turbot/aws_tags

Control: RDS DB snapshots should have mandatory tags

Description

Check if RDS DB snapshots have mandatory tags.

Usage

steampipe check aws_tags.control.rds_db_snapshot_mandatory

Plugins & Tables

SQL

with analysis as (
select
arn,
title,
tags ?& $1 as has_mandatory_tags,
to_jsonb($1) - array(select jsonb_object_keys(tags)) as missing_tags,
region, account_id
from
aws_rds_db_snapshot
)
select
arn as resource,
case
when has_mandatory_tags then 'ok'
else 'alarm'
end as status,
case
when has_mandatory_tags then title || ' has all mandatory tags.'
else title || ' is missing tags: ' || array_to_string(array(select jsonb_array_elements_text(missing_tags)), ', ') || '.'
end as reason,
region, account_id
from
analysis