Table: aws_identitystore_group - Query AWS Identity Store Groups using SQL

The AWS Identity Store service provides information about identities in your AWS organization. It enables you to retrieve information about groups, including group name, group ID, and the AWS SSO instance that the group belongs to. This service helps ensure that your applications have access to the identity information they need while adhering to privacy best practices.

Table Usage Guide

The aws_identitystore_group table in Steampipe provides you with information about groups within AWS Identity Store. This table allows you, as a DevOps engineer, to query group-specific details, including group ID, group name, and associated metadata. You can utilize this table to gather insights on groups, such as group names, verification of group identities, and more. The schema outlines the various attributes of the AWS Identity Store group for you, including the group ID, group name, and display name.

Examples

Get group by ID

Determine the specific group within AWS Identity Store using a unique identifier. This can be useful for administrators needing to manage or monitor a particular group's settings or activity.

select
  id,
  name
from
  aws_identitystore_group
where
  identity_store_id = 'd-1234567890'
  and id = '1234567890-12345678-abcd-abcd-abcd-1234567890ab';

select
  id,
  name
from
  aws_identitystore_group
where
  identity_store_id = 'd-1234567890'
  and id = '1234567890-12345678-abcd-abcd-abcd-1234567890ab';

List groups by name

Determine the areas in which specific user groups are identified within a particular identity store in AWS. This is useful for managing access controls and permissions in a secure environment.

select
  id,
  name
from
  aws_identitystore_group
where
  identity_store_id = 'd-1234567890'
  and name = 'test';

select
  id,
  name
from
  aws_identitystore_group
where
  identity_store_id = 'd-1234567890'
  and name = 'test';

Schema for aws_identitystore_group

Name	Type	Operators	Description
_ctx	jsonb		Steampipe context in JSON form.
account_id	text	=, !=, ~~, ~~, !~~, !~~	The AWS Account ID in which the resource is located.
akas	jsonb		Array of globally unique identifier strings (also known as) for the resource.
description	text		A string containing a description of the specified group.
external_ids	text		A list of ExternalId objects that contains the identifiers issued to this resource by an external identity provider.
id	text	=	The identifier for a group in the identity store.
identity_store_id	text	=	The globally unique identifier for the identity store.
name	text		Contains the group's display name value.
partition	text		The AWS partition in which the resource is located (aws, aws-cn, or aws-us-gov).
region	text		The AWS Region in which the resource is located.
sp_connection_name	text	=, !=, ~~, ~~, !~~, !~~	Steampipe connection name.
sp_ctx	jsonb		Steampipe context in JSON form.
title	text		Title of the resource.

Export

This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.

You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:

/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- aws

You can pass the configuration to the command with the --config argument:

steampipe_export_aws --config '<your_config>' aws_identitystore_group