v1.0 for Steampipe, Powerpipe, Flowpipe, 116 plugins, and 44 mods →
Steampipe logo 
Hub
Plugins
turbot/aws
Overview
496Tables
Versions
PowerpipeMods
GitHub
steampipe plugin install aws

Table: aws_inspector2_member - Query AWS Inspector Members using SQL

The AWS Inspector is a security assessment service that helps improve the security and compliance of applications deployed on AWS. It automatically assesses applications for exposure, vulnerabilities, and deviations from best practice. After performing an assessment, AWS Inspector produces a detailed list of security findings prioritized by level of severity.

Table Usage Guide

The aws_inspector2_member table in Steampipe provides you with information about AWS Inspector Members. This table allows you, as a DevOps engineer, to query member-specific details, including account IDs, emails, and associated metadata. You can utilize this table to gather insights on member accounts, such as the account status, the account's relationship with the AWS Inspector assessment target, and more. The schema outlines the various attributes of the AWS Inspector Member for you, including the account ID, email, and the ARN of the AWS Inspector assessment target.

Examples

Basic info

Identify instances where the status of the relationship between member and admin accounts in AWS Inspector has changed, which can be useful for auditing or tracking changes over time.

select
  member_account_id,
  delegated_admin_account_id,
  relationship_status,
  updated_at
from
  aws_inspector2_member;
select
  member_account_id,
  delegated_admin_account_id,
  relationship_status,
  updated_at
from
  aws_inspector2_member;

Retrieve a list of members whose status hasn't changed in the past 30 days

Identify the members who have maintained a consistent status over the past month. This can be useful for tracking stability within your organization or for identifying members who may need attention or updates.

select
  member_account_id,
  delegated_admin_account_id,
  relationship_status,
  updated_at
from
  aws_inspector2_member
where
  updated_at >= now() - interval '30' day;
select
  member_account_id,
  delegated_admin_account_id,
  relationship_status,
  updated_at
from
  aws_inspector2_member
where
  updated_at >= datetime('now', '-30 day');

List invited members

Explore which members have been invited to join your AWS Inspector service. This is useful for tracking pending invitations and managing your AWS Inspector member relationships.

select
  member_account_id,
  delegated_admin_account_id,
  relationship_status
from
  aws_inspector2_member
where
  relationship_status = 'INVITED';
select
  member_account_id,
  delegated_admin_account_id,
  relationship_status
from
  aws_inspector2_member
where
  relationship_status = 'INVITED';

Schema for aws_inspector2_member

NameTypeOperatorsDescription
_ctxjsonbSteampipe context in JSON form.
account_idtext=, !=, ~~, ~~*, !~~, !~~*The AWS Account ID in which the resource is located.
delegated_admin_account_idtextThe Amazon Web Services account ID of the Amazon Inspector delegated administrator for this member account.
member_account_idtextThe AWS Account ID in which the resource is located.
only_associatedtext=Specifies whether to list only currently associated members if True or to list all members within the organization if False.
partitiontextThe AWS partition in which the resource is located (aws, aws-cn, or aws-us-gov).
regiontextThe AWS Region in which the resource is located.
relationship_statustextThe status of the member account. Valid values are: CREATED | INVITED | DISABLED | ENABLED | REMOVED | RESIGNED | DELETED | EMAIL_VERIFICATION_IN_PROGRESS | EMAIL_VERIFICATION_FAILED | REGION_DISABLED | ACCOUNT_SUSPENDED | CANNOT_CREATE_DETECTOR_IN_ORG_MASTER.
sp_connection_nametext=, !=, ~~, ~~*, !~~, !~~*Steampipe connection name.
sp_ctxjsonbSteampipe context in JSON form.
titletextTitle of the resource.
updated_attimestamp with time zoneA timestamp showing when the status of this member was last updated.

Export

This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.

You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:

/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- aws

You can pass the configuration to the command with the --config argument:

steampipe_export_aws --config '<your_config>' aws_inspector2_member