turbot/snowflake_compliance

GitHub

Query: iam_user_default_role_must_not_be_accountadmin

Usage

steampipe query snowflake_compliance.query.iam_user_default_role_must_not_be_accountadmin

Plugins & Tables

SQL

select
name as resource,
case
when default_role = 'ACCOUNTADMIN' then 'alarm'
else 'ok'
end as status,
name || ' default_role is ' || default_role || '.' as reason,
account
from
snowflake_user;

Controls

The query is being used by the following controls: