turbot/aws_insights

Query: sqs_queue_anonymous_access_count

Usage

powerpipe query aws_insights.query.sqs_queue_anonymous_access_count

Steampipe Tables

SQL

select
count(*) as value,
'Publicly Accessible' as label,
case
count(*)
when 0 then 'ok'
else 'alert'
end as "type"
from
aws_sqs_queue,
jsonb_array_elements(policy_std -> 'Statement') as s,
jsonb_array_elements_text(s -> 'Principal' -> 'AWS') as p,
string_to_array(p, ':') as pa,
jsonb_array_elements_text(s -> 'Action') as a
where
s ->> 'Effect' = 'Allow'
and (
pa [ 5 ] != account_id
or p = '*'
);

Dashboards

The query is used in the dashboards: