v1.0 for Steampipe, Powerpipe, Flowpipe, 116 plugins, and 44 mods →
Steampipe logo 
Hub
Plugins
turbot/aws
Overview
496Tables
Versions
PowerpipeMods
GitHub
steampipe plugin install aws

Table: aws_wafv2_regex_pattern_set - Query AWS WAFv2 Regex Pattern Set using SQL

The AWS WAFv2 Regex Pattern Set is a feature within the AWS Web Application Firewall (WAF) service. It enables users to define a list of regular expressions (regex) that AWS WAF will use to inspect web requests. This tool is essential for identifying and blocking malicious requests based on pattern matching, thereby providing an additional layer of security for your web applications.

Table Usage Guide

The aws_wafv2_regex_pattern_set table in Steampipe provides you with information about Regex Pattern Sets within AWS WAFv2. This table allows you, as a DevOps engineer, to query regex pattern set-specific details, including the ID, name, and the regular expressions included in the set. You can utilize this table to gather insights on the regex patterns, such as the ARN, ID, lock token, and the regular expressions included in the pattern set. The schema outlines the various attributes of the regex pattern set for you, including the ARN, ID, lock token, name, regular expression list, and associated tags.

Examples

Basic info

Determine the areas in which specific AWS WAFv2 regex pattern sets are implemented. This helps in understanding the distribution and application of these pattern sets across different regions.

select
  name,
  description,
  arn,
  id,
  scope,
  regular_expressions,
  region
from
  aws_wafv2_regex_pattern_set;
select
  name,
  description,
  arn,
  id,
  scope,
  regular_expressions,
  region
from
  aws_wafv2_regex_pattern_set;

List global (CloudFront) regex pattern sets

Explore the global pattern sets used in AWS CloudFront to gain insights into the regular expressions being utilized. This is useful for understanding the scope and configuration of your AWS WAFv2, aiding in the optimization and security of your cloud resources.

select
  name,
  description,
  arn,
  id,
  scope,
  regular_expressions,
  region
from
  aws_wafv2_regex_pattern_set
where
  scope = 'CLOUDFRONT';
select
  name,
  description,
  arn,
  id,
  scope,
  regular_expressions,
  region
from
  aws_wafv2_regex_pattern_set
where
  scope = 'CLOUDFRONT';

List regex pattern sets with a specific regex pattern

Identify instances where specific regex patterns are used in your AWS WAFv2 regex pattern sets. This can help in managing and monitoring your security configurations.

select
  name,
  description,
  arn,
  wrps.id,
  scope,
  regular_expressions,
  region
from
  aws_wafv2_regex_pattern_set as wrps,
  jsonb_array_elements_text(regular_expressions) as regex
where
  regex = '^steampipe';
select
  name,
  description,
  arn,
  wrps.id,
  scope,
  json_extract(regex.value, '$') as regular_expressions,
  region
from
  aws_wafv2_regex_pattern_set as wrps,
  json_each(regular_expressions) as regex
where
  json_extract(regex.value, '$') = '^steampipe';

Schema for aws_wafv2_regex_pattern_set

NameTypeOperatorsDescription
_ctxjsonbSteampipe context in JSON form.
account_idtext=, !=, ~~, ~~*, !~~, !~~*The AWS Account ID in which the resource is located.
akasjsonbArray of globally unique identifier strings (also known as) for the resource.
arntextThe Amazon Resource Name (ARN) of the entity.
descriptiontextA description of the Regex Pattern set that helps with identification.
idtext=A unique identifier for the Regex Pattern set.
lock_tokentextA token used for optimistic locking.
nametext=The name of the Regex Pattern set.
partitiontextThe AWS partition in which the resource is located (aws, aws-cn, or aws-us-gov).
regiontextThe AWS Region in which the resource is located.
regular_expressionsjsonbThe list of regular expression patterns in the set.
scopetext=Specifies the scope of the Regex Pattern Set. Possible values are: 'REGIONAL' and 'CLOUDFRONT'.
sp_connection_nametext=, !=, ~~, ~~*, !~~, !~~*Steampipe connection name.
sp_ctxjsonbSteampipe context in JSON form.
tagsjsonbA map of tags for the resource.
tags_srcjsonbA list of tags associated with the resource.
titletextTitle of the resource.

Export

This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.

You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:

/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- aws

You can pass the configuration to the command with the --config argument:

steampipe_export_aws --config '<your_config>' aws_wafv2_regex_pattern_set