steampipe plugin install ibm

Table: ibm_iam_access_group - Query IBM Cloud IAM Access Groups using SQL

IBM Cloud Identity and Access Management (IAM) Access Groups are collections of users and service IDs, where access policies can be applied to grant or restrict access to resources in the IBM Cloud. Access Groups simplify the task of managing access to resources by allowing you to assign policies to groups, rather than individual users or service IDs. This grouping mechanism helps in ensuring proper access management across your IBM Cloud resources.

Table Usage Guide

The ibm_iam_access_group table provides insights into IAM access groups within IBM Cloud Identity and Access Management (IAM). As a security administrator, you can explore group-specific details through this table, including group metadata, associated policies, and access details. Utilize it to uncover information about groups, such as those with specific access policies, the users and service IDs associated with each group, and the verification of access rights.

Examples

Basic info

Explore the fundamental details of your IBM IAM access groups to better understand their creation timeline and federation status. This can aid in managing access control and understanding the group's history.

select
name,
id,
is_federated,
href,
created_by_id,
created_at
from
ibm_iam_access_group;
select
name,
id,
is_federated,
href,
created_by_id,
created_at
from
ibm_iam_access_group;

Schema for ibm_iam_access_group

NameTypeOperatorsDescription
_ctxjsonbSteampipe context in JSON form.
account_idtext=, !=, ~~, ~~*, !~~, !~~*The ID fof the account.
created_attimestamp with time zoneThe timestamp the group was created at.
created_by_idtextThe iam_id of the entity that created the group.
descriptiontextThe description of the IAM access group.
hreftextAn url to the given group resource.
idtext=The ID of the IAM access group.
is_federatedbooleanThis is set to true if rules exist for the group.
last_modified_attimestamp with time zoneSpecifies the date and time, the group las modified.
nametextName of the access group.
sp_connection_nametext=, !=, ~~, ~~*, !~~, !~~*Steampipe connection name.
sp_ctxjsonbSteampipe context in JSON form.

Export

This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.

You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:

/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- ibm

You can pass the configuration to the command with the --config argument:

steampipe_export_ibm --config '<your_config>' ibm_iam_access_group