Table: cloudflare_access_group - Query Cloudflare Access Groups using SQL
Cloudflare Access Groups is a feature within Cloudflare that allows you to manage and control access to your applications and services. It provides a way to set up and manage groups of users who have access to specific resources, based on predefined conditions. Cloudflare Access Groups help you maintain the security and integrity of your resources by ensuring only authorized users can access them.
Table Usage Guide
The cloudflare_access_group
table provides insights into Access Groups within Cloudflare. As a security analyst, explore group-specific details through this table, including group names, user emails, and associated metadata. Utilize it to uncover information about groups, such as those with specific access permissions, the users associated with each group, and the verification of access controls.
Examples
Basic info
Determine the areas in which Cloudflare access groups were established by examining their creation dates. This can help in understanding the timeline of security group deployment and aid in managing access control.
select name, id, created_atfrom cloudflare_access_group;
select name, id, created_atfrom cloudflare_access_group;
List access group rules
Analyze the settings to understand the rules of your access groups. This can help you pinpoint specific locations where access is granted or denied, providing a comprehensive view of your security configurations.
select name, id, jsonb_pretty(include) as include, jsonb_pretty(exclude) as exclude, jsonb_pretty(require) as requirefrom cloudflare_access_group;
select name, id, include, exclude, requirefrom cloudflare_access_group;
Schema for cloudflare_access_group
Name | Type | Operators | Description |
---|---|---|---|
_ctx | jsonb | Steampipe context in JSON form. | |
account_id | text | = | ID of the account, access group belongs. |
account_name | text | = | Name of the account, access group belongs. |
created_at | timestamp with time zone | Timestamp when access group was created. | |
exclude | jsonb | The exclude policy works like a NOT logical operator. The user must not satisfy all of the rules in exclude. | |
id | text | Identifier of the access group. | |
include | jsonb | The include policy works like an OR logical operator. The user must satisfy one of the rules in includes. | |
name | text | Friendly name of the access group. | |
require | jsonb | The require policy works like a AND logical operator. The user must satisfy all of the rules in require. | |
sp_connection_name | text | =, !=, ~~, ~~*, !~~, !~~* | Steampipe connection name. |
sp_ctx | jsonb | Steampipe context in JSON form. | |
updated_at | timestamp with time zone | TImestamp when access group was last modified. | |
user_id | text | =, !=, ~~, ~~*, !~~, !~~* | ID of the current user. |
Export
This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.
You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh
script:
/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- cloudflare
You can pass the configuration to the command with the --config
argument:
steampipe_export_cloudflare --config '<your_config>' cloudflare_access_group