turbot/terraform_oci_compliance

Query: vcn_default_security_group_allow_icmp_only

Usage

powerpipe query terraform_oci_compliance.query.vcn_default_security_group_allow_icmp_only

Steampipe Tables

SQL

with all_security_rules as (
select
*
from
terraform_resource
where
type = 'oci_core_security_list'
),
non_complaint as (
select
name,
count(name) as count
from
all_security_rules,
jsonb_array_elements(
case
jsonb_typeof(attributes_std -> 'ingress_security_rules')
when 'array' then (attributes_std -> 'ingress_security_rules')
else null
end
) as p
where
p ->> 'protocol' != '1'
group by
name
)
select
a.address as resource,
case
when b.count > 0
or (
a.attributes_std -> 'ingress_security_rules' ->> 'protocol' != '1'
) then 'alarm'
else 'ok'
end as status,
split_part(a.address, '.', 2) || case
when b.count > 0
or (
a.attributes_std -> 'ingress_security_rules' ->> 'protocol' != '1'
) then ' configured with non ICMP ports'
else ' configured with ICMP ports only'
end || '.' reason,
path || ':' || start_line
from
all_security_rules as a
left join non_complaint as b on a.name = b.name;

Controls

The query is being used by the following controls: