turbot/alicloud_insights

Query: oss_bucket_https_enforce

Usage

powerpipe query alicloud_insights.query.oss_bucket_https_enforce

Steampipe Tables

SQL

with ssl_ok as (
select
distinct name
from
alicloud_oss_bucket,
jsonb_array_elements(policy -> 'Statement') as s,
jsonb_array_elements_text(s -> 'Principal') as p,
jsonb_array_elements_text(s -> 'Resource') as r,
jsonb_array_elements_text(
s -> 'Condition' -> 'Bool' -> 'acs:SecureTransport'
) as ssl
where
p = '*'
and s ->> 'Effect' = 'Deny'
and ssl :: bool = false
)
select
'HTTPS' as label,
case when s.name is not null then 'Enabled' else 'Disabled' end as value,
case when s.name is not null then 'ok' else 'alert' end as type
from
alicloud_oss_bucket as b
left join ssl_ok as s on s.name = b.name
where
arn = $1;

Dashboards

The query is used in the dashboards: