steampipe plugin install aws

Table: aws_auditmanager_control - Query AWS Audit Manager Control using SQL

The AWS Audit Manager Control is a feature within AWS Audit Manager that allows you to evaluate how well your AWS resource configurations align with established best practices. It helps you to simplify the compliance process and reduce risk by automating the collection of evidence of your AWS resource compliance with regulations and standards. The control feature allows for continuous auditing to ensure ongoing compliance.

Table Usage Guide

The aws_auditmanager_control table in Steampipe provides you with information about controls within AWS Audit Manager. This table allows you, as a DevOps engineer, to query control-specific details, including control source, control type, description, and associated metadata. You can utilize this table to gather insights on controls, such as their sources, types, descriptions, and more. The schema outlines the various attributes of the control for you, including the control id, name, type, source, description, and associated tags.

Important Notes

  • This table by default returns the Standard controls.
  • You must specify type in a where clause to retrieve other control types. For more information, please refer to the list of controls by specific type.

Examples

Basic info

Explore the basic information about the controls in AWS Audit Manager to understand their purpose and type. This can help in managing and assessing your AWS resources and environment effectively.

select
name,
id,
description,
type
from
aws_auditmanager_control;
select
name,
id,
description,
type
from
aws_auditmanager_control;

List custom audit manager controls

Discover the segments that consist of custom audit manager controls in your AWS environment. This can be particularly useful for understanding and managing your custom security and compliance configurations.

select
name,
id,
type
from
aws_auditmanager_control
where
type = 'Custom';
select
name,
id,
type
from
aws_auditmanager_control
where
type = 'Custom';

Schema for aws_auditmanager_control

NameTypeOperatorsDescription
_ctxjsonbSteampipe context in JSON form.
account_idtext=, !=, ~~, ~~*, !~~, !~~*The AWS Account ID in which the resource is located.
action_plan_instructionstextThe recommended actions to carry out if the control is not fulfilled.
action_plan_titletextThe title of the action plan for remediating the control.
akasjsonbArray of globally unique identifier strings (also known as) for the resource.
arntextThe Amazon Resource Name (ARN) of the specified control.
control_mapping_sourcesjsonbThe data mapping sources for the specified control.
control_sourcestextThe data source that determines from where AWS Audit Manager collects evidence for the control.
created_attimestamp with time zoneSpecifies when the control was created.
created_bytextThe IAM user or role that created the control.
descriptiontextThe description of the specified control.
idtext=An unique identifier for the specified control.
last_updated_attimestamp with time zoneSpecifies when the control was most recently updated.
last_updated_bytextThe IAM user or role that most recently updated the control.
nametextThe name of the specified control.
partitiontextThe AWS partition in which the resource is located (aws, aws-cn, or aws-us-gov).
regiontext=The AWS Region in which the resource is located.
sp_connection_nametext=, !=, ~~, ~~*, !~~, !~~*Steampipe connection name.
sp_ctxjsonbSteampipe context in JSON form.
tagsjsonbA map of tags for the resource.
testing_informationtextThe steps to follow to determine if the control has been satisfied.
titletextTitle of the resource.
typetext=The type of control, such as custom or standard. Possible values are 'Standard' | 'Custom' | 'Core'.

Export

This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.

You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:

/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- aws

You can pass the configuration to the command with the --config argument:

steampipe_export_aws --config '<your_config>' aws_auditmanager_control