Table: duo_administrator - Query Duo Security Administrators using SQL

Duo Security Administrators are the users who have access to manage and configure settings within the Duo Security system. These administrators have different roles, such as Owner, Billing, User Manager, and more, each with specific permissions and access rights. Understanding these roles and their associated details can provide valuable insights into the management and security of the Duo system.

Table Usage Guide

The duo_administrator table provides insights into Duo Security Administrators. As a security professional, you can explore administrator-specific details through this table, including roles, names, and other associated details. Utilize it to uncover information about administrators, such as their roles in the system, their access rights, and the security implications of these roles.

Examples

List all administrators

select
  name,
  admin_id,
  email,
  role
from
  duo_administrator
order by
  name;

select
  name,
  admin_id,
  email,
  role
from
  duo_administrator
order by
  name;

select
  admin_id,
  name,
  email,
  last_login
from
  duo_administrator
order by
  last_login desc
limit
  10;

select
  admin_id,
  name,
  email,
  last_login
from
  duo_administrator
order by
  last_login desc
limit
  10;

Administrators who have never logged in

select
  admin_id,
  name,
  email
from
  duo_administrator
where
  last_login is null
order by
  name;

select
  admin_id,
  name,
  email
from
  duo_administrator
where
  last_login is null
order by
  name;

Schema for duo_administrator

Name	Type	Operators	Description
_ctx	jsonb		Steampipe context in JSON form, e.g. connection_name.
admin_id	text	=	The administrator's ID.
admin_units	jsonb		The list of administrative units (by admin_unit_id) to which the admin belongs. For an unrestricted admin, this is an empty list.
created	timestamp with time zone		The administrator's creation date as a UNIX timestamp. No creation date shown for administrators created before October 2021.
email	text		The administrator's email address.
hardtoken	jsonb		Information about hardware tokens attached to the administrator, or null if none attached. See Retrieve Hardware Tokens for descriptions of the response values.
last_login	timestamp with time zone		An integer indicating the last time this administrator logged in, as a Unix timestamp, or null if the administrator has not logged in.
name	text		The administrator's full name.
password_change_required	boolean		Either true if the administrator must change their password at the next login, or false if no password change is required.
phone	text		The administrator's phone number.
restricted_by_admin_units	boolean		Is this administrator restricted by an administrative unit assignment? Either true or false. Must be set to true in order to add the admin to an administrative unit using the API.
role	text		The administrator's role. One of: Owner, Administrator, Application Manager, User Manager, Help Desk, Billing, Phishing Manager, or Read-only. Only present in the response if the customer edition includes the Administrative Roles feature.
status	text		The administrator account's status. One of: Active (admin can log in to Duo), Disabled (admin prevented from access), Expired (admin blocked from access due to inactivity), or Pending Activation (new admin must complete activation to gain access).

Export

This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.

You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:

/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- duo

You can pass the configuration to the command with the --config argument:

steampipe_export_duo --config '<your_config>' duo_administrator