Table: guardrails_smart_folder - Query Guardrails Smart Folders using SQL

A Guardrails Smart Folder is a feature within Guardrails that allows users to organize and group guardrails based on their attributes. It provides a centralized way to manage and categorize guardrails, enhancing the efficiency of security and compliance management. Guardrails Smart Folder helps users to streamline their guardrails management process and improve the visibility of their security posture.

Table Usage Guide

The guardrails_smart_folder table provides insights into the organization and grouping of guardrails within Guardrails. As a security engineer, you can explore smart folder-specific details through this table, including the guardrails grouped under each smart folder, their attributes, and associated metadata. Utilize it to uncover information about smart folders, such as their grouping logic, the number of guardrails under each folder, and the overall organization of your guardrails.

Examples

List all smart folders

Discover the segments that list all your smart folders. This can help you manage and organize your data more efficiently, particularly when dealing with large volumes of data.

select
  id,
  title
from
  guardrails_smart_folder;

select
  id,
  title
from
  guardrails_smart_folder;

List smart folders with their policy settings

Explore which smart folders have specific policy settings assigned to them. This can help you understand and manage the security measures applied to different folders in your system.

select
  sf.trunk_title as smart_folder,
  pt.trunk_title as policy,
  ps.id,
  ps.precedence,
  ps.is_calculated,
  ps.value
from
  guardrails_smart_folder as sf
  left join guardrails_policy_setting as ps on ps.resource_id = sf.id
  left join guardrails_policy_type as pt on pt.id = ps.policy_type_id
order by
  smart_folder;

select
  sf.trunk_title as smart_folder,
  pt.trunk_title as policy,
  ps.id,
  ps.precedence,
  ps.is_calculated,
  ps.value
from
  guardrails_smart_folder as sf
  left join guardrails_policy_setting as ps on ps.resource_id = sf.id
  left join guardrails_policy_type as pt on pt.id = ps.policy_type_id
order by
  smart_folder;

List smart folders with their attached resources

Discover the segments that are linked to specific smart folders. This information can be useful in understanding how resources are grouped and managed, providing insights into your resource organization strategy. Get each smart folder with an array of the resources attached to it:

select
  title,
  attached_resource_ids
from
  guardrails_smart_folder
order by
  title;

select
  title,
  attached_resource_ids
from
  guardrails_smart_folder
order by
  title;

Create a row per smart folder and resource:

select
  sf.title as smart_folder,
  sf_resource_id
from
  guardrails_smart_folder as sf,
  jsonb_array_elements(sf.attached_resource_ids) as sf_resource_id
order by
  smart_folder,
  sf_resource_id;

select
  sf.title as smart_folder,
  json_extract(sf_resource_id.value, '$') as sf_resource_id
from
  guardrails_smart_folder as sf,
  json_each(sf.attached_resource_ids) as sf_resource_id
order by
  smart_folder,
  json_extract(sf_resource_id.value, '$');

Unfortunately, this query to join the smart folder with its resources does not work yet due to issues with qualifier handling in the Steampipe Postgres FDW:

select
  sf.title as smart_folder,
  r.trunk_title as resource,
  r.id
from
  guardrails_smart_folder as sf
  cross join jsonb_array_elements(sf.attached_resource_ids) as sf_resource_id
  left join guardrails_resource as r on r.id = sf_resource_id :: bigint;

select
  sf.title as smart_folder,
  r.trunk_title as resource,
  r.id
from
  guardrails_smart_folder as sf,
  json_each(sf.attached_resource_ids) as sf_resource_id
  left join guardrails_resource as r on r.id = CAST(sf_resource_id.value AS INTEGER);

Schema for guardrails_smart_folder

Name	Type	Operators	Description
_ctx	jsonb		Steampipe context in JSON form.
akas	jsonb		AKA (also known as) identifiers for the smart folder.
attached_resource_ids	jsonb
color	text		Color of the smart folder in the UI.
create_timestamp	timestamp with time zone		When the smart folder was first discovered by Turbot. (It may have been created earlier.)
data	jsonb		Resource data.
description	text		Description of the smart folder.
id	bigint	=	Unique identifier of the smart folder.
metadata	jsonb		Resource custom metadata.
parent_id	bigint		ID for the parent of this smart folder.
path	jsonb		Hierarchy path with all identifiers of ancestors of the smart folder.
resource_type_id	bigint		ID of the resource type for this smart folder.
resource_type_uri	text		URI of the resource type for this smart folder.
sp_connection_name	text	=, !=, ~~, ~~, !~~, !~~	Steampipe connection name.
sp_ctx	jsonb		Steampipe context in JSON form.
tags	jsonb		Tags for the smart folder.
timestamp	timestamp with time zone		Timestamp when the smart folder was last modified (created, updated or deleted).
title	text		Title of the smart folder.
trunk_title	text		Title with full path of the smart folder.
update_timestamp	timestamp with time zone		When the smart folder was last updated in Turbot.
version_id	bigint		Unique identifier for this version of the smart folder.
workspace	text		Specifies the workspace URL.

Export

This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.

You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:

/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- guardrails

You can pass the configuration to the command with the --config argument:

steampipe_export_guardrails --config '<your_config>' guardrails_smart_folder