turbot/aws

GitHub
steampipe plugin install awssteampipe plugin install aws
aws_accessanalyzer_analyzeraws_accountaws_account_alternate_contactaws_account_contactaws_acm_certificateaws_amplify_appaws_api_gateway_api_authorizeraws_api_gateway_api_keyaws_api_gateway_authorizeraws_api_gateway_rest_apiaws_api_gateway_stageaws_api_gateway_usage_planaws_api_gatewayv2_apiaws_api_gatewayv2_domain_nameaws_api_gatewayv2_integrationaws_api_gatewayv2_routeaws_api_gatewayv2_stageaws_appautoscaling_targetaws_appconfig_applicationaws_appstream_imageaws_athena_query_executionaws_athena_workgroupaws_auditmanager_assessmentaws_auditmanager_controlaws_auditmanager_evidenceaws_auditmanager_evidence_folderaws_auditmanager_frameworkaws_availability_zoneaws_backup_frameworkaws_backup_legal_holdaws_backup_planaws_backup_protected_resourceaws_backup_recovery_pointaws_backup_selectionaws_backup_vaultaws_cloudcontrol_resourceaws_cloudformation_stackaws_cloudformation_stack_resourceaws_cloudfront_cache_policyaws_cloudfront_distributionaws_cloudfront_functionaws_cloudfront_origin_access_identityaws_cloudfront_origin_request_policyaws_cloudfront_response_headers_policyaws_cloudsearch_domainaws_cloudtrail_channelaws_cloudtrail_event_data_storeaws_cloudtrail_importaws_cloudtrail_queryaws_cloudtrail_trailaws_cloudtrail_trail_eventaws_cloudwatch_alarmaws_cloudwatch_log_eventaws_cloudwatch_log_groupaws_cloudwatch_log_metric_filteraws_cloudwatch_log_resource_policyaws_cloudwatch_log_streamaws_cloudwatch_log_subscription_filteraws_cloudwatch_metricaws_cloudwatch_metric_data_pointaws_cloudwatch_metric_statistic_data_pointaws_codeartifact_domainaws_codeartifact_repositoryaws_codebuild_buildaws_codebuild_projectaws_codebuild_source_credentialaws_codecommit_repositoryaws_codedeploy_appaws_codedeploy_deployment_configaws_codedeploy_deployment_groupaws_codepipeline_pipelineaws_config_aggregate_authorizationaws_config_configuration_recorderaws_config_conformance_packaws_config_retention_configurationaws_config_ruleaws_cost_by_account_dailyaws_cost_by_account_monthlyaws_cost_by_record_type_dailyaws_cost_by_record_type_monthlyaws_cost_by_service_dailyaws_cost_by_service_monthlyaws_cost_by_service_usage_type_dailyaws_cost_by_service_usage_type_monthlyaws_cost_by_tagaws_cost_forecast_dailyaws_cost_forecast_monthlyaws_cost_usageaws_dax_clusteraws_dax_parameteraws_dax_parameter_groupaws_dax_subnet_groupaws_directory_service_directoryaws_dlm_lifecycle_policyaws_dms_replication_instanceaws_docdb_clusteraws_docdb_cluster_instanceaws_drs_jobaws_drs_recovery_instanceaws_drs_recovery_snapshotaws_drs_source_serveraws_dynamodb_backupaws_dynamodb_global_tableaws_dynamodb_metric_account_provisioned_read_capacity_utilaws_dynamodb_metric_account_provisioned_write_capacity_utilaws_dynamodb_tableaws_dynamodb_table_exportaws_ebs_snapshotaws_ebs_volumeaws_ebs_volume_metric_read_opsaws_ebs_volume_metric_read_ops_dailyaws_ebs_volume_metric_read_ops_hourlyaws_ebs_volume_metric_write_opsaws_ebs_volume_metric_write_ops_dailyaws_ebs_volume_metric_write_ops_hourlyaws_ec2_amiaws_ec2_ami_sharedaws_ec2_application_load_balanceraws_ec2_application_load_balancer_metric_request_countaws_ec2_application_load_balancer_metric_request_count_dailyaws_ec2_autoscaling_groupaws_ec2_capacity_reservationaws_ec2_classic_load_balanceraws_ec2_client_vpn_endpointaws_ec2_gateway_load_balanceraws_ec2_instanceaws_ec2_instance_availabilityaws_ec2_instance_metric_cpu_utilizationaws_ec2_instance_metric_cpu_utilization_dailyaws_ec2_instance_metric_cpu_utilization_hourlyaws_ec2_instance_typeaws_ec2_key_pairaws_ec2_launch_configurationaws_ec2_launch_templateaws_ec2_launch_template_versionaws_ec2_load_balancer_listeneraws_ec2_managed_prefix_listaws_ec2_network_interfaceaws_ec2_network_load_balanceraws_ec2_network_load_balancer_metric_net_flow_countaws_ec2_network_load_balancer_metric_net_flow_count_dailyaws_ec2_regional_settingsaws_ec2_reserved_instanceaws_ec2_spot_priceaws_ec2_ssl_policyaws_ec2_target_groupaws_ec2_transit_gatewayaws_ec2_transit_gateway_routeaws_ec2_transit_gateway_route_tableaws_ec2_transit_gateway_vpc_attachmentaws_ecr_imageaws_ecr_image_scan_findingaws_ecr_repositoryaws_ecrpublic_repositoryaws_ecs_clusteraws_ecs_cluster_metric_cpu_utilizationaws_ecs_cluster_metric_cpu_utilization_dailyaws_ecs_cluster_metric_cpu_utilization_hourlyaws_ecs_container_instanceaws_ecs_serviceaws_ecs_taskaws_ecs_task_definitionaws_efs_access_pointaws_efs_file_systemaws_efs_mount_targetaws_eks_addonaws_eks_addon_versionaws_eks_clusteraws_eks_fargate_profileaws_eks_identity_provider_configaws_eks_node_groupaws_elastic_beanstalk_applicationaws_elastic_beanstalk_environmentaws_elasticache_clusteraws_elasticache_parameter_groupaws_elasticache_redis_metric_cache_hits_hourlyaws_elasticache_redis_metric_curr_connections_hourlyaws_elasticache_redis_metric_engine_cpu_utilization_dailyaws_elasticache_redis_metric_engine_cpu_utilization_hourlyaws_elasticache_redis_metric_get_type_cmds_hourlyaws_elasticache_redis_metric_list_based_cmds_hourlyaws_elasticache_redis_metric_new_connections_hourlyaws_elasticache_replication_groupaws_elasticache_reserved_cache_nodeaws_elasticache_subnet_groupaws_elasticsearch_domainaws_emr_block_public_access_configurationaws_emr_clusteraws_emr_cluster_metric_is_idleaws_emr_instanceaws_emr_instance_fleetaws_emr_instance_groupaws_eventbridge_busaws_eventbridge_ruleaws_fsx_file_systemaws_glacier_vaultaws_globalaccelerator_acceleratoraws_globalaccelerator_endpoint_groupaws_globalaccelerator_listeneraws_glue_catalog_databaseaws_glue_catalog_tableaws_glue_connectionaws_glue_crawleraws_glue_data_catalog_encryption_settingsaws_glue_data_quality_rulesetaws_glue_dev_endpointaws_glue_jobaws_glue_security_configurationaws_guardduty_detectoraws_guardduty_filteraws_guardduty_findingaws_guardduty_ipsetaws_guardduty_memberaws_guardduty_publishing_destinationaws_guardduty_threat_intel_setaws_health_affected_entityaws_health_eventaws_iam_access_advisoraws_iam_access_keyaws_iam_account_password_policyaws_iam_account_summaryaws_iam_actionaws_iam_credential_reportaws_iam_groupaws_iam_policyaws_iam_policy_attachmentaws_iam_policy_simulatoraws_iam_roleaws_iam_saml_provideraws_iam_server_certificateaws_iam_service_specific_credentialaws_iam_useraws_iam_virtual_mfa_deviceaws_identitystore_groupaws_identitystore_useraws_inspector2_coverageaws_inspector2_coverage_statisticsaws_inspector2_findingaws_inspector2_memberaws_inspector_assessment_runaws_inspector_assessment_targetaws_inspector_assessment_templateaws_inspector_exclusionaws_inspector_findingaws_kinesis_consumeraws_kinesis_firehose_delivery_streamaws_kinesis_streamaws_kinesis_video_streamaws_kinesisanalyticsv2_applicationaws_kms_aliasaws_kms_keyaws_lambda_aliasaws_lambda_functionaws_lambda_function_metric_duration_dailyaws_lambda_function_metric_errors_dailyaws_lambda_function_metric_invocations_dailyaws_lambda_layeraws_lambda_layer_versionaws_lambda_versionaws_lightsail_instanceaws_macie2_classification_jobaws_media_store_containeraws_mgn_applicationaws_msk_clusteraws_msk_serverless_clusteraws_neptune_db_clusteraws_networkfirewall_firewallaws_networkfirewall_firewall_policyaws_networkfirewall_rule_groupaws_oam_linkaws_oam_sinkaws_opensearch_domainaws_organizations_accountaws_organizations_policyaws_pinpoint_appaws_pipes_pipeaws_pricing_productaws_pricing_service_attributeaws_ram_principal_associationaws_ram_resource_associationaws_rds_db_clusteraws_rds_db_cluster_parameter_groupaws_rds_db_cluster_snapshotaws_rds_db_event_subscriptionaws_rds_db_instanceaws_rds_db_instance_automated_backupaws_rds_db_instance_metric_connectionsaws_rds_db_instance_metric_connections_dailyaws_rds_db_instance_metric_connections