Control: Name servers should be in different locations

Description

Having more than 1 name server located in the same location is not recommended, as this increases the likelihood of a single failure disabling all of your name servers.

Usage

Run the control in your terminal:

powerpipe control run net_insights.control.dns_ns_different_autonomous_systems

Snapshot and share results via Turbot Pipes:

powerpipe login
powerpipe control run net_insights.control.dns_ns_different_autonomous_systems --share

Steampipe Tables

net_dns_record

Params

Args	Name	Default	Description	Variable
$1	domain_names	`["github.com","microsoft.com"]`	DNS domain names.	domain_names

SQL

with domain_records as (
  select
    domain,
    type,
    target
  from
    net_dns_record
  where
    domain in (
      select
        jsonb_array_elements_text(to_jsonb($1 :: text [ ]))
    )
),
ns_ips as (
  select
    domain,
    type,
    host(ip) as ip_text
  from
    net_dns_record
  where
    domain in (
      select
        target
      from
        domain_records
      where
        type = 'NS'
    )
),
check_ips as (
  select
    distinct array_to_string(
      array_remove(
        string_to_array(ns_ips.ip_text, '.'),
        split_part(ns_ips.ip_text, '.', 4)
      ),
      '.'
    ),
    domain_records.domain as domain
  from
    domain_records
    inner join ns_ips on domain_records.target = ns_ips.domain
  where
    ns_ips.type = 'A'
    and domain_records.type = 'NS'
)
select
  domain as resource,
  case
    when count(*) = 1 then 'alarm'
    else 'ok'
  end as status,
  case
    when count(*) = 1 then domain || ' name servers are in the same location.'
    else domain || ' name servers are in different locations.'
  end as reason
from
  check_ips
group by
  domain;