turbot/azure_insights

Query: network_security_group_ingress_rules

Usage

powerpipe query azure_insights.query.network_security_group_ingress_rules

SQL

select
sg -> 'properties' ->> 'access' as "Access",
sg -> 'properties' ->> 'protocol' as "Protocol",
case when dports is not null then dports else (sg -> 'properties' ->> 'destinationPortRange') end as "Destination Port Range",
case when sip is not null then sip else (sg -> 'properties' ->> 'sourceAddressPrefix') end as "Source Address Prefixes"
from
azure_network_security_group nsg,
jsonb_array_elements(security_rules || default_security_rules) sg
left join jsonb_array_elements_text(sg -> 'properties' -> 'destinationPortRanges') as dports on true
left join jsonb_array_elements_text(sg -> 'properties' -> 'sourceAddressPrefixes') as sip on true
where
sg -> 'properties' ->> 'direction' = 'Inbound'
and lower(nsg.id) = $1
and nsg.subscription_id = split_part($1, '/', 3);

Dashboards

The query is used in the dashboards: