQL virtual machines are lift-and-shift ready for existing applications that require fast migration to the cloud with minimal changes or no changes. SQL virtual machines offer full administrative control over the SQL Server instance and underlying OS for migration to Azure. +# Table: azure_mssql_virtual_machine - Query Azure SQL Server Virtual Machines using SQL + +Azure SQL Server Virtual Machines are a fully managed service that provides the broadest SQL Server engine compatibility and native virtual network (VNET) support. This service offers a set of capabilities for enterprise-grade data workloads, enabling users to run their SQL Server workloads on a virtual machine in Azure. It is an ideal choice for applications requiring OS-level access. + +## Table Usage Guide + +The `azure_mssql_virtual_machine` table provides insights into SQL Server instances running on Azure Virtual Machines. As a database administrator or a DevOps engineer, explore instance-specific details through this table, including configurations, status, and operational aspects. Utilize it to manage and monitor your SQL Server workloads running on Azure Virtual Machines effectively. ## Examples ### Basic info +Analyze the settings of your Azure SQL virtual machines to gain insights into their current status and configurations. This can help you understand the provisioning state, image offer, license type, and geographical location of each machine, aiding in resource management and optimization. -```sql +```sql+postgres +select + id, + name, + type, + provisioning_state, + sql_image_offer, + sql_server_license_type, + region +from + azure_mssql_virtual_machine; +``` + +```sql+sqlite select id, name, @@ -20,8 +43,9 @@ from ``` ### List failed virtual machines +Determine the areas in which virtual machines have failed to provision properly within your Azure SQL environment, allowing you to address and rectify these issues promptly. -```sql +```sql+postgres select id, name, @@ -32,3 +56,15 @@ from where provisioning_state = 'Failed'; ``` + +```sql+sqlite +select + id, + name, + type, + provisioning_state +from + azure_mssql_virtual_machine +where + provisioning_state = 'Failed'; +``` \ No newline at end of file diff --git a/docs/tables/azure_mysql_flexible_server.md b/docs/tables/azure_mysql_flexible_server.md index b6bbf799..59d209ec 100644 --- a/docs/tables/azure_mysql_flexible_server.md +++ b/docs/tables/azure_mysql_flexible_server.md @@ -1,12 +1,34 @@ -# Table: azure_mysql_flexible_server +--- +title: "Steampipe Table: azure_mysql_flexible_server - Query Azure MySQL Flexible Servers using SQL" +description: "Allows users to query Azure MySQL Flexible Servers, providing detailed information on server configurations, geographical location, and other server-related aspects." +--- -Azure Database for MySQL Flexible Server is a fully managed MySQL database as a service offering that can handle mission-critical workloads with predictable performance and dynamic scalability. +# Table: azure_mysql_flexible_server - Query Azure MySQL Flexible Servers using SQL + +Azure MySQL Flexible Server is a fully managed database service with built-in high availability and flexible scaling. It allows you to run your MySQL server workloads on Azure and includes features like stop/start, burstable compute, and adjustable storage. This service makes it easy to build cloud-native applications or modernize existing applications using a managed platform. + +## Table Usage Guide + +The `azure_mysql_flexible_server` table provides insights into Azure MySQL Flexible Servers within Azure Database for MySQL. As a database administrator, you can explore server-specific details through this table, including server configurations, geographical location, and other server-related aspects. Utilize it to uncover information about servers, such as their current state, performance tier, and the associated resource group. ## Examples ### Basic info +Explore the key details of your Azure MySQL flexible servers such as location, backup retention days, storage IOPS, and public network access. This can help in understanding the configuration and performance of your servers. -```sql +```sql+postgres +select + name, + id, + location, + backup_retention_days, + storage_iops, + public_network_access +from + azure_mysql_flexible_server; +``` + +```sql+sqlite select name, id, @@ -19,8 +41,20 @@ from ``` ### List servers with public network access disabled +Determine the areas in which servers have public network access turned off, enabling you to assess potential security risks and ensure compliance with your organization's policies. + +```sql+postgres +select + name, + id, + public_network_access +from + azure_mysql_flexible_server +where + public_network_access = 'Disabled'; +``` -```sql +```sql+sqlite select name, id, @@ -32,8 +66,20 @@ where ``` ### List servers with storage auto grow disabled +Determine the areas in which servers have the automatic storage growth feature disabled. This can be useful to identify potential risks of running out of storage space unexpectedly. + +```sql+postgres +select + name, + id, + storage_auto_grow +from + azure_mysql_flexible_server +where + storage_auto_grow = 'Disabled'; +``` -```sql +```sql+sqlite select name, id, @@ -45,8 +91,9 @@ where ``` ### List servers with backup retention days greater than 90 days +Determine the areas in which server backup retention exceeds a 90-day period, which could assist in identifying potential resource optimization and cost-saving opportunities. -```sql +```sql+postgres select name, id, @@ -57,11 +104,22 @@ where backup_retention_days > 90; ``` -### List server configuration details +```sql+sqlite +select + name, + id, + backup_retention_days +from + azure_mysql_flexible_server +where + backup_retention_days > 90; +``` +### List server configuration details +Assess the elements within your Azure MySQL flexible server by understanding the specific server configurations in use. This allows you to identify potential areas for optimization and ensure your server is set up according to your organization's requirements. **Note:** `Flexible Server configurations` is the same as `Server parameters` as shown in Azure MySQL Flexible Server console -```sql +```sql+postgres select name as server_name, id as server_id, @@ -72,9 +130,21 @@ from jsonb_array_elements(flexible_server_configurations) as configurations; ``` +```sql+sqlite +select + name as server_name, + s.id as server_id, + json_extract(configurations.value, '$.Name') as configuration_name, + json_extract(configurations.value, '$.ConfigurationProperties.value') as value +from + azure_mysql_flexible_server as s, + json_each(flexible_server_configurations) as configurations; +``` + ### Current state of audit_log_enabled parameter for the servers +This query is used to assess the status of the audit log feature on your Azure MySQL flexible servers. It helps in maintaining security and compliance by identifying servers where this feature is not enabled. -```sql +```sql+postgres select name as server_name, id as server_id, @@ -87,9 +157,23 @@ where configurations ->> 'Name' = 'audit_log_enabled'; ``` +```sql+sqlite +select + name as server_name, + s.id as server_id, + json_extract(configurations.value, '$.Name') as configuration_name, + json_extract(json_extract(configurations.value, '$.ConfigurationProperties'), '$.value') as value +from + azure_mysql_flexible_server as s, + json_each(flexible_server_configurations) as configurations +where + json_extract(configurations.value, '$.Name') = 'audit_log_enabled'; +``` + ### List servers with slow_query_log parameter enabled +Explore which servers have the slow_query_log parameter enabled, allowing you to identify potential performance issues and optimize your database operations. This is particularly useful for monitoring and improving the efficiency of your Azure MySQL flexible servers. -```sql +```sql+postgres select name as server_name, id as server_id, @@ -99,13 +183,28 @@ from azure_mysql_flexible_server, jsonb_array_elements(flexible_server_configurations) as configurations where - configurations ->'ConfigurationProperties' ->> 'value' = 'ON' - and configurations ->> 'Name' = 'slow_query_log'; + configurations ->'ConfigurationProperties' ->> 'value' = 'ON' + and configurations ->> 'Name' = 'slow_query_log'; +``` + +```sql+sqlite +select + name as server_name, + s.id as server_id, + json_extract(configurations.value, '$.Name') as configuration_name, + json_extract(json_extract(configurations.value, '$.ConfigurationProperties'), '$.value') as value +from + azure_mysql_flexible_server as s, + json_each(flexible_server_configurations) as configurations +where + json_extract(json_extract(configurations.value, '$.ConfigurationProperties'), '$.value') = 'ON' + and json_extract(configurations.value, '$.Name') = 'slow_query_log'; ``` ### List servers with log_output parameter set to file +Determine the areas in which servers have their log output parameter set to a file. This is useful for identifying servers that are configured to log activity directly to a file, which could be a requirement for certain security or auditing purposes. -```sql +```sql+postgres select name as server_name, id as server_id, @@ -115,6 +214,20 @@ from azure_mysql_flexible_server, jsonb_array_elements(flexible_server_configurations) as configurations where - configurations ->'ConfigurationProperties' ->> 'value' = 'FILE' - and configurations ->> 'Name' = 'log_output'; + configurations ->'ConfigurationProperties' ->> 'value' = 'FILE' + and configurations ->> 'Name' = 'log_output'; ``` + +```sql+sqlite +select + name as server_name, + s.id as server_id, + json_extract(configurations.value, '$.Name') as configuration_name, + json_extract(json_extract(configurations.value, '$.ConfigurationProperties'), '$.value') as value +from + azure_mysql_flexible_server as s, + json_each(flexible_server_configurations) as configurations +where + json_extract(json_extract(configurations.value, '$.ConfigurationProperties'), '$.value') = 'FILE' + and json_extract(configurations.value, '$.Name') = 'log_output'; +``` \ No newline at end of file diff --git a/docs/tables/azure_mysql_server.md b/docs/tables/azure_mysql_server.md index 32870cb1..b6ea944b 100644 --- a/docs/tables/azure_mysql_server.md +++ b/docs/tables/azure_mysql_server.md @@ -1,12 +1,33 @@ -# Table: azure_mysql_server +--- +title: "Steampipe Table: azure_mysql_server - Query Azure MySQL Servers using SQL" +description: "Allows users to query Azure MySQL Servers, providing detailed information about the configuration, status, and capabilities of each server instance." +--- -Azure Database for MySQL Server is a fully managed database service designed to provide more granular control and flexibility over database management functions and configuration settings. +# Table: azure_mysql_server - Query Azure MySQL Servers using SQL + +Azure Database for MySQL is a managed service that you use to run, manage, and scale highly available MySQL databases in the cloud. This service offers built-in high availability, security at every level of the application stack, and scaling in seconds with Azure. Azure Database for MySQL integrates with popular open-source frameworks and languages, and it's built on the trusted foundation of MySQL community edition. + +## Table Usage Guide + +The `azure_mysql_server` table provides insights into MySQL servers within Azure. As a database administrator, explore server-specific details through this table, including server version, storage capacity, and location. Utilize it to uncover information about servers, such as those with specific configurations, the status of each server, and the backup retention period. ## Examples ### Basic info +Explore the configuration of your Azure MySQL servers to understand their geographical locations and security settings, such as SSL enforcement and the minimal TLS version. This can help ensure your servers are optimally configured for both performance and security. -```sql +```sql+postgres +select + name, + id, + location, + ssl_enforcement, + minimal_tls_version +from + azure_mysql_server; +``` + +```sql+sqlite select name, id, @@ -18,8 +39,21 @@ from ``` ### List servers with SSL enabled +Identify instances where servers have SSL enabled to ensure secure data transmission and safeguard against potential security risks. + +```sql+postgres +select + name, + id, + location, + ssl_enforcement +from + azure_mysql_server +where + ssl_enforcement = 'Enabled'; +``` -```sql +```sql+sqlite select name, id, @@ -32,8 +66,20 @@ where ``` ### List servers with public network access disabled +Explore which servers have enhanced security by having public network access disabled. This is useful for assessing potential vulnerabilities and ensuring that your servers are not exposed to unnecessary risks. -```sql +```sql+postgres +select + name, + id, + public_network_access +from + azure_mysql_server +where + public_network_access = 'Disabled'; +``` + +```sql+sqlite select name, id, @@ -45,8 +91,20 @@ where ``` ### List servers with storage profile auto growth disabled +Identify instances where Azure MySQL servers have the storage profile auto growth feature disabled. This can be useful for optimizing storage management and preventing unexpected storage limitations. -```sql +```sql+postgres +select + name, + id, + storage_auto_grow +from + azure_mysql_server +where + storage_auto_grow = 'Disabled'; +``` + +```sql+sqlite select name, id, @@ -58,8 +116,20 @@ where ``` ### List servers with 'backup_retention_days' greater than 90 days +Identify instances where your Azure MySQL servers are set to retain backups for more than 90 days. This can help in assessing your data retention strategy and ensuring compliance with your organization's data policies. -```sql +```sql+postgres +select + name, + id, + backup_retention_days +from + azure_mysql_server +where + backup_retention_days > 90; +``` + +```sql+sqlite select name, id, @@ -71,8 +141,21 @@ where ``` ### List servers with minimum TLS version lower than 1.2 +Determine the areas in which your Azure MySQL servers may have security vulnerabilities by identifying those running with a minimum TLS version lower than 1.2. This can be used to enhance your server's security by upgrading to a higher TLS version. -```sql +```sql+postgres +select + name, + id, + minimal_tls_version +from + azure_mysql_server +where + minimal_tls_version = 'TLS1_0' + or minimal_tls_version = 'TLS1_1'; +``` + +```sql+sqlite select name, id, @@ -85,8 +168,9 @@ where ``` ### List private endpoint connection details +Explore the details of private endpoint connections in your Azure MySQL server. This query is useful in identifying the status and actions required for each connection, which can help in managing and troubleshooting your private endpoint connections. -```sql +```sql+postgres select name as server_name, id as server_id, @@ -101,9 +185,25 @@ from jsonb_array_elements(private_endpoint_connections) as connections; ``` +```sql+sqlite +select + name as server_name, + s.id as server_id, + json_extract(connections.value, '$.id') as connection_id, + json_extract(connections.value, '$.privateEndpointPropertyId') as connection_private_endpoint_property_id, + json_extract(connections.value, '$.privateLinkServiceConnectionStateActionsRequired') as connection_actions_required, + json_extract(connections.value, '$.privateLinkServiceConnectionStateDescription') as connection_description, + json_extract(connections.value, '$.privateLinkServiceConnectionStateStatus') as connection_status, + json_extract(connections.value, '$.provisioningState') as connection_provisioning_state +from + azure_mysql_server as s, + json_each(private_endpoint_connections) as connections; +``` + ### List server keys +Explore the creation and configuration details of server keys in Azure MySQL servers. This can be useful to manage and track key usage and ensure security compliance across servers. -```sql +```sql+postgres select name as server_name, id as server_id, @@ -119,11 +219,28 @@ from jsonb_array_elements(server_keys) as keys; ``` -### List server configuration details +```sql+sqlite +select + name as server_name, + s.id as server_id, + json_extract(keys.value, '$.creationDate') as keys_creation_date, + json_extract(keys.value, '$.id') as keys_id, + json_extract(keys.value, '$.kind') as keys_kind, + json_extract(keys.value, '$.name') as keys_name, + json_extract(keys.value, '$.serverKeyType') as keys_server_key_type, + json_extract(keys.value, '$.type') as keys_type, + json_extract(keys.value, '$.uri') as keys_uri +from + azure_mysql_server as s, + json_each(server_keys) as keys; +``` +### List server configuration details +This query can be used to analyze and understand the configuration details of your servers on Azure MySQL. It's particularly useful when you need to assess the current settings of your servers for optimization or troubleshooting purposes. **Note:** `Server configurations` is the same as `Server parameters` as shown in Azure MySQL server console -```sql + +```sql+postgres select name as server_name, id as server_id, @@ -134,9 +251,21 @@ from jsonb_array_elements(server_configurations) as configurations; ``` +```sql+sqlite +select + name as server_name, + s.id as server_id, + json_extract(configurations.value, '$.Name') as configuration_name, + json_extract(json_extract(configurations.value, '$.ConfigurationProperties'), '$.value') as value +from + azure_mysql_server as s, + json_each(server_configurations) as configurations; +``` + ### Current state of audit_log_enabled parameter for the servers +This query is used to analyze the status of the audit log feature across various servers in Azure's MySQL service. It provides valuable insights into which servers have the audit log enabled, which is crucial for maintaining security and compliance within the system. -```sql +```sql+postgres select name as server_name, id as server_id, @@ -149,9 +278,23 @@ where configurations ->> 'Name' = 'audit_log_enabled'; ``` +```sql+sqlite +select + name as server_name, + s.id as server_id, + json_extract(configurations.value, '$.Name') as configuration_name, + json_extract(json_extract(configurations.value, '$.ConfigurationProperties'), '$.value') as value +from + azure_mysql_server as s, + json_each(server_configurations) as configurations +where + json_extract(configurations.value, '$.Name') = 'audit_log_enabled'; +``` + ### List servers with slow_query_log parameter enabled +Determine the areas in which the slow query log parameter is enabled on Azure MySQL servers. This is useful for identifying potential performance issues and optimizing database operations. -```sql +```sql+postgres select name as server_name, id as server_id, @@ -165,9 +308,24 @@ where and configurations ->> 'Name' = 'slow_query_log'; ``` +```sql+sqlite +select + name as server_name, + s.id as server_id, + json_extract(configurations.value, '$.Name') as configuration_name, + json_extract(json_extract(configurations.value, '$.ConfigurationProperties'), '$.value') as value +from + azure_mysql_server as s, + json_each(server_configurations) as configurations +where + json_extract(json_extract(configurations.value, '$.ConfigurationProperties'), '$.value') = 'ON' + and json_extract(configurations.value, '$.Name') = 'slow_query_log'; +``` + ### List servers with log_output parameter set to file +This example helps identify Azure MySQL servers that have their log output parameter configured to file. This can be useful for administrators who want to ensure that their server logs are being written to a file for easier access and review. -```sql +```sql+postgres select name as server_name, id as server_id, @@ -181,9 +339,24 @@ where and configurations ->> 'Name' = 'log_output'; ``` +```sql+sqlite +select + name as server_name, + s.id as server_id, + json_extract(configurations.value, '$.Name') as configuration_name, + json_extract(json_extract(configurations.value, '$.ConfigurationProperties'), '$.value') as value +from + azure_mysql_server as s, + json_each(server_configurations) as configurations +where + json_extract(json_extract(configurations.value, '$.ConfigurationProperties'), '$.value') = 'FILE' + and json_extract(configurations.value, '$.Name') = 'log_output'; +``` + ### Get VNET rules details of the server +Explore the configuration of your server to identify whether it is set to ignore missing Virtual Network Service Endpoints. This allows you to assess the security of your server by understanding its network connectivity settings. -```sql +```sql+postgres select name as server_name, id as server_id, @@ -194,9 +367,34 @@ from jsonb_array_elements(vnet_rules) as rules; ``` +```sql+sqlite +select + name as server_name, + s.id as server_id, + json_extract(rules.value, '$.properties.ignoreMissingVnetServiceEndpoint') as ignore_missing_vnet_service_endpoint, + json_extract(rules.value, '$.properties.virtualNetworkSubnetId') as virtual_network_subnet_id +from + azure_mysql_server as s, + json_each(vnet_rules) as rules; +``` + ### Get the security alert policy for a particular server +Determine the security alert policy for a specific server within a given resource group. This is useful for assessing the security measures in place for that server. + +```sql+postgres +select + name, + id, + type, + server_security_alert_policy +from + azure_mysql_server +where + resource_group = 'demo' + and name = 'server-test-for-pr'; +``` -```sql +```sql+sqlite select name, id, diff --git a/docs/tables/azure_nat_gateway.md b/docs/tables/azure_nat_gateway.md index 760c5ec8..a795c6e2 100644 --- a/docs/tables/azure_nat_gateway.md +++ b/docs/tables/azure_nat_gateway.md @@ -1,12 +1,33 @@ -# Table: azure_nat_gateway +--- +title: "Steampipe Table: azure_nat_gateway - Query Azure NAT Gateways using SQL" +description: "Allows users to query Azure NAT Gateways, providing insights into the network traffic routing and potential anomalies." +--- -NAT gateway provides outbound internet connectivity for one or more subnets of a virtual network. Once NAT gateway is associated to a subnet, NAT provides source network address translation (SNAT) for that subnet. NAT gateway specifies which static IP addresses virtual machines use when creating outbound flows. +# Table: azure_nat_gateway - Query Azure NAT Gateways using SQL + +Azure NAT Gateway is a service within Microsoft Azure that simplifies outbound-only internet connectivity for virtual networks. When configured on a subnet, all outbound connectivity uses your specified static public IP addresses. Overcome the challenges of outbound connectivity from your virtual networks with Azure NAT Gateway. + +## Table Usage Guide + +The `azure_nat_gateway` table provides insights into NAT Gateways within Microsoft Azure. As a Network Administrator, you can explore details about each NAT Gateway, including its configuration, associated resources, and status. Use this table to ensure your network's outbound connectivity is correctly routed and to quickly identify any potential issues. ## Examples ### Basic info +Explore the status and details of your Azure NAT Gateway configurations to understand their current state and type. This is beneficial for auditing and managing your network resources effectively. -```sql +```sql+postgres +select + name, + id, + provisioning_state, + sku_name, + type +from + azure_nat_gateway; +``` + +```sql+sqlite select name, id, @@ -18,8 +39,9 @@ from ``` ### List public IP address details for each nat gateway +Identify the public IP address details linked with each network address translation (NAT) gateway. This can help in managing network traffic and understanding the allocation method and IP version of each public IP address. -```sql +```sql+postgres select n.name, i.ip_address as ip_address, @@ -34,9 +56,25 @@ where ip ->> 'id' = i.id; ``` +```sql+sqlite +select + n.name, + i.ip_address as ip_address, + i.ip_configuration_id as ip_configuration_id, + i.public_ip_address_version as public_ip_address_version, + i.public_ip_allocation_method as public_ip_allocation_method +from + azure_nat_gateway as n, + azure_public_ip as i, + json_each(n.public_ip_addresses) as ip +where + json_extract(ip.value, '$.id') = i.id; +``` + ### List subnet details associated with each nat gateway +Explore the connection between NAT gateways and their associated subnets in your Azure environment. This helps in understanding network flow and can assist in troubleshooting connectivity issues. -```sql +```sql+postgres select n.name as name, s.name as subnet_name, @@ -48,3 +86,16 @@ from where sb ->> 'id' = s.id; ``` + +```sql+sqlite +select + n.name as name, + s.name as subnet_name, + s.virtual_network_name as virtual_network_name +from + azure_nat_gateway as n, + azure_subnet as s, + json_each(n.subnets) as sb +where + json_extract(sb.value, '$.id') = s.id; +``` \ No newline at end of file diff --git a/docs/tables/azure_network_interface.md b/docs/tables/azure_network_interface.md index 075c70c2..decb1d07 100644 --- a/docs/tables/azure_network_interface.md +++ b/docs/tables/azure_network_interface.md @@ -1,12 +1,22 @@ -# Table: azure_network_interface +--- +title: "Steampipe Table: azure_network_interface - Query Azure Network Interfaces using SQL" +description: "Allows users to query Network Interfaces in Azure, providing detailed information about each network interface, including its associated network security group, IP configuration, and subnet." +--- -A network interface enables an Azure Virtual Machine to communicate with internet, Azure, and on-premises resources. +# Table: azure_network_interface - Query Azure Network Interfaces using SQL + +A Network Interface in Azure is the interconnection between a Virtual Machine (VM) and the underlying Azure VNet. This interface enables an Azure VM to communicate with internet, Azure, and on-premises resources. Network interfaces consist of one or more IP configurations and a network security group. + +## Table Usage Guide + +The `azure_network_interface` table provides insights into Network Interfaces within Azure. As an Infrastructure Engineer, explore detailed information about each network interface through this table, including its IP configuration, associated network security group, and subnet. Use this table to manage and optimize your network interface configurations, ensuring seamless communication between your Azure VMs and other resources. ## Examples ### Basic IP address info +Explore the configuration of your Azure network interface to gain insights into your private IP address details. This can help you understand your IP allocation methods and versions, which is useful for managing your network resources effectively. -```sql +```sql+postgres select name, ip ->> 'name' as config_name, @@ -18,9 +28,22 @@ from cross join jsonb_array_elements(ip_configurations) as ip; ``` +```sql+sqlite +select + name, + json_extract(ip.value, '$.name') as config_name, + json_extract(ip.value, '$.properties.privateIPAddress') as private_ip_address, + json_extract(ip.value, '$.properties.privateIPAddressVersion') as private_ip_address_version, + json_extract(ip.value, '$.properties.privateIPAllocationMethod') as private_ip_address_allocation_method +from + azure_network_interface, + json_each(ip_configurations) as ip; +``` + ### Find all network interfaces with private IPs that are in a given subnet (10.66.0.0/16) +Determine the areas in which your Azure network interfaces have private IPs within a specific subnet. This is useful for understanding how your network resources are distributed and identifying potential areas of congestion or security vulnerabilities. -```sql +```sql+postgres select name, ip ->> 'name' as config_name, @@ -32,12 +55,29 @@ where ip -> 'properties' ->> 'privateIPAddress' = '10.66.0.0/16'; ``` +```sql+sqlite +select + name, + json_extract(ip.value, '$.name') as config_name, + json_extract(ip.value, '$.properties.privateIPAddress') as private_ip_address +from + azure_network_interface, + json_each(ip_configurations) as ip +where + json_extract(ip.value, '$.properties.privateIPAddress') = '10.66.0.0/16'; +``` + ### Security groups attached to each network interface +Explore which security groups are linked to each network interface in your Azure environment. This can help in managing and improving the security posture of your network. -```sql +```sql+postgres select name, split_part(network_security_group_id, '/', 8) as security_groups from azure_network_interface; +``` + +```sql+sqlite +Error: SQLite does not support split functions. ``` \ No newline at end of file diff --git a/docs/tables/azure_network_security_group.md b/docs/tables/azure_network_security_group.md index b80ab466..5fbcc976 100644 --- a/docs/tables/azure_network_security_group.md +++ b/docs/tables/azure_network_security_group.md @@ -1,12 +1,22 @@ -# Table: azure_network_security_group +--- +title: "Steampipe Table: azure_network_security_group - Query Azure Network Security Groups using SQL" +description: "Allows users to query Network Security Groups in Azure, providing insights into the security rules and configurations of the network infrastructure." +--- -A network security group contains security rules that allow or deny inbound network traffic to, or outbound network traffic from, several types of Azure resources. +# Table: azure_network_security_group - Query Azure Network Security Groups using SQL + +A Network Security Group in Azure is a security feature that acts as a virtual firewall for your network in Azure, using inbound and outbound rules to allow or deny network traffic to resources. It provides granular access control over network traffic by defining network security rules that allow or deny traffic based on traffic direction, protocol, source address and port, and destination address and port. This is a fundamental layer of security for virtual networks in Azure. + +## Table Usage Guide + +The `azure_network_security_group` table provides insights into Network Security Groups within Azure. As a security analyst or network administrator, you can explore the details of these groups through this table, including security rules, configurations, and associated metadata. Utilize this table to uncover information about the security posture of your network, such as the rules that are allowing or denying traffic, the protocols used, and the source and destination addresses and ports. ## Examples ### Subnets and network interfaces attached to the network security groups +Explore the relationships between network security groups, their attached network interfaces, and the subnets within the virtual networks. This can help in understanding the network topology and identifying potential security vulnerabilities. -```sql +```sql+postgres select name, split_part(nic ->> 'id', '/', 9) network_interface, @@ -18,9 +28,14 @@ from jsonb_array_elements(subnets) as vn; ``` +```sql+sqlite +Error: SQLite does not support split or string_to_array functions. +``` + ### List the network security groups whose inbound is not restricted from the internet +Explore which network security groups are not restricting inbound access from the internet. This is useful in identifying potential security vulnerabilities within your network infrastructure. -```sql +```sql+postgres select name, sg ->> 'name' as sg_name, @@ -42,9 +57,32 @@ where ); ``` +```sql+sqlite +select + name, + json_extract(sg.value, '$.name') as sg_name, + json_extract(sg.value, '$.properties.access') as access, + json_extract(sg.value, '$.properties.description') as description, + json_extract(sg.value, '$.properties.destinationPortRange') as destination_port_range, + json_extract(sg.value, '$.properties.direction') as direction, + json_extract(sg.value, '$.properties.priority') as priority, + json_extract(sg.value, '$.properties.sourcePortRange') as source_port_range, + json_extract(sg.value, '$.properties.protocol') as protocol +from + azure_network_security_group, + json_each(security_rules) as sg +where + ( + json_extract(sg.value, '$.properties.sourcePortRange') = '*' + and json_extract(sg.value, '$.properties.destinationPortRange') = '*' + and json_extract(sg.value, '$.properties.access') = 'Allow' + ); +``` + ### Default security group rules info +Discover the details of default security group rules within your Azure network security group. This query can help you understand the access, direction, and protocol of each rule, which can be useful for auditing and optimizing your network security settings. -```sql +```sql+postgres select name, sg -> 'name' as sg_name, @@ -58,4 +96,20 @@ select from azure_network_security_group cross join jsonb_array_elements(default_security_rules) as sg; +``` + +```sql+sqlite +select + name, + json_extract(sg.value, '$.name') as sg_name, + json_extract(sg.value, '$.properties.access') as access, + json_extract(sg.value, '$.properties.description') as description, + json_extract(sg.value, '$.properties.destinationPortRange') as destination_port_range, + json_extract(sg.value, '$.properties.direction') as direction, + json_extract(sg.value, '$.properties.priority') as priority, + json_extract(sg.value, '$.properties.sourcePortRange') as source_port_range, + json_extract(sg.value, '$.properties.protocol') as protocol +from + azure_network_security_group, + json_each(default_security_rules) as sg; ``` \ No newline at end of file diff --git a/docs/tables/azure_network_watcher.md b/docs/tables/azure_network_watcher.md index 0270de88..b6dee690 100644 --- a/docs/tables/azure_network_watcher.md +++ b/docs/tables/azure_network_watcher.md @@ -1,12 +1,30 @@ -# Table: azure_network_watcher +--- +title: "Steampipe Table: azure_network_watcher - Query Azure Network Watchers using SQL" +description: "Allows users to query Azure Network Watchers, providing insights into the network performance monitoring and diagnostic service." +--- -Network Watcher is a regional service that enables you to monitor and diagnose conditions at a network scenario level. +# Table: azure_network_watcher - Query Azure Network Watchers using SQL + +Azure Network Watcher is a network performance monitoring and diagnostic service that enables you to monitor and diagnose conditions at a network scenario level in, to, and from Azure. It provides you with the ability to understand your network performance and health. With Network Watcher, you can monitor and diagnose your network scenarios via provided metrics and logs. + +## Table Usage Guide + +The `azure_network_watcher` table provides insights into Azure Network Watchers within Azure Networking. As a network engineer, explore network-specific details through this table, including network performance and health metrics. Utilize it to uncover information about network conditions, monitor and diagnose network scenarios, and verify network performance. ## Examples ### List of regions where network watcher is enabled +Determine the areas in which the Azure Network Watcher service is active. This is useful for understanding where network monitoring and diagnostic services are currently deployed in your Azure environment. + +```sql+postgres +select + name, + region +from + azure_network_watcher; +``` -```sql +```sql+sqlite select name, region @@ -15,8 +33,9 @@ from ``` ### List of Network watcher without application tag key +Determine the areas in which Azure Network Watchers are operating without an assigned application tag key. This can be useful to identify potential gaps in your tagging strategy and ensure consistent metadata across your resources. -```sql +```sql+postgres select name, tags @@ -24,4 +43,14 @@ from azure_network_watcher where not tags :: JSONB ? 'application'; +``` + +```sql+sqlite +select + name, + tags +from + azure_network_watcher +where + json_extract(tags, '$.application') is null; ``` \ No newline at end of file diff --git a/docs/tables/azure_network_watcher_flow_log.md b/docs/tables/azure_network_watcher_flow_log.md index 5a156985..8ba17f99 100644 --- a/docs/tables/azure_network_watcher_flow_log.md +++ b/docs/tables/azure_network_watcher_flow_log.md @@ -1,12 +1,32 @@ -# Table: azure_network_watcher_flow_log +--- +title: "Steampipe Table: azure_network_watcher_flow_log - Query Azure Network Watcher Flow Logs using SQL" +description: "Allows users to query Azure Network Watcher Flow Logs, providing insights into network traffic patterns and potential anomalies." +--- -Network security group (NSG) flow logs is a feature of Azure Network Watcher that allows user to log information about IP traffic flowing through an NSG. Flow data is sent to Azure Storage accounts from where the user can access it. +# Table: azure_network_watcher_flow_log - Query Azure Network Watcher Flow Logs using SQL + +Azure Network Watcher Flow Logs is a feature within Microsoft Azure that enables capturing information about IP traffic flowing to, and from, Network Security Groups present in Azure Virtual Networks. It allows network troubleshooting, provides visibility into network activity, and maintains compliance by logging network traffic. This feature is critical to understand the access and traffic patterns of Azure resources. + +## Table Usage Guide + +The `azure_network_watcher_flow_log` table provides insights into the network traffic patterns within Azure Network Watcher. As a Network Administrator, explore traffic-specific details through this table, including source and destination IP addresses, traffic flow direction, and traffic volume. Utilize it to uncover information about traffic patterns, such as peak traffic times, most accessed resources, and potential network anomalies. ## Examples ### Basic info +Determine the areas in which Azure Network Watcher's flow logs are enabled to gain insights into your network traffic patterns and trends. This allows you to assess the elements within your network for better security and performance management. + +```sql+postgres +select + name, + enabled, + network_watcher_name, + target_resource_id +from + azure_network_watcher_flow_log; +``` -```sql +```sql+sqlite select name, enabled, @@ -17,8 +37,9 @@ from ``` ### List disabled flow logs +Explore which of the network traffic monitoring tools in your Azure environment are currently inactive. This is useful for ensuring all necessary flow logs are enabled for optimal security and performance monitoring. -```sql +```sql+postgres select name, id, @@ -30,9 +51,22 @@ where not enabled; ``` +```sql+sqlite +select + name, + id, + region, + enabled +from + azure_network_watcher_flow_log +where + enabled = 0; +``` + ### List flow logs with a retention period less than 90 days +Analyze the settings of Azure Network Watcher flow logs to identify instances where the logs are enabled and have a retention period of less than 90 days. This can be useful for ensuring compliance with data retention policies and managing storage costs. -```sql +```sql+postgres select name, region, @@ -44,9 +78,22 @@ where enabled and retention_policy_days < 90; ``` +```sql+sqlite +select + name, + region, + enabled, + retention_policy_days +from + azure_network_watcher_flow_log +where + enabled = 1 and retention_policy_days < 90; +``` + ### Get storage account details for each flow log +Determine the areas in which Azure Network Watcher's flow logs are stored and the types of files they contain. This is beneficial for understanding the storage distribution and file types involved in your network monitoring processes. -```sql +```sql+postgres select name, file_type, @@ -54,3 +101,12 @@ select from azure_network_watcher_flow_log; ``` + +```sql+sqlite +select + name, + file_type, + storage_id +from + azure_network_watcher_flow_log; +``` \ No newline at end of file diff --git a/docs/tables/azure_policy_assignment.md b/docs/tables/azure_policy_assignment.md index c8374ea2..c67a5bc4 100644 --- a/docs/tables/azure_policy_assignment.md +++ b/docs/tables/azure_policy_assignment.md @@ -1,12 +1,32 @@ -# Table: azure_policy_assignment +--- +title: "Steampipe Table: azure_policy_assignment - Query Azure Policy Assignments using SQL" +description: "Allows users to query Policy Assignments in Azure, specifically the policy assignment details, providing insights into compliance status and policy enforcement." +--- -Policy assignments are used by Azure Policy to define which resources are assigned which policies or initiatives in a subscription. +# Table: azure_policy_assignment - Query Azure Policy Assignments using SQL + +A Policy Assignment in Azure is a security tool that enables operators to apply a policy definition to a resource or a set of resources. The assignment is the process of binding a policy definition to a specific scope. This scope could range from a management group to a resource group. + +## Table Usage Guide + +The `azure_policy_assignment` table provides insights into Policy Assignments within Azure Policy. As a Security Analyst, explore specific details through this table, including policy definitions, scopes, and compliance statuses. Utilize it to uncover information about policy assignments, such as those associated with specific resources, the scope of these assignments, and their compliance status. ## Examples ### Basic info +Explore the policies assigned within your Azure environment to ensure adherence to your organization's governance and compliance requirements. This can help identify any instances where policies may not be correctly applied, potentially exposing your environment to risks. + +```sql+postgres +select + id, + policy_definition_id, + name, + type +from + azure_policy_assignment; +``` -```sql +```sql+sqlite select id, policy_definition_id, @@ -17,8 +37,9 @@ from ``` ### Get SQL auditing and threat detection monitoring status for the subscription +Explore the status of SQL auditing and threat detection monitoring for your subscription. This query helps you assess whether these important security measures are active, promoting better risk management and data protection. -```sql +```sql+postgres select id, policy_definition_id, @@ -28,9 +49,20 @@ from azure_policy_assignment; ``` +```sql+sqlite +select + id, + policy_definition_id, + display_name, + json_extract(json_extract(parameters, '$.sqlAuditingMonitoringEffect'), '$.value') as sqlAuditingMonitoringEffect +from + azure_policy_assignment; +``` + ### Get SQL encryption monitoring status for the subscription +Explore the status of SQL encryption monitoring for your subscription. This can help in maintaining the security of your data by keeping an eye on the encryption status. -```sql +```sql+postgres select id, policy_definition_id, @@ -39,3 +71,13 @@ select from azure_policy_assignment; ``` + +```sql+sqlite +select + id, + policy_definition_id, + display_name, + json_extract(json_extract(parameters, '$.sqlEncryptionMonitoringEffect'), '$.value') as sqlEncryptionMonitoringEffect +from + azure_policy_assignment; +``` \ No newline at end of file diff --git a/docs/tables/azure_policy_definition.md b/docs/tables/azure_policy_definition.md index 2db60338..9af4e182 100644 --- a/docs/tables/azure_policy_definition.md +++ b/docs/tables/azure_policy_definition.md @@ -1,12 +1,22 @@ -# Table: azure_policy_definition +--- +title: "Steampipe Table: azure_policy_definition - Query Azure Policy Definitions using SQL" +description: "Allows users to query Azure Policy Definitions, specifically the details of policy definitions within Azure Policy, providing insights into policy details and compliance information." +--- -Azure Policy establishes conventions for resources. Policy definitions describe resource compliance conditions and the effect to take if a condition is met. A condition compares a resource property field or a value to a required value. +# Table: azure_policy_definition - Query Azure Policy Definitions using SQL + +Azure Policy is a service in Azure that you use to create, assign, and manage policies. These policies enforce different rules and effects over your resources, so those resources stay compliant with your corporate standards and service level agreements. Azure Policy does this by running evaluations of your resources and scanning for those not compliant with the policies you have created. + +## Table Usage Guide + +The `azure_policy_definition` table provides insights into policy definitions within Azure Policy. As a security analyst, explore policy-specific details through this table, including policy rules, effects, and associated metadata. Utilize it to uncover information about policies, such as those with specific effects, the relationships between policies, and the verification of policy rules. ## Examples ### Basic info +Explore the policies defined within your Azure environment to better understand their purpose and type. This can be beneficial to gain insights into your current security configurations and to identify areas for potential improvement. -```sql +```sql+postgres select id, name, @@ -17,9 +27,21 @@ from azure_policy_definition; ``` +```sql+sqlite +select + id, + name, + display_name, + type, + policy_rule +from + azure_policy_definition; +``` + ### Get the policy definition by display name +Determine the specifics of a policy definition based on its display name. This is particularly useful in scenarios where you need to understand the details of a policy without having to navigate through multiple layers of your Azure policy definitions. -```sql +```sql+postgres select id, name, @@ -31,3 +53,16 @@ from where display_name = 'Private endpoint connections on Batch accounts should be enabled'; ``` + +```sql+sqlite +select + id, + name, + display_name, + type, + policy_rule +from + azure_policy_definition +where + display_name = 'Private endpoint connections on Batch accounts should be enabled'; +``` \ No newline at end of file diff --git a/docs/tables/azure_postgresql_flexible_server.md b/docs/tables/azure_postgresql_flexible_server.md index 7597f12f..8100169b 100644 --- a/docs/tables/azure_postgresql_flexible_server.md +++ b/docs/tables/azure_postgresql_flexible_server.md @@ -1,12 +1,33 @@ -# Table: azure_postgresql_flexible_server +--- +title: "Steampipe Table: azure_postgresql_flexible_server - Query Azure PostgreSQL Flexible Servers using SQL" +description: "Allows users to query Azure PostgreSQL Flexible Servers, providing insights into the configuration, status, and capabilities of these managed database instances." +--- -Azure Database for PostgreSQL - Flexible Server is a fully managed database service designed to provide more granular control and flexibility over database management functions and configuration settings. The service generally provides more flexibility and server configuration customizations based on user requirements. The flexible server architecture allows users to collocate the database engine with the client tier for lower latency and choose high availability within a single availability zone and across multiple availability zones. Flexible servers also provide better cost optimization controls with the ability to stop/start your server and a burstable compute tier ideal for workloads that don't need full compute capacity continuously. +# Table: azure_postgresql_flexible_server - Query Azure PostgreSQL Flexible Servers using SQL + +Azure PostgreSQL Flexible Server is a fully managed relational database service, based on the open-source Postgres database engine. It provides capabilities for intelligent performance, high availability, and dynamic scalability, enabling you to focus on application development and business logic rather than database management tasks. This service helps you to securely manage, monitor, and scale your PostgreSQL databases in the cloud. + +## Table Usage Guide + +The `azure_postgresql_flexible_server` table provides insights into the configuration and status of Azure PostgreSQL Flexible Server instances. As a database administrator, you can leverage this table to explore server-specific details, including the server's state, version, location, and more. Utilize it to monitor and manage your PostgreSQL databases in Azure, ensuring optimal performance, security, and compliance. ## Examples ### Basic info +Uncover the details of your Azure PostgreSQL flexible servers including their names, IDs, and configurations. This information is essential for managing your cloud environment effectively and understanding where your servers are located. -```sql +```sql+postgres +select + name, + id, + cloud_environment, + flexible_server_configurations, + location +from + azure_postgresql_flexible_server; +``` + +```sql+sqlite select name, id, @@ -18,8 +39,9 @@ from ``` ### List SKU details of the flexible servers +Identify the specific details of flexible servers, such as their unique identifiers and SKU details. This information can be beneficial in managing resources and understanding the tier level of each server. -```sql +```sql+postgres select name, id, @@ -29,9 +51,20 @@ from azure_postgresql_flexible_server; ``` +```sql+sqlite +select + name, + id, + json_extract(sku, '$.name') as sku_name, + json_extract(sku, '$.tier') as sku_tier +from + azure_postgresql_flexible_server; +``` + ### List flexible servers that have geo-redundant backup enabled +Identify instances where flexible servers have geo-redundant backup enabled to ensure data redundancy and disaster recovery for your Azure PostgreSQL databases. -```sql +```sql+postgres select name, id, @@ -45,9 +78,24 @@ where server_properties -> 'backup' ->> 'geoRedundantBackup' = 'Enabled'; ``` +```sql+sqlite +select + name, + id, + cloud_environment, + flexible_server_configurations, + json_extract(json_extract(server_properties, '$.backup'), '$.geoRedundantBackup') as geoRedundantBackup, + location +from + azure_postgresql_flexible_server +where + json_extract(json_extract(server_properties, '$.backup'), '$.geoRedundantBackup') = 'Enabled'; +``` + ### List flexible servers configured in more than one availability zones +Determine the areas in which flexible servers are configured across multiple availability zones. This is useful for understanding the distribution and redundancy of your servers, which can impact service availability and disaster recovery strategies. -```sql +```sql+postgres select name, id, @@ -59,4 +107,18 @@ from azure_postgresql_flexible_server where (server_properties ->> 'availabilityZone')::int > 1; +``` + +```sql+sqlite +select + name, + id, + cloud_environment, + flexible_server_configurations, + json_extract(server_properties, '$.availabilityZone'), + location +from + azure_postgresql_flexible_server +where + CAST(json_extract(server_properties, '$.availabilityZone') AS INTEGER) > 1; ``` \ No newline at end of file diff --git a/docs/tables/azure_postgresql_server.md b/docs/tables/azure_postgresql_server.md index ade0800e..b26f5d36 100644 --- a/docs/tables/azure_postgresql_server.md +++ b/docs/tables/azure_postgresql_server.md @@ -1,12 +1,31 @@ -# Table: azure_postgresql_server +--- +title: "Steampipe Table: azure_postgresql_server - Query Azure PostgreSQL Servers using SQL" +description: "Allows users to query Azure PostgreSQL Servers, specifically providing access to configuration details, performance tiers, and resource usage." +--- -Azure Database for PostgreSQL is a relational database service based on the open-source Postgres database engine. It's a fully managed database-as-a-service that can handle mission-critical workloads with predictable performance, security, high availability, and dynamic scalability. +# Table: azure_postgresql_server - Query Azure PostgreSQL Servers using SQL + +Azure Database for PostgreSQL is a fully managed relational database service based on the open-source Postgres database engine. It's built to support the Postgres community edition, allowing users to leverage community-driven features and plugins. This service provides built-in high availability, security, and automated scaling to help businesses focus on application development rather than database management. + +## Table Usage Guide + +The `azure_postgresql_server` table provides insights into PostgreSQL servers within Azure Database for PostgreSQL. As a database administrator or developer, explore server-specific details through this table, including configuration settings, performance tiers, and resource usage. Utilize it to manage server settings, monitor resource consumption, and ensure optimal performance for your PostgreSQL databases within Azure. ## Examples ### Basic info +Explore which PostgreSQL servers are currently running on your Azure platform and where they are located. This information can assist in managing server distribution and planning for future resources. -```sql +```sql+postgres +select + name, + id, + location +from + azure_postgresql_server; +``` + +```sql+sqlite select name, id, @@ -16,8 +35,21 @@ from ``` ### List servers with encryption disabled +Discover the segments that contain servers with disabled encryption, enabling you to identify potential security vulnerabilities and take necessary action to enhance data protection. + +```sql+postgres +select + name, + id, + location, + ssl_enforcement +from + azure_postgresql_server +where + ssl_enforcement = 'Disabled'; +``` -```sql +```sql+sqlite select name, id, @@ -30,8 +62,9 @@ where ``` ### List servers that allow access to Azure services +Explore which servers allow access to Azure services, a crucial element in managing security and controlling access. You can also pinpoint specific servers without an Active Directory admin, helping you identify potential vulnerabilities and areas that may require additional security measures. -```sql +```sql+postgres select name, id, @@ -48,9 +81,37 @@ where and rule -> 'FirewallRuleProperties' ->> 'endIpAddress' = '0.0.0.0'; ``` +```sql+sqlite +select + name, + s.id, + json_extract(rule.value, '$.Name') as rule_name, + json_extract(rule.value, '$.Type') as rule_type, + json_extract(rule.value, '$.FirewallRuleProperties.endIpAddress') as end_ip_address, + json_extract(rule.value, '$.FirewallRuleProperties.startIpAddress') as start_ip_address +from + azure_postgresql_server as s, + json_each(firewall_rules) as rule +where + json_extract(rule.value, '$.Name') = 'AllowAllWindowsAzureIps' + and json_extract(rule.value, '$.FirewallRuleProperties.startIpAddress') = '0.0.0.0' + and json_extract(rule.value, '$.FirewallRuleProperties.endIpAddress') = '0.0.0.0'; +``` + ## List servers without an Active Directory admin -```sql +```sql+postgres +select + name, + id, + location +from + azure_postgresql_server +where + server_administrators is null; +``` + +```sql+sqlite select name, id, @@ -62,8 +123,9 @@ where ``` ### List servers with log checkpoints disabled +Determine the areas in which log checkpoints are disabled on your Azure PostgreSQL servers. This can help identify potential security vulnerabilities and improve your database management. -```sql +```sql+postgres select name, configurations ->> 'Name' as configuration_name, @@ -76,9 +138,23 @@ where and configurations -> 'ConfigurationProperties' ->> 'value' = 'OFF'; ``` +```sql+sqlite +select + name, + json_extract(configurations.value, '$.Name') as configuration_name, + json_extract(configurations.value, '$.ConfigurationProperties.value') as configuration_value +from + azure_postgresql_server, + json_each(server_configurations) as configurations +where + json_extract(configurations.value, '$.Name') = 'log_checkpoints' + and json_extract(configurations.value, '$.ConfigurationProperties.value') = 'OFF'; +``` + ### List servers with a logging retention period greater than 3 days +Determine the servers in your Azure PostgreSQL setup that have a logging retention period of more than 3 days. This is useful for ensuring your logging policies meet your organization's data retention requirements. -```sql +```sql+postgres select name, configurations ->> 'Name' as configuration_name, @@ -91,9 +167,35 @@ where and (configurations -> 'ConfigurationProperties' ->> 'value')::INTEGER > 3; ``` +```sql+sqlite +select + name, + json_extract(configurations.value, '$.Name') as configuration_name, + json_extract(json_extract(configurations.value, '$.ConfigurationProperties'), '$.value') as configuration_value +from + azure_postgresql_server, + json_each(server_configurations) as configurations +where + json_extract(configurations.value, '$.Name') = 'log_retention_days' + and cast(json_extract(json_extract(configurations.value, '$.ConfigurationProperties'), '$.value') as INTEGER) > 3; +``` + ### List servers with geo-redundant backup storage disabled +Discover the segments where servers are running without geo-redundant backup storage. This is useful for identifying potential risk areas in your server infrastructure where data loss may occur in the event of a server failure. + +```sql+postgres +select + name, + id, + location, + geo_redundant_backup +from + azure_postgresql_server +where + geo_redundant_backup = 'Disabled'; +``` -```sql +```sql+sqlite select name, id, @@ -106,8 +208,9 @@ where ``` ### List private endpoint connection details +Explore the status and details of private endpoint connections on your Azure PostgreSQL server. This can help in identifying any required actions or understanding the current provisioning state of these connections. -```sql +```sql+postgres select name as server_name, id as server_id, @@ -121,3 +224,18 @@ from azure_postgresql_server, jsonb_array_elements(private_endpoint_connections) as connections; ``` + +```sql+sqlite +select + name as server_name, + s.id as server_id, + json_extract(connections.value, '$.id') as connection_id, + json_extract(connections.value, '$.privateEndpointPropertyId') as connection_private_endpoint_property_id, + json_extract(connections.value, '$.privateLinkServiceConnectionStateActionsRequired') as connection_actions_required, + json_extract(connections.value, '$.privateLinkServiceConnectionStateDescription') as connection_description, + json_extract(connections.value, '$.privateLinkServiceConnectionStateStatus') as connection_status, + json_extract(connections.value, '$.provisioningState') as connection_provisioning_state +from + azure_postgresql_server as s, + json_each(private_endpoint_connections) as connections; +``` \ No newline at end of file diff --git a/docs/tables/azure_private_dns_zone.md b/docs/tables/azure_private_dns_zone.md index ed45fa13..fadc341f 100644 --- a/docs/tables/azure_private_dns_zone.md +++ b/docs/tables/azure_private_dns_zone.md @@ -1,12 +1,31 @@ -# Table: azure_private_dns_zone +--- +title: "Steampipe Table: azure_private_dns_zone - Query Azure Private DNS Zones using SQL" +description: "Allows users to query Azure Private DNS Zones, specifically providing insights into their properties, records, and associated metadata." +--- -Azure private DNS zone is used to host the DNS records for a particular domain. Please note that this table only retrieves private DNS zones, use the `azure_dns_zone` table for public DNS zones. +# Table: azure_private_dns_zone - Query Azure Private DNS Zones using SQL + +Azure Private DNS Zone is a service within Microsoft Azure that allows you to use your own domain name, rather than the Azure-provided names. It provides a simple, reliable, secure DNS service to manage and resolve domain names in a Virtual Network without the need for custom DNS solutions. Azure Private DNS Zones helps you to customize domain names for Azure services, manage DNS records, and improve network security. + +## Table Usage Guide + +The `azure_private_dns_zone` table provides insights into Azure Private DNS Zones within Azure DNS. As a network administrator, explore zone-specific details through this table, including properties, records, and associated metadata. Utilize it to uncover information about zones, such as their status, the number of records, and their associated virtual networks. ## Examples ### Basic info +Explore which private DNS zones are present in your Azure environment and determine the associated resource groups and tags for better resource management and categorization. + +```sql+postgres +select + name, + resource_group, + tags +from + azure_private_dns_zone; +``` -```sql +```sql+sqlite select name, resource_group, @@ -16,8 +35,19 @@ from ``` ### List private DNS zones with record sets +Identify private DNS zones in Azure that have more than one record set. This is useful for managing and organizing DNS resources efficiently. + +```sql+postgres +select + name, + resource_group +from + azure_private_dns_zone +where + number_of_record_sets > 1; +``` -```sql +```sql+sqlite select name, resource_group @@ -28,8 +58,9 @@ where ``` ### List private DNS zones linked to no virtual networks +Explore which private DNS zones in Azure are not linked to any virtual networks. This can be useful in identifying potential areas of network optimization or redundancy elimination. -```sql +```sql+postgres select name, resource_group @@ -38,3 +69,13 @@ from where number_of_virtual_network_links_with_registration = 0; ``` + +```sql+sqlite +select + name, + resource_group +from + azure_private_dns_zone +where + number_of_virtual_network_links_with_registration = 0; +``` \ No newline at end of file diff --git a/docs/tables/azure_provider.md b/docs/tables/azure_provider.md index 9dd32da8..72cef4f3 100644 --- a/docs/tables/azure_provider.md +++ b/docs/tables/azure_provider.md @@ -1,12 +1,31 @@ -# Table: azure_provider +--- +title: "Steampipe Table: azure_provider - Query Azure Providers using SQL" +description: "Allows users to query Azure Providers, specifically the registration status, namespace, and other related properties, providing insights into the Azure resource providers' registration state." +--- -A Azure Resource Provider (RP, for short) is simply an HTTPS RESTful API contract that Add-on owners will implement so a trusted Azure endpoint can provision, delete, and manage services on a user's behalf. +# Table: azure_provider - Query Azure Providers using SQL + +An Azure Provider is a service that supplies the resources you can deploy and manage through Resource Manager. Each resource provider offers operations for working with the resources that are deployed. Some common resource providers are Microsoft.Compute, which supplies the virtual machine resource, Microsoft.Storage, which supplies the storage account resource, and Microsoft.Web, which supplies resources related to web apps. + +## Table Usage Guide + +The `azure_provider` table provides insights into Azure providers within Microsoft Azure Resource Manager. As a DevOps engineer, explore provider-specific details through this table, including registration status, namespace, and other related properties. Utilize it to uncover information about providers, such as their registration state, the resources they supply, and their corresponding operations. ## Examples ### Basic info +Determine the areas in which your Azure provider is registered. This is useful for understanding your Azure resources and their distribution. -```sql +```sql+postgres +select + id, + namespace, + registration_state +from + azure_provider; +``` + +```sql+sqlite select id, namespace, @@ -16,8 +35,9 @@ from ``` ### List of azure providers which are not registered for use +Identify the Azure providers that are not yet registered for use. This is useful to ensure all necessary providers are properly set up and ready for use in your Azure environment. -```sql +```sql+postgres select namespace, registration_state @@ -26,3 +46,13 @@ from where registration_state = 'NotRegistered'; ``` + +```sql+sqlite +select + namespace, + registration_state +from + azure_provider +where + registration_state = 'NotRegistered'; +``` \ No newline at end of file diff --git a/docs/tables/azure_public_ip.md b/docs/tables/azure_public_ip.md index 8230d04c..55a0a09f 100644 --- a/docs/tables/azure_public_ip.md +++ b/docs/tables/azure_public_ip.md @@ -1,12 +1,22 @@ -# Table: azure_public_ip +--- +title: "Steampipe Table: azure_public_ip - Query Azure Public IPs using SQL" +description: "Allows users to query Public IPs in Azure, specifically the allocated IP address, providing insights into IP configurations and potential network anomalies." +--- -Public IP addresses enable Azure resources to communicate to Internet and public-facing Azure services. +# Table: azure_public_ip - Query Azure Public IPs using SQL + +Azure Public IP is a service in Microsoft Azure that allows you to allocate a public IP address to Azure resources such as virtual machines, load balancers, and VPN gateways. It provides a way to communicate with the internet, a private network, or both. Azure Public IP helps you manage network connectivity and access, ensuring that your Azure resources are reachable and responsive. + +## Table Usage Guide + +The `azure_public_ip` table provides insights into Public IPs within Microsoft Azure. As a network administrator, explore IP-specific details through this table, including IP address, allocation method, and associated metadata. Utilize it to uncover information about network configurations, such as those with static or dynamic allocation, the IP version (IPv4 or IPv6), and the verification of IP tags. ## Examples ### List of unassociated elastic IPs +Discover the segments that consist of unassigned public IPs in your Azure infrastructure. This is useful in identifying potential cost savings, as you may be billed for these unassociated resources. -```sql +```sql+postgres select name, ip_configuration_id @@ -16,9 +26,20 @@ where ip_configuration_id is null; ``` +```sql+sqlite +select + name, + ip_configuration_id +from + azure_public_ip +where + ip_configuration_id is null; +``` + ### List of IP addresses with corresponding associations +Explore the relationships between various IP addresses and their corresponding resources in your Azure environment. This can aid in managing network configurations and identifying potential issues. -```sql +```sql+postgres select name, ip_address, @@ -28,9 +49,14 @@ from azure_public_ip; ``` +```sql+sqlite +Error: SQLite does not support split or string_to_array functions. +``` + ### List of dynamic IP addresses +Discover the segments that utilize dynamic IP allocation in your Azure environment. This helps in understanding the networking configuration and managing resources effectively. -```sql +```sql+postgres select name, public_ip_allocation_method @@ -39,3 +65,13 @@ from where public_ip_allocation_method = 'Dynamic'; ``` + +```sql+sqlite +select + name, + public_ip_allocation_method +from + azure_public_ip +where + public_ip_allocation_method = 'Dynamic'; +``` \ No newline at end of file diff --git a/docs/tables/azure_recovery_services_backup_job.md b/docs/tables/azure_recovery_services_backup_job.md index f2fc5a45..2c359460 100644 --- a/docs/tables/azure_recovery_services_backup_job.md +++ b/docs/tables/azure_recovery_services_backup_job.md @@ -1,12 +1,35 @@ -# Table: azure_recovery_services_backup_job +--- +title: "Steampipe Table: azure_recovery_services_backup_job - Query Azure Recovery Services Backup Jobs using SQL" +description: "Allows users to query Azure Recovery Services Backup Jobs, specifically the job status, duration, and details, providing insights into backup operations and their outcomes." +--- -An Azure Backup job is a task that you can define and run to perform data protection operations on your Azure resources. These jobs are typically used to back up and restore data from various Azure services, such as virtual machines, databases, and files. +# Table: azure_recovery_services_backup_job - Query Azure Recovery Services Backup Jobs using SQL + +Azure Recovery Services is a service within Microsoft Azure that provides data backup and disaster recovery capabilities. It allows you to protect and recover your data in the Microsoft cloud, providing a simple, secure, and cost-effective solution for protecting your data and maintaining business continuity. The service supports backup and recovery for Azure VMs, SQL Server, Azure SQL Database, on-premises Windows Servers, and more. + +## Table Usage Guide + +The `azure_recovery_services_backup_job` table provides insights into backup jobs within Azure Recovery Services. As a system administrator or a backup operator, explore job-specific details through this table, including job status, duration, and details. Utilize it to monitor the status of backup operations, identify any issues, and ensure the successful completion of backup jobs. ## Examples ### Basic info +Determine the areas in which specific Azure recovery services backup jobs are performed, focusing on a specific vault. This can help to assess the distribution and management of backup jobs within your Azure environment. -```sql +```sql+postgres +select + name, + id, + type, + vault_name, + region +from + azure_recovery_services_backup_job +where + vault_name = 'my-vault'; +``` + +```sql+sqlite select name, id, @@ -20,8 +43,9 @@ where ``` ### Get job properties of jobs +Discover the specifics of job properties in your backup jobs. This can help you understand the type of job, its management, operational status, and timing details, providing critical insights into your backup operations. -```sql +```sql+postgres select name, id, @@ -36,3 +60,19 @@ select from azure_recovery_services_backup_job; ``` + +```sql+sqlite +select + name, + id, + json_extract(properties, '$.JobType') as job_type, + json_extract(properties, '$.ActivityID') as activity_id, + json_extract(properties, '$.BackupManagementType') as backup_management_type, + json_extract(properties, '$.EndTime') as end_time, + json_extract(properties, '$.EntityFriendlyName') as entity_friendly_name, + json_extract(properties, '$.Operation') as Operation, + json_extract(properties, '$.StartTime') as start_time, + json_extract(properties, '$.Status') as Status +from + azure_recovery_services_backup_job; +``` \ No newline at end of file diff --git a/docs/tables/azure_recovery_services_vault.md b/docs/tables/azure_recovery_services_vault.md index 4094d91d..40ab0423 100644 --- a/docs/tables/azure_recovery_services_vault.md +++ b/docs/tables/azure_recovery_services_vault.md @@ -1,12 +1,32 @@ -# Table: azure_recovery_services_vault +--- +title: "Steampipe Table: azure_recovery_services_vault - Query Azure Recovery Services Vaults using SQL" +description: "Allows users to query Azure Recovery Services Vaults, providing details about each vault's configuration, status, and associated resources." +--- -A Recovery Services vault is a storage entity in Azure that houses data. The data is typically copies of data, or configuration information for virtual machines (VMs), workloads, servers, or workstations. You can use Recovery Services vaults to hold backup data for various Azure services such as IaaS VMs (Linux or Windows) and Azure SQL databases. +# Table: azure_recovery_services_vault - Query Azure Recovery Services Vaults using SQL + +Azure Recovery Services Vault is a backup service within Microsoft Azure that allows you to protect and recover your data and applications. It provides a centralized place to manage backups and disaster recovery, and it supports a range of Azure services, including virtual machines, SQL databases, and file shares. Azure Recovery Services Vault helps you ensure the availability and integrity of your Azure resources. + +## Table Usage Guide + +The `azure_recovery_services_vault` table provides insights into Recovery Services Vaults within Azure. As a system administrator, you can use this table to explore vault-specific details, including backup policies, protected items, and recovery points. This table is especially useful for ensuring that your backup and recovery strategies are properly implemented and managed. ## Examples ### Basic info +Explore the various elements of your Azure Recovery Services Vaults, such as their names, IDs, regions, and types. This can be useful in understanding the overall structure and organization of your vaults, aiding in better management and oversight. + +```sql+postgres +select + name, + id, + region, + type +from + azure_recovery_services_vault; +``` -```sql +```sql+sqlite select name, id, @@ -17,8 +37,9 @@ from ``` ### List failed recovery service vaults +Discover the segments that have unsuccessful recovery service vaults in Azure, which can be crucial for identifying and addressing potential issues in your data recovery strategy. This query is beneficial in maintaining robust data protection and business continuity plans. -```sql +```sql+postgres select name, id, @@ -30,3 +51,16 @@ from where provisioning_state = 'Failed'; ``` + +```sql+sqlite +select + name, + id, + type, + provisioning_state, + region +from + azure_recovery_services_vault +where + provisioning_state = 'Failed'; +``` \ No newline at end of file diff --git a/docs/tables/azure_redis_cache.md b/docs/tables/azure_redis_cache.md index f2bc9a42..2f9dd24c 100644 --- a/docs/tables/azure_redis_cache.md +++ b/docs/tables/azure_redis_cache.md @@ -1,12 +1,35 @@ -# Table: azure_redis_cache +--- +title: "Steampipe Table: azure_redis_cache - Query Azure Redis Cache using SQL" +description: "Allows users to query Azure Redis Cache, specifically details about the name, location, resource group, and subscription of each Redis Cache resource." +--- -Azure Cache for Redis provides an in-memory data store based on the Redis software. Redis improves the performance and scalability of an application that uses backend data stores heavily. It's able to process large volumes of application requests by keeping frequently accessed data in the server memory, which can be written to and read from quickly. Redis brings a critical low-latency and high-throughput data storage solution to modern applications. +# Table: azure_redis_cache - Query Azure Redis Cache using SQL + +Azure Redis Cache is a fully managed, in-memory cache that enables high-performance and scalable architectures. It uses the popular open-source Redis data structure store, which supports a variety of data structures such as strings, hashes, lists, sets, sorted sets with range queries, bitmaps, and more. It's a part of Azure's suite of database services, providing a reliable and secure Redis cache environment. + +## Table Usage Guide + +The `azure_redis_cache` table provides insights into each Azure Redis Cache resource within your Azure environment. As a database administrator or developer, you can use this table to gain a comprehensive overview of your Redis Cache resources, including their names, locations, associated resource groups, and subscriptions. This information can be instrumental in optimizing your cache usage, managing resources, and planning capacity. ## Examples ### Basic info +Explore the details of your Azure Redis Cache instances to understand their current status, region, and version. This can help you manage your resources effectively and ensure they are correctly provisioned and operating in the expected regions. + +```sql+postgres +select + name, + redis_version, + provisioning_state, + port, + sku_name, + region, + subscription_id +from + azure_redis_cache; +``` -```sql +```sql+sqlite select name, redis_version, @@ -20,8 +43,22 @@ from ``` ### List cache servers not using latest TLS protocol +Identify instances where your cache servers are not utilizing the latest TLS protocol. This can be particularly useful for maintaining high security standards and ensuring data protection. -```sql +```sql+postgres +select + name, + region, + resource_group, + minimum_tls_version +from + azure_redis_cache +where + minimum_tls_version is null + or minimum_tls_version <> '1.2'; +``` + +```sql+sqlite select name, region, @@ -35,8 +72,9 @@ where ``` ### List cache servers with in-transit encryption disabled +Explore which cache servers are potentially vulnerable by identifying those with in-transit encryption disabled. This is crucial for enhancing your data security by ensuring all cache servers are encrypted. -```sql +```sql+postgres select name, region, @@ -48,9 +86,22 @@ where enable_non_ssl_port; ``` +```sql+sqlite +select + name, + region, + resource_group, + enable_non_ssl_port +from + azure_redis_cache +where + enable_non_ssl_port = 1; +``` + ### List premium cache servers +Discover the segments that utilize premium cache servers in Azure, enabling you to understand your resource distribution and manage costs effectively. This is particularly useful when assessing your premium services usage across different regions and resource groups. -```sql +```sql+postgres select name, region, @@ -61,3 +112,15 @@ from where sku_name = 'Premium'; ``` + +```sql+sqlite +select + name, + region, + resource_group, + sku_name +from + azure_redis_cache +where + sku_name = 'Premium'; +``` \ No newline at end of file diff --git a/docs/tables/azure_resource_group.md b/docs/tables/azure_resource_group.md index e671fb38..0583a186 100644 --- a/docs/tables/azure_resource_group.md +++ b/docs/tables/azure_resource_group.md @@ -1,12 +1,30 @@ -# Table: azure_resource_group +--- +title: "Steampipe Table: azure_resource_group - Query Azure Resource Groups using SQL" +description: "Allows users to query Azure Resource Groups, providing detailed information about the group's properties, location, and tags." +--- -A resource group is a container that holds related resources for an Azure solution. +# Table: azure_resource_group - Query Azure Resource Groups using SQL + +Azure Resource Groups are essential components of Azure Resource Management, serving as logical containers for resources deployed within an Azure subscription. They provide a way to monitor, control access, provision and manage billing for collections of assets, which are required to run an application, or used by a department or a team. Azure Resource Groups offer a means to manage and organize resources based on lifecycles and application architecture, along with providing access control, consistency, and efficiency. + +## Table Usage Guide + +The `azure_resource_group` table provides insights into Resource Groups within Microsoft Azure. As a DevOps engineer, explore group-specific details through this table, including properties, location, and associated tags. Utilize it to manage and organize resources, control access, and manage billing for collections of assets used by applications, departments, or teams. ## Examples ### List of resource groups with their locations +Explore which Azure resource groups are located in specific regions to better manage and organize your resources. This is useful for understanding the geographical distribution of your resources for efficiency and cost-effectiveness. + +```sql+postgres +select + name, + region +from + azure_resource_group; +``` -```sql +```sql+sqlite select name, region @@ -15,8 +33,9 @@ from ``` ### List of resource groups without owner tag key +Explore which Azure resource groups are missing an 'owner' tag. This query assists in identifying and addressing gaps in resource ownership, aiding in resource management and accountability. -```sql +```sql+postgres select name, tags @@ -24,4 +43,14 @@ from azure_resource_group where not tags :: JSONB ? 'owner'; +``` + +```sql+sqlite +select + name, + tags +from + azure_resource_group +where + json_extract(tags, '$.owner') is null; ``` \ No newline at end of file diff --git a/docs/tables/azure_resource_link.md b/docs/tables/azure_resource_link.md index 1892c1ea..efb3c1f0 100644 --- a/docs/tables/azure_resource_link.md +++ b/docs/tables/azure_resource_link.md @@ -1,12 +1,33 @@ -# Table: azure_resource_link +--- +title: "Steampipe Table: azure_resource_link - Query Azure Resource Links using SQL" +description: "Allows users to query Azure Resource Links, providing insights into the interconnections between various Azure resources." +--- -Linking is a feature of the Resource Manager. It enables declaring relationships between resources even if they do not reside in the same resource group. +# Table: azure_resource_link - Query Azure Resource Links using SQL + +Azure Resource Links is a feature within Microsoft Azure that allows you to create and manage links between resources. These links can be used for organizing resources and defining dependencies between them. Azure Resource Links helps you to understand the relationships and dependencies between your Azure resources. + +## Table Usage Guide + +The `azure_resource_link` table provides insights into the interconnections between various Azure resources. As a cloud architect or a DevOps engineer, you can explore link-specific details through this table, including the source and target of each link, and the properties of the link. Utilize it to uncover information about resource dependencies, such as those with circular dependencies or orphaned resources, and to aid in resource management and organization. ## Examples ### Basic Info +Discover the segments that connect different resources in your Azure environment. This query is particularly useful for understanding the relationships and dependencies between your resources, aiding in efficient resource management and troubleshooting. -```sql +```sql+postgres +select + name, + id, + type, + source_id, + target_id +from + azure_resource_link; +``` + +```sql+sqlite select name, id, @@ -18,8 +39,9 @@ from ``` ### List resource links with virtual machines +Determine the areas in which resources are linked with virtual machines in your Azure environment. This can be useful for managing and understanding dependencies between your resources. -```sql +```sql+postgres select name, id, @@ -30,3 +52,15 @@ from where source_id LIKE '%virtualmachines%'; ``` + +```sql+sqlite +select + name, + id, + source_id, + target_id +from + azure_resource_link +where + source_id LIKE '%virtualmachines%'; +``` \ No newline at end of file diff --git a/docs/tables/azure_role_assignment.md b/docs/tables/azure_role_assignment.md index 56832ade..a73c7c0d 100644 --- a/docs/tables/azure_role_assignment.md +++ b/docs/tables/azure_role_assignment.md @@ -1,12 +1,32 @@ -# Table: azure_role_assignment +--- +title: "Steampipe Table: azure_role_assignment - Query Azure Role Assignments using SQL" +description: "Allows users to query Azure Role Assignments, specifically the details of role assignments for users, groups, and service principals in Azure Active Directory." +--- -Azure role assignments is the authorization system to manage access to Azure resources. To grant access, you assign roles to users, groups, service principals, or managed identities at a particular scope. +# Table: azure_role_assignment - Query Azure Role Assignments using SQL + +Azure Role Assignments are a critical component of Azure's access control capabilities. They determine what actions a security principal (like a user, group, or service principal) can perform on a specific Azure resource. Each role assignment is a combination of a security principal, a role definition, and a scope. + +## Table Usage Guide + +The `azure_role_assignment` table provides insights into role assignments within Azure. As a security administrator, you can explore details of role assignments through this table, including the assigned roles, the associated security principals, and the scope of the assignments. Use it to monitor and manage access control within your Azure environment, ensuring that only the appropriate users, groups, or service principals have access to specific resources. ## Examples ### Basic info +Explore which roles are assigned to different principals in your Azure environment. This can help you manage access control and understand who has permissions to what resources, enhancing your security posture. -```sql +```sql+postgres +select + name, + id, + principal_id, + principal_type +from + azure_role_assignment; +``` + +```sql+sqlite select name, id, @@ -17,8 +37,20 @@ from ``` ### List of role assignments which has permission at root level +Discover the segments that are assigned roles with root level access. This is useful for auditing security and access controls in your Azure environment. + +```sql+postgres +select + name, + id, + scope +from + azure_role_assignment +where + scope = '/'; +``` -```sql +```sql+sqlite select name, id, @@ -30,8 +62,9 @@ where ``` ### List of role assignments which has subscription level permission and full access to the subscription +This query is useful for identifying roles that have full access permissions at the subscription level within your Azure environment. It helps in maintaining security and managing access by revealing potential over-permissions. -```sql +```sql+postgres select ra.name as roll_assignment_name, rd.role_name @@ -43,3 +76,16 @@ where ra.scope like '/subscriptions/%' and perm -> 'actions' = '["*"]'; ``` + +```sql+sqlite +select + ra.name as roll_assignment_name, + rd.role_name +from + azure_role_assignment ra + join azure_role_definition rd on ra.role_definition_id = rd.id, + json_each(rd.permissions) as perm +where + ra.scope like '/subscriptions/%' + and json_extract(perm.value, '$.actions') = '["*"]'; +``` \ No newline at end of file diff --git a/docs/tables/azure_role_definition.md b/docs/tables/azure_role_definition.md index a112456c..b02fd79c 100644 --- a/docs/tables/azure_role_definition.md +++ b/docs/tables/azure_role_definition.md @@ -1,12 +1,35 @@ -# Table: azure_role_definition +--- +title: "Steampipe Table: azure_role_definition - Query Azure Role Definitions using SQL" +description: "Allows users to query Role Definitions in Azure, specifically the permissions, trust policies, and associated metadata, providing insights into role-specific details." +--- -A role definition lists the operations that can be performed, such as read, write, and delete. +# Table: azure_role_definition - Query Azure Role Definitions using SQL + +Azure Role Definition is a resource within Microsoft Azure that represents a collection of permissions. It's used to provide access to Azure resources that the role is assigned to. Role Definitions help you manage access to your Azure resources by providing a way to group together permissions into roles. + +## Table Usage Guide + +The `azure_role_definition` table provides insights into Role Definitions within Microsoft Azure. As a DevOps engineer, explore role-specific details through this table, including permissions, trust policies, and associated metadata. Utilize it to manage access to your Azure resources, group together permissions into roles, and gain insights into role-specific details. ## Examples ### List the custom roles +Explore which custom roles have been defined in your Azure environment. This is beneficial to understand and manage the unique permissions and restrictions applied within your system. + +```sql+postgres +select + name, + description, + role_name, + role_type, + title +from + azure_role_definition +where + role_type = 'CustomRole'; +``` -```sql +```sql+sqlite select name, description, @@ -20,8 +43,9 @@ where ``` ### List of roles whose assignable scope is set to root('/') scope +Explore the roles in your Azure environment that have been given broad permissions, as indicated by their assignable scope being set to root. This can be useful for identifying potential security risks and ensuring that permissions are appropriately restricted. -```sql +```sql+postgres select name, role_name, @@ -33,9 +57,13 @@ where scope = '/'; ``` +```sql+sqlite +Error: The corresponding SQLite query is unavailable. +``` ### Permissions of all custom roles +Explore which permissions are assigned to all custom roles within your Azure environment. This can help in maintaining security standards and ensuring that roles are not granted excessive permissions. -```sql +```sql+postgres select name, role_name, @@ -50,3 +78,89 @@ from where role_type = 'CustomRole'; ``` + +```sql+sqlite +select + name, + role_name, + role_type, + json_extract(permission.value, '$.actions') as action, + json_extract(permission.value, '$.dataActions') as data_action, + json_extract(permission.value, '$.notActions') as no_action, + json_extract(permission.value, '$.notDataActions') as not_data_actions +from + azure_role_definition, + json_each(permissions) as permission +where + role_type = 'CustomRole'; +``` + +### Permissions of all custom roles +Explore the permissions assigned to all custom roles in your Azure environment. This can help you understand access controls and identify potential security risks. + +```sql+postgres +select + name, + role_name, + role_type, + permission -> 'actions' as action, + permission -> 'dataActions' as data_action, + permission -> 'notActions' as no_action, + permission -> 'notDataActions' as not_data_actions +from + azure_role_definition + cross join jsonb_array_elements(permissions) as permission +where + role_type = 'CustomRole'; +``` + +```sql+sqlite +select + ard.name, + ard.role_name, + ard.role_type, + json_extract(permission.value, '$.actions') as action, + json_extract(permission.value, '$.dataActions') as data_action, + json_extract(permission.value, '$.notActions') as no_action, + json_extract(permission.value, '$.notDataActions') as not_data_actions +from + azure_role_definition ard, + json_each(ard.permissions) as permission +where + ard.role_type = 'CustomRole'; +``` + +### Permissions of all custom roles +Analyze the permissions assigned to all custom roles in your Azure environment. This can help in identifying roles with excessive permissions, thereby assisting in maintaining a principle of least privilege. + +```sql_postgres +select + name, + role_name, + role_type, + permission -> 'actions' as action, + permission -> 'dataActions' as data_action, + permission -> 'notActions' as no_action, + permission -> 'notDataActions' as not_data_actions +from + azure_role_definition + cross join jsonb_array_elements(permissions) as permission +where + role_type = 'CustomRole'; +``` + +```sql+sqlite +select + ard.name, + ard.role_name, + ard.role_type, + json_extract(permission.value, '$.actions') as action, + json_extract(permission.value, '$.dataActions') as data_action, + json_extract(permission.value, '$.notActions') as no_action, + json_extract(permission.value, '$.notDataActions') as not_data_actions +from + azure_role_definition ard, + json_each(ard.permissions) as permission +where + ard.role_type = 'CustomRole'; +``` \ No newline at end of file diff --git a/docs/tables/azure_route_table.md b/docs/tables/azure_route_table.md index 3885ab0b..fb06d25c 100644 --- a/docs/tables/azure_route_table.md +++ b/docs/tables/azure_route_table.md @@ -1,12 +1,22 @@ -# Table: azure_route_table +--- +title: "Steampipe Table: azure_route_table - Query Azure Route Tables using SQL" +description: "Allows users to query Route Tables in Azure, specifically the information related to routes and subnets, providing insights into the network flow within an Azure Virtual Network." +--- -Azure Route Tables allows to create network routes so that CloudGen Firewall VM can handle the traffic both between the subnets and to the Internet. +# Table: azure_route_table - Query Azure Route Tables using SQL + +A Route Table contains a set of rules, called routes, that are used to determine where network traffic is directed. Each subnet in an Azure virtual network is configured with a route table, which can be associated to one or more virtual network subnets. These tables enable you to control the flow of traffic for a subnet. + +## Table Usage Guide + +The `azure_route_table` table provides insights into Route Tables within Microsoft Azure. As a network administrator, explore route-specific details through this table, including associated subnets, address prefixes, and next hop types. Utilize it to uncover information about network traffic flow, such as the routing of packets, the direction of traffic, and the configuration of subnets. ## Examples ### List of subnets associated with route table +Discover the segments of your network by identifying the subnets associated with a specific route table in your Azure environment. This can help in network management and security by providing insights into the organization of your network infrastructure. -```sql +```sql+postgres select name, split_part(subnet ->> 'id', '/', 11) subnet, @@ -16,9 +26,14 @@ from cross join jsonb_array_elements(subnets) as subnet; ``` +```sql+sqlite +Error: SQLite does not support split or string_to_array functions. +``` + ### List of route tables where route propagation is enabled +Determine the areas in which route propagation is active in your Azure Route Table. This is beneficial for understanding network traffic flow and ensuring optimal routing configurations. -```sql +```sql+postgres select name, disable_bgp_route_propagation, @@ -29,9 +44,21 @@ where not disable_bgp_route_propagation; ``` +```sql+sqlite +select + name, + disable_bgp_route_propagation, + region +from + azure_route_table +where + disable_bgp_route_propagation = 0; +``` + ### Route info of each routes table +This query helps users gain insights into the routing information of each route in their Azure network. The practical application of this query is to understand the network flow and the next hop type for each route, which is crucial for network troubleshooting and optimization. -```sql +```sql+postgres select name, route ->> 'name' route_name, @@ -41,3 +68,14 @@ from azure_route_table cross join jsonb_array_elements(routes) as route; ``` + +```sql+sqlite +select + name, + json_extract(route.value, '$.name') as route_name, + json_extract(route.value, '$.properties.addressPrefix') as address_prefix, + json_extract(route.value, '$.properties.nextHopType') as next_hop_type +from + azure_route_table, + json_each(routes) as route; +``` \ No newline at end of file diff --git a/docs/tables/azure_search_service.md b/docs/tables/azure_search_service.md index 16453f6f..b73fd34f 100644 --- a/docs/tables/azure_search_service.md +++ b/docs/tables/azure_search_service.md @@ -1,12 +1,35 @@ -# Table: azure_search_service +--- +title: "Steampipe Table: azure_search_service - Query Azure Search Services using SQL" +description: "Allows users to query Azure Search Services, specifically the details regarding each search service in an Azure subscription. This provides insights into the properties, settings, and status of these services." +--- -Azure Cognitive Search is the only cloud search service with built-in AI capabilities that enrich all types of information to help you identify and explore relevant content at scale. Use cognitive skills for vision, language and speech or use custom machine learning models to uncover insights from all types of content. +# Table: azure_search_service - Query Azure Search Services using SQL + +Azure Search Service is a fully managed cloud search service provided by Microsoft Azure. It offers scalable and secure search capabilities across all your data. With Azure Search Service, you can quickly add sophisticated search capabilities to your applications, making it easier for users to find the information they are looking for. + +## Table Usage Guide + +The `azure_search_service` table provides insights into the Search Services within Microsoft Azure. As a developer or system administrator, you can explore service-specific details through this table, including properties, settings, and status. Utilize it to uncover information about each search service, such as its provisioning state, SKU, and network rules, to manage and optimize your application's search capabilities effectively. ## Examples ### Basic info +Explore the status and configuration of your Azure Search Services to assess resource allocation and utilization. This can help in identifying areas for optimization and managing your resources efficiently. -```sql +```sql+postgres +select + name, + id, + type, + provisioning_state, + status, + sku_name, + replica_count +from + azure_search_service; +``` + +```sql+sqlite select name, id, @@ -20,8 +43,20 @@ from ``` ### List publicly accessible search services +Determine the areas in which publicly accessible search services are enabled. This is useful in identifying potential security risks and ensuring appropriate access controls are in place. + +```sql+postgres +select + name, + id, + public_network_access +from + azure_search_service +where + public_network_access = 'Enabled'; +``` -```sql +```sql+sqlite select name, id, diff --git a/docs/tables/azure_security_center_auto_provisioning.md b/docs/tables/azure_security_center_auto_provisioning.md index 3d075336..29cc4de1 100644 --- a/docs/tables/azure_security_center_auto_provisioning.md +++ b/docs/tables/azure_security_center_auto_provisioning.md @@ -1,12 +1,32 @@ -# Table: azure_security_center_auto_provisioning +--- +title: "Steampipe Table: azure_security_center_auto_provisioning - Query Azure Security Center Auto Provisioning Settings using SQL" +description: "Allows users to query Azure Security Center Auto Provisioning Settings, providing insights into the automatic deployment of security services and controls." +--- -Azure security center auto provisioning settings expose the auto provisioning settings of the subscriptions. +# Table: azure_security_center_auto_provisioning - Query Azure Security Center Auto Provisioning Settings using SQL + +Azure Security Center Auto Provisioning is a feature within Microsoft Azure that allows for the automatic deployment of security services and controls. It plays a crucial role in ensuring that the necessary security services are in place across all Azure resources, making it easier to maintain and monitor the security posture of your Azure environment. It promotes consistency and reduces the chance of misconfiguration or oversight in security controls deployment. + +## Table Usage Guide + +The `azure_security_center_auto_provisioning` table provides insights into the automatic deployment of security services and controls within Azure Security Center. As a Security or DevOps engineer, explore the details of auto provisioning settings through this table, including the target resource type and auto provisioning status. Utilize it to maintain optimal and consistent security posture across your Azure resources, and to ensure that all necessary security services are automatically deployed as needed. ## Examples ### Basic info +Determine the areas in which automatic provisioning is enabled in your Azure Security Center to enhance your security posture and reduce manual configuration efforts. + +```sql+postgres +select + id, + name, + type, + auto_provision +from + azure_security_center_auto_provisioning; +``` -```sql +```sql+sqlite select id, name, @@ -17,8 +37,9 @@ from ``` ### List subscriptions that have automatic provisioning of VM monitoring agent enabled +Discover the segments that have automatic virtual machine monitoring agent provisioning enabled. This can be beneficial to assess the elements within your system that are being automatically monitored, ensuring system performance and security. -```sql +```sql+postgres select id, name, @@ -29,3 +50,15 @@ from where auto_provision = 'On'; ``` + +```sql+sqlite +select + id, + name, + type, + auto_provision +from + azure_security_center_auto_provisioning +where + auto_provision = 'On'; +``` \ No newline at end of file diff --git a/docs/tables/azure_security_center_automation.md b/docs/tables/azure_security_center_automation.md index 898574ed..9260990a 100644 --- a/docs/tables/azure_security_center_automation.md +++ b/docs/tables/azure_security_center_automation.md @@ -1,12 +1,32 @@ -# Table: azure_security_center_automation +--- +title: "Steampipe Table: azure_security_center_automation - Query Azure Security Center Automations using SQL" +description: "Allows users to query Azure Security Center Automations, specifically the automation details and configurations, providing insights into security automation settings and potential vulnerabilities." +--- -Microsoft Defender for Cloud generates detailed security alerts and recommendations. You can view them in the portal or through programmatic tools. You might also need to export some or all of this information for tracking with other monitoring tools in your environment. +# Table: azure_security_center_automation - Query Azure Security Center Automations using SQL + +Azure Security Center Automations is a feature within Microsoft Azure that allows you to automate responses to security alerts. It provides an automated way to respond to and manage alerts for various Azure resources, including virtual machines, databases, web applications, and more. Azure Security Center Automations helps you stay informed about the security state of your Azure resources and take appropriate actions when predefined conditions are met. + +## Table Usage Guide + +The `azure_security_center_automation` table provides insights into the automation settings within Azure Security Center. As a security engineer, explore automation-specific details through this table, including the automation name, resource group, and associated metadata. Utilize it to uncover information about your security automations, such as their configurations, intended actions, and the resources they are associated with. ## Examples -### Basic info +### Basic info +This example showcases how to determine the types and categories of automations within the Azure Security Center. This information can be useful in understanding the range of automated processes in place and their respective functions. + +```sql+postgres +select + id, + name, + type, + kind +from + azure_security_center_automation; +``` -```sql +```sql+sqlite select id, name, @@ -17,8 +37,9 @@ from ``` ### List enabled continuously export microsoft defender for cloud data +Determine the areas in which Microsoft Defender for Cloud data is continuously exported and enabled. This can be useful to ensure that your security data is being properly and consistently exported for further analysis and storage. -```sql +```sql+postgres select id, name, @@ -26,13 +47,26 @@ select is_enabled from azure_security_center_automation -where +where + is_enabled; +``` + +```sql+sqlite +select + id, + name, + type, + is_enabled +from + azure_security_center_automation +where is_enabled; ``` ### List event source details for continuously export microsoft defender for cloud data +Determine the areas in which continuous data export from Microsoft Defender for Cloud is occurring. This is useful for understanding your security posture and identifying potential areas of improvement. -```sql +```sql+postgres select name, type, @@ -46,4 +80,20 @@ from jsonb_array_elements(sources) as s, jsonb_array_elements(s -> 'ruleSets') as rs, jsonb_array_elements(rs -> 'rules') as r ; +``` + +```sql+sqlite +select + name, + a.type, + json_extract(s.value, '$.eventSource') as event_source, + json_extract(r.value, '$.operator') as operator, + json_extract(r.value, '$.propertyType') as property_type, + json_extract(r.value, '$.expectedValue') as expected_value, + json_extract(r.value, '$.propertyJPath') as property_jpath +from + azure_security_center_automation as a, + json_each(sources) as s, + json_each(json_extract(s.value, '$.ruleSets')) as rs, + json_each(json_extract(rs.value, '$.rules')) as r ; ``` \ No newline at end of file diff --git a/docs/tables/azure_security_center_contact.md b/docs/tables/azure_security_center_contact.md index 2a4ecff4..0da58d13 100644 --- a/docs/tables/azure_security_center_contact.md +++ b/docs/tables/azure_security_center_contact.md @@ -1,12 +1,32 @@ -# Table: azure_security_center_contact +--- +title: "Steampipe Table: azure_security_center_contact - Query Azure Security Center Contacts using SQL" +description: "Allows users to query Azure Security Center Contacts, providing insights into contact details, alert notifications, and alert email settings." +--- -Azure security center contact details for the subscription. +# Table: azure_security_center_contact - Query Azure Security Center Contacts using SQL + +Azure Security Center Contacts is a feature within Microsoft Azure that allows you to manage and configure the security contact details in Azure Security Center. These contact details are used by Azure to send notifications regarding security alerts, recommendations, and other important security information. It is a crucial component of Azure's security management system, providing a streamlined way to receive and manage security notifications. + +## Table Usage Guide + +The `azure_security_center_contact` table provides insights into the contact details configured in Azure Security Center. As a security administrator, explore contact-specific details through this table, including alert notifications, and alert email settings. Utilize it to manage and monitor the communication of security alerts and recommendations from Azure to the designated contacts. ## Examples ### Basic info +Explore which security center contacts in your Azure environment have alert notifications enabled. This helps to identify who is receiving alerts and whether any necessary contacts are missing from the notifications list. + +```sql+postgres +select + id, + email, + alert_notifications, + alerts_to_admins +from + azure_security_center_contact; +``` -```sql +```sql+sqlite select id, email, @@ -17,8 +37,9 @@ from ``` ### List security center contacts not configured with email notifications +Determine areas in which Security Center contacts have been set up without email notifications. This is useful to ensure that all necessary parties are receiving important security alerts and updates. -```sql +```sql+postgres select id, email, @@ -29,3 +50,15 @@ from where email != ''; ``` + +```sql+sqlite +select + id, + email, + alert_notifications, + alerts_to_admins +from + azure_security_center_contact +where + email != ''; +``` \ No newline at end of file diff --git a/docs/tables/azure_security_center_jit_network_access_policy.md b/docs/tables/azure_security_center_jit_network_access_policy.md index d1f5131e..6dbd7c02 100644 --- a/docs/tables/azure_security_center_jit_network_access_policy.md +++ b/docs/tables/azure_security_center_jit_network_access_policy.md @@ -1,12 +1,22 @@ -# Table: azure_security_center_jit_network_access_policy +--- +title: "Steampipe Table: azure_security_center_jit_network_access_policy - Query Azure Security Center Just-In-Time Network Access Policies using SQL" +description: "Allows users to query Just-In-Time Network Access Policies in Azure Security Center, providing insights into policy configurations and associated resources." +--- -Azure Security Center's just-in-time (JIT) network access policy helps to lock down inbound traffic access to your virtual machines. This reduces exposure to attacks while providing easy access when you need to connect to a VM. +# Table: azure_security_center_jit_network_access_policy - Query Azure Security Center Just-In-Time Network Access Policies using SQL + +Azure Security Center Just-In-Time Network Access Policies are resources within Microsoft Azure that provide controlled access to Azure VMs. They reduce exposure to attacks by enabling access to VMs only when needed and from specific, approved IP addresses. Azure JIT Network Access Policies help maintain a secure environment by minimizing the potential attack surface. + +## Table Usage Guide + +The `azure_security_center_jit_network_access_policy` table provides insights into Just-In-Time Network Access Policies within Azure Security Center. As a security analyst, you can explore policy-specific details through this table, including policy configurations, associated resources, and access controls. Utilize it to uncover information about policies, such as their status, provisioned locations, and the resources they are associated with. ## Examples ### List virtual machines with JIT access enabled +The query is useful for identifying virtual machines that have Just-In-Time (JIT) access enabled, a feature that can help enhance security by limiting open ports. This can be particularly helpful in managing security risks and ensuring that only necessary access points are open. -```sql +```sql+postgres select vm.name, vm.id, @@ -18,3 +28,16 @@ from where lower(vms ->> 'id') = lower(vm.id); ``` + +```sql+sqlite +select + vm.name, + vm.id, + vms.value as ports +from + azure_security_center_jit_network_access_policy, + json_each(virtual_machines) as vms, + azure_compute_virtual_machine as vm +where + lower(json_extract(vms.value, '$.id')) = lower(vm.id); +``` \ No newline at end of file diff --git a/docs/tables/azure_security_center_setting.md b/docs/tables/azure_security_center_setting.md index 9f386b88..0d5ed41b 100644 --- a/docs/tables/azure_security_center_setting.md +++ b/docs/tables/azure_security_center_setting.md @@ -1,12 +1,31 @@ -# Table: azure_security_center_setting +--- +title: "Steampipe Table: azure_security_center_setting - Query Azure Security Center Settings using SQL" +description: "Allows users to query Azure Security Center Settings, specifically the configuration data, providing insights into security settings and potential discrepancies." +--- -Azure security center settings contains different configurations in security center. +# Table: azure_security_center_setting - Query Azure Security Center Settings using SQL + +Azure Security Center is a unified infrastructure security management system that strengthens the security posture of data centers and provides advanced threat protection across hybrid workloads in the cloud. It provides a centralized way to monitor and respond to security issues across your Azure resources, including virtual machines, databases, web applications, and more. Azure Security Center helps you stay informed about the security status and take appropriate actions when predefined conditions are met. + +## Table Usage Guide + +The `azure_security_center_setting` table provides insights into settings within Azure Security Center. As a Security Analyst, explore setting-specific details through this table, including configurations, contact details, and auto provisioning settings. Utilize it to uncover information about settings, such as those with auto provisioning enabled, the contact details for security notifications, and the verification of security configurations. ## Examples ### Basic info +Discover the segments that are enabled in the Azure Security Center. This query is useful for quickly assessing the active areas of your security configuration. -```sql +```sql+postgres +select + id, + name, + enabled +from + azure_security_center_setting; +``` + +```sql+sqlite select id, name, @@ -16,8 +35,9 @@ from ``` ### List the enabled settings for security center +Explore which security settings are currently activated in the Azure Security Center to ensure your system is adequately protected and compliant with security protocols. This is useful for maintaining a secure environment and identifying any potential gaps in your security configuration. -```sql +```sql+postgres select id, name, @@ -27,3 +47,14 @@ from where enabled; ``` + +```sql+sqlite +select + id, + name, + type +from + azure_security_center_setting +where + enabled = 1; +``` \ No newline at end of file diff --git a/docs/tables/azure_security_center_sub_assessment.md b/docs/tables/azure_security_center_sub_assessment.md index 0a6a88b3..c2a0b60a 100644 --- a/docs/tables/azure_security_center_sub_assessment.md +++ b/docs/tables/azure_security_center_sub_assessment.md @@ -1,12 +1,33 @@ -# Table: azure_security_center_sub_assessment +--- +title: "Steampipe Table: azure_security_center_sub_assessment - Query Azure Security Center Sub-Assessments using SQL" +description: "Allows users to query Azure Security Center Sub-Assessments, providing detailed security findings for each resource." +--- -Azure security center sub-assessments helps identifying conditions to evaluate if there is a need to fix security vulnerabilities found in images before pushing anything further in the process on all your scanned resources inside a subscription scope +# Table: azure_security_center_sub_assessment - Query Azure Security Center Sub-Assessments using SQL + +Azure Security Center is a unified infrastructure security management system that strengthens the security posture of your data centers, and provides advanced threat protection across your hybrid workloads in the cloud - whether they're in Azure or not. It provides security management and threat protection across your hybrid cloud workloads. It allows you to prevent, detect, and respond to threats with increased visibility. + +## Table Usage Guide + +The `azure_security_center_sub_assessment` table provides insights into the detailed security findings for each resource within Azure Security Center. As a security engineer, you can explore specific security assessment details through this table, including severity, status, and associated metadata. Utilize it to uncover information about security vulnerabilities and the remediation steps for each resource. ## Examples ### Basic info +Explore the various sub-assessments within Azure's Security Center. This allows you to understand and categorize different security elements by their unique identifiers, names, display names, types, and categories, providing a comprehensive overview of your security landscape. + +```sql+postgres +select + id, + name, + display_name, + type, + category +from + azure_security_center_sub_assessment; +``` -```sql +```sql+sqlite select id, name, @@ -18,8 +39,9 @@ from ``` ### List unhealthy sub assessment details +Determine the areas in which security aspects are marked as unhealthy in Azure Security Center. This provides a way to identify instances where security measures may need to be improved or updated. -```sql +```sql+postgres select name, type, @@ -31,9 +53,22 @@ where status ->> 'Code' = 'Unhealthy'; ``` +```sql+sqlite +select + name, + type, + category, + status +from + azure_security_center_sub_assessment +where + json_extract(status, '$.Code') = 'Unhealthy'; +``` + ### List all container registry vulnerabilities with corresponding remedies +Identify potential security vulnerabilities in your container registry and uncover the specific remediation steps to mitigate them. This is crucial for maintaining robust security practices and ensuring system integrity. -```sql +```sql+postgres select container_registry_vulnerability_properties, remediation, @@ -44,9 +79,21 @@ where container_registry_vulnerability_properties ->> 'AssessedResourceType' = 'ContainerRegistryVulnerability'; ``` +```sql+sqlite +select + container_registry_vulnerability_properties, + remediation, + resource_details +from + azure_security_center_sub_assessment +where + json_extract(container_registry_vulnerability_properties, '$.AssessedResourceType') = 'ContainerRegistryVulnerability'; +``` + ### List all server vulnerabilities with corresponding remedies +Determine the areas in which server vulnerabilities exist and discover the corresponding remedies. This is beneficial for maintaining server security and ensuring prompt remediation of any identified vulnerabilities. -```sql +```sql+postgres select server_vulnerability_properties, remediation, @@ -57,9 +104,21 @@ where server_vulnerability_properties ->> 'AssessedResourceType' = 'ServerVulnerabilityAssessment'; ``` +```sql+sqlite +select + server_vulnerability_properties, + remediation, + resource_details +from + azure_security_center_sub_assessment +where + json_extract(server_vulnerability_properties, '$.AssessedResourceType') = 'ServerVulnerabilityAssessment'; +``` + ### List all sql server vulnerabilities with corresponding remedies +Explore vulnerabilities in your SQL server and ascertain appropriate remedies. This query is useful for maintaining security and addressing potential risks in your SQL server environment. -```sql +```sql+postgres select sql_server_vulnerability_properties, remediation, @@ -68,4 +127,15 @@ from azure_security_center_sub_assessment where sql_server_vulnerability_properties ->> 'AssessedResourceType' = 'SqlServerVulnerability'; +``` + +```sql+sqlite +select + sql_server_vulnerability_properties, + remediation, + resource_details +from + azure_security_center_sub_assessment +where + json_extract(sql_server_vulnerability_properties, '$.AssessedResourceType') = 'SqlServerVulnerability'; ``` \ No newline at end of file diff --git a/docs/tables/azure_security_center_subscription_pricing.md b/docs/tables/azure_security_center_subscription_pricing.md index 8302eeae..5bc7bbbd 100644 --- a/docs/tables/azure_security_center_subscription_pricing.md +++ b/docs/tables/azure_security_center_subscription_pricing.md @@ -1,12 +1,31 @@ -# Table: azure_security_center_subscription_pricing +--- +title: "Steampipe Table: azure_security_center_subscription_pricing - Query Azure Security Center Subscription Pricing using SQL" +description: "Allows users to query Azure Security Center Subscription Pricing, specifically the pricing tier and the resource details associated with the subscription." +--- -Azure security center pricing configurations for the subscription. +# Table: azure_security_center_subscription_pricing - Query Azure Security Center Subscription Pricing using SQL + +Azure Security Center is a unified infrastructure security management system that strengthens the security posture of your data centers and provides advanced threat protection across your hybrid workloads in the cloud. It provides you with a comprehensive view of your security state and actionable recommendations to mitigate risks. The subscription pricing model allows you to choose the level of protection that best meets your needs. + +## Table Usage Guide + +The `azure_security_center_subscription_pricing` table provides insights into the pricing tier and resource details associated with each Azure Security Center subscription. As a security analyst, use this table to understand the cost implications of your security strategies, and to ensure you are utilizing the most appropriate level of protection for your needs. This table can also assist in budget planning and cost management for your Azure resources. ## Examples ### Basic info +Explore which Azure Security Center subscriptions are at different pricing tiers to manage costs effectively and ensure optimal resource utilization. + +```sql+postgres +select + id, + name, + pricing_tier +from + azure_security_center_subscription_pricing; +``` -```sql +```sql+sqlite select id, name, @@ -16,8 +35,9 @@ from ``` ### List pricing information for virtual machines +Explore the cost implications of your virtual machines by examining their pricing tiers. This allows for efficient budget management and cost optimization. -```sql +```sql+postgres select id, name, @@ -27,3 +47,14 @@ from where name = 'VirtualMachines'; ``` + +```sql+sqlite +select + id, + name, + pricing_tier +from + azure_security_center_subscription_pricing +where + name = 'VirtualMachines'; +``` \ No newline at end of file diff --git a/docs/tables/azure_service_fabric_cluster.md b/docs/tables/azure_service_fabric_cluster.md index dcb1933f..73d5ccc6 100644 --- a/docs/tables/azure_service_fabric_cluster.md +++ b/docs/tables/azure_service_fabric_cluster.md @@ -1,16 +1,40 @@ -# Table: azure_service_fabric_cluster +--- +title: "Steampipe Table: azure_service_fabric_cluster - Query Azure Service Fabric Clusters using SQL" +description: "Allows users to query Azure Service Fabric Clusters, providing insights into the structure, health, and configuration of each cluster." +--- -An Azure Service Fabric cluster is a network-connected set of virtual or physical machines into which your microservices are deployed and managed. It rebalances the partition replicas and instances across the increase or decreased number of nodes to make better use of the hardware on each node. It allows for the creation of clusters on any VMs or computers running Windows Server or Linux. +# Table: azure_service_fabric_cluster - Query Azure Service Fabric Clusters using SQL + +Azure Service Fabric is a distributed systems platform that makes it easy to package, deploy, and manage scalable and reliable microservices and containers. It also provides comprehensive runtime and lifecycle management capabilities to applications that are composed of these microservices or containers. This makes it an ideal tool for developers and administrators looking to manage complex microservices architectures. + +## Table Usage Guide + +The `azure_service_fabric_cluster` table provides insights into Service Fabric Clusters within Azure. Developers and administrators can explore cluster-specific details through this table, including the cluster's health, configuration, and node types. Utilize it to uncover information about clusters, such as their reliability tier, upgrade mode, and the version of Service Fabric they're running. ## Examples ### Basic info +Explore the status and configuration of your Azure Service Fabric clusters to understand their current operational state and setup. This is crucial for managing your clusters effectively and ensuring they are configured according to your organization's standards. -```sql +```sql+postgres select name, id, - provisioning_state, + provisioning_state, + type, + cluster_code_version, + management_endpoint, + upgrade_mode, + vm_image +from + azure_service_fabric_cluster; +``` + +```sql+sqlite +select + name, + id, + provisioning_state, type, cluster_code_version, management_endpoint, @@ -21,8 +45,9 @@ from ``` ### List azure active directory details for clusters +Discover the segments that contain key Azure Active Directory details for specific clusters. This is useful for understanding the configuration and security measures of your Azure Service Fabric clusters. -```sql +```sql+postgres select name, id, @@ -33,9 +58,21 @@ from azure_service_fabric_cluster; ``` +```sql+sqlite +select + name, + id, + json_extract(azure_active_directory, '$.clientApplication') as client_application, + json_extract(azure_active_directory, '$.clusterApplication') as cluster_application, + json_extract(azure_active_directory, '$.tenantId') as tenant_id +from + azure_service_fabric_cluster; +``` + ### List certificate details for clusters +Determine the security status of your clusters by examining the details of their associated certificates. This is useful for ensuring the integrity and validity of your clusters' security certificates. -```sql +```sql+postgres select name, id, @@ -46,9 +83,21 @@ from azure_service_fabric_cluster; ``` +```sql+sqlite +select + name, + id, + json_extract(certificate, '$.thumbprint') as thumbprint, + json_extract(certificate, '$.thumbprintSecondary') as thumbprint_secondary, + json_extract(certificate, '$.x509StoreName') as x509_store_name +from + azure_service_fabric_cluster; +``` + ### List fabric setting details for clusters +Determine the configuration details for your clusters in Azure Service Fabric. This can help you understand and manage the settings parameters for each cluster, ensuring optimal performance and security. -```sql +```sql+postgres select name, id, @@ -59,9 +108,21 @@ from jsonb_array_elements(fabric_settings) as settings; ``` +```sql+sqlite +select + name, + c.id, + json_extract(settings.value, '$.name') as settings_name, + json_extract(settings.value, '$.parameters') as settings_parameters +from + azure_service_fabric_cluster as c, + json_each(fabric_settings) as settings; +``` + ### List node type details for clusters +Explore the characteristics of different nodes within your Azure Service Fabric Clusters. This query helps you understand the configuration and capabilities of each node, which can be beneficial for managing resources and optimizing performance. -```sql +```sql+postgres select name, id, @@ -77,3 +138,20 @@ from azure_service_fabric_cluster, jsonb_array_elements(node_types) as types; ``` + +```sql+sqlite +select + name, + c.id, + json_extract(types.value, '$.clientConnectionEndpointPort') as type_client_connection_endpoint_port, + json_extract(types.value, '$.durabilityLevel') as type_durability_level, + json_extract(types.value, '$.httpGatewayEndpointPort') as type_http_gateway_endpoint_port, + json_extract(types.value, '$.isPrimary') as type_is_primary, + json_extract(types.value, '$.name') as type_name, + json_extract(types.value, '$.vmInstanceCount') as type_vm_instance_count, + types.value as settings_application_ports, + types.value as settings_ephemeral_ports +from + azure_service_fabric_cluster as c, + json_each(node_types) as types; +``` \ No newline at end of file diff --git a/docs/tables/azure_servicebus_namespace.md b/docs/tables/azure_servicebus_namespace.md index 6e3e3a9e..ca1fd289 100644 --- a/docs/tables/azure_servicebus_namespace.md +++ b/docs/tables/azure_servicebus_namespace.md @@ -1,12 +1,33 @@ -# Table: azure_servicebus_namespace +--- +title: "Steampipe Table: azure_servicebus_namespace - Query Azure Service Bus Namespaces using SQL" +description: "Allows users to query Azure Service Bus Namespaces, providing critical insights into the properties, status, and configurations of each namespace." +--- -A ServiceBus namespace is a container for all messaging components (queues and topics). Multiple queues and topics can be in a single namespace, and namespaces often serve as application containers. A Service Bus namespace is your own capacity slice of a large cluster made up of dozens of all-active virtual machines. +# Table: azure_servicebus_namespace - Query Azure Service Bus Namespaces using SQL + +Azure Service Bus is a fully managed enterprise integration message broker. Service Bus can decouple applications and services. Service Bus offers secure and reliable message delivery. + +## Table Usage Guide + +The `azure_servicebus_namespace` table provides insights into namespaces within Azure Service Bus. As a DevOps engineer, explore namespace-specific details through this table, including active message count, scheduled message count, and transfer message count. Utilize it to uncover information about namespaces, such as their status, SKU, and properties. ## Examples ### Basic info +Explore the status and tier level of your Azure Service Bus namespaces to assess their setup and monitor their creation time. This helps in managing resources and understanding their distribution across different tiers. + +```sql+postgres +select + name, + id, + sku_tier, + provisioning_state, + created_at +from + azure_servicebus_namespace; +``` -```sql +```sql+sqlite select name, id, @@ -18,8 +39,20 @@ from ``` ### List premium namespaces +Analyze the settings to understand the distribution of premium-tier service bus namespaces across different regions in your Azure environment. This can help optimize resource allocation and cost management. -```sql +```sql+postgres +select + name, + sku_tier, + region +from + azure_servicebus_namespace +where + sku_tier = 'Premium'; +``` + +```sql+sqlite select name, sku_tier, @@ -31,8 +64,21 @@ where ``` ### List unencrypted namespaces +Analyze the settings to understand the premium Azure Service Bus namespaces that lack encryption. This can be useful for identifying potential security risks and ensuring data protection standards are met. -```sql +```sql+postgres +select + name, + sku_tier, + encryption +from + azure_servicebus_namespace +where + sku_tier = 'Premium' + and encryption is null; +``` + +```sql+sqlite select name, sku_tier, @@ -45,8 +91,9 @@ where ``` ### List namespaces not using a virtual network service endpoint +Determine the areas in your Azure service bus setup where premium tier namespaces are not utilizing a virtual network service endpoint. This can be useful to improve security by ensuring all communication within your service bus happens over your virtual network. -```sql +```sql+postgres select name, region, @@ -59,7 +106,7 @@ where jsonb_array_length(network_rule_set -> 'properties' -> 'virtualNetworkRules') = 0 or exists ( select - * + * from jsonb_array_elements(network_rule_set -> 'properties' -> 'virtualNetworkRules') as t where @@ -68,9 +115,32 @@ where ); ``` +```sql+sqlite +select + name, + region, + json_extract(network_rule_set, '$.properties.virtualNetworkRules') as virtual_network_rules +from + azure_servicebus_namespace +where + sku_tier = 'Premium' + and ( + json_array_length(json_extract(network_rule_set, '$.properties.virtualNetworkRules')) = 0 + or exists ( + select + 1 + from + json_each(json_extract(network_rule_set, '$.properties.virtualNetworkRules')) as