Table: turbot_policy_value
A policy value is the effective policy setting on an instance of a resource type. Every resource that is targeted by a given policy setting will have its own value for that policy, which will be the resultant calculated policy for the "winning" policy in the hierarchy.
Policy settings are inherited through the resource hierarchy, and values for a resource are calculated according to policy settings at or above it in the resource hierarchy. For example, a policy setting at the Turbot level will be inherited by all resources below.
It is recommended that queries to this table should include (usually in the where clause) at least one
of these columns: state, policy_type_id, resource_type_id, resource_type_uri or filter.
Examples
List policy values by policy type ID
select id, state, is_default, is_calculated, policy_type_id, type_mod_urifrom turbot_policy_valuewhere policy_type_id = 221505068398189;List policy values by resource ID
select id, state, is_default, is_calculated, resource_id, type_mod_urifrom turbot_policy_valuewhere resource_id = 161587219904115;List non-default calculated policy values
select id, state, is_default, is_calculated, resource_type_id, type_mod_urifrom turbot_policy_valuewhere is_calculated and not is_default;Filter policy values using Turbot filter syntax
select id, state, is_default, is_calculated, policy_type_id, resource_id, resource_type_idfrom turbot_policy_valuewhere filter = 'state:ok';Schema for turbot_policy_value
| Name | Type | Operators | Description |
|---|---|---|---|
| _ctx | jsonb | Steampipe context in JSON form, e.g. connection_name. | |
| create_timestamp | timestamp with time zone | When the policy value was first set by Turbot. (It may have been created earlier.) | |
| dependent_controls | jsonb | The controls that depends on this policy value. | |
| dependent_policy_values | jsonb | The policy values that depends on this policy value. | |
| filter | text | = | Filter used for this policy value list. |
| id | bigint | Unique identifier of the policy value. | |
| is_calculated | boolean | If true this value is derived from calculated setting inputs e.g. templateInput and template. | |
| is_default | boolean | If true this value is derived from the default value of the type. | |
| policy_type_default_template | text | Default template used to calculate template-based policy values. Should be a Jinja based YAML string. | |
| policy_type_id | bigint | = | ID of the policy type for this policy value. |
| policy_type_title | text | Title of the policy type. | |
| policy_type_trunk_title | text | Title with full path of the policy type. | |
| precedence | text | Precedence of the setting: REQUIRED or RECOMMENDED. | |
| resource_id | bigint | = | ID of the resource for the policy value. |
| resource_trunk_title | text | Full title (including ancestor trunk) of the resource. | |
| resource_type_id | bigint | = | ID of the resource type for this policy setting. |
| secret_value | text | Secrect value of the policy value. | |
| setting_id | bigint | Policy setting Id for the policy value. | |
| state | text | = | State of the policy value. |
| timestamp | timestamp with time zone | Timestamp when the policy value was last modified (created, updated or deleted). | |
| type_mod_uri | text | URI of the mod that contains the policy value. | |
| update_timestamp | timestamp with time zone | When the policy value was last updated in Turbot. | |
| value | text | Value of the policy value. | |
| version_id | bigint | Unique identifier for this version of the policy value. | |
| workspace | text | Specifies the workspace URL. |