Control: Network watcher flow logs should not exceed tag limit
Description
Check if the number of tags on Network watcher flow logs do not exceed the limit.
Usage
Run the control in your terminal:
powerpipe control run azure_tags.control.network_watcher_flow_log_tag_limit
Snapshot and share results via Turbot Pipes:
powerpipe loginpowerpipe control run azure_tags.control.network_watcher_flow_log_tag_limit --share
Steampipe Tables
Params
Args | Name | Default | Description | Variable |
---|---|---|---|---|
$1 | tag_limit |
|
SQL
with analysis as ( select id, title, cardinality(array(select jsonb_object_keys(tags))) as num_tag_keys, resource_group, subscription_id from azure_network_watcher_flow_log)select id as resource, case when num_tag_keys > $1::integer then 'alarm' else 'ok' end as status, title || ' has ' || num_tag_keys || ' tag(s).' as reason, resource_group, subscription_idfrom analysis;