t + where + json_extract(t.value, '$.subnet.id') is null + ) + ); +``` + ### List private endpoint connection details +Explore the details of private endpoint connections in Azure Service Bus Namespace to understand their provisioning state and connection types. This is useful for assessing the security and configuration of your cloud resources. -```sql +```sql+postgres select name, id, @@ -85,9 +155,25 @@ from jsonb_array_elements(private_endpoint_connections) as connections; ``` +```sql+sqlite +select + name, + n.id, + json_extract(connections.value, '$.id') as connection_id, + json_extract(connections.value, '$.name') as connection_name, + json_extract(connections.value, '$.privateEndpointPropertyID') as property_private_endpoint_id, + json_extract(connections.value, '$.provisioningState') as property_provisioning_state, + connections.value as property_private_link_service_connection_state, + json_extract(connections.value, '$.type') as connection_type +from + azure_servicebus_namespace as n, + json_each(private_endpoint_connections) as connections; +``` + ### List encryption details +Determine the encryption specifications of your Azure Service Bus namespaces. This can provide insights into your security configurations, helping you understand if your data is properly secured and whether infrastructure encryption is required. -```sql +```sql+postgres select name, id, @@ -97,3 +183,14 @@ select from azure_servicebus_namespace; ``` + +```sql+sqlite +select + name, + id, + json_extract(encryption, '$.keySource') as key_source, + encryption as key_vault_properties, + json_extract(encryption, '$.requireInfrastructureEncryption') as require_infrastructure_encryption +from + azure_servicebus_namespace; +``` \ No newline at end of file diff --git a/docs/tables/azure_signalr_service.md b/docs/tables/azure_signalr_service.md index a63c1184..8e48f6e1 100644 --- a/docs/tables/azure_signalr_service.md +++ b/docs/tables/azure_signalr_service.md @@ -1,12 +1,33 @@ -# Table: azure_signalr_service +--- +title: "Steampipe Table: azure_signalr_service - Query Azure SignalR Services using SQL" +description: "Allows users to query Azure SignalR Services, providing insights into real-time web functionality for applications." +--- -Azure SignalR Service is a fully-managed service which allows developers to focus on building real-time web experiences without worrying about capacity provisioning, reliable connections, scaling, encryption or authentication. +# Table: azure_signalr_service - Query Azure SignalR Services using SQL + +Azure SignalR Service is a fully-managed service that allows developers to focus on building real-time web experiences without worrying about capacity provisioning, reliable connections, scaling, encryption, or authentication. It is an Azure service that helps to simplify the process of adding real-time web functionality to applications over HTTP. This functionality enables applications to stream content updates to connected clients instantly. + +## Table Usage Guide + +The `azure_signalr_service` table offers insights into Azure SignalR Services within Microsoft Azure. As a developer or system administrator, you can explore service-specific details through this table, including service tiers, client negotiation endpoints, and associated metadata. Use this table to monitor and manage your SignalR Services, identify their capacity and usage, and ensure optimal performance and security for your real-time web applications. ## Examples ### Basic info +Explore the status and type of your Azure SignalR services to understand their current operational state and categorization. This is beneficial for managing and monitoring your application's real-time messaging services. + +```sql+postgres +select + name, + id, + type, + kind, + provisioning_state +from + azure_signalr_service; +``` -```sql +```sql+sqlite select name, id, @@ -18,8 +39,9 @@ from ``` ### List network ACL details for SignalR service +This query helps you explore the network access control list (ACL) details for your SignalR service. It's useful for understanding the default actions and the configuration of private and public networks, which in turn can aid in managing access control and enhancing security. -```sql +```sql+postgres select name, id, @@ -32,9 +54,23 @@ from azure_signalr_service; ``` +```sql+sqlite +select + name, + id, + type, + provisioning_state, + json_extract(network_acls, '$.defaultAction') as default_action, + network_acls as private_endpoints, + network_acls as public_network +from + azure_signalr_service; +``` + ### List private endpoint connection details for SignalR service +Determine the areas in which private endpoint connections are established for the SignalR service. This is useful for understanding and managing the security and access of your SignalR services. -```sql +```sql+postgres select name, id, @@ -47,3 +83,17 @@ from azure_signalr_service, jsonb_array_elements(private_endpoint_connections) as connections; ``` + +```sql+sqlite +select + name, + id, + json_extract(connections.value, '$.ID') as connection_id, + json_extract(connections.value, '$.Name') as connection_name, + json_extract(connections.value, '$.PrivateEndpointPropertyID') as property_private_endpoint_id, + connections.value as property_private_link_service_connection_state, + json_extract(connections.value, '$.Type') as connection_type +from + azure_signalr_service, + json_each(private_endpoint_connections) as connections; +``` \ No newline at end of file diff --git a/docs/tables/azure_spring_cloud_service.md b/docs/tables/azure_spring_cloud_service.md index 98c4873d..d51ef981 100644 --- a/docs/tables/azure_spring_cloud_service.md +++ b/docs/tables/azure_spring_cloud_service.md @@ -1,12 +1,35 @@ -# Table: azure_spring_cloud_service +--- +title: "Steampipe Table: azure_spring_cloud_service - Query Azure Spring Cloud Services using SQL" +description: "Allows users to query Azure Spring Cloud Services, specifically the details of the service instances, providing insights into the configuration and state of the Spring Cloud applications." +--- -Azure Spring Cloud is a platform as a service (PaaS) for Spring developers. It manages the lifecycle of your Spring Boot applications with comprehensive monitoring and diagnostics, configuration management, service discovery, CI/CD integration, blue-green deployments and more. +# Table: azure_spring_cloud_service - Query Azure Spring Cloud Services using SQL + +Azure Spring Cloud is a fully managed service for Spring Boot apps that lets you focus on building and running the apps that run your business without the hassle of managing infrastructure. It provides a platform for deploying and managing Spring Boot and Spring Cloud applications in the cloud. The service is jointly built, operated, and supported by Pivotal Software and Microsoft to provide a native platform designed to be easily run and managed on Azure. + +## Table Usage Guide + +The `azure_spring_cloud_service` table provides insights into Azure Spring Cloud Services within Microsoft Azure. As a DevOps engineer, explore service-specific details through this table, including configurations, provisioning state, and associated metadata. Utilize it to uncover information about services, such as service versions, the network profile of the service, and the verification of service configurations. ## Examples ### Basic info +Explore the fundamental details of your Azure Spring Cloud services, such as their provisioning state, SKU details, and version. This can be used to assess the status and tier of your services, enabling effective management and optimization. + +```sql+postgres +select + id, + name, + type, + provisioning_state, + sku_name, + sku_tier, + version +from + azure_spring_cloud_service; +``` -```sql +```sql+sqlite select id, name, @@ -20,8 +43,9 @@ from ``` ### List network profile details +Assess the elements within your Azure Spring Cloud Service's network profile. This query can be used to gain insights into the specific configurations and resource groups associated with your network profile, which can aid in network management and troubleshooting. -```sql +```sql+postgres select id, name, @@ -33,4 +57,18 @@ select network_profile ->> 'ServiceRuntimeSubnetID' as network_profile_service_runtime_subnet_id from azure_spring_cloud_service; +``` + +```sql+sqlite +select + id, + name, + json_extract(network_profile, '$.AppNetworkResourceGroup') as network_profile_app_network_resource_group, + json_extract(network_profile, '$.AppSubnetID') as network_profile_app_subnet_id, + network_profile -> 'OutboundPublicIPs' as network_profile_outbound_public_ips, + json_extract(network_profile, '$.ServiceCidr') as network_profile_service_cidr, + json_extract(network_profile, '$.ServiceRuntimeNetworkResourceGroup') as network_profile_service_runtime_network_resource_group, + json_extract(network_profile, '$.ServiceRuntimeSubnetID') as network_profile_service_runtime_subnet_id +from + azure_spring_cloud_service; ``` \ No newline at end of file diff --git a/docs/tables/azure_sql_database.md b/docs/tables/azure_sql_database.md index 78dd3098..e7c6bd12 100644 --- a/docs/tables/azure_sql_database.md +++ b/docs/tables/azure_sql_database.md @@ -1,12 +1,33 @@ -# Table: azure_sql_database +--- +title: "Steampipe Table: azure_sql_database - Query Azure SQL Databases using SQL" +description: "Allows users to query Azure SQL Databases, specifically providing details on database status, server information, and configuration settings." +--- -An Azure SQL Database is an intelligent, scalable, relational database service built for the cloud. +# Table: azure_sql_database - Query Azure SQL Databases using SQL + +Azure SQL Database is a fully managed platform as a service (PaaS) Database Engine that handles most of the database management functions such as upgrading, patching, backups, and monitoring without user involvement. It is always running on the latest stable version of the SQL Server database engine and patched OS with 99.99% availability. Azure SQL Database is based on the latest stable version of the Microsoft SQL Server database engine. + +## Table Usage Guide + +The `azure_sql_database` table provides insights into SQL databases within Microsoft Azure. As a Database Administrator, explore database-specific details through this table, including status, server information, and configuration settings. Utilize it to uncover information about databases, such as their current status, the server they are hosted on, and specific configuration settings. ## Examples ### Basic info +Explore the basic details of your Azure SQL databases such as name, id, server name, location, and edition. This query can be utilized to better understand your SQL database configuration and assess any potential changes or updates that may be necessary. + +```sql+postgres +select + name, + id, + server_name, + location, + edition +from + azure_sql_database; +``` -```sql +```sql+sqlite select name, id, @@ -18,8 +39,23 @@ from ``` ### List databases that are not online +Discover the segments that consist of databases that are not currently online. This is particularly useful for identifying potential issues and ensuring the smooth functioning of your system. + +```sql+postgres +select + name, + id, + server_name, + location, + edition, + status +from + azure_sql_database +where + status != 'Online'; +``` -```sql +```sql+sqlite select name, id, @@ -34,8 +70,9 @@ where ``` ### List databases that are not encrypted +Identify instances where Azure SQL databases are unencrypted. This is crucial for assessing potential security vulnerabilities in your database infrastructure. -```sql +```sql+postgres select name, id, @@ -48,3 +85,17 @@ from where transparent_data_encryption ->> 'status' != 'Enabled'; ``` + +```sql+sqlite +select + name, + id, + server_name, + location, + edition, + json_extract(transparent_data_encryption, '$.status') as encryption_status +from + azure_sql_database +where + json_extract(transparent_data_encryption, '$.status') != 'Enabled'; +``` \ No newline at end of file diff --git a/docs/tables/azure_sql_server.md b/docs/tables/azure_sql_server.md index 68070122..dbb4a81d 100644 --- a/docs/tables/azure_sql_server.md +++ b/docs/tables/azure_sql_server.md @@ -1,12 +1,22 @@ -# Table: azure_sql_server +--- +title: "Steampipe Table: azure_sql_server - Query Azure SQL Servers using SQL" +description: "Allows users to query Azure SQL Servers, providing detailed information about their configurations, locations, versions, and more." +--- -An Azure SQL server is a relational database management system. As a database server, it is a software product with the primary function of storing and retrieving data as requested by other software applications—which may run either on the same computer or on another computer across a network (including the Internet). +# Table: azure_sql_server - Query Azure SQL Servers using SQL + +Azure SQL Server is a fully managed relational database service, which is a part of the broader Microsoft Azure Platform. It offers the broadest SQL Server engine compatibility and powers your cloud applications with AI-built-in, secure and manageable data platform. The service provides automatic updates, scaling, provisioning, backups, and monitoring, leaving developers free to focus on application design and optimization. + +## Table Usage Guide + +The `azure_sql_server` table provides insights into SQL Servers within Microsoft Azure. As a database administrator or developer, explore server-specific details through this table, including server versions, locations, configurations, and more. Utilize it to uncover information about servers, such as their current state, the number of databases, the firewall rules, and the performance tier. ## Examples ### List servers that have auditing disabled +Identify instances where auditing is disabled on Azure SQL servers. This is beneficial for enhancing security measures by pinpointing potential weaknesses in your server configurations. -```sql +```sql+postgres select name, id, @@ -18,9 +28,22 @@ where audit -> 'properties' ->> 'state' = 'Disabled'; ``` +```sql+sqlite +select + name, + id, + json_extract(audit.value, '$.properties.state') as audit_policy_state +from + azure_sql_server, + json_each(server_audit_policy) as audit +where + json_extract(audit.value, '$.properties.state') = 'Disabled'; +``` + ### List servers with an audit log retention period less than 90 days +Assess the elements within your system to identify servers that have an audit log retention period of less than 90 days. This is useful to ensure compliance with data retention policies and to identify potential risks associated with short retention periods. -```sql +```sql+postgres select name, id, @@ -32,9 +55,22 @@ where (audit -> 'properties' ->> 'retentionDays')::integer < 90; ``` +```sql+sqlite +select + name, + s.id, + json_extract(audit.value, '$.properties.retentionDays') as audit_policy_retention_days +from + azure_sql_server as s, + json_each(server_audit_policy) as audit +where + json_extract(audit.value, '$.properties.retentionDays') < 90; +``` + ### List servers that have advanced data security disabled +This query helps identify servers where advanced data security is turned off. This is useful for quickly pinpointing potential security risks in your server infrastructure. -```sql +```sql+postgres select name, id, @@ -46,9 +82,22 @@ where security -> 'properties' ->> 'state' = 'Disabled'; ``` +```sql+sqlite +select + name, + s.id, + json_extract(security.value, '$.properties.state') as security_alert_policy_state +from + azure_sql_server as s, + json_each(server_security_alert_policy) as security +where + json_extract(security.value, '$.properties.state') = 'Disabled'; +``` + ### List servers that have Advanced Threat Protection types set to All +Determine the areas in which Azure SQL servers have their Advanced Threat Protection set to 'All'. This can help to assess the security measures in place and identify any potential vulnerabilities. -```sql +```sql+postgres select name, id, @@ -63,9 +112,34 @@ where and disabled_alerts = ''; ``` +```sql+sqlite +select + name, + s.id, + json_extract(security.value, '$.properties.disabledAlerts') as security_alert_policy_state +from + azure_sql_server as s, + json_each(server_security_alert_policy) as security, + json_each(json_extract(security.value, '$.properties.disabledAlerts')) as disabled_alerts +where + json_array_length(json_extract(security.value, '$.properties.disabledAlerts')) = 1 + and disabled_alerts.value = ''; +``` + ### List servers that do not have an Active Directory admin set +Identify Azure SQL servers that are potentially vulnerable due to the absence of an Active Directory administrator. This can help in enhancing security by ensuring all servers have designated administrators. + +```sql+postgres +select + name, + id +from + azure_sql_server +where + server_azure_ad_administrator is null; +``` -```sql +```sql+sqlite select name, id @@ -76,8 +150,9 @@ where ``` ### List servers for which TDE protector is encrypted with the service-managed key +Determine the servers where the Transparent Data Encryption (TDE) protector is encrypted using a service-managed key. This is useful for understanding your server's encryption setup and ensuring it aligns with your organization's security policies. -```sql +```sql+postgres select name, id, @@ -88,3 +163,15 @@ from where encryption ->> 'kind' = 'servicemanaged'; ``` + +```sql+sqlite +select + name, + id, + json_extract(encryption.value, '$.kind') as encryption_protector_kind +from + azure_sql_server, + json_each(encryption_protector) as encryption +where + json_extract(encryption.value, '$.kind') = 'servicemanaged'; +``` \ No newline at end of file diff --git a/docs/tables/azure_storage_account.md b/docs/tables/azure_storage_account.md index a73a6e8a..df68e52a 100644 --- a/docs/tables/azure_storage_account.md +++ b/docs/tables/azure_storage_account.md @@ -1,12 +1,33 @@ -# Table: azure_storage_account +--- +title: "Steampipe Table: azure_storage_account - Query Azure Storage Accounts using SQL" +description: "Allows users to query Azure Storage Accounts, providing detailed information about each storage account within the Azure subscription." +--- -An Azure storage account contains all of your Azure Storage data objects: blobs, files, queues, tables, and disks. +# Table: azure_storage_account - Query Azure Storage Accounts using SQL + +Azure Storage Account is a service within Microsoft Azure that provides scalable and secure data storage. It offers services like Blob Storage, File Storage, Queue Storage, and Table Storage. Azure Storage Account supports both Standard and Premium storage account types, allowing users to store large amounts of unstructured and structured data. + +## Table Usage Guide + +The `azure_storage_account` table provides insights into Storage Accounts within Microsoft Azure. As a Cloud Architect or DevOps engineer, explore account-specific details through this table, including the storage account type, creation date, access tier, and associated metadata. Utilize it to uncover information about storage accounts, such as their replication strategy, the network rules set, and the status of secure transfer. ## Examples ### Basic info +Explore the different tiers and locations of your Azure storage accounts. This can help you understand your storage distribution and make informed decisions about resource allocation. + +```sql+postgres +select + name, + sku_name, + sku_tier, + primary_location, + secondary_location +from + azure_storage_account; +``` -```sql +```sql+sqlite select name, sku_name, @@ -18,8 +39,9 @@ from ``` ### List storage accounts with versioning disabled +Explore which Azure storage accounts have not enabled blob versioning. This is useful for identifying potential vulnerabilities in data backup and recovery systems. -```sql +```sql+postgres select name, blob_versioning_enabled @@ -29,9 +51,31 @@ where not blob_versioning_enabled; ``` +```sql+sqlite +select + name, + blob_versioning_enabled +from + azure_storage_account +where + blob_versioning_enabled is not 1; +``` + ### List storage accounts with blob soft delete disabled +Determine the areas in which storage accounts have the blob soft delete feature disabled. This is useful for identifying potential risk points where data might be permanently lost if accidentally deleted. + +```sql+postgres +select + name, + blob_soft_delete_enabled, + blob_soft_delete_retention_days +from + azure_storage_account +where + not blob_soft_delete_enabled; +``` -```sql +```sql+sqlite select name, blob_soft_delete_enabled, @@ -43,8 +87,19 @@ where ``` ### List storage accounts that allow blob public access +Determine the areas in which your Azure storage accounts are configured to allow public access to blobs. This can be used to identify potential security risks and ensure appropriate access controls are in place. + +```sql+postgres +select + name, + allow_blob_public_access +from + azure_storage_account +where + allow_blob_public_access; +``` -```sql +```sql+sqlite select name, allow_blob_public_access @@ -55,8 +110,9 @@ where ``` ### List storage accounts with encryption in transit disabled +Determine the areas in which data security may be compromised due to the lack of encryption during data transit in your Azure storage accounts. This query is useful to identify potential vulnerabilities and enhance your security measures. -```sql +```sql+postgres select name, enable_https_traffic_only @@ -66,9 +122,36 @@ where not enable_https_traffic_only; ``` +```sql+sqlite +select + name, + enable_https_traffic_only +from + azure_storage_account +where + enable_https_traffic_only = 0; +``` + ### List storage accounts that do not have a cannot-delete lock +Determine the areas in which storage accounts in Azure lack a 'cannot-delete' lock, which could potentially leave them vulnerable to unintentional deletion or modification. This query is useful for identifying and rectifying potential security risks within your storage management system. + +```sql+postgres +select + sg.name, + ml.scope, + ml.lock_level, + ml.notes +from + azure_storage_account as sg + left join azure_management_lock as ml on lower(sg.id) = lower(ml.scope) +where + ( + (ml.lock_level is null) + or(ml.lock_level = 'ReadOnly') + ); +``` -```sql +```sql+sqlite select sg.name, ml.scope, @@ -85,8 +168,9 @@ where ``` ### List storage accounts with queue logging enabled +Discover the segments that have all types of queue logging enabled in their Azure storage accounts. This is useful to assess the storage accounts that are actively tracking and recording all queue activities for auditing or troubleshooting purposes. -```sql +```sql+postgres select name, queue_logging_delete, @@ -100,9 +184,24 @@ where and queue_logging_write; ``` +```sql+sqlite +select + name, + queue_logging_delete, + queue_logging_read, + queue_logging_write +from + azure_storage_account +where + queue_logging_delete = 1 + and queue_logging_read = 1 + and queue_logging_write = 1; +``` + ### List storage accounts without lifecycle +Determine the storage accounts that lack a lifecycle management policy. This is useful for identifying potential risks or inefficiencies related to data retention and storage management. -```sql +```sql+postgres select name, lifecycle_management_policy -> 'properties' -> 'policy' -> 'rules' as lifecycle_rules @@ -112,9 +211,20 @@ where lifecycle_management_policy -> 'properties' -> 'policy' -> 'rules' is null; ``` +```sql+sqlite +select + name, + json_extract(lifecycle_management_policy, '$.properties.policy.rules') as lifecycle_rules +from + azure_storage_account +where + json_extract(lifecycle_management_policy, '$.properties.policy.rules') is null; +``` + ### List diagnostic settings details +Explore the diagnostic settings of your Azure storage accounts to gain insights into their configurations. This is beneficial to ensure optimal settings are in use for efficient data storage and management. -```sql +```sql+postgres select name, jsonb_pretty(diagnostic_settings) as diagnostic_settings @@ -122,9 +232,32 @@ from azure_storage_account; ``` +```sql+sqlite +select + name, + diagnostic_settings +from + azure_storage_account; +``` + ### List storage accounts with replication but unavailable secondary +Determine the areas in which Azure storage accounts have available primary status but unavailable secondary status, specifically within the 'Standard_GRS' and 'Standard_RAGRS' SKU categories. This is useful for identifying potential risk areas in your storage infrastructure where data replication might not be functioning as expected. + +```sql+postgres +select + name, + status_of_primary, + status_of_secondary, + sku_name +from + azure_storage_account +where + status_of_primary = 'available' + and status_of_secondary != 'available' + and sku_name in ('Standard_GRS', 'Standard_RAGRS'); +``` -```sql +```sql+sqlite select name, status_of_primary, @@ -135,12 +268,13 @@ from where status_of_primary = 'available' and status_of_secondary != 'available' - and sku_name in ('Standard_GRS', 'Standard_RAGRS') + and sku_name in ('Standard_GRS', 'Standard_RAGRS'); ``` ### Get table properties of storage accounts +Explore the properties of your storage accounts to gain insights into their configuration. This can help you understand and manage your access and retention policies, as well as monitor their usage metrics. -```sql +```sql+postgres select name, table_properties -> 'Cors' as table_logging_cors, @@ -159,4 +293,25 @@ select table_properties -> 'MinuteMetrics' -> 'RetentionPolicy' as table_minute_metrics_retention_policy from azure_storage_account; +``` + +```sql+sqlite +select + name, + json_extract(table_properties, '$.Cors') as table_logging_cors, + json_extract(table_properties, '$.Logging.Read') as table_logging_read, + json_extract(table_properties, '$.Logging.Write') as table_logging_write, + json_extract(table_properties, '$.Logging.Delete') as table_logging_delete, + json_extract(table_properties, '$.Logging.Version') as table_logging_version, + json_extract(table_properties, '$.Logging.RetentionPolicy') as table_logging_retention_policy, + json_extract(table_properties, '$.HourMetrics.Enabled') as table_hour_metrics_enabled, + json_extract(table_properties, '$.HourMetrics.IncludeAPIs') as table_hour_metrics_include_ap_is, + json_extract(table_properties, '$.HourMetrics.Version') as table_hour_metrics_version, + json_extract(table_properties, '$.HourMetrics.RetentionPolicy') as table_hour_metrics_retention_policy, + json_extract(table_properties, '$.MinuteMetrics.Enabled') as table_minute_metrics_enabled, + json_extract(table_properties, '$.MinuteMetrics.IncludeAPIs') as table_minute_metrics_include_ap_is, + json_extract(table_properties, '$.MinuteMetrics.Version') as table_minute_metrics_version, + json_extract(table_properties, '$.MinuteMetrics.RetentionPolicy') as table_minute_metrics_retention_policy +from + azure_storage_account; ``` \ No newline at end of file diff --git a/docs/tables/azure_storage_blob.md b/docs/tables/azure_storage_blob.md index f855fd30..9cb8c0f5 100644 --- a/docs/tables/azure_storage_blob.md +++ b/docs/tables/azure_storage_blob.md @@ -1,12 +1,38 @@ -# Table: azure_storage_blob +--- +title: "Steampipe Table: azure_storage_blob - Query Azure Storage Blobs using SQL" +description: "Allows users to query Azure Storage Blobs, specifically providing information about blob properties, blob metadata, and blob service properties." +--- -Azure Blob Storage helps you create data lakes for your analytics needs and provides storage to build powerful cloud-native and mobile apps. Optimise costs with tiered storage for your long-term data and flexibly scale up for high-performance computing and machine learning workloads. +# Table: azure_storage_blob - Query Azure Storage Blobs using SQL + +Azure Storage Blobs are objects in Azure Storage which can hold large amounts of text or binary data, ranging from hundreds of gigabytes to a petabyte. They are ideal for storing documents, videos, pictures, backups, and other unstructured text or binary data. Azure Storage Blobs are part of the Azure Storage service, which provides scalable, durable, and highly available storage for data. + +## Table Usage Guide + +The `azure_storage_blob` table provides insights into the blobs within Azure Storage. As a data analyst or a data engineer, you can explore blob-specific details through this table, including blob properties, blob metadata, and blob service properties. Utilize it to uncover information about blobs, such as those with public access, the types of blobs, and the verification of service properties. ## Examples ### Basic info +Explore which storage blobs within a specific resource group, storage account, and region in Azure. This is particularly useful to gain insights into your Azure storage configuration and identify instances where snapshots are being used. + +```sql+postgres +select + name, + container_name, + storage_account_name, + region, + type, + is_snapshot +from + azure_storage_blob +where + resource_group = 'turbot' + and storage_account_name = 'mystorageaccount' + and region = 'eastus'; +``` -```sql +```sql+sqlite select name, container_name, @@ -23,8 +49,9 @@ where ``` ### List snapshot type blobs with import data +Explore the snapshot type blobs that have imported data in a specific Azure storage account and resource group. This can be useful for auditing purposes, such as ensuring that sensitive data is properly encrypted and stored in the correct region. -```sql +```sql+postgres select name, type, @@ -44,3 +71,24 @@ where and region = 'eastus' and is_snapshot; ``` + +```sql+sqlite +select + name, + type, + access_tier, + server_encrypted, + metadata, + creation_time, + container_name, + storage_account_name, + resource_group, + region +from + azure_storage_blob +where + resource_group = 'turbot' + and storage_account_name = 'mystorageaccount' + and region = 'eastus' + and is_snapshot = 1; +``` \ No newline at end of file diff --git a/docs/tables/azure_storage_blob_service.md b/docs/tables/azure_storage_blob_service.md index 85978986..facd0344 100644 --- a/docs/tables/azure_storage_blob_service.md +++ b/docs/tables/azure_storage_blob_service.md @@ -1,12 +1,33 @@ -# Table: azure_storage_blob_service +--- +title: "Steampipe Table: azure_storage_blob_service - Query Azure Storage Blob Services using SQL" +description: "Allows users to query Azure Storage Blob Services, providing insights into storage accounts and their blob service properties." +--- -The properties of a storage account's Blob service endpoint, including properties for Storage Analytics, CORS (Cross-Origin Resource Sharing) rules and soft delete settings. +# Table: azure_storage_blob_service - Query Azure Storage Blob Services using SQL + +Azure Storage Blob Service is a feature within Microsoft Azure that provides scalable, secure, performance-efficient storage for unstructured data. It is optimized for storing massive amounts of unstructured data, such as text or binary data, that can be accessed globally via HTTP or HTTPS. The service includes features to process data and build sophisticated analytics solutions, recover from disaster, and archive data. + +## Table Usage Guide + +The `azure_storage_blob_service` table provides insights into Azure Storage Blob Services within Microsoft Azure. As a data analyst or storage administrator, explore blob service-specific details through this table, including storage account name, resource group, and associated metadata. Utilize it to uncover information about blob services, such as default service version, change feed enabled status, and delete retention policy details. ## Examples ### Basic info +Analyze the settings to understand the distribution of your Azure storage blob services across different regions, their associated storage accounts, and their respective pricing tiers. This can help in optimizing resource allocation and cost management. -```sql +```sql+postgres +select + name, + storage_account_name, + region, + sku_name, + sku_tier +from + azure_storage_blob_service; +``` + +```sql+sqlite select name, storage_account_name, @@ -18,8 +39,9 @@ from ``` ### List of storage blob service where delete retention policy is not enabled +Identify Azure storage blob services that have not enabled the delete retention policy. This query is useful for pinpointing potential areas of risk where deleted data cannot be recovered. -```sql +```sql+postgres select name, storage_account_name, @@ -30,9 +52,32 @@ where delete_retention_policy -> 'enabled' = 'false'; ``` +```sql+sqlite +select + name, + storage_account_name, + json_extract(delete_retention_policy, '$.enabled') as delete_retention_policy_enabled +from + azure_storage_blob_service +where + json_extract(delete_retention_policy, '$.enabled') = 'false'; +``` + ### List of storage blob service where versioning is not enabled +Explore which Azure storage blob services do not have versioning enabled. This is useful in identifying potential data loss risks due to accidental deletion or overwriting. + +```sql+postgres +select + name, + storage_account_name, + is_versioning_enabled +from + azure_storage_blob_service +where + not is_versioning_enabled; +``` -```sql +```sql+sqlite select name, storage_account_name, @@ -44,8 +89,9 @@ where ``` ### CORS rules info for storage blob service +This query is useful for gaining insights into the Cross-Origin Resource Sharing (CORS) rules set up for Azure's storage blob service. It's a practical tool for understanding what headers and methods are permitted, which headers are exposed, and the maximum age for these settings, thereby aiding in ensuring secure and efficient data transfers. -```sql +```sql+postgres select name, storage_account_name, @@ -57,4 +103,18 @@ select from azure_storage_blob_service cross join jsonb_array_elements(cors_rules) as cors; +``` + +```sql+sqlite +select + name, + storage_account_name, + json_extract(cors.value, '$.allowedHeaders') as allowed_headers, + json_extract(cors.value, '$.allowedMethods') as allowed_methods, + json_extract(cors.value, '$.allowedMethods') as allowed_methods, + json_extract(cors.value, '$.exposedHeaders') as exposed_headers, + json_extract(cors.value, '$.maxAgeInSeconds') as max_age_in_seconds +from + azure_storage_blob_service, + json_each(cors_rules) as cors; ``` \ No newline at end of file diff --git a/docs/tables/azure_storage_container.md b/docs/tables/azure_storage_container.md index 98bf3d4f..bd52c856 100644 --- a/docs/tables/azure_storage_container.md +++ b/docs/tables/azure_storage_container.md @@ -1,12 +1,32 @@ -# Table: azure_storage_container +--- +title: "Steampipe Table: azure_storage_container - Query Azure Storage Containers using SQL" +description: "Allows users to query Azure Storage Containers. The table provides details about each container in the Azure Storage Account, including metadata, public access level, and more." +--- -A container organizes a set of blobs, similar to a directory in a file system. A storage account can include an unlimited number of containers, and a container can store an unlimited number of blobs. +# Table: azure_storage_container - Query Azure Storage Containers using SQL + +Azure Storage Containers are a part of Azure Blob Storage service. They are used to organize blobs in a similar way as a directory in a file system. Containers provide a grouping of a set of blobs, and all blobs must be in a container. + +## Table Usage Guide + +The `azure_storage_container` table provides insights into Azure Storage Containers within Azure Blob Storage service. As a data engineer, explore container-specific details through this table, including metadata, public access level, and more. Utilize it to uncover information about containers, such as those with public access, the metadata associated with containers, and the verification of access policies. ## Examples ### Basic info +Explore which Azure storage containers are linked to your account. This can help in managing resources and identifying potential areas for optimization or restructuring. + +```sql+postgres +select + name, + id, + type, + account_name +from + azure_storage_container; +``` -```sql +```sql+sqlite select name, id, @@ -17,8 +37,22 @@ from ``` ### List containers which are publicly accessible +Explore which Azure storage containers are set to public access, allowing you to identify potential security risks and rectify them to prevent unauthorized access to sensitive data. + +```sql+postgres +select + name, + id, + type, + account_name, + public_access +from + azure_storage_container +where + public_access <> 'None'; +``` -```sql +```sql+sqlite select name, id, @@ -32,8 +66,9 @@ where ``` ### List containers with legal hold enabled +Discover the segments that have legal hold enabled in their Azure storage containers. This is beneficial for understanding which areas have additional data preservation measures in place for legal or compliance reasons. -```sql +```sql+postgres select name, id, @@ -46,9 +81,37 @@ where has_legal_hold; ``` +```sql+sqlite +select + name, + id, + type, + account_name, + has_legal_hold +from + azure_storage_container +where + has_legal_hold = 1; +``` + ### List containers which are either leased or have a broken lease state +Determine the areas in which Azure storage containers are either currently leased or have a broken lease state. This is useful for managing resources and identifying potential issues with container leases. -```sql +```sql+postgres +select + name, + id, + type, + account_name, + lease_state +from + azure_storage_container +where + lease_state = 'Leased' + or lease_state = 'Broken'; +``` + +```sql+sqlite select name, id, @@ -63,8 +126,22 @@ where ``` ### List containers with infinite lease duration +Discover the segments that have an unlimited lease duration in Azure Storage, helping you identify potential areas for cost optimization and better resource management. + +```sql+postgres +select + name, + id, + type, + account_name, + lease_duration +from + azure_storage_container +where + lease_duration = 'Infinite'; +``` -```sql +```sql+sqlite select name, id, @@ -78,8 +155,22 @@ where ``` ### List containers with a remaining retention period of 7 days +Determine the areas in which Azure storage containers are nearing the end of their retention period. This is useful for proactive management of storage resources, allowing you to take timely action before the containers expire. -```sql +```sql+postgres +select + name, + id, + type, + account_name, + remaining_retention_days +from + azure_storage_container +where + remaining_retention_days = 7; +``` + +```sql+sqlite select name, id, @@ -93,12 +184,22 @@ where ``` ### List containers ImmutabilityPolicy details +Analyze the settings to understand the immutability policies of your Azure storage containers. This can help you manage data retention and protect your data from being modified or deleted. -```sql +```sql+postgres select name, account_name, jsonb_pretty(immutability_policy) as immutability_policy from azure_storage_container; +``` + +```sql+sqlite +select + name, + account_name, + immutability_policy +from + azure_storage_container; ``` \ No newline at end of file diff --git a/docs/tables/azure_storage_queue.md b/docs/tables/azure_storage_queue.md index e0f63bc2..6ca8c02d 100644 --- a/docs/tables/azure_storage_queue.md +++ b/docs/tables/azure_storage_queue.md @@ -1,12 +1,22 @@ -# Table: azure_storage_queue +--- +title: "Steampipe Table: azure_storage_queue - Query Azure Storage Queues using SQL" +description: "Allows users to query Azure Storage Queues, specifically to obtain detailed information about the queues, including metadata, message count, and status." +--- -Azure Queue Storage is a service for storing large numbers of messages which allows to access messages from anywhere in the world via authenticated calls using HTTP or HTTPS. +# Table: azure_storage_queue - Query Azure Storage Queues using SQL + +Azure Storage Queues is a service in Microsoft Azure that provides reliable messaging between and within services. It allows for asynchronous message queuing between application components, whether they are running in the cloud, on the desktop, on-premises, or on mobile devices. Azure Storage Queues simplifies the development of large-scale distributed applications, providing a loosely coupled architecture for improved scalability and reliability. + +## Table Usage Guide + +The `azure_storage_queue` table provides insights into Azure Storage Queues within Microsoft Azure. As a developer or system administrator, you can explore queue-specific details through this table, including metadata, message count, and status. Utilize it to uncover information about queues, such as those with high message counts, and to monitor the status of queues for improved scalability and reliability. ## Examples ### List of queues and their corresponding storage accounts +Explore which Azure storage queues are linked to specific storage accounts and understand their geographical distribution. This can help in managing resources and optimizing storage strategies. -```sql +```sql+postgres select name as queue_name, storage_account_name, @@ -15,10 +25,19 @@ from azure_storage_queue; ``` +```sql+sqlite +select + name as queue_name, + storage_account_name, + region +from + azure_storage_queue; +``` ### List of storage queues without owner tag key +Determine the areas in which Azure application security groups lack an 'owner' tag key. This helps to identify resources that may not be properly managed or tracked. -```sql +```sql+postgres select name, tags @@ -26,4 +45,14 @@ from azure_application_security_group where not tags :: JSONB ? 'owner'; +``` + +```sql+sqlite +select + name, + tags +from + azure_application_security_group +where + json_extract(tags, '$.owner') is null; ``` \ No newline at end of file diff --git a/docs/tables/azure_storage_share_file.md b/docs/tables/azure_storage_share_file.md index 10780318..bf6a9237 100644 --- a/docs/tables/azure_storage_share_file.md +++ b/docs/tables/azure_storage_share_file.md @@ -1,12 +1,34 @@ -# Table: azure_storage_share_file +--- +title: "Steampipe Table: azure_storage_share_file - Query Azure Storage Files using SQL" +description: "Allows users to query Azure Storage Files, specifically retrieving details such as file name, share name, content length, last modified time, and more." +--- -Azure Files is Microsoft's easy-to-use cloud file system. Azure file shares can be mounted in Windows, Linux, and macOS. +# Table: azure_storage_share_file - Query Azure Storage Files using SQL + +Azure Storage Files is a service within Microsoft Azure that offers fully managed file shares in the cloud accessible via the industry-standard Server Message Block (SMB) protocol. Azure file shares can be mounted concurrently by cloud or on-premises deployments of Windows, Linux, and macOS. It provides a simple, secure, and scalable solution for sharing data between applications running in your virtual machines. + +## Table Usage Guide + +The `azure_storage_share_file` table provides insights into Azure Storage Files within Microsoft Azure. As a DevOps engineer, explore file-specific details through this table, including file name, share name, content length, last modified time, and more. Utilize it to uncover information about files, such as those with large content length, the shares they are associated with, and their last modified time. ## Examples ### Basic info +Explore the settings and configurations of your Azure storage shares to understand their storage capacity and accessibility. This can help in optimizing storage usage and ensuring the right protocols are enabled for secure and efficient data access. + +```sql+postgres +select + name, + storage_account_name, + type, + access_tier, + share_quota, + enabled_protocols +from + azure_storage_share_file; +``` -```sql +```sql+sqlite select name, storage_account_name, @@ -19,8 +41,24 @@ from ``` ### List file shares with default access tier +Determine the areas in which file shares are set to the default 'TransactionOptimized' access tier in Azure storage. This can help identify potential areas for optimization and cost savings. -```sql +```sql+postgres +select + name, + storage_account_name, + type, + access_tier, + access_tier_change_time, + share_quota, + enabled_protocols +from + azure_storage_share_file +where + access_tier = 'TransactionOptimized'; +``` + +```sql+sqlite select name, storage_account_name, @@ -36,8 +74,9 @@ where ``` ### Get file share with maximum share quota +Explore which file share within your Azure storage has the maximum quota. This is useful for understanding your storage usage and managing resources effectively. -```sql +```sql+postgres select name, storage_account_name, @@ -48,5 +87,21 @@ select enabled_protocols from azure_storage_share_file -order by share_quota desc limit 1; +order by + share_quota desc limit 1; ``` + +```sql+sqlite +select + name, + storage_account_name, + type, + access_tier, + access_tier_change_time, + share_quota, + enabled_protocols +from + azure_storage_share_file +order by + share_quota desc limit 1; +``` \ No newline at end of file diff --git a/docs/tables/azure_storage_sync.md b/docs/tables/azure_storage_sync.md index 41eefcf5..dd52573d 100644 --- a/docs/tables/azure_storage_sync.md +++ b/docs/tables/azure_storage_sync.md @@ -1,12 +1,32 @@ -# Table: azure_storage_sync +--- +title: "Steampipe Table: azure_storage_sync - Query Azure Storage Sync Services using SQL" +description: "Allows users to query Azure Storage Sync Services, specifically the synchronization details between Azure Blob storage and on-premises servers." +--- -Azure File Sync is a service that allows you to cache several Azure file shares on an on-premises Windows Server or cloud VM. +# Table: azure_storage_sync - Query Azure Storage Sync Services using SQL + +Azure Storage Sync Service is a feature within Microsoft Azure that enables synchronization of data across different Azure File shares. It allows for centralizing file services in Azure while maintaining local access to data. The service provides multi-site access, cloud tiering, integrated management, and change detection. + +## Table Usage Guide + +The `azure_storage_sync` table provides insights into Azure Storage Sync Services within Microsoft Azure. As a DevOps engineer, explore synchronization details through this table, including the sync group, registered servers, and associated metadata. Utilize it to uncover information about the synchronization status, such as those with pending synchronization, the relationships between servers, and the verification of synchronization activities. ## Examples ### Basic info +Determine the areas in which Azure's storage synchronization service is being utilized, along with its provisioning status. This can be useful for understanding the distribution and status of storage sync services across your Azure environment. + +```sql+postgres +select + name, + id, + type, + provisioning_state +from + azure_storage_sync; +``` -```sql +```sql+sqlite select name, id, @@ -17,8 +37,22 @@ from ``` ### List storage sync which allows traffic through private endpoints only +Identify Azure storage syncs configured to accept incoming traffic solely through private network endpoints. This can be useful for maintaining security by ensuring data is only accessible within specific, controlled network environments. + +```sql+postgres +select + name, + id, + type, + provisioning_state, + incoming_traffic_policy +from + azure_storage_sync +where + incoming_traffic_policy = 'AllowVirtualNetworksOnly'; +``` -```sql +```sql+sqlite select name, id, @@ -32,8 +66,9 @@ where ``` ### List private endpoint connection details for accounts +This query allows you to explore the details of private endpoint connections associated with your accounts. It's particularly useful for gaining insights into the connection state and type, which can help assess the security and functionality of your data synchronization service. -```sql +```sql+postgres select name, id, @@ -46,3 +81,17 @@ from azure_storage_sync, jsonb_array_elements(private_endpoint_connections) as connections; ``` + +```sql+sqlite +select + name, + s.id, + json_extract(connections.value, '$.ID') as connection_id, + json_extract(connections.value, '$.Name') as connection_name, + json_extract(connections.value, '$.PrivateEndpointPropertyID') as property_private_endpoint_id, + connections.value as property_private_link_service_connection_state, + json_extract(connections.value, '$.Type') as connection_type +from + azure_storage_sync as s, + json_each(private_endpoint_connections) as connections; +``` \ No newline at end of file diff --git a/docs/tables/azure_storage_table.md b/docs/tables/azure_storage_table.md index f49426ec..a4cf446c 100644 --- a/docs/tables/azure_storage_table.md +++ b/docs/tables/azure_storage_table.md @@ -1,12 +1,22 @@ -# Table: azure_storage_table +--- +title: "Steampipe Table: azure_storage_table - Query Azure Storage Tables using SQL" +description: "Allows users to query Azure Storage Tables, providing details about each table's properties, including metadata, resource group, and subscription." +--- -Azure Table storage is a service that stores structured NoSQL data in the cloud, providing a key/attribute store with a schema less design. +# Table: azure_storage_table - Query Azure Storage Tables using SQL + +Azure Storage Table is a service in Microsoft Azure that stores structured NoSQL data in the cloud, providing a key/attribute store with a schemaless design. Azure Table storage is now part of Azure Cosmos DB. Because Table storage is schemaless, it's easy to adapt your data as the needs of your application evolve. + +## Table Usage Guide + +The `azure_storage_table` table provides insights into Azure Storage Tables within Microsoft Azure. As a DevOps engineer, explore table-specific details through this table, including metadata, resource group, and subscription. Utilize it to uncover information about tables, such as their properties, the resources they belong to, and the subscriptions they're part of. ## Examples ### Basic info +This query allows you to gain insights into your Azure storage tables, including their names, IDs, associated storage accounts, resource groups, regions, and subscription IDs. This can be particularly useful when assessing the organization and distribution of your storage resources across different Azure subscriptions and regions. -```sql +```sql+postgres select name, id, @@ -17,3 +27,15 @@ select from azure_storage_table; ``` + +```sql+sqlite +select + name, + id, + storage_account_name, + resource_group, + region, + subscription_id +from + azure_storage_table; +``` \ No newline at end of file diff --git a/docs/tables/azure_storage_table_service.md b/docs/tables/azure_storage_table_service.md index 4b564d93..602a0abf 100644 --- a/docs/tables/azure_storage_table_service.md +++ b/docs/tables/azure_storage_table_service.md @@ -1,12 +1,32 @@ -# Table: azure_storage_table_service +--- +title: "Steampipe Table: azure_storage_table_service - Query Azure Storage Table Services using SQL" +description: "Allows users to query Azure Storage Table Services, specifically the details of a table service within a storage account, providing insights into its properties and settings." +--- -The properties of a storage account’s Table service endpoint, including properties for Storage Analytics and CORS (Cross-Origin Resource Sharing) rules. +# Table: azure_storage_table_service - Query Azure Storage Table Services using SQL + +Azure Storage Table Service is a NoSQL datastore providing a key/attribute store with a schemaless design. This service allows you to store large amounts of structured data, providing a flexible schema for data. Azure Storage Table Services are ideal for storing structured, non-relational data. + +## Table Usage Guide + +The `azure_storage_table_service` table provides insights into Azure Storage Table Services within Microsoft Azure. As a Data Engineer or Developer, you can explore service-specific details through this table, including properties, settings, and associated metadata. Utilize it to uncover information about table services, such as their properties, the storage account they belong to, and the configuration settings applied to them. ## Examples ### Basic info +Gain insights into the association between storage account names and their corresponding regions and resource groups. This information can be useful for managing resources and understanding the distribution of storage accounts across different regions and groups. -```sql +```sql+postgres +select + name, + storage_account_name, + region, + resource_group +from + azure_storage_table_service; +``` + +```sql+sqlite select name, storage_account_name, @@ -17,8 +37,9 @@ from ``` ### CORS rules info of each storage table service +Explore the Cross-Origin Resource Sharing (CORS) rules of your Azure Storage Table services. This query helps you understand the CORS configurations in place, including allowed headers, methods, origins, exposed headers, and the maximum age in seconds, providing insights into how your resources interact with requests from different origins. -```sql +```sql+postgres select name, storage_account_name, @@ -30,4 +51,18 @@ select from azure_storage_table_service, jsonb_array_elements(cors_rules) as cors; +``` + +```sql+sqlite +select + name, + storage_account_name, + json_extract(cors.value, '$.allowedHeaders') as allowed_headers, + json_extract(cors.value, '$.allowedMethods') as allowed_methods, + json_extract(cors.value, '$.allowedOrigins') as allowed_origins, + json_extract(cors.value, '$.exposedHeaders') as exposed_headers, + json_extract(cors.value, '$.maxAgeInSeconds') as max_age_in_seconds +from + azure_storage_table_service, + json_each(cors_rules) as cors; ``` \ No newline at end of file diff --git a/docs/tables/azure_stream_analytics_job.md b/docs/tables/azure_stream_analytics_job.md index f3a5eeda..9649c594 100644 --- a/docs/tables/azure_stream_analytics_job.md +++ b/docs/tables/azure_stream_analytics_job.md @@ -1,12 +1,34 @@ -# Table: azure_stream_analytics_job +--- +title: "Steampipe Table: azure_stream_analytics_job - Query Azure Stream Analytics Jobs using SQL" +description: "Allows users to query Azure Stream Analytics Jobs, providing insights into their configurations, statuses, and other associated details." +--- -An Azure Stream Analytics job consists of an input, query, and an output. Stream Analytics ingests data from Azure Event Hubs (including Azure Event Hubs from Apache Kafka), Azure IoT Hub, or Azure Blob Storage. The query, which is based on SQL query language, can be used to easily filter, sort, aggregate, and join streaming data over a period of time. +# Table: azure_stream_analytics_job - Query Azure Stream Analytics Jobs using SQL + +Azure Stream Analytics is a real-time analytics service that allows you to analyze and visualize streaming data from various sources such as devices, sensors, websites, social media feeds, and applications. It enables you to set up real-time analytic computations on streaming data which can be used for anomaly detection, live dashboarding, and alerts among other scenarios. This service is designed to process and analyze high volumes of fast streaming data from multiple streams simultaneously. + +## Table Usage Guide + +The `azure_stream_analytics_job` table provides insights into Stream Analytics Jobs within Azure. As a data analyst or data scientist, you can explore job-specific details through this table, including job configurations, input and output details, and transformation queries. Utilize it to monitor the status and health of your Stream Analytics Jobs, understand their configurations, and ensure they are processing data as expected. ## Examples ### Basic info +Explore which stream analytics jobs are currently running in your Azure environment. This allows you to gain insights on job states and distribution across different regions and subscriptions, helping you manage resource allocation and monitor job performance. + +```sql+postgres +select + name, + id, + job_id, + job_state, + region, + subscription_id +from + azure_stream_analytics_job; +``` -```sql +```sql+sqlite select name, id, @@ -19,8 +41,22 @@ from ``` ### List failed stream analytics jobs +Determine the areas in which stream analytics jobs have failed, enabling you to focus on troubleshooting and rectifying those specific regions. This query is particularly useful for maintaining the efficiency of your Azure Stream Analytics. + +```sql+postgres +select + name, + id, + type, + provisioning_state, + region +from + azure_stream_analytics_job +where + provisioning_state = 'Failed'; +``` -```sql +```sql+sqlite select name, id, diff --git a/docs/tables/azure_subnet.md b/docs/tables/azure_subnet.md index 58ae4e44..832a0f3f 100644 --- a/docs/tables/azure_subnet.md +++ b/docs/tables/azure_subnet.md @@ -1,25 +1,45 @@ -# Table: azure_subnet +--- +title: "Steampipe Table: azure_subnet - Query Azure Subnets using SQL" +description: "Allows users to query Azure Subnets, providing detailed information about each subnet within Azure Virtual Networks." +--- -A subnet is a range of IP addresses in the VNet. You can divide a VNet into multiple subnets for organization and security +# Table: azure_subnet - Query Azure Subnets using SQL + +Azure Subnets are subdivisions of Azure Virtual Networks, which provide a range of IP addresses that can be used by resources. They allow for the segmentation of networks within Azure, which can enhance security and traffic management. Subnets can be associated with Network Security Groups and Route Tables to further customize network traffic rules. + +## Table Usage Guide + +The `azure_subnet` table provides insights into Azure Subnets within Azure Virtual Networks. As a network administrator, you can explore subnet-specific details through this table, including associated Network Security Groups, Route Tables, and IP configurations. Utilize it to manage and monitor your network segmentation, ensuring optimal security and traffic flow within your Azure environment. ## Examples ### Virtual network and IP address range of each subnet +Determine the areas in which your Azure virtual networks are deployed and gain insights into the IP address range of each subnet. This can help in managing network configurations and ensuring optimal resource allocation across different regions. + +```sql+postgres +select + name, + virtual_network_name, + address_prefix, + resource_group +from + azure_subnet; +``` -```sql +```sql+sqlite select name, virtual_network_name, address_prefix, - region, resource_group from azure_subnet; ``` ### Route table associated with each subnet +Determine the areas in which subnets and their associated route tables exist in Azure. This information can be useful to understand the routing of network traffic within your Azure environment. -```sql +```sql+postgres select st.name subnet_name, st.virtual_network_name, @@ -31,9 +51,24 @@ from join azure_subnet st on rt.id = st.route_table_id; ``` +```sql+sqlite +select + st.name as subnet_name, + st.virtual_network_name, + rt.name as route_table_name, + json_extract(route.value, '$.properties.addressPrefix') as route_address_prefix, + json_extract(route.value, '$.properties.nextHopType') as route_next_hop_type +from + azure_route_table as rt, + json_each(rt.routes) as route +join + azure_subnet as st on rt.id = st.route_table_id; +``` + ### Network security group associated with each subnet +Explore the association between each subnet and its network security group to understand how your Azure network's security is structured. This can help identify potential vulnerabilities or areas for improvement in your network's security configuration. -```sql +```sql+postgres select name subnet_name, virtual_network_name, @@ -42,9 +77,14 @@ from azure_subnet; ``` +```sql+sqlite +Error: SQLite does not support split_part function. +``` + ### Service endpoints info of each subnet +Analyze the settings to understand the service endpoints for each subnet within your Azure environment. This can be useful to identify which services are accessible in specific locations, helping to manage network security and connectivity. -```sql +```sql+postgres select name, endpoint -> 'locations' as location, @@ -53,3 +93,13 @@ from azure_subnet cross join jsonb_array_elements(service_endpoints) as endpoint; ``` + +```sql+sqlite +select + name, + json_extract(endpoint.value, '$.locations') as location, + json_extract(endpoint.value, '$.service') as service +from + azure_subnet, + json_each(service_endpoints) as endpoint; +``` \ No newline at end of file diff --git a/docs/tables/azure_subscription.md b/docs/tables/azure_subscription.md index ce75135d..e6dbe7f2 100644 --- a/docs/tables/azure_subscription.md +++ b/docs/tables/azure_subscription.md @@ -1,12 +1,22 @@ -# Table: azure_subscription +--- +title: "Steampipe Table: azure_subscription - Query Azure Subscriptions using SQL" +description: "Allows users to query Azure Subscriptions, providing insights into subscription details, including subscription IDs, names, states, and tenants." +--- -An Azure subscription is a logical container used to provision resources in Azure. +# Table: azure_subscription - Query Azure Subscriptions using SQL + +Azure Subscriptions act as a logical container for resources deployed on Microsoft Azure. They provide a mechanism to organize access to Azure resources, manage costs, and track billing. Each Azure Subscription can have a different billing and payment setup, allowing flexibility in how users and organizations pay for the usage of Azure Services. + +## Table Usage Guide + +The `azure_subscription` table provides insights into Azure Subscriptions within Microsoft Azure. As a cloud architect or administrator, explore subscription-specific details through this table, including subscription IDs, names, states, and tenants. Utilize it to manage and organize access to Azure resources, track billing, and understand the cost management setup across different subscriptions. ## Examples ### Basic info +Explore the status and policies of your Azure subscriptions to understand their current state and source of authorization. This can help in managing and optimizing your cloud resources effectively. -```sql +```sql+postgres select id, subscription_id, @@ -18,3 +28,16 @@ select from azure_subscription; ``` + +```sql+sqlite +select + id, + subscription_id, + display_name, + tenant_id, + state, + authorization_source, + subscription_policies +from + azure_subscription; +``` \ No newline at end of file diff --git a/docs/tables/azure_synapse_workspace.md b/docs/tables/azure_synapse_workspace.md index 16909748..3e3a0f57 100644 --- a/docs/tables/azure_synapse_workspace.md +++ b/docs/tables/azure_synapse_workspace.md @@ -1,12 +1,32 @@ -# Table: azure_synapse_workspace +--- +title: "Steampipe Table: azure_synapse_workspace - Query Azure Synapse Workspaces using SQL" +description: "Allows users to query Azure Synapse Workspaces, providing insights into the analytics service that brings together enterprise data warehousing and Big Data analytics." +--- -Azure Synapse is an enterprise analytics service that accelerates time to insight across data warehouses and big data systems. Azure Synapse brings together the best of SQL technologies used in enterprise data warehousing, Spark technologies used for big data, Pipelines for data integration and ETL/ELT, and deep integration with other Azure services such as Power BI, CosmosDB, and AzureML. +# Table: azure_synapse_workspace - Query Azure Synapse Workspaces using SQL + +Azure Synapse Workspace is a feature within Microsoft Azure that integrates with big data and data warehouse technology for immediate insights. It offers a unified experience to ingest, prepare, manage, and serve data for immediate business intelligence and machine learning needs. Azure Synapse Workspace is designed to enable collaboration between data professionals and business decision-makers in a secure and compliant manner. + +## Table Usage Guide + +The `azure_synapse_workspace` table provides insights into Azure Synapse Workspaces within Microsoft Azure. As a data analyst or data scientist, explore workspace-specific details through this table, including managed private endpoints, firewall settings, and associated metadata. Utilize it to uncover information about workspaces, such as those with private endpoint connections, the status of managed private endpoints, and the verification of firewall rules. ## Examples ### Basic info +Explore the status and type of your Synapse workspaces in Azure to understand their current operation and provisioning state. This can help in managing and optimizing your resources effectively. + +```sql+postgres +select + id, + name, + type, + provisioning_state +from + azure_synapse_workspace; +``` -```sql +```sql+sqlite select id, name, @@ -17,8 +37,22 @@ from ``` ### List synapse workspaces with public network access enabled +Identify instances where Synapse workspaces in Azure have public network access enabled. This can be useful for security audits to ensure that sensitive data is not exposed to the public internet. -```sql +```sql+postgres +select + id, + name, + type, + provisioning_state, + public_network_access +from + azure_synapse_workspace +where + public_network_access = 'Enabled'; +``` + +```sql+sqlite select id, name, @@ -32,8 +66,9 @@ where ``` ### List synapse workspaces with user assigned identities +Discover the segments that utilize user-assigned identities within Synapse workspaces. This is beneficial for those wanting to understand which workspaces are configured with specific identity types, aiding in security and access management. -```sql +```sql+postgres select id, name, @@ -50,9 +85,21 @@ where ); ``` +```sql+sqlite +select + id, + name, + json_extract(identity, '$.type') as identity_type +from + azure_synapse_workspace +where + instr(json_extract(identity, '$.type'), 'UserAssigned') > 0; +``` + ### List private endpoint connection details for synapse workspaces +Explore the details of private endpoint connections for Synapse workspaces. This is beneficial for understanding the status, actions required, and provisioning state of these connections, which can aid in managing and troubleshooting your Azure Synapse Workspaces. -```sql +```sql+postgres select name as workspace_name, id as workspace_id, @@ -67,9 +114,25 @@ from jsonb_array_elements(private_endpoint_connections) as connections; ``` +```sql+sqlite +select + name as workspace_name, + w.id as workspace_id, + json_extract(connections.value, '$.id') as connection_id, + json_extract(connections.value, '$.privateEndpointPropertyId') as connection_private_endpoint_property_id, + json_extract(connections.value, '$.privateLinkServiceConnectionStateActionsRequired') as connection_actions_required, + json_extract(connections.value, '$.privateLinkServiceConnectionStateDescription') as connection_description, + json_extract(connections.value, '$.privateLinkServiceConnectionStateStatus') as connection_status, + json_extract(connections.value, '$.provisioningState') as connection_provisioning_state +from + azure_synapse_workspace as w, + json_each(private_endpoint_connections) as connections; +``` + ### List encryption details for synapse workspaces +Explore encryption details for Synapse workspaces to understand the status and level of security measures in place. This can be particularly useful for security audits or for ensuring compliance with data protection regulations. -```sql +```sql+postgres select name as workspace_name, id as workspace_id, @@ -80,3 +143,15 @@ select from azure_synapse_workspace; ``` + +```sql+sqlite +select + name as workspace_name, + id as workspace_id, + json_extract(encryption, '$.CmkKey.keyVaultUrl') as cmk_key_vault_url, + json_extract(encryption, '$.CmkKey.name') as cmk_key_name, + json_extract(encryption, '$.CmkStatus') as cmk_status, + json_extract(encryption, '$.DoubleEncryptionEnabled') as double_encryption_enabled +from + azure_synapse_workspace; +``` \ No newline at end of file diff --git a/docs/tables/azure_tenant.md b/docs/tables/azure_tenant.md index 12a7f8b4..823fb39c 100644 --- a/docs/tables/azure_tenant.md +++ b/docs/tables/azure_tenant.md @@ -1,12 +1,22 @@ -# Table: azure_tenant +--- +title: "Steampipe Table: azure_tenant - Query Azure Tenants using SQL" +description: "Allows users to query Azure Tenants, providing insights into the organizations associated with the Azure subscriptions." +--- -A dedicated and trusted instance of Azure AD that's automatically created when your organization signs up for a Microsoft cloud service subscription, such as Microsoft Azure, Microsoft Intune, or Microsoft 365. An Azure tenant represents a single organization. +# Table: azure_tenant - Query Azure Tenants using SQL + +Azure Tenants represent an organization in Azure. Each organization has at least one tenant, and each Azure subscription is associated with a tenant. Tenants are used to manage access to Azure resources. + +## Table Usage Guide + +The `azure_tenant` table provides insights into the organizations associated with Azure subscriptions. As a Cloud Administrator, you can use this table to explore details such as tenant IDs and domains. This information can be useful for managing access to Azure resources and for understanding the organizational structure of your Azure subscriptions. ## Examples ### Basic info +Discover the segments that are part of your Azure tenant, including their geographical location and associated domains. This is useful for understanding the distribution and categorization of your Azure resources. -```sql +```sql+postgres select name, id, @@ -19,3 +29,17 @@ select from azure_tenant; ``` + +```sql+sqlite +select + name, + id, + tenant_id, + tenant_category, + country, + country_code, + display_name, + domains +from + azure_tenant; +``` \ No newline at end of file diff --git a/docs/tables/azure_virtual_network.md b/docs/tables/azure_virtual_network.md index 5048a65a..93f6c18c 100644 --- a/docs/tables/azure_virtual_network.md +++ b/docs/tables/azure_virtual_network.md @@ -1,12 +1,22 @@ -# Table: azure_virtual_network +--- +title: "Steampipe Table: azure_virtual_network - Query Azure Virtual Networks using SQL" +description: "Allows users to query Azure Virtual Networks, specifically providing insights into the configuration and status of each virtual network within an Azure subscription." +--- -A virtual network is a network where all devices, servers, virtual machines, and data centers that are connected are done so through software and wireless technology. +# Table: azure_virtual_network - Query Azure Virtual Networks using SQL + +Azure Virtual Networks is a fundamental building block for your private network in Azure. It enables many types of Azure resources, such as Azure Virtual Machines (VM), to securely communicate with each other, the internet, and on-premises networks. Azure virtual network is similar to a traditional network that you'd operate in your own data center but brings with it additional benefits of Azure's infrastructure such as scale, availability, and isolation. + +## Table Usage Guide + +The `azure_virtual_network` table provides detailed information about each virtual network within an Azure subscription. As a network administrator or cloud architect, you can use this table to gather data about the subnets, IP address ranges, and connected devices within each virtual network. This information can be used to monitor network usage, plan for capacity, and ensure the network is correctly configured for your applications' requirements. ## Examples ### List of virtual networks where DDoS(Distributed Denial of Service attacks) Protection is not enabled +Discover the segments of your virtual networks that are potentially vulnerable to Distributed Denial of Service (DDoS) attacks, as they do not have DDoS protection enabled. This information can help prioritize areas for security enhancement and risk mitigation. -```sql +```sql+postgres select name, enable_ddos_protection, @@ -18,9 +28,22 @@ where not enable_ddos_protection; ``` +```sql+sqlite +select + name, + enable_ddos_protection, + region, + resource_group +from + azure_virtual_network +where + enable_ddos_protection is not 1; +``` + ### CIDR list for each virtual network +Determine the areas in which your Azure virtual networks operate by identifying their respective address blocks. This can help in network planning and management by providing a clear view of the network's structure and usage. -```sql +```sql+postgres select name, jsonb_array_elements_text(address_prefixes) as address_block @@ -28,9 +51,19 @@ from azure_virtual_network; ``` +```sql+sqlite +select + name, + json_each.value as address_block +from + azure_virtual_network, + json_each(azure_virtual_network.address_prefixes); +``` + ### List VPCs with public CIDR blocks +Determine the areas in which Virtual Private Networks (VPCs) have public CIDR blocks, allowing you to assess network accessibility and security risks. This is particularly useful in identifying potential exposure of your Azure virtual networks to the public internet. -```sql +```sql+postgres select name, cidr_block, @@ -45,10 +78,15 @@ where and not cidr_block :: cidr = '172.16.0.0/12'; ``` +```sql+sqlite +Error: SQLite does not support CIDR operations. +``` + ### Subnet details associated with the virtual network +Determine the areas in which subnets interact with your virtual network. This query helps to analyze the configuration of these subnets, providing insights into their address prefixes, network policies, service endpoints, and route tables, which can be useful for network management and troubleshooting. -```sql +```sql+postgres select name, subnet ->> 'name' as subnet_name, @@ -61,3 +99,7 @@ from azure_virtual_network cross join jsonb_array_elements(subnets) as subnet; ``` + +```sql+sqlite +Error: SQLite does not support split_part function. +``` \ No newline at end of file diff --git a/docs/tables/azure_virtual_network_gateway.md b/docs/tables/azure_virtual_network_gateway.md index 19f3ced8..5ca05632 100644 --- a/docs/tables/azure_virtual_network_gateway.md +++ b/docs/tables/azure_virtual_network_gateway.md @@ -1,12 +1,33 @@ -# Table: azure_virtual_network_gateway +--- +title: "Steampipe Table: azure_virtual_network_gateway - Query Azure Virtual Network Gateways using SQL" +description: "Allows users to query Azure Virtual Network Gateways, specifically providing details about the gateway's configuration, location, and associated resources." +--- -A virtual network gateway is used to establish secure, cross-premises connectivity. +# Table: azure_virtual_network_gateway - Query Azure Virtual Network Gateways using SQL + +Azure Virtual Network Gateway is a component used to send network traffic between Azure virtual networks and on-premises locations. It works as a specific type of virtual network gateway, designed to send encrypted traffic between an Azure virtual network and an on-premises location over the public Internet. It also enables communication between Azure virtual networks. + +## Table Usage Guide + +The `azure_virtual_network_gateway` table provides insights into the configuration and status of Azure Virtual Network Gateways. As a network administrator, explore gateway-specific details through this table, including its IP configuration, SKU, and associated virtual network. Utilize it to manage and monitor your network gateways, ensuring secure and efficient communication between your Azure virtual networks and on-premises locations. ## Examples ### Basic info +Explore which Azure Virtual Network Gateways have Border Gateway Protocol (BGP) enabled. This can be useful for network administrators seeking to understand their network's configuration and routing protocols. -```sql +```sql+postgres +select + name, + id, + enable_bgp, + region, + resource_group +from + azure_virtual_network_gateway; +``` + +```sql+sqlite select name, id, @@ -18,8 +39,9 @@ from ``` ### List network gateways with no connections +Discover the segments of your Azure virtual network gateways that are not connected to any resources. This can help in identifying unused network gateways, potentially reducing infrastructure costs and improving network management. -```sql +```sql+postgres select name, id, @@ -29,5 +51,18 @@ select from azure_virtual_network_gateway where - gateway_connections is null; + gateway_connections is null; ``` + +```sql+sqlite +select + name, + id, + enable_bgp, + region, + resource_group +from + azure_virtual_network_gateway +where + gateway_connections is null; +``` \ No newline at end of file