turbot/docker_compliance

Query: docker_container_host_system_directories_mounted

Usage

powerpipe query docker_compliance.query.docker_container_host_system_directories_mounted

Steampipe Tables

SQL

select
distinct c.id as resource,
case
when m.id is null then 'ok'
else 'alarm'
end as status,
case
when m.id is null then (names ->> 0) || ' host system directories are not mounted.'
else (names ->> 0) || ' host system directories are mounted.'
end as reason
, _ctx ->> 'connection_name' as connection_name
from
docker_container as c
left join (
select distinct id
from docker_container,
jsonb_array_elements(mounts) as m
where m ->> 'Destination' in ('/', '/var', '/boot', '/dev', '/etc', '/lib', '/proc', '/sys', '/usr')
and m ->> 'RW' = 'true'
) as m on c.id = m.id;

Controls

The query is being used by the following controls: