steampipe plugin install azure

Table: azure_security_center_auto_provisioning - Query Azure Security Center Auto Provisioning Settings using SQL

Azure Security Center Auto Provisioning is a feature within Microsoft Azure that allows for the automatic deployment of security services and controls. It plays a crucial role in ensuring that the necessary security services are in place across all Azure resources, making it easier to maintain and monitor the security posture of your Azure environment. It promotes consistency and reduces the chance of misconfiguration or oversight in security controls deployment.

Table Usage Guide

The azure_security_center_auto_provisioning table provides insights into the automatic deployment of security services and controls within Azure Security Center. As a Security or DevOps engineer, explore the details of auto provisioning settings through this table, including the target resource type and auto provisioning status. Utilize it to maintain optimal and consistent security posture across your Azure resources, and to ensure that all necessary security services are automatically deployed as needed.

Examples

Basic info

Determine the areas in which automatic provisioning is enabled in your Azure Security Center to enhance your security posture and reduce manual configuration efforts.

select
id,
name,
type,
auto_provision
from
azure_security_center_auto_provisioning;
select
id,
name,
type,
auto_provision
from
azure_security_center_auto_provisioning;

List subscriptions that have automatic provisioning of VM monitoring agent enabled

Discover the segments that have automatic virtual machine monitoring agent provisioning enabled. This can be beneficial to assess the elements within your system that are being automatically monitored, ensuring system performance and security.

select
id,
name,
type,
auto_provision
from
azure_security_center_auto_provisioning
where
auto_provision = 'On';
select
id,
name,
type,
auto_provision
from
azure_security_center_auto_provisioning
where
auto_provision = 'On';

Schema for azure_security_center_auto_provisioning

NameTypeOperatorsDescription
_ctxjsonbSteampipe context in JSON form.
akasjsonbArray of globally unique identifier strings (also known as) for the resource.
auto_provisiontextDescribes what kind of security agent provisioning action to take. Possible values include: On, Off
cloud_environmenttextThe Azure Cloud Environment.
idtextThe resource id.
nametext=The resource name.
sp_connection_nametext=, !=, ~~, ~~*, !~~, !~~*Steampipe connection name.
sp_ctxjsonbSteampipe context in JSON form.
subscription_idtext=, !=, ~~, ~~*, !~~, !~~*The Azure Subscription ID in which the resource is located.
titletextTitle of the resource.
typetextThe resource type.

Export

This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.

You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:

/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- azure

You can pass the configuration to the command with the --config argument:

steampipe_export_azure --config '<your_config>' azure_security_center_auto_provisioning