steampipe plugin install azure

Table: azure_cognitive_account - Query Azure Cognitive Services Accounts using SQL

Azure Cognitive Services is a collection of AI services and cognitive APIs to help you build intelligent apps. These services enable you to easily add cognitive features into your applications. The features include vision, speech, language, knowledge, and search capabilities.

Table Usage Guide

The azure_cognitive_account table offers insights into the Azure Cognitive Services Accounts. As a developer or AI engineer, you can explore details about these accounts, such as the types of cognitive services being used, their configurations, and associated metadata. This information can be crucial for understanding the cognitive capabilities integrated into your applications and for optimizing their performance and usage.

Examples

Basic info

Determine the areas in which your Azure Cognitive Service accounts are provisioned, to better understand your resource usage and management. This is particularly useful for identifying any inconsistencies in provisioning and for gaining insights into your overall Azure resource allocation.

select
name,
id,
kind,
type,
provisioning_state
from
azure_cognitive_account;
select
name,
id,
kind,
type,
provisioning_state
from
azure_cognitive_account;

List accounts with enabled public network access

Discover the segments that have public network access enabled on their accounts. This is beneficial for identifying potential security risks and ensuring appropriate network access controls are in place.

select
name,
id,
kind,
type,
provisioning_state,
public_network_access
from
azure_cognitive_account
where
public_network_access = 'Enabled';
select
name,
id,
kind,
type,
provisioning_state,
public_network_access
from
azure_cognitive_account
where
public_network_access = 'Enabled';

List private endpoint connection details for accounts

Determine the details of private endpoint connections for Azure cognitive accounts. This can help in managing and monitoring the security and access control of your cognitive services in Azure.

select
name,
id,
connections ->> 'ID' as connection_id,
connections ->> 'Name' as connection_name,
connections ->> 'PrivateEndpointID' as property_private_endpoint_id,
jsonb_pretty(connections -> 'PrivateLinkServiceConnectionState') as property_private_link_service_connection_state,
connections ->> 'Type' as connection_type
from
azure_cognitive_account,
jsonb_array_elements(private_endpoint_connections) as connections;
select
name,
a.id,
json_extract(connections.value, '$.ID') as connection_id,
json_extract(connections.value, '$.Name') as connection_name,
json_extract(connections.value, '$.PrivateEndpointID') as property_private_endpoint_id,
connections.value as property_private_link_service_connection_state,
json_extract(connections.value, '$.Type') as connection_type
from
azure_cognitive_account as a,
json_each(private_endpoint_connections) as connections;

List diagnostic setting details for accounts

Determine the diagnostic settings of Azure cognitive accounts to understand how they're configured. This is useful for auditing and managing account settings for optimal performance and security.

select
name,
id,
settings ->> 'id' as settings_id,
settings ->> 'name' as settings_name,
jsonb_pretty(settings -> 'properties' -> 'logs') as settings_properties_logs,
jsonb_pretty(settings -> 'properties' -> 'metrics') as settings_properties_metrics,
settings -> 'properties' ->> 'workspaceId' as settings_properties_workspaceId,
settings ->> 'type' as settings_type
from
azure_cognitive_account,
jsonb_array_elements(diagnostic_settings) as settings;
select
name,
a.id,
json_extract(settings.value, '$.id') as settings_id,
json_extract(settings.value, '$.name') as settings_name,
settings.value -> 'properties' -> 'logs' as settings_properties_logs,
settings.value -> 'properties' -> 'metrics' as settings_properties_metrics,
json_extract(settings.value, '$.properties.workspaceId') as settings_properties_workspaceId,
json_extract(settings.value, '$.type') as settings_type
from
azure_cognitive_account as a,
json_each(diagnostic_settings) as settings;

Schema for azure_cognitive_account

NameTypeOperatorsDescription
_ctxjsonbSteampipe context in JSON form.
akasjsonbArray of globally unique identifier strings (also known as) for the resource.
allowed_fqdn_listjsonbThe allowed FQDN list for the resource.
api_propertiesjsonbThe api properties for special APIs.
call_rate_limitjsonbThe call rate limit of the resource.
capabilitiesjsonbThe capabilities of the cognitive services account. Each item indicates the capability of a specific feature. The values are read-only and for reference only.
cloud_environmenttextThe Azure Cloud Environment.
custom_sub_domain_nametextThe subdomain name used for token-based authentication.
date_createdtextThe date of cognitive services account creation.
diagnostic_settingsjsonbA list of active diagnostic settings for the cognitive service account.
disable_local_authbooleanChecks if local auth is disabled for the resource.
encryptionjsonbThe encryption properties for the resource.
endpointtextThe endpoint of the created account.
endpointsjsonbAll endpoints of the cognitive services account.
etagtextThe resource etag.
idtextFully qualified resource ID for the resource.
identityjsonbThe identity for the resource.
is_migratedbooleanChecks if the resource is migrated from an existing key.
kindtextThe kind of the resource.
migration_tokentextThe resource migration token.
nametext=The name of the resource.
network_aclsjsonbA collection of rules governing the accessibility from specific network locations.
private_endpoint_connectionsjsonbThe private endpoint connection associated with the cognitive services account.
provisioning_statetextThe status of the cognitive services account at the time the operation was called. Possible values include: 'Accepted', 'Creating', 'Deleting', 'Moving', 'Failed', 'Succeeded', 'ResolvingDNS'.
public_network_accesstextWhether or not public endpoint access is allowed for this account. Value is optional but if passed in, must be 'Enabled' or 'Disabled'. Possible values include: 'Enabled', 'Disabled'.
quota_limitjsonbThe quota limit of the resource.
regiontextThe Azure region/location in which the resource is located.
resource_grouptext=The resource group which holds this resource.
restorebooleanChecks if restore is enabled for the resource.
restrict_outbound_network_accessbooleanChecks if outbound network access is restricted for the resource.
skujsonbThe resource model definition representing SKU.
sku_change_infojsonbSku change info of the resource.
sp_connection_nametext=, !=, ~~, ~~*, !~~, !~~*Steampipe connection name.
sp_ctxjsonbSteampipe context in JSON form.
subscription_idtext=, !=, ~~, ~~*, !~~, !~~*The Azure Subscription ID in which the resource is located.
system_datajsonbThe metadata pertaining to creation and last modification of the resource.
tagsjsonbA map of tags for the resource.
titletextTitle of the resource.
typetextThe type of the resource. E.g. 'Microsoft.Compute/virtualMachines' or 'Microsoft.Storage/storageAccounts'.
user_owned_storagejsonbThe storage accounts for the resource.

Export

This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.

You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:

/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- azure

You can pass the configuration to the command with the --config argument:

steampipe_export_azure --config '<your_config>' azure_cognitive_account