_hourlyaws_rds_db_instance_metric_cpu_utilizationaws_rds_db_instance_metric_cpu_utilization_dailyaws_rds_db_instance_metric_cpu_utilization_hourlyaws_rds_db_instance_metric_read_iopsaws_rds_db_instance_metric_read_iops_dailyaws_rds_db_instance_metric_read_iops_hourlyaws_rds_db_instance_metric_write_iopsaws_rds_db_instance_metric_write_iops_dailyaws_rds_db_instance_metric_write_iops_hourlyaws_rds_db_option_groupaws_rds_db_parameter_groupaws_rds_db_proxyaws_rds_db_snapshotaws_rds_db_subnet_groupaws_rds_reserved_db_instanceaws_redshift_clusteraws_redshift_cluster_metric_cpu_utilization_dailyaws_redshift_event_subscriptionaws_redshift_parameter_groupaws_redshift_snapshotaws_redshift_subnet_groupaws_redshiftserverless_namespaceaws_redshiftserverless_workgroupaws_regionaws_resource_explorer_indexaws_resource_explorer_searchaws_resource_explorer_supported_resource_typeaws_route53_domainaws_route53_health_checkaws_route53_recordaws_route53_resolver_endpointaws_route53_resolver_ruleaws_route53_traffic_policyaws_route53_traffic_policy_instanceaws_route53_zoneaws_s3_access_pointaws_s3_account_settingsaws_s3_bucketaws_s3_multi_region_access_pointaws_s3_objectaws_sagemaker_appaws_sagemaker_domainaws_sagemaker_endpoint_configurationaws_sagemaker_modelaws_sagemaker_notebook_instanceaws_sagemaker_training_jobaws_secretsmanager_secretaws_securityhub_action_targetaws_securityhub_findingaws_securityhub_finding_aggregatoraws_securityhub_hubaws_securityhub_insightaws_securityhub_memberaws_securityhub_productaws_securityhub_standards_controlaws_securityhub_standards_subscriptionaws_securitylake_data_lakeaws_securitylake_subscriberaws_serverlessapplicationrepository_applicationaws_service_discovery_instanceaws_service_discovery_namespaceaws_service_discovery_serviceaws_servicecatalog_portfolioaws_servicecatalog_productaws_servicequotas_default_service_quotaaws_servicequotas_service_quotaaws_servicequotas_service_quota_change_requestaws_ses_domain_identityaws_ses_email_identityaws_sfn_state_machineaws_sfn_state_machine_executionaws_sfn_state_machine_execution_historyaws_simspaceweaver_simulationaws_sns_topicaws_sns_topic_subscriptionaws_sqs_queueaws_ssm_associationaws_ssm_documentaws_ssm_document_permissionaws_ssm_inventoryaws_ssm_inventory_entryaws_ssm_maintenance_windowaws_ssm_managed_instanceaws_ssm_managed_instance_complianceaws_ssm_managed_instance_patch_stateaws_ssm_parameteraws_ssm_patch_baselineaws_ssoadmin_account_assignmentaws_ssoadmin_instanceaws_ssoadmin_managed_policy_attachmentaws_ssoadmin_permission_setaws_sts_caller_identityaws_tagging_resourceaws_vpcaws_vpc_customer_gatewayaws_vpc_dhcp_optionsaws_vpc_egress_only_internet_gatewayaws_vpc_eipaws_vpc_eip_address_transferaws_vpc_endpointaws_vpc_endpoint_serviceaws_vpc_flow_logaws_vpc_flow_log_eventaws_vpc_internet_gatewayaws_vpc_nat_gatewayaws_vpc_network_aclaws_vpc_peering_connectionaws_vpc_routeaws_vpc_route_tableaws_vpc_security_groupaws_vpc_security_group_ruleaws_vpc_subnetaws_vpc_verified_access_endpointaws_vpc_verified_access_groupaws_vpc_verified_access_instanceaws_vpc_verified_access_trust_provideraws_vpc_vpn_connectionaws_vpc_vpn_gatewayaws_waf_rate_based_ruleaws_waf_ruleaws_waf_rule_groupaws_waf_web_aclaws_wafregional_ruleaws_wafregional_rule_groupaws_wafregional_web_aclaws_wafv2_ip_setaws_wafv2_regex_pattern_setaws_wafv2_rule_groupaws_wafv2_web_aclaws_wellarchitected_answeraws_wellarchitected_check_detailaws_wellarchitected_check_summaryaws_wellarchitected_consolidated_reportaws_wellarchitected_lensaws_wellarchitected_lens_reviewaws_wellarchitected_lens_review_improvementaws_wellarchitected_lens_review_reportaws_wellarchitected_lens_shareaws_wellarchitected_milestoneaws_wellarchitected_notificationaws_wellarchitected_share_invitationaws_wellarchitected_workloadaws_wellarchitected_workload_shareaws_workspaces_workspace

Table: aws_codebuild_project

AWS CodeBuild is a fully managed build service in the cloud. CodeBuild compiles your source code, runs unit tests, and produces artifacts that are ready to deploy. CodeBuild eliminates the need to provision, manage, and scale your own build servers. It provides prepackaged build environments for the most popular programming languages and build tools, such as Apache Maven, Gradle, and more.

Examples

Basic info

select
arn,
id,
build_complete,
timeout_in_minutes,
project_name,
build_status,
encryption_key,
end_time,
region
from
aws_codebuild_build;

List encrypted build output artifacts

select
arn,
id,
encryption_key
from
aws_codebuild_build
where
encryption_key is not null;

List complete builds

select
id,
arn,
artifacts,
build_complete
from
aws_codebuild_build
where
build_complete;

List VPC configuration details of builds

select
id,
arn,
vpc_config ->> 'SecurityGroupIds' as security_group_id,
vpc_config ->> 'Subnets' as subnets,
vpc_config ->> 'VpcId' as vpc_id
from
aws_codebuild_build;

List artifact details of builds

select
id,
arn,
artifacts ->> 'ArtifactIdentifier' as artifact_id,
artifacts ->> 'BucketOwnerAccess' as bucket_owner_access,
artifacts ->> 'EncryptionDisabled' as encryption_disabled,
artifacts ->> 'OverrideArtifactName' as override_artifact_name
from
aws_codebuild_build;

Get environment details of builds

select
id,
environment ->> 'Certificate' as environment_certificate,
environment ->> 'ComputeType' as environment_compute_type,
environment ->> 'EnvironmentVariables' as environment_variables,
environment ->> 'Image' as environment_image,
environment ->> 'ImagePullCredentialsType' as environment_image_pull_credentials_type,
environment ->> 'PrivilegedMode' as environment_privileged_mode,
environment ->> 'RegistryCredential' as environment_registry_credential,
environment ->> 'Type' as environment_type
from
aws_codebuild_build;

Get log details of builds

select
id,
logs -> 'S3Logs' ->> 'Status' as s3_log_status,
logs -> 'S3Logs' ->> 'Location' as s3_log_location,
logs -> 'S3Logs' ->> 'BucketOwnerAccess' as s3_log_bucket_owner_access,
logs -> 'S3Logs' ->> 'EncryptionDisabled' as s3_log_encryption_disabled,
logs ->> 'DeepLink' as deep_link,
logs ->> 'GroupName' as group_name,
logs ->> 'S3LogsArn' as s3_logs_arn,
logs ->> 'S3DeepLink' as s3_deep_link,
logs ->> 'StreamName' as stream_name,
logs ->> 'CloudWatchLogsArn' as cloud_watch_logs_arn,
logs -> 'CloudWatchLogs' ->> 'Status' as cloud_watch_logs_status,
logs -> 'CloudWatchLogs' ->> 'GroupName' as cloud_watch_logs_group_name,
logs -> 'CloudWatchLogs' ->> 'StreamName' as cloud_watch_logs_stream_name
from
aws_codebuild_build;

Get network interface details of builds

select
id,
network_interfaces ->> 'NetworkInterfaceId' as network_interface_id,
network_interfaces ->> 'SubnetId' as subnet_id,
from
aws_codebuild_build;

List phase details of builds

select
id,
p ->> 'EndTime' as end_time,
p ->> 'Contexts' as contexts,
p ->> 'PhaseType' as phase_type,
p ->> 'StartTime' as start_time,
p ->> 'DurationInSeconds' as duration_in_seconds,
p ->> 'PhaseStatus' as phase_status
from
aws_codebuild_build,
jsonb_array_elements(phases) as p;

Get source details of builds

select
id,
source ->> 'Auth' as source_auth,
source ->> 'BuildStatusConfig' as source_BuildStatusConfig,
source ->> 'Buildspec' as source_buildspec,
source ->> 'GitCloneDepth' as source_git_clone_depth,
source ->> 'GitSubmodulesConfig' as source_git_submodules_config,
source ->> 'GitCloneDepth' as source_git_clone_depth,
source ->> 'InsecureSsl' as source_insecure_ssl,
source ->> 'Location' as source_location,
source ->> 'ReportBuildStatus' as source_report_build_status,
source ->> 'SourceIdentifier' as source_identifier,
source ->> 'Type' as source_type
from
aws_codebuild_build;

List file system location details of builds

select
id,
f ->> 'Identifier' as file_system_identifier,
f ->> 'Location' as file_system_location,
f ->> 'MountOptions' as file_system_mount_options,
f ->> 'MountPoint' as file_system_mount_point,
f ->> 'Type' as file_system_type
from
aws_codebuild_build,
jsonb_array_elements(file_system_locations) as f;

.inspect aws_codebuild_build

AWS CodeBuild Build

NameTypeDescription
_ctxjsonbSteampipe context in JSON form, e.g. connection_name.
account_idtextThe AWS Account ID in which the resource is located.
akasjsonbArray of globally unique identifier strings (also known as) for the resource.
arntextThe ARN of the build.
artifactsjsonbA BuildArtifacts object the defines the build artifacts for this build.
build_batch_arntextThe ARN of the batch build that this build is a member of, if applicable.
build_completebooleanIndicates if the build is complete.
build_numberbigintThe number of the build.
build_statusjsonbThe status of the build.
cachejsonbInformation about the cache for the build.
current_phasetextThe current build phase.
debug_sessionjsonbContains information about the debug session for this build.
encryption_keytextThe Key Management Service customer master key (CMK) to be used for encrypting the build output artifacts.
end_timetimestamp with time zoneThe date and time that the build process ended, expressed in Unix time format.
environmentjsonbInformation about the build environment for this build project.
exported_environment_variablesjsonbA list of exported environment variables for this build.
file_system_locationsjsonbAn array of ProjectFileSystemLocation objects for a CodeBuild build project.
idtextThe unique identifier of the build.
initiatortextThe entity that started the build.
logsjsonbInformation about the build's logs in CloudWatch Logs.
network_interfacesjsonbDescribes a network interface.
partitiontextThe AWS partition in which the resource is located (aws, aws-cn, or aws-us-gov).
phasesjsonbInformation about all previous build phases that are complete and information about any current build phase that is not yet complete.
project_nametextThe name of the build project.
queued_timeout_in_minutesbigintSpecifies the amount of time, in minutes, that a build is allowed to be queued before it times out.
regiontextThe AWS Region in which the resource is located.
report_arnsjsonbAn array of the ARNs associated with this build's reports.
resolved_source_versiontextThe identifier of the resolved version of this build's source code.
secondary_artifactsjsonbAn array of BuildArtifacts objects the define the build artifacts for this build.
secondary_source_versionsjsonbAn array of ProjectSourceVersion objects.
secondary_sourcesjsonbAn array of ProjectSource objects that define the sources for the build.
sourcejsonbInformation about the build input source code for the build project.
source_versiontextThe identifier of the version of the source code to be built.
start_timetimestamp with time zoneThe date and time that the build started.
timeout_in_minutesbigintHow long, in minutes, for CodeBuild to wait before timing out this build if it does not get marked as completed.
titletextTitle of the resource.
vpc_configjsonbInformation about the VPC configuration that CodeBuild accesses.