steampipe plugin install oci

Table: oci_objectstorage_bucket - Query OCI Object Storage Buckets using SQL

Oracle Cloud Infrastructure's Object Storage service is an internet-scale, high-performance storage platform that offers reliable and cost-efficient data durability. The Object Storage service can store an unlimited amount of unstructured data of any content type, including analytic data and rich content, like images and videos. With strong consistency, your data is reliably stored and retrieved.

Table Usage Guide

The oci_objectstorage_bucket table provides insights into Object Storage Buckets within Oracle Cloud Infrastructure's Object Storage service. As a data engineer, you can explore bucket-specific details through this table, including its current state, storage tier, and associated metadata. Utilize it to uncover information about buckets, such as their public accessibility, region, and time of creation.

Examples

Basic info

Explore which storage buckets in your cloud environment are set to read-only. This can help you determine areas where data cannot be modified, aiding in data management and security.

select
name,
id,
namespace,
storage_tier,
is_read_only
from
oci_objectstorage_bucket;
select
name,
id,
namespace,
storage_tier,
is_read_only
from
oci_objectstorage_bucket;

List public buckets

Explore which storage buckets in your Oracle Cloud Infrastructure have public access. This is useful for identifying potential security risks and ensuring data privacy.

select
id,
name,
namespace,
public_access_type
from
oci_objectstorage_bucket
where
public_access_type LIKE 'Object%';
select
id,
name,
namespace,
public_access_type
from
oci_objectstorage_bucket
where
public_access_type LIKE 'Object%';

List buckets with versioning disabled

Identify the storage buckets where versioning is disabled. This is useful for assessing potential risks, as these buckets don't have the ability to recover previous versions of the data.

select
id,
name,
namespace,
versioning
from
oci_objectstorage_bucket
where
versioning = 'Disabled';
select
id,
name,
namespace,
versioning
from
oci_objectstorage_bucket
where
versioning = 'Disabled';

List buckets with object events disabled

Determine the areas in which object events are disabled within your data storage. This is useful for identifying potential gaps in your event tracking and monitoring setup.

select
id,
name,
namespace,
object_events_enabled
from
oci_objectstorage_bucket
where
not object_events_enabled;
select
id,
name,
namespace,
object_events_enabled
from
oci_objectstorage_bucket
where
object_events_enabled = 0;

List buckets with replication disabled

Identify storage buckets where replication is not enabled. This can be useful for ensuring data redundancy and availability in your infrastructure.

select
id,
name,
namespace,
replication_enabled
from
oci_objectstorage_bucket
where
not replication_enabled;
select
id,
name,
namespace,
replication_enabled
from
oci_objectstorage_bucket
where
replication_enabled is not 1;

List buckets without lifecycle

Discover the segments that lack a lifecycle policy in the object storage buckets. This is useful for identifying and rectifying areas where data might be accumulating indefinitely, leading to unnecessary storage costs.

select
name,
id,
object_lifecycle_policy -> 'items' as object_lifecycle_policy_rules
from
oci_objectstorage_bucket
where
object_lifecycle_policy ->> 'items' is null
or jsonb_array_length(object_lifecycle_policy -> 'items') = 0;
select
name,
id,
json_extract(object_lifecycle_policy, '$.items') as object_lifecycle_policy_rules
from
oci_objectstorage_bucket
where
json_extract(object_lifecycle_policy, '$.items') is null
or json_array_length(json_extract(object_lifecycle_policy, '$.items')) = 0;

Schema for oci_objectstorage_bucket

NameTypeOperatorsDescription
_ctxjsonbSteampipe context in JSON form.
approximate_countbigintThe approximate number of objects in the bucket.
approximate_sizebigintThe approximate total size in bytes of all objects in the bucket.
compartment_idtext=The OCID of the compartment in Tenant in which the resource is located.
created_bytextThe OCID of the user who created the bucket.
defined_tagsjsonbDefined tags for resource. Defined tags are set up in your tenancy by an administrator. Only users granted permission to work with the defined tags can apply them to resources.
etagtextThe entity tag (ETag) for the bucket.
freeform_tagsjsonbFree-form tags for resource. This tags can be applied by any user with permissions on the resource.
idtextThe OCID of the bucket.
is_read_onlybooleanWhether or not this bucket is read only.
kms_key_idtextThe OCID of a master encryption key used to call the Key Management service to generate a data encryption key or to encrypt or decrypt a data encryption key.
metadatajsonbArbitrary string keys and values for user-defined metadata.
nametextThe name of the bucket.
namespacetext=The Object Storage namespace in which the bucket lives.
object_events_enabledbooleanWhether or not events are emitted for object state changes in this bucket.
object_lifecycle_policyjsonbSpecifies the object lifecycle policy for the bucket.
object_lifecycle_policy_etagtextThe entity tag (ETag) for the live object lifecycle policy on the bucket.
public_access_typetextThe type of public access enabled on this bucket.
regiontextThe OCI region in which the resource is located.
replication_enabledbooleanWhether or not this bucket is a replication source.
sp_connection_nametext=, !=, ~~, ~~*, !~~, !~~*Steampipe connection name.
sp_ctxjsonbSteampipe context in JSON form.
storage_tiertextThe storage tier type assigned to the bucket.
tagsjsonbA map of tags for the resource.
tenant_idtext=, !=, ~~, ~~*, !~~, !~~*The OCID of the Tenant in which the resource is located.
tenant_nametextThe name of the Tenant in which the resource is located.
time_createdtimestamp with time zoneThe date and time the bucket was created.
titletextTitle of the resource.
versioningtextThe versioning status on the bucket.

Export

This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.

You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:

/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- oci

You can pass the configuration to the command with the --config argument:

steampipe_export_oci --config '<your_config>' oci_objectstorage_bucket