turbot/azure

steampipe plugin install azuresteampipe plugin install azure
azure_ad_groupazure_ad_service_principalazure_ad_userazure_api_managementazure_app_service_environmentazure_app_service_function_appazure_app_service_planazure_app_service_web_appazure_application_security_groupazure_batch_accountazure_compute_availability_setazure_compute_diskazure_compute_disk_encryption_setazure_compute_disk_metric_read_opsazure_compute_disk_metric_read_ops_dailyazure_compute_disk_metric_read_ops_hourlyazure_compute_disk_metric_write_opsazure_compute_disk_metric_write_ops_dailyazure_compute_disk_metric_write_ops_hourlyazure_compute_imageazure_compute_resource_skuazure_compute_snapshotazure_compute_virtual_machineazure_compute_virtual_machine_metric_cpu_utilizationazure_compute_virtual_machine_metric_cpu_utilization_dailyazure_compute_virtual_machine_metric_cpu_utilization_hourlyazure_compute_virtual_machine_scale_setazure_container_registryazure_cosmosdb_accountazure_cosmosdb_mongo_databaseazure_cosmosdb_sql_databaseazure_data_factoryazure_data_factory_datasetazure_data_factory_pipelineazure_data_lake_analytics_accountazure_data_lake_storeazure_diagnostic_settingazure_eventhub_namespaceazure_express_route_circuitazure_firewallazure_iothubazure_key_vaultazure_key_vault_deleted_vaultazure_key_vault_keyazure_key_vault_managed_hardware_security_moduleazure_key_vault_secretazure_kubernetes_clusterazure_lbazure_lb_backend_address_poolazure_lb_nat_ruleazure_lb_outbound_ruleazure_lb_probeazure_lb_ruleazure_locationazure_log_alertazure_log_profileazure_logic_app_workflowazure_management_lockazure_mariadb_serverazure_mssql_elasticpoolazure_mssql_managed_instanceazure_mysql_serverazure_network_interfaceazure_network_security_groupazure_network_watcherazure_network_watcher_flow_logazure_policy_assignmentazure_policy_definitionazure_postgresql_serverazure_providerazure_public_ipazure_recovery_services_vaultazure_redis_cacheazure_resource_groupazure_resource_linkazure_role_assignmentazure_role_definitionazure_route_tableazure_search_serviceazure_security_center_auto_provisioningazure_security_center_contactazure_security_center_jit_network_access_policyazure_security_center_settingazure_security_center_subscription_pricingazure_servicebus_namespaceazure_sql_databaseazure_sql_serverazure_storage_accountazure_storage_blobazure_storage_blob_serviceazure_storage_containerazure_storage_queueazure_storage_tableazure_storage_table_serviceazure_stream_analytics_jobazure_subnetazure_subscriptionazure_tenantazure_virtual_networkazure_virtual_network_gateway

Table: azure_firewall

Azure Firewall is a managed, cloud-based network security service that protects your Azure Virtual Network resources. It's a fully stateful firewall as a service with built-in high availability and unrestricted cloud scalability.

Examples

Azure firewall location and availability zone count info

select
name,
location,
jsonb_array_length(availability_zones) availability_zones_count
from
azure_firewall;

Basic IP configuration info

select
name,
ip #> '{properties, privateIPAddress}' private_ip_address,
ip #> '{properties, privateIPAllocationMethod}' private_ip_allocation_method,
split_part(
ip -> 'properties' -> 'publicIPAddress' ->> 'id',
'/',
9
) public_ip_address_id,
split_part(ip -> 'properties' ->> 'subnet', '/', 9) virtual_network
from
azure_firewall
cross join jsonb_array_elements(ip_configurations) as ip;

List the premium category firewalls

select
name,
sku_tier,
sku_name
from
azure_firewall
where
sku_tier = 'Premium';

List of firewalls where threat intel mode is off

select
name,
threat_intel_mode
from
azure_firewall
where
threat_intel_mode = 'Off';

.inspect azure_firewall

Azure Firewall

NameTypeDescription
additional_propertiesjsonbA collection of additional properties used to further config this azure firewall
akasjsonbArray of globally unique identifier strings (also known as) for the resource.
application_rule_collectionsjsonbA collection of application rule collections used by Azure Firewall
availability_zonesjsonbA collection of availability zones denoting where the resource needs to come from
etagtextAn unique read-only string that changes whenever the resource is updated
firewall_policy_idtextThe firewallPolicy associated with this azure firewall
hub_private_ip_addressinetPrivate IP Address associated with azure firewall
hub_public_ip_address_countbigintThe number of Public IP addresses associated with azure firewall
hub_public_ip_addressesjsonbA collection of Public IP addresses associated with azure firewall or IP addresses to be retained
idtextContains ID to identify a firewall uniquely
ip_configurationsjsonbA collection of IP configuration of the Azure Firewall resource
ip_groupsjsonbA collection of IpGroups associated with AzureFirewall
nametextThe friendly name that identifies the firewall
nat_rule_collectionsjsonbA collection of NAT rule collections used by Azure Firewall
network_rule_collectionsjsonbA collection of network rule collections used by Azure Firewall
provisioning_statetextThe provisioning state of the firewall resource
regiontextThe Azure region/location in which the resource is located.
resource_grouptextThe resource group which holds this resource.
sku_nametextName of an Azure Firewall SKU
sku_tiertextTier of an Azure Firewall
subscription_idtextThe Azure Subscription ID in which the resource is located.
tagsjsonbA map of tags for the resource.
threat_intel_modetextThe operation mode for Threat Intelligence
titletextTitle of the resource.
typetextThe resource type of the firewall
virtual_hub_idtextThe virtualHub to which the firewall belongs