turbot/guardrails
steampipe plugin install guardrails

Table: guardrails_resource_type - Query Guardrails Resource Types using SQL

Guardrails is a service that helps manage and enforce security, compliance, and operational policies in real-time across your cloud infrastructure. It provides a way to categorize resources and apply specific policies based on the resource type, enabling more granular control and governance. Guardrails Resource Types are the different categories of resources that can be managed and monitored using the Guardrails service.

Table Usage Guide

The guardrails_resource_type table provides insights into the resource types within the Guardrails service. As a security engineer or cloud administrator, explore resource-specific details through this table, including type description and associated metadata. Utilize it to understand the categorization of resources within your cloud infrastructure, helping you to apply and manage policies more effectively.

Examples

List all resource types

Explore various resource types to understand the different categories available, which can assist in organizing and managing your resources more effectively.

select
id,
uri,
trunk_title
from
guardrails_resource_type
order by
trunk_title;
select
id,
uri,
trunk_title
from
guardrails_resource_type
order by
trunk_title;

List all resource types for AWS S3

Explore the variety of resource types associated with AWS S3 to better manage and understand your cloud storage resources. This is useful in comprehending the structure and organization of your S3 resources, aiding in efficient resource utilization and management.

select
id,
uri,
trunk_title
from
guardrails_resource_type
where
mod_uri like 'tmod:@turbot/aws-s3%'
order by
trunk_title;
select
id,
uri,
trunk_title
from
guardrails_resource_type
where
mod_uri like 'tmod:@turbot/aws-s3%'
order by
trunk_title;

Count resource types by cloud provider

The query helps to analyze the distribution of resource types across different cloud providers, such as AWS, Azure, and GCP. This can be useful in understanding the spread of resources and making decisions about resource management or optimization.

select
sum(
case
when mod_uri like 'tmod:@turbot/aws-%' then 1
else 0
end
) as aws,
sum(
case
when mod_uri like 'tmod:@turbot/azure-%' then 1
else 0
end
) as azure,
sum(
case
when mod_uri like 'tmod:@turbot/gcp-%' then 1
else 0
end
) as gcp,
count(*) as total
from
guardrails_resource_type;
select
sum(
case
when mod_uri like 'tmod:@turbot/aws-%' then 1
else 0
end
) as aws,
sum(
case
when mod_uri like 'tmod:@turbot/azure-%' then 1
else 0
end
) as azure,
sum(
case
when mod_uri like 'tmod:@turbot/gcp-%' then 1
else 0
end
) as gcp,
count(*) as total
from
guardrails_resource_type;

Schema for guardrails_resource_type

NameTypeOperatorsDescription
_ctxjsonbSteampipe context in JSON form.
akasjsonbAKA (also known as) identifiers for the resource type.
category_idbigintID of the resource category for the resource type.
category_uritext=URI of the resource category for the resource type.
create_timestamptimestamp with time zoneWhen the resource type was first discovered by Turbot. (It may have been created earlier.)
descriptiontextDescription of the resource type.
icontextIcon of the resource type.
idbigint=Unique identifier of the resource type.
mod_uritextURI of the mod that contains the resource type.
parent_idbigintID for the parent of this resource type.
pathjsonbHierarchy path with all identifiers of ancestors of the resource type.
sp_connection_nametext=, !=, ~~, ~~*, !~~, !~~*Steampipe connection name.
sp_ctxjsonbSteampipe context in JSON form.
titletextTitle of the resource type.
trunk_titletextTitle with full path of the resource type.
update_timestamptimestamp with time zoneWhen the resource type was last updated in Turbot.
uritext=URI of the resource type.
version_idbigintUnique identifier for this version of the resource type.
workspacetextSpecifies the workspace URL.

Export

This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.

You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:

/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- guardrails

You can pass the configuration to the command with the --config argument:

steampipe_export_guardrails --config '<your_config>' guardrails_resource_type