steampipe plugin install ibm

Table: ibm_is_security_group - Query IBM Cloud Infrastructure Security Groups using SQL

IBM Cloud Infrastructure Security Groups are a set of IP filter rules that define how to handle inbound and outbound IP traffic to both the virtual server instance and the network interfaces on the virtual server instance. These groups act as a virtual firewall for your virtual server instances to control inbound and outbound traffic. Security groups in a VPC specify which traffic is allowed to or from resources connected to the VPC.

Table Usage Guide

The ibm_is_security_group table provides insights into Security Groups within IBM Cloud Infrastructure. As a network administrator or security analyst, you can explore security group-specific details through this table, including the attached network interfaces, associated rules, and other metadata. Utilize it to uncover information about security groups, such as their configuration, the resources they are protecting, and the rules that govern their behavior.

Examples

Basic info

Explore the basic details of security groups within your IBM cloud infrastructure. This can help you understand the security configurations and rules applied, and identify any potential vulnerabilities or misconfigurations.

select
id,
name,
crn,
rules,
targets,
vpc
from
ibm_is_security_group;
select
id,
name,
crn,
rules,
targets,
vpc
from
ibm_is_security_group;

Schema for ibm_is_security_group

NameTypeOperatorsDescription
_ctxjsonbSteampipe context in JSON form.
account_idtext=, !=, ~~, ~~*, !~~, !~~*The ID fof the account.
akasjsonbArray of globally unique identifier strings (also known as) for the resource.
created_attimestamp with time zoneThe date and time that the security group was created.
crntextThe CRN for this security group.
hreftextThe URL for this security group.
idtext=The unique identifier for this security group.
nametextThe unique user-defined name for this security group.
network_interfacesjsonbArray of references to network interfaces.
regiontextThe region of this security group.
resource_groupjsonbThe resource group for this security group.
rulesjsonbArray of rules for this security group. If no rules exist, all traffic will be denied.
sp_connection_nametext=, !=, ~~, ~~*, !~~, !~~*Steampipe connection name.
sp_ctxjsonbSteampipe context in JSON form.
tagsjsonbA map of tags for the resource.
targetsjsonbArray of references to targets.
titletextTitle of the resource.
vpcjsonbThe VPC this security group is a part of.

Export

This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.

You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:

/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- ibm

You can pass the configuration to the command with the --config argument:

steampipe_export_ibm --config '<your_config>' ibm_is_security_group