Steampipe mods are now Powerpipe →
Powerpipe Hub 
Hub
Mods
turbot/aws_compliance
Overview
26Dashboards
1161Controls
568Queries
2Variables
GitHub

Query: acmpca_root_certificate_authority_disabled

Usage

powerpipe query aws_compliance.query.acmpca_root_certificate_authority_disabled

Steampipe Tables

aws_acmpca_certificate_authority
Amazon Web Services plugin

SQL

select
  arn as resource,
  case
    when type <> 'ROOT' then 'skip'
    when status = 'DISABLED' then 'ok'
    else 'alarm'
  end as status,
  case
    when type <> 'ROOT' then title || ' is not root CA.'
    when status = 'DISABLED' then title || ' root CA disabled.'
    else title || ' root CA not disabled.'
  end as reason,
  region,
  account_id
from
  aws_acmpca_certificate_authority;

Controls

The query is being used by the following controls: