Table: vanta_group - Query Vanta Groups using SQL
Vanta is a security monitoring platform that simplifies the complex process of security compliance. It provides comprehensive visibility into an organization's security posture, helping to identify and mitigate potential vulnerabilities. Vanta's Groups feature allows for the management of user permissions, providing a structured way to assign and control access rights.
Table Usage Guide
The vanta_group
table provides insights into Groups within Vanta's security monitoring platform. As a Security or Compliance Officer, explore group-specific details through this table, including group names, user assignments, and associated permissions. Utilize it to uncover information about groups, such as those with high-level permissions, the distribution of user assignments among groups, and the verification of access rights.
Important Notes
- To query the table you must set
session_id
argument in the config file (~/.steampipe/config/vanta.spc
).
Examples
Basic info
Explore which Vanta groups are available by identifying their names and IDs, and assess the elements within each group's checklist. This can be useful to understand the composition and configuration of these groups for better management and organization.
select name, id, checklistfrom vanta_group;
select name, id, checklistfrom vanta_group;
User details associated with each group
Discover the segments that detail the relationship between user information and their respective groups. This can be beneficial in managing user permissions and understanding the distribution of roles within your organization.
select g.name, u.display_name, u.email, u.permission_levelfrom vanta_group as g join vanta_user as u on g.id = u.role ->> 'id';
select g.name, u.display_name, u.email, u.permission_levelfrom vanta_group as g join vanta_user as u on g.id = json_extract(u.role, '$.id');
List all users in each group having administrator access
Determine the areas in which users have been granted administrative access within different groups. This can help in understanding the distribution of administrative privileges across your organization, aiding in access control and security management.
select g.name, u.display_name, u.emailfrom vanta_group as g join vanta_user as u on g.id = u.role ->> 'id' and u.permission_level = 'Admin';
select g.name, u.display_name, u.emailfrom vanta_group as g join vanta_user as u on g.id = json_extract(u.role, '$.id') and u.permission_level = 'Admin';
Get the count of users in each group
Explore which user groups have the most members to better manage resources and permissions. This can help in identifying areas for optimization and ensuring balanced distribution of users across different groups.
select g.name, count(u.display_name)from vanta_group as g join vanta_user as u on g.id = u.role ->> 'id'group by g.name;
select g.name, count(u.display_name)from vanta_group as g join vanta_user as u on g.id = json_extract(u.role, '$.id')group by g.name;
Schema for vanta_group
Name | Type | Operators | Description |
---|---|---|---|
_ctx | jsonb | Steampipe context in JSON form. | |
checklist | jsonb | Describes the security requirements for the group. | |
embedded_idp_group | jsonb | A list of embedded IDP group. | |
id | text | A unique identifier of the group. | |
name | text | The name of the group. | |
organization_name | text | The name of the organization. | |
sp_connection_name | text | =, !=, ~~, ~~*, !~~, !~~* | Steampipe connection name. |
sp_ctx | jsonb | Steampipe context in JSON form. |
Export
This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.
You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh
script:
/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- vanta
You can pass the configuration to the command with the --config
argument:
steampipe_export_vanta --config '<your_config>' vanta_group