turbot/docker_compliance

Query: exec_docker_iptables_not_set

Usage

powerpipe query docker_compliance.query.exec_docker_iptables_not_set

Steampipe Tables

SQL

with hostname as (
select
btrim(stdout_output, E' \n\r\t') as host,
_ctx ->> 'connection_name' as host_conn,
_ctx
from
exec_command
where
command = 'hostname'
),
command_output as (
select
stdout_output,
_ctx ->> 'connection_name' as conn
from
exec_command
where
command = 'ps -ef | grep dockerd'
)
select
host as resource,
case
when o.stdout_output like '%--iptables=false%' then 'ok'
when o.stdout_output not like '%--iptables%' then 'ok'
else 'alarm'
end as status,
case
when o.stdout_output like '%--iptables=false%' then host || ' iptables is set to false.'
when o.stdout_output not like '%--iptables%' then host || ' iptables not set.'
else host || ' iptables are set to true.'
end as reason
, h._ctx ->> 'connection_name' as connection_name
from
hostname as h,
command_output as o
where
o.conn = h.host_conn;

Controls

The query is being used by the following controls: