turbot/prismacloud
steampipe plugin install prismacloud

Table: prismacloud_permission_group - Query Prisma Cloud permission groups using SQL

The Prisma Cloud permission group table in Steampipe provides you with information about permission groups within Prisma Cloud. This table allows you, as a security engineer or cloud administrator, to query permission group-specific details, including group name, type, associated roles, and more. You can utilize this table to gather insights on permission groups, such as their configurations, associated features, and more. The schema outlines the various attributes of the Prisma Cloud permission group for you, including the group ID, name, and associated roles.

Table Usage Guide

The prismacloud_permission_group table in Steampipe provides information about permission groups within Prisma Cloud. This table allows you to query details such as the permission group's name, type, associated roles, and more, enabling you to manage and monitor your permission groups effectively.

Examples

Basic Info

Retrieve basic information about Prisma Cloud permission groups, such as group ID, name, type, and description. This query helps you to understand the overall configuration and details of your permission groups.

select
id,
name,
type,
description,
custom
from
prismacloud_permission_group;
select
id,
name,
type,
description,
custom
from
prismacloud_permission_group;

List of custom permission groups

Get a list of all custom Prisma Cloud permission groups. This is useful for identifying which permission groups are custom-defined.

select
id,
name,
description
from
prismacloud_permission_group
where
custom = true;
select
id,
name,
description
from
prismacloud_permission_group
where
custom = 1;

Permission groups modified by a specific user

Identify permission groups that were last modified by a specific user. This helps in tracking changes made by administrators or other users.

select
id,
name,
last_modified_by,
last_modified_ts
from
prismacloud_permission_group
where
last_modified_by = 'admin_user';
select
id,
name,
last_modified_by,
last_modified_ts
from
prismacloud_permission_group
where
last_modified_by = 'admin_user';

Permission groups accepting resource lists

Retrieve permission groups where resource lists are accepted. This helps in understanding the configurations related to resource list acceptance in your permission groups.

select
id,
name,
accept_resource_lists
from
prismacloud_permission_group
where
accept_resource_lists = true;
select
id,
name,
accept_resource_lists
from
prismacloud_permission_group
where
accept_resource_lists = 1;

Get associated roles with the permission groups

Get a list of permission groups along with their associated roles. This can help in understanding the role assignments within your cloud environment.

select
id,
name,
associated_roles
from
prismacloud_permission_group;
select
id,
name,
associated_roles
from
prismacloud_permission_group;

Schema for prismacloud_permission_group

NameTypeOperatorsDescription
_ctxjsonbSteampipe context in JSON form.
accept_account_groupsbooleanIndicates if the permission group accepts account groups.
accept_code_repositoriesbooleanIndicates if the permission group accepts code repositories.
accept_resource_listsbooleanIndicates if the permission group accepts resource lists.
associated_rolesjsonbThe roles associated with the permission group.
custombooleanIndicates if the permission group is custom.
deletedbooleanIndicates if the permission group has been deleted.
descriptiontextThe description of the permission group.
emailtext=, !=, ~~, ~~*, !~~, !~~*Email address of the current session user.
featuresjsonbThe features associated with the permission group.
idtext=The unique identifier for the permission group.
last_modified_bytextThe user who last modified the permission group.
last_modified_tstimestamp with time zoneThe timestamp of the last modification.
nametextThe name of the permission group.
sp_connection_nametext=, !=, ~~, ~~*, !~~, !~~*Steampipe connection name.
sp_ctxjsonbSteampipe context in JSON form.
titletextTitle of the permission group.
typetextThe type of the permission group.

Export

This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.

You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:

/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- prismacloud

You can pass the configuration to the command with the --config argument:

steampipe_export_prismacloud --config '<your_config>' prismacloud_permission_group