turbot/prismacloud
steampipe plugin install prismacloud

Table: prismacloud_account - Query Prisma Cloud accounts using SQL

The Prisma Cloud account table in Steampipe provides you with information about accounts within Prisma Cloud. This table allows you, as a security engineer or cloud administrator, to query account-specific details, including account type, status, cloud type, and more. You can utilize this table to gather insights on accounts, such as account status, last modification details, and more. The schema outlines the various attributes of the Prisma Cloud account for you, including the account ID, name, and associated groups.

Table Usage Guide

The prismacloud_account table in Steampipe provides information about accounts within Prisma Cloud. This table allows you to query details such as the account's cloud type, status, and more, enabling you to manage and monitor your cloud accounts effectively.

Examples

Basic Info

Retrieve basic information about Prisma Cloud accounts, such as account ID, name, cloud type, and status. This query helps you to understand the overall configuration and status of your accounts.

select
account_id,
name,
cloud_type,
status,
enabled
from
prismacloud_account;
select
account_id,
name,
cloud_type,
status,
enabled
from
prismacloud_account;

List of enabled accounts

Get a list of all enabled Prisma Cloud accounts. This is useful for identifying which accounts are currently active and enabled.

select
account_id,
name,
cloud_type,
status
from
prismacloud_account
where
enabled = true;
select
account_id,
name,
cloud_type,
status
from
prismacloud_account
where
enabled = 1;

Accounts modified by a specific user

Identify accounts that were last modified by a specific user. This helps in tracking changes made by administrators or other users.

select
account_id,
name,
last_modified_by,
last_modified_ts
from
prismacloud_account
where
last_modified_by = 'admin_user';
select
account_id,
name,
last_modified_by,
last_modified_ts
from
prismacloud_account
where
last_modified_by = 'admin_user';

List accounts with storage scan enabled

Retrieve accounts where storage scan is enabled. This is useful for ensuring that storage scanning is properly configured for security purposes.

select
account_id,
name,
storage_scan_enabled
from
prismacloud_account
where
storage_scan_enabled = true;
select
account_id,
name,
storage_scan_enabled
from
prismacloud_account
where
storage_scan_enabled = 1;

List accounts and their groups

Get a list of accounts along with their associated groups. This can help in understanding the organizational structure and group assignments within your cloud environment.

select
account_id,
name,
group_ids,
groups
from
prismacloud_account;
select
account_id,
name,
group_ids,
groups
from
prismacloud_account;

Schema for prismacloud_account

NameTypeOperatorsDescription
_ctxjsonbSteampipe context in JSON form.
account_detailsjsonbThe account details based on cloud type.
account_idtextThe unique identifier for the account.
account_typetextThe type of the account.
added_onbigintThe timestamp when the account was added.
cloud_typetextThe type of cloud (e.g., AWS, Azure, GCP).
emailtext=, !=, ~~, ~~*, !~~, !~~*Email address of the current session user.
enabledbooleanIndicates if the account is enabled.
group_idsjsonbThe IDs of the groups associated with the account.
groupsjsonbThe groups associated with the account.
ingestion_modebigintThe ingestion mode of the account.
last_modified_bytextThe user who last modified the account.
last_modified_tstimestamp with time zoneThe timestamp of the last modification.
nametextThe name of the account.
number_of_child_accountsbigintThe number of child accounts associated with the account.
protection_modetextThe protection mode of the account.
sp_connection_nametext=, !=, ~~, ~~*, !~~, !~~*Steampipe connection name.
sp_ctxjsonbSteampipe context in JSON form.
statustextThe status of the account.
storage_scan_enabledbooleanIndicates if the storage scan is enabled.
titletextTitle of the account.

Export

This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.

You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:

/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- prismacloud

You can pass the configuration to the command with the --config argument:

steampipe_export_prismacloud --config '<your_config>' prismacloud_account