turbot/prismacloud
steampipe plugin install prismacloud

Table: prismacloud_iam_user - Query Prisma Cloud users using SQL

The Prisma Cloud user table in Steampipe provides you with information about users within Prisma Cloud. This table allows you, as a security engineer or cloud administrator, to query user-specific details, including username, roles, access keys, and more. You can utilize this table to gather insights on users, such as their access key status, roles, and more. The schema outlines the various attributes of the Prisma Cloud user for you, including the user's ID, name, and email address.

Table Usage Guide

The prismacloud_iam_user table in Steampipe provides information about users within Prisma Cloud. This table allows you to query details such as the user's username, roles, access keys, and more, enabling you to manage and monitor your users effectively.

Examples

Basic Info

Retrieve basic information about Prisma Cloud users, such as username, email, and roles. This query helps you to understand the overall configuration and details of your users.

select
username,
email,
roles
from
prismacloud_iam_user;
select
username,
email,
roles
from
prismacloud_iam_user;

List of enabled users

Get a list of all enabled Prisma Cloud users. This is useful for identifying which user accounts are currently active.

select
username,
email,
enabled
from
prismacloud_iam_user
where
enabled = true;
select
username,
email,
enabled
from
prismacloud_iam_user
where
enabled = 1;

Users with access keys allowed

Identify users that are allowed to have access keys. This helps in tracking access key usage and permissions.

select
username,
email,
access_keys_allowed
from
prismacloud_iam_user
where
access_keys_allowed = true;
select
username,
email,
access_keys_allowed
from
prismacloud_iam_user
where
access_keys_allowed = 1;

Users with expiring access keys

Retrieve users whose access keys are expiring soon. This helps in managing and rotating access keys proactively.

select
username,
email,
access_key_name,
access_key_expiration
from
prismacloud_iam_user
where
access_key_expiration < extract(
epoch
from
now()
) + 2592000;
select
username,
email,
access_key_name,
access_key_expiration
from
prismacloud_iam_user
where
access_key_expiration < strftime('%s', 'now') + 2592000;

Users and their roles

Get a list of users along with their assigned roles. This can help in understanding the role assignments within your cloud environment.

select
username,
email,
role_ids
from
prismacloud_iam_user;
select
username,
email,
role_ids
from
prismacloud_iam_user;

Schema for prismacloud_iam_user

NameTypeOperatorsDescription
_ctxjsonbSteampipe context in JSON form.
access_key_expirationtimestamp with time zoneExpiration time of the access key.
access_key_nametextName of the access key.
access_keys_allowedbooleanWhether access keys are allowed for the user.
access_keys_countbigintCount of access keys associated with the user.
account_typetextType of the account.
default_role_idtextDefault role ID assigned to the user.
display_nametextDisplay name of the user.
emailtext=, !=, ~~, ~~*, !~~, !~~*Email address of the user.
enable_key_expirationbooleanWhether key expiration is enabled.
enabledbooleanWhether the profile is enabled.
first_nametextFirst name of the user.
last_login_tstimestamp with time zoneTimestamp of the last login.
last_modified_bytextIdentifier of the user who last modified the profile.
last_modified_tstimestamp with time zoneTimestamp of the last modification.
last_nametextLast name of the user.
role_idsjsonbList of role IDs assigned to the user.
rolesjsonbRoles assigned to the user.
sp_connection_nametext=, !=, ~~, ~~*, !~~, !~~*Steampipe connection name.
sp_ctxjsonbSteampipe context in JSON form.
time_zonetextTime zone of the user.
titletextTitle of the profile.
usernametextUsername associated with the profile.

Export

This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.

You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:

/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- prismacloud

You can pass the configuration to the command with the --config argument:

steampipe_export_prismacloud --config '<your_config>' prismacloud_iam_user