steampipe plugin install consul

Table: consul_namespace - Query Consul Namespaces using SQL

A Consul Namespace is a resource within HashiCorp Consul that allows you to isolate Consul resources and configurations into separate, distinct entities. It provides a way to segment the Consul ecosystem into smaller, manageable parts for different teams, applications, or environments. Consul Namespaces helps in ensuring the right level of access and control over the Consul resources.

Table Usage Guide

The consul_namespace table provides insights into Consul Namespaces within HashiCorp Consul. As a DevOps engineer, you can explore namespace-specific details through this table, including their names, descriptions, ACLs, and associated metadata. Utilize it to uncover information about namespaces, such as their access controls, configurations, and the metadata associated with each namespace.

Important Notes

  • You need to specify the namespace and partition parameters in the consul.spc file to be able to query this table.

Examples

Basic info

Explore the namespaces within your Consul environment to understand their creation and modification indices, which can help in tracking changes and managing your resources effectively.

select
name,
create_index,
description,
modify_index,
partition
from
consul_namespace;
select
name,
create_index,
description,
modify_index,
partition
from
consul_namespace;

List deleted namespaces

Discover the segments that were previously created but have since been removed. This is beneficial in assessing the changes in your system's organization and structure over time.

select
name,
create_index,
description,
modify_index,
partition
from
consul_namespace
where
deleted_at is not null;
select
name,
create_index,
description,
modify_index,
partition
from
consul_namespace
where
deleted_at is not null;

Show ACLs of each namespace

Assess the access control lists (ACLs) for each namespace to understand their policy and role defaults, which can be useful for auditing security configurations and permissions.

select
name,
create_index,
partition,
jsonb_pretty(acls -> 'PolicyDefaults') as policy_defaults,
jsonb_pretty(acls -> 'RoleDefaults') as role_defaults
from
consul_namespace;
select
name,
create_index,
partition,
acls as policy_defaults,
acls as role_defaults
from
consul_namespace;

Schema for consul_namespace

NameTypeOperatorsDescription
_ctxjsonbSteampipe context in JSON form.
aclsjsonbACLs is the configuration of ACLs for this namespace.
address_urltextThe address URL.
create_indexbigint=CreateIndex is the Raft index at which the Namespace was created.
deleted_attimestamp with time zoneDeletedAt is the time when the Namespace was marked for deletion.
descriptiontextDescription is where the user puts any information they want about the namespace. It is not used internally.
metajsonbMeta is a map that can be used to add kv metadata to the namespace definition.
modify_indexbigintModifyIndex is the latest Raft index at which the Namespace was modified.
nametext=Name is the name of the Namespace. It must be unique and must be a DNS hostname. There are also other reserved names that may not be used.
partitiontextPartition which contains the Namespace.
sp_connection_nametext=, !=, ~~, ~~*, !~~, !~~*Steampipe connection name.
sp_ctxjsonbSteampipe context in JSON form.
titletextThe title of the namespace.

Export

This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.

You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:

/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- consul

You can pass the configuration to the command with the --config argument:

steampipe_export_consul --config '<your_config>' consul_namespace