Steampipe mods are now Powerpipe →
Powerpipe Hub 
Hub
Mods
turbot/net_insights
Overview
7Dashboards
54Controls
26Queries
2Variables
GitHub
Loading controls...

Control: Every name server listed must have A records

Description

The 'A' record is the most fundamental type of DNS record which indicates the IP address of a domain. An 'A' record maps a domain to the physical IP address of the computer hosting that domain. Internet traffic uses the A record to find the computer hosting your domain's DNS settings. It is highly recommended that every name server listed at the parent should have an 'A' record.

Usage

Run the control in your terminal:

powerpipe control run net_insights.control.dns_parent_ns_all_with_type_a_record

Snapshot and share results via Turbot Pipes:

powerpipe login
powerpipe control run net_insights.control.dns_parent_ns_all_with_type_a_record --share

Steampipe Tables

net_dns_record
Net plugin

Params

ArgsNameDefaultDescriptionVariable
$1domain_names
["github.com","microsoft.com"]
DNS domain names.

SQL

with domain_list as (
  select
    distinct domain,
    substring(
      domain
      from
        '^(?:[^/:]*:[^/@]*@)?(?:[^/:.]*\.)+([^:/]+)'
    ) as tld
  from
    net_dns_record
  where
    domain in (
      select
        jsonb_array_elements_text(to_jsonb($1 :: text [ ]))
    )
),
domain_parent_server as (
  select
    l.domain,
    d.domain as tld,
    d.target as parent_server
  from
    net_dns_record as d
    inner join domain_list as l on d.domain = l.tld
  where
    d.type = 'SOA'
),
domain_parent_server_ip as (
  select
    *
  from
    net_dns_record
  where
    domain in (
      select
        parent_server
      from
        domain_parent_server
    )
),
domain_parent_server_with_ip as (
  select
    domain_parent_server.domain,
    host(domain_parent_server_ip.ip) as ip_text
  from
    domain_parent_server
    inner join domain_parent_server_ip on domain_parent_server.parent_server = domain_parent_server_ip.domain
  where
    domain_parent_server_ip.type = 'A'
  order by
    domain_parent_server.domain
),
domain_parent_server_ns_list as (
  select
    net_dns_record.domain,
    net_dns_record.target
  from
    net_dns_record
    inner join domain_parent_server_with_ip on net_dns_record.domain = domain_parent_server_with_ip.domain
    and net_dns_record.dns_server = domain_parent_server_with_ip.ip_text
    and net_dns_record.type = 'NS'
  order by
    net_dns_record.domain
),
ns_ips as (
  select
    domain,
    type,
    ip
  from
    net_dns_record
  where
    domain in (
      select
        target
      from
        domain_parent_server_ns_list
    )
    and type = 'A'
  order by
    domain
),
ns_with_type_a_record as (
  select
    domain_parent_server_ns_list.domain,
    ns_ips.type,
    domain_parent_server_ns_list.target,
    ns_ips.ip
  from
    domain_parent_server_ns_list
    left join ns_ips on domain_parent_server_ns_list.target = ns_ips.domain
)
select
  domain as resource,
  case
    when (
      select
        target
      from
        ns_with_type_a_record
      where
        domain = domain_list.domain
        and type is null
    ) is not null then 'alarm'
    else 'ok'
  end as status,
  case
    when (
      select
        target
      from
        ns_with_type_a_record
      where
        domain = domain_list.domain
        and type is null
    ) is not null then domain || ' name servers without A records: [' || (
      select
        string_agg(target, ', ')
      from
        ns_with_type_a_record
      where
        domain = domain_list.domain
        and type is null
    ) || '].'
    else domain || ' name servers listed at parent server have A records.'
  end as reason
from
  domain_list;