steampipe plugin install azure

Table: azure_application_security_group - Query Azure Application Security Groups using SQL

An Azure Application Security Group is a logical representation of an application in Azure. It allows for the grouping of servers based on applications for security and isolation of network traffic. This provides a more natural way to apply and manage security policies based on applications rather than explicit IP addresses or subnets.

Table Usage Guide

The azure_application_security_group table provides insights into Application Security Groups within Azure. As a security analyst, explore application-specific details through this table, including security configurations, associated network interfaces, and potential vulnerabilities. Utilize it to uncover information about applications, such as those with weak security settings, the relationships between applications and network interfaces, and the verification of security policies.

Examples

Basic info

Explore which applications are grouped together in Azure, and determine the areas in which these groups are deployed. This can aid in understanding the organization and distribution of your applications across different regions.

select
name,
region,
resource_group
from
azure_application_security_group;
select
name,
region,
resource_group
from
azure_application_security_group;

List of application security group without application tag key

Identify instances where Azure application security groups lack the 'application' tag key. This can help streamline organization and management of security groups.

select
name,
tags
from
azure_application_security_group
where
not tags :: JSONB ? 'application';
select
name,
tags
from
azure_application_security_group
where
json_extract(tags, '$.application') is null;

Schema for azure_application_security_group

NameTypeOperatorsDescription
_ctxjsonbSteampipe context in JSON form.
akasjsonbArray of globally unique identifier strings (also known as) for the resource.
cloud_environmenttextThe Azure Cloud Environment.
etagtextAn unique read-only string that changes whenever the resource is updated
idtextContains ID to identify a application security group uniquely
nametext=The friendly name that identifies the application security group
provisioning_statetextThe resource type of the application security group
regiontextThe Azure region/location in which the resource is located.
resource_grouptext=The resource group which holds this resource.
resource_guidtextThe resource GUID property of the application security group resource
sp_connection_nametext=, !=, ~~, ~~*, !~~, !~~*Steampipe connection name.
sp_ctxjsonbSteampipe context in JSON form.
subscription_idtext=, !=, ~~, ~~*, !~~, !~~*The Azure Subscription ID in which the resource is located.
tagsjsonbA map of tags for the resource.
titletextTitle of the resource.
typetextThe resource type of the application security group

Export

This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.

You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:

/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- azure

You can pass the configuration to the command with the --config argument:

steampipe_export_azure --config '<your_config>' azure_application_security_group