steampipe plugin install azure

Table: azure_policy_definition - Query Azure Policy Definitions using SQL

Azure Policy is a service in Azure that you use to create, assign, and manage policies. These policies enforce different rules and effects over your resources, so those resources stay compliant with your corporate standards and service level agreements. Azure Policy does this by running evaluations of your resources and scanning for those not compliant with the policies you have created.

Table Usage Guide

The azure_policy_definition table provides insights into policy definitions within Azure Policy. As a security analyst, explore policy-specific details through this table, including policy rules, effects, and associated metadata. Utilize it to uncover information about policies, such as those with specific effects, the relationships between policies, and the verification of policy rules.

Examples

Basic info

Explore the policies defined within your Azure environment to better understand their purpose and type. This can be beneficial to gain insights into your current security configurations and to identify areas for potential improvement.

select
id,
name,
display_name,
type,
jsonb_pretty(policy_rule) as policy_rule
from
azure_policy_definition;
select
id,
name,
display_name,
type,
policy_rule
from
azure_policy_definition;

Get the policy definition by display name

Determine the specifics of a policy definition based on its display name. This is particularly useful in scenarios where you need to understand the details of a policy without having to navigate through multiple layers of your Azure policy definitions.

select
id,
name,
display_name,
type,
jsonb_pretty(policy_rule) as policy_rule
from
azure_policy_definition
where
display_name = 'Private endpoint connections on Batch accounts should be enabled';
select
id,
name,
display_name,
type,
policy_rule
from
azure_policy_definition
where
display_name = 'Private endpoint connections on Batch accounts should be enabled';

Schema for azure_policy_definition

NameTypeOperatorsDescription
_ctxjsonbSteampipe context in JSON form.
akasjsonbArray of globally unique identifier strings (also known as) for the resource.
cloud_environmenttextThe Azure Cloud Environment.
descriptiontextThe policy definition description.
display_nametextThe user-friendly display name of the policy definition.
idtextThe ID of the policy definition.
metadatajsonbThe policy definition metadata. Metadata is an open ended object and is typically a collection of key value pairs.
modetextThe policy definition mode. Some examples are All, Indexed, Microsoft.KeyVault.Data.
nametextThe name of the policy definition.
parametersjsonbThe parameter definitions for parameters used in the policy rule. The keys are the parameter names.
policy_rulejsonbThe policy rule.
policy_typetextThe type of policy definition. Possible values are NotSpecified, BuiltIn, Custom, and Static. Possible values include: 'NotSpecified', 'BuiltIn', 'Custom', 'Static'.
sp_connection_nametext=, !=, ~~, ~~*, !~~, !~~*Steampipe connection name.
sp_ctxjsonbSteampipe context in JSON form.
subscription_idtext=, !=, ~~, ~~*, !~~, !~~*The Azure Subscription ID in which the resource is located.
titletextTitle of the resource.
typetextThe type of the resource (Microsoft.Authorization/policyDefinitions).

Export

This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.

You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:

/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- azure

You can pass the configuration to the command with the --config argument:

steampipe_export_azure --config '<your_config>' azure_policy_definition