Mods

turbot/tailscale_compliance

GitHub
Overview
1Dashboards
7Controls
0Queries
0Variables
GitHub
Loading controls...
On This Page
Description
Usage
Plugins & Tables
SQL
Get Involved
Edit on GitHub
Discuss on Slack

Control: Use check mode for Tailscale SSH

Description

Verify high-risk Tailscale SSH connections with check mode.

Usage

Run the control in your terminal:

steampipe check tailscale_compliance.control.security_best_practices_acl_ssh_check_mode_enabled

Snapshot and share results via Steampipe Cloud:

steampipe login
steampipe check --share tailscale_compliance.control.security_best_practices_acl_ssh_check_mode_enabled

Plugins & Tables

tailscale_acl_ssh
tailscale_tailnet
Tailscale plugin

SQL

with tailscale_users as (
  select
    tailnet_name
  from
    tailscale_acl_ssh
  where
    users ?| array [ 'root' ]
    and action = 'check'
    and check_period is not null
  group by
    tailnet_name
)
select
  t.tailnet_name as resource,
  case
    when tu.tailnet_name is not null then 'ok'
    else 'alarm'
  end as status,
  case
    when tu.tailnet_name is not null then t.tailnet_name || ' SSH connections for root have check mode enabled.'
    else t.tailnet_name || ' SSH connections for root have check mode disabled.'
  end as reason,
  t.tailnet_name
from
  tailscale_tailnet as t
  left join tailscale_users as tu on t.tailnet_name = tu.tailnet_name;