Steampipe mods are now Powerpipe →
Powerpipe Hub 
Hub
Mods
turbot/aws_compliance
Overview
26Dashboards
1161Controls
568Queries
2Variables
GitHub

Query: acm_certificate_rsa_key_length_2048_bits_or_greater

Usage

powerpipe query aws_compliance.query.acm_certificate_rsa_key_length_2048_bits_or_greater

Steampipe Tables

aws_acm_certificate
Amazon Web Services plugin

SQL

select
  certificate_arn as resource,
  case
    when not key_algorithm like 'RSA-%' then 'skip'
    when key_algorithm = 'RSA_1024' then 'alarm'
    else 'ok'
  end as status,
  case
    when not key_algorithm like 'RSA-%' then title || ' is not a RSA certificate.'
    when key_algorithm = 'RSA_1024' then title || ' is using 1024 bits key length.'
    else title || ' is using ' || split_part(key_algorithm, '-', 2) || ' bits key length.'
  end as reason,
  region,
  account_id
from
  aws_acm_certificate;

Controls

The query is being used by the following controls: