ibm_account_countibm_account_tableibm_classic_infrastructure_vpc_countibm_compute_instance_1_year_countibm_compute_instance_24_hours_countibm_compute_instance_30_90_days_countibm_compute_instance_30_days_countibm_compute_instance_90_365_days_countibm_compute_instance_age_tableibm_compute_instance_architectureibm_compute_instance_bandwidthibm_compute_instance_boot_volumeibm_compute_instance_by_accountibm_compute_instance_by_architectureibm_compute_instance_by_creation_monthibm_compute_instance_by_floating_ipibm_compute_instance_by_regionibm_compute_instance_by_resource_groupibm_compute_instance_by_statusibm_compute_instance_by_zoneibm_compute_instance_countibm_compute_instance_data_volumeibm_compute_instance_disk_1_year_countibm_compute_instance_disk_24_hours_countibm_compute_instance_disk_30_90_days_countibm_compute_instance_disk_30_days_countibm_compute_instance_disk_90_365_days_countibm_compute_instance_disk_age_tableibm_compute_instance_disk_attached_instancesibm_compute_instance_disk_by_accountibm_compute_instance_disk_by_creation_monthibm_compute_instance_disk_by_instance_stateibm_compute_instance_disk_by_interface_typeibm_compute_instance_disk_by_regionibm_compute_instance_disk_countibm_compute_instance_disk_inputibm_compute_instance_disk_overviewibm_compute_instance_disk_storageibm_compute_instance_disk_storage_by_accountibm_compute_instance_disk_storage_by_creation_monthibm_compute_instance_disk_storage_by_interface_typeibm_compute_instance_disk_storage_by_regionibm_compute_instance_disk_total_storageibm_compute_instance_disksibm_compute_instance_imageibm_compute_instance_inputibm_compute_instance_memoryibm_compute_instance_network_interfacesibm_compute_instance_overviewibm_compute_instance_statusibm_compute_instance_tagsibm_compute_instance_total_vcpuibm_compute_instance_total_vcpu_countibm_compute_instance_vpcibm_compute_instance_zoneibm_compute_public_instanceibm_compute_public_instance_countibm_compute_unused_instance_diskibm_compute_unused_instance_disk_countibm_inbound_nacl_for_vpc_sankeyibm_is_security_group_1_year_countibm_is_security_group_24_hours_countibm_is_security_group_30_90_days_countibm_is_security_group_30_days_countibm_is_security_group_90_365_days_countibm_is_security_group_age_tableibm_is_security_group_associationibm_is_security_group_attached_enis_countibm_is_security_group_by_acountibm_is_security_group_by_creation_monthibm_is_security_group_by_regionibm_is_security_group_by_resource_groupibm_is_security_group_by_vpcibm_is_security_group_countibm_is_security_group_inbound_rule_sankeyibm_is_security_group_inbound_rulesibm_is_security_group_inbound_rules_countibm_is_security_group_inputibm_is_security_group_outbound_rule_sankeyibm_is_security_group_outbound_rulesibm_is_security_group_outbound_rules_countibm_is_security_group_overviewibm_is_security_group_tagsibm_is_security_group_unassociated_countibm_is_security_group_unassociated_statusibm_is_security_group_unrestricted_inboundibm_is_security_group_unrestricted_inbound_countibm_is_security_group_unrestricted_inbound_statusibm_is_security_group_unrestricted_outboundibm_is_security_group_unrestricted_outbound_countibm_is_security_group_unrestricted_outbound_statusibm_is_volume_1_year_countibm_is_volume_24_hours_countibm_is_volume_30_90_days_countibm_is_volume_30_days_countibm_is_volume_90_365_days_countibm_is_volume_age_tableibm_is_volume_attached_instancesibm_is_volume_attached_instances_countibm_is_volume_attachment_statusibm_is_volume_by_accountibm_is_volume_by_creation_monthibm_is_volume_by_encryption_typeibm_is_volume_by_profileibm_is_volume_by_regionibm_is_volume_by_zoneibm_is_volume_countibm_is_volume_encryptionibm_is_volume_encryption_reportibm_is_volume_encryption_statusibm_is_volume_inputibm_is_volume_iopsibm_is_volume_overviewibm_is_volume_provider_managed_encryption_countibm_is_volume_stateibm_is_volume_storageibm_is_volume_storage_by_accountibm_is_volume_storage_by_creation_monthibm_is_volume_storage_by_profileibm_is_volume_storage_by_regionibm_is_volume_storage_by_zoneibm_is_volume_storage_totalibm_is_volume_tagsibm_is_volume_unattached_countibm_is_volume_user_managed_encryption_countibm_is_vpc_1_year_countibm_is_vpc_24_hours_countibm_is_vpc_30_90_days_countibm_is_vpc_30_days_countibm_is_vpc_90_365_days_countibm_is_vpc_address_prefixesibm_is_vpc_age_tableibm_is_vpc_by_accountibm_is_vpc_by_creation_monthibm_is_vpc_by_regionibm_is_vpc_by_resource_groupibm_is_vpc_by_rfc1918_rangeibm_is_vpc_by_sizeibm_is_vpc_countibm_is_vpc_cse_source_ip_addressesibm_is_vpc_empty_statusibm_is_vpc_inputibm_is_vpc_network_aclibm_is_vpc_no_subnet_countibm_is_vpc_num_ips_for_vpcibm_is_vpc_overviewibm_is_vpc_security_groupsibm_is_vpc_subnet_by_zoneibm_is_vpc_subnets_for_vpcibm_is_vpc_tagsibm_kms_key_1_year_countibm_kms_key_24_hours_countibm_kms_key_30_90_days_countibm_kms_key_30_days_countibm_kms_key_90_365_days_countibm_kms_key_ageibm_kms_key_age_tableibm_kms_key_aliasesibm_kms_key_by_accountibm_kms_key_by_algorithmibm_kms_key_by_creation_monthibm_kms_key_by_regionibm_kms_key_by_stateibm_kms_key_countibm_kms_key_disabled_countibm_kms_key_dual_auth_disabled_countibm_kms_key_dual_auth_statusibm_kms_key_dual_authenticationibm_kms_key_inputibm_kms_key_overviewibm_kms_key_ringibm_kms_key_stateibm_kms_key_state_detailsibm_kms_key_typeibm_kms_root_key_countibm_kms_root_key_rotation_disabled_countibm_kms_root_key_rotation_enabledibm_kms_root_key_rotation_statusibm_kms_standard_key_countibm_outbound_nacl_for_vpc_sankeyibm_subnet_count_for_vpc
Query: ibm_inbound_nacl_for_vpc_sankey
Usage
powerpipe query ibm_insights.query.ibm_inbound_nacl_for_vpc_sankey
Steampipe Tables
SQL
with aces as ( select crn, title, id as network_acl_id, e ->> 'protocol' as protocol, e ->> 'source' as cidr_block, e ->> 'action' as rule_action, e -> 'name' as rule_name,
case when e ->> 'action' = 'allow' then 'Allow ' else 'Deny ' end || case when e ->>'protocol' = 'all' then 'All Traffic' when e ->>'protocol' = 'icmp' then 'All ICMP' when e ->>'protocol' = 'udp' and e ->> 'source_port_min' = '1' and e ->> 'source_port_max' = '65535' then 'All UDP' when e ->>'protocol' = 'tcp' and e ->>'source_port_min' = '1' and e ->>'source_port_max' = '65535' then 'All TCP' when e ->>'protocol' = 'tcp' and e ->> 'source_port_min' = e ->> 'source_port_max' then concat(e ->> 'source_port_min', '/TCP') when e->>'protocol' = 'udp' and e ->> 'source_port_min' = e ->> 'source_port_max' then concat(e->> 'source_port_min', '/UDP') when e->>'protocol' = 'tcp' and e ->> 'source_port_min' <> e->> 'source_port_max' then concat(e ->> 'source_port_min', '-', e ->> 'source_port_max', '/TCP') when e->>'protocol' = 'udp' and e ->> 'source_port_min' <> e->> 'source_port_max' then concat(e ->> 'source_port_min', '-', e ->> 'source_port_max', '/udp') else concat('Procotol: ', e->>'protocol') end as rule_description, a ->> 'id' as subnet_id from ibm_is_network_acl, jsonb_array_elements(rules) as e, jsonb_array_elements(subnets) as a where vpc ->> 'crn' = $1 and e ->> 'direction' = 'inbound'
)-- CIDR Nodesselect distinct cidr_block as id, cidr_block as title, 'cidr_block' as category, null as from_id, null as to_idfrom aces
-- Rule Nodesunion select concat(network_acl_id, '_', rule_name) as id, rule_description as title, 'rule' as category, null as from_id, null as to_idfrom aces
-- ACL Nodesunion select distinct s.network_acl_id as id, acl.name as title, 'nacl' as category, null as from_id, null as to_idfrom aces as s left join ibm_is_network_acl as acl on s.network_acl_id = acl.id
-- Subnet nodeunion select distinct a.subnet_id as id, s.name as title, 'subnet' as category, null as from_id, null as to_idfrom aces as a left join ibm_is_subnet as s on s.id = a.subnet_id
-- ip -> rule edgeunion select null as id, null as title, rule_action as category, cidr_block as from_id, concat(network_acl_id, '_', rule_name) as to_idfrom aces
-- rule -> NACL edgeunion select null as id, null as title, rule_action as category, concat(network_acl_id, '_', rule_name) as from_id, network_acl_id as to_idfrom aces
-- nacl -> subnet edgeunion select null as id, null as title, 'attached' as category, network_acl_id as from_id, subnet_id as to_idfrom aces;
Params
Args | Name | Default | Description | Variable |
---|---|---|---|---|
$1 | crn |
Dashboards
The query is used in the dashboards: