Table: prismacloud_permission_group - Query Prisma Cloud permission groups using SQL
The Prisma Cloud permission group table in Steampipe provides you with information about permission groups within Prisma Cloud. This table allows you, as a security engineer or cloud administrator, to query permission group-specific details, including group name, type, associated roles, and more. You can utilize this table to gather insights on permission groups, such as their configurations, associated features, and more. The schema outlines the various attributes of the Prisma Cloud permission group for you, including the group ID, name, and associated roles.
Table Usage Guide
The prismacloud_permission_group
table in Steampipe provides information about permission groups within Prisma Cloud. This table allows you to query details such as the permission group's name, type, associated roles, and more, enabling you to manage and monitor your permission groups effectively.
Examples
Basic Info
Retrieve basic information about Prisma Cloud permission groups, such as group ID, name, type, and description. This query helps you to understand the overall configuration and details of your permission groups.
select id, name, type, description, customfrom prismacloud_permission_group;
select id, name, type, description, customfrom prismacloud_permission_group;
List of custom permission groups
Get a list of all custom Prisma Cloud permission groups. This is useful for identifying which permission groups are custom-defined.
select id, name, descriptionfrom prismacloud_permission_groupwhere custom = true;
select id, name, descriptionfrom prismacloud_permission_groupwhere custom = 1;
Permission groups modified by a specific user
Identify permission groups that were last modified by a specific user. This helps in tracking changes made by administrators or other users.
select id, name, last_modified_by, last_modified_tsfrom prismacloud_permission_groupwhere last_modified_by = 'admin_user';
select id, name, last_modified_by, last_modified_tsfrom prismacloud_permission_groupwhere last_modified_by = 'admin_user';
Permission groups accepting resource lists
Retrieve permission groups where resource lists are accepted. This helps in understanding the configurations related to resource list acceptance in your permission groups.
select id, name, accept_resource_listsfrom prismacloud_permission_groupwhere accept_resource_lists = true;
select id, name, accept_resource_listsfrom prismacloud_permission_groupwhere accept_resource_lists = 1;
Get associated roles with the permission groups
Get a list of permission groups along with their associated roles. This can help in understanding the role assignments within your cloud environment.
select id, name, associated_rolesfrom prismacloud_permission_group;
select id, name, associated_rolesfrom prismacloud_permission_group;
Schema for prismacloud_permission_group
Name | Type | Operators | Description |
---|---|---|---|
_ctx | jsonb | Steampipe context in JSON form. | |
accept_account_groups | boolean | Indicates if the permission group accepts account groups. | |
accept_code_repositories | boolean | Indicates if the permission group accepts code repositories. | |
accept_resource_lists | boolean | Indicates if the permission group accepts resource lists. | |
associated_roles | jsonb | The roles associated with the permission group. | |
custom | boolean | Indicates if the permission group is custom. | |
deleted | boolean | Indicates if the permission group has been deleted. | |
description | text | The description of the permission group. | |
text | =, !=, ~~, ~~*, !~~, !~~* | Email address of the current session user. | |
features | jsonb | The features associated with the permission group. | |
id | text | = | The unique identifier for the permission group. |
last_modified_by | text | The user who last modified the permission group. | |
last_modified_ts | timestamp with time zone | The timestamp of the last modification. | |
name | text | The name of the permission group. | |
sp_connection_name | text | =, !=, ~~, ~~*, !~~, !~~* | Steampipe connection name. |
sp_ctx | jsonb | Steampipe context in JSON form. | |
title | text | Title of the permission group. | |
type | text | The type of the permission group. |
Export
This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.
You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh
script:
/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- prismacloud
You can pass the configuration to the command with the --config
argument:
steampipe_export_prismacloud --config '<your_config>' prismacloud_permission_group