steampipe plugin install aws

Table: aws_config_aggregate_authorization - Query AWS Config Aggregate Authorizations using SQL

The AWS Config Aggregate Authorization is a feature of AWS Config that allows you to authorize the aggregator account to collect AWS Config data from source accounts. It simplifies compliance auditing by enabling you to collect configuration and compliance data across multiple accounts and regions, and aggregate it into a central account. This centralized data can then be accessed using SQL queries for analysis and reporting.

Table Usage Guide

The aws_config_aggregate_authorization table in Steampipe provides you with information about AWS Config Aggregate Authorizations. This table allows you, as a DevOps engineer, to query authorization-specific details, including the account ID and region that are allowed to aggregate AWS Config rules. You can utilize this table to gather insights on AWS Config Aggregate Authorizations, such as the permissions and trust policies associated with each authorization, the AWS account that has been granted the authorization, and more. The schema outlines the various attributes of the AWS Config Aggregate Authorization for you, including the account ID, region, and associated ARN.

Examples

Basic info

Discover the segments that are authorized to access your AWS configuration data, including the region and account details. This can help you manage access control and understand when these authorizations were created.

select
arn,
authorized_account_id,
authorized_aws_region,
creation_time
from
aws_config_aggregate_authorization;
select
arn,
authorized_account_id,
authorized_aws_region,
creation_time
from
aws_config_aggregate_authorization;

Schema for aws_config_aggregate_authorization

NameTypeOperatorsDescription
_ctxjsonbSteampipe context in JSON form.
account_idtext=, !=, ~~, ~~*, !~~, !~~*The AWS Account ID in which the resource is located.
akasjsonbArray of globally unique identifier strings (also known as) for the resource.
arntextThe Amazon Resource Name (ARN) of the aggregation object.
authorized_account_idtextThe 12-digit account ID of the account authorized to aggregate data.
authorized_aws_regiontextThe region authorized to collect aggregated data.
creation_timetimestamp with time zoneThe time stamp when the aggregation authorization was created.
partitiontextThe AWS partition in which the resource is located (aws, aws-cn, or aws-us-gov).
regiontextThe AWS Region in which the resource is located.
sp_connection_nametext=, !=, ~~, ~~*, !~~, !~~*Steampipe connection name.
sp_ctxjsonbSteampipe context in JSON form.
tagsjsonbA map of tags for the resource.
tags_srcjsonbA list of tags attached to the Cluster.
titletextTitle of the resource.

Export

This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.

You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:

/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- aws

You can pass the configuration to the command with the --config argument:

steampipe_export_aws --config '<your_config>' aws_config_aggregate_authorization