turbot/digitalocean
steampipe plugin install digitalocean

Table: digitalocean_firewall - Query DigitalOcean Firewalls using SQL

DigitalOcean Firewalls are a security feature that controls the traffic to your Droplet. Firewalls place a barrier between your servers and other machines on the network to protect them from external attacks. Firewalls can be customized to only allow traffic to certain ports and addresses.

Table Usage Guide

The digitalocean_firewall table provides insights into firewall configurations within DigitalOcean. As a DevOps engineer, explore firewall-specific details through this table, including inbound and outbound rules, associated Droplets, and tags. Utilize it to uncover information about firewall rules, the Droplets they apply to, and the overall security of your network.

Examples

Basic info

Explore which firewalls have unrestricted inbound access, potentially posing a security risk. This is useful for identifying and mitigating potential vulnerabilities in your network's security.

select
id,
name,
created_at,
status
from
digitalocean_firewall;
select
id,
name,
created_at,
status
from
digitalocean_firewall;

List firewalls whose inbound access is not restricted

select
id,
name,
created_at,
status
from
digitalocean_firewall,
jsonb_array_elements(inbound_rules) as i
where
i -> 'sources' -> 'addresses' = '["0.0.0.0/0","::/0"]';
select
digitalocean_firewall.id,
digitalocean_firewall.name,
digitalocean_firewall.created_at,
digitalocean_firewall.status
from
digitalocean_firewall,
json_each(inbound_rules) as i
where
json_extract(i.value, '$.sources.addresses') = '["0.0.0.0/0","::/0"]';

List failed firewalls

Identify instances where firewall creation attempts have been unsuccessful. This could be useful in troubleshooting and ensuring the security of your digital assets.

select
id,
name,
created_at,
status
from
digitalocean_firewall
where
status = 'failed';
select
id,
name,
created_at,
status
from
digitalocean_firewall
where
status = 'failed';

Schema for digitalocean_firewall

NameTypeOperatorsDescription
_ctxjsonbSteampipe context in JSON form.
akasjsonbArray of globally unique identifier strings (also known as) for the resource.
created_attimestamp with time zoneA time value given in ISO8601 combined date and time format that represents when the Firewall was created.
droplet_idsjsonbThe list of the IDs of the Droplets assigned to the Firewall.
idtext=The unique universal identifier of this firewall.
inbound_rulesjsonbThe inbound access rule block for the Firewall.
nametextThe name of the Firewall.
outbound_rulesjsonbThe outbound access rule block for the Firewall.
pending_changesjsonbAn list of object containing the fields, `droplet_id`, `removing`, and `status`. It is provided to detail exactly which Droplets are having their security policies updated. When empty, all changes have been successfully applied.
sp_connection_nametext=, !=, ~~, ~~*, !~~, !~~*Steampipe connection name.
sp_ctxjsonbSteampipe context in JSON form.
statustextA status string indicating the current state of the Firewall.
tagsjsonbA map of tags for the resource.
titletextTitle of the resource.
urntextThe uniform resource name (URN) for the Firewall.