ibm_account_countibm_account_tableibm_classic_infrastructure_vpc_countibm_compute_instance_1_year_countibm_compute_instance_24_hours_countibm_compute_instance_30_90_days_countibm_compute_instance_30_days_countibm_compute_instance_90_365_days_countibm_compute_instance_age_tableibm_compute_instance_architectureibm_compute_instance_bandwidthibm_compute_instance_boot_volumeibm_compute_instance_by_accountibm_compute_instance_by_architectureibm_compute_instance_by_creation_monthibm_compute_instance_by_floating_ipibm_compute_instance_by_regionibm_compute_instance_by_resource_groupibm_compute_instance_by_statusibm_compute_instance_by_zoneibm_compute_instance_countibm_compute_instance_data_volumeibm_compute_instance_disk_1_year_countibm_compute_instance_disk_24_hours_countibm_compute_instance_disk_30_90_days_countibm_compute_instance_disk_30_days_countibm_compute_instance_disk_90_365_days_countibm_compute_instance_disk_age_tableibm_compute_instance_disk_attached_instancesibm_compute_instance_disk_by_accountibm_compute_instance_disk_by_creation_monthibm_compute_instance_disk_by_instance_stateibm_compute_instance_disk_by_interface_typeibm_compute_instance_disk_by_regionibm_compute_instance_disk_countibm_compute_instance_disk_inputibm_compute_instance_disk_overviewibm_compute_instance_disk_storageibm_compute_instance_disk_storage_by_accountibm_compute_instance_disk_storage_by_creation_monthibm_compute_instance_disk_storage_by_interface_typeibm_compute_instance_disk_storage_by_regionibm_compute_instance_disk_total_storageibm_compute_instance_disksibm_compute_instance_imageibm_compute_instance_inputibm_compute_instance_memoryibm_compute_instance_network_interfacesibm_compute_instance_overviewibm_compute_instance_statusibm_compute_instance_tagsibm_compute_instance_total_vcpuibm_compute_instance_total_vcpu_countibm_compute_instance_vpcibm_compute_instance_zoneibm_compute_public_instanceibm_compute_public_instance_countibm_compute_unused_instance_diskibm_compute_unused_instance_disk_countibm_inbound_nacl_for_vpc_sankeyibm_is_security_group_1_year_countibm_is_security_group_24_hours_countibm_is_security_group_30_90_days_countibm_is_security_group_30_days_countibm_is_security_group_90_365_days_countibm_is_security_group_age_tableibm_is_security_group_associationibm_is_security_group_attached_enis_countibm_is_security_group_by_acountibm_is_security_group_by_creation_monthibm_is_security_group_by_regionibm_is_security_group_by_resource_groupibm_is_security_group_by_vpcibm_is_security_group_countibm_is_security_group_inbound_rule_sankeyibm_is_security_group_inbound_rulesibm_is_security_group_inbound_rules_countibm_is_security_group_inputibm_is_security_group_outbound_rule_sankeyibm_is_security_group_outbound_rulesibm_is_security_group_outbound_rules_countibm_is_security_group_overviewibm_is_security_group_tagsibm_is_security_group_unassociated_countibm_is_security_group_unassociated_statusibm_is_security_group_unrestricted_inboundibm_is_security_group_unrestricted_inbound_countibm_is_security_group_unrestricted_inbound_statusibm_is_security_group_unrestricted_outboundibm_is_security_group_unrestricted_outbound_countibm_is_security_group_unrestricted_outbound_statusibm_is_volume_1_year_countibm_is_volume_24_hours_countibm_is_volume_30_90_days_countibm_is_volume_30_days_countibm_is_volume_90_365_days_countibm_is_volume_age_tableibm_is_volume_attached_instancesibm_is_volume_attached_instances_countibm_is_volume_attachment_statusibm_is_volume_by_accountibm_is_volume_by_creation_monthibm_is_volume_by_encryption_typeibm_is_volume_by_profileibm_is_volume_by_regionibm_is_volume_by_zoneibm_is_volume_countibm_is_volume_encryptionibm_is_volume_encryption_reportibm_is_volume_encryption_statusibm_is_volume_inputibm_is_volume_iopsibm_is_volume_overviewibm_is_volume_provider_managed_encryption_countibm_is_volume_stateibm_is_volume_storageibm_is_volume_storage_by_accountibm_is_volume_storage_by_creation_monthibm_is_volume_storage_by_profileibm_is_volume_storage_by_regionibm_is_volume_storage_by_zoneibm_is_volume_storage_totalibm_is_volume_tagsibm_is_volume_unattached_countibm_is_volume_user_managed_encryption_countibm_is_vpc_1_year_countibm_is_vpc_24_hours_countibm_is_vpc_30_90_days_countibm_is_vpc_30_days_countibm_is_vpc_90_365_days_countibm_is_vpc_address_prefixesibm_is_vpc_age_tableibm_is_vpc_by_accountibm_is_vpc_by_creation_monthibm_is_vpc_by_regionibm_is_vpc_by_resource_groupibm_is_vpc_by_rfc1918_rangeibm_is_vpc_by_sizeibm_is_vpc_countibm_is_vpc_cse_source_ip_addressesibm_is_vpc_empty_statusibm_is_vpc_inputibm_is_vpc_network_aclibm_is_vpc_no_subnet_countibm_is_vpc_num_ips_for_vpcibm_is_vpc_overviewibm_is_vpc_security_groupsibm_is_vpc_subnet_by_zoneibm_is_vpc_subnets_for_vpcibm_is_vpc_tagsibm_kms_key_1_year_countibm_kms_key_24_hours_countibm_kms_key_30_90_days_countibm_kms_key_30_days_countibm_kms_key_90_365_days_countibm_kms_key_ageibm_kms_key_age_tableibm_kms_key_aliasesibm_kms_key_by_accountibm_kms_key_by_algorithmibm_kms_key_by_creation_monthibm_kms_key_by_regionibm_kms_key_by_stateibm_kms_key_countibm_kms_key_disabled_countibm_kms_key_dual_auth_disabled_countibm_kms_key_dual_auth_statusibm_kms_key_dual_authenticationibm_kms_key_inputibm_kms_key_overviewibm_kms_key_ringibm_kms_key_stateibm_kms_key_state_detailsibm_kms_key_typeibm_kms_root_key_countibm_kms_root_key_rotation_disabled_countibm_kms_root_key_rotation_enabledibm_kms_root_key_rotation_statusibm_kms_standard_key_countibm_outbound_nacl_for_vpc_sankeyibm_subnet_count_for_vpc
Query: ibm_is_security_group_inbound_rule_sankey
Usage
powerpipe query ibm_insights.query.ibm_is_security_group_inbound_rule_sankey
Steampipe Tables
SQL
with associations as ( select name, t ->> 'name' as resource_name, t ->> 'id' as resource_id, id as group_id, t ->> 'resource_type' as category from ibm_is_security_group, jsonb_array_elements(targets) as t where crn = $1 ), rules as ( select concat((r -> 'remote' ->> 'cidr_block'), (r -> 'remote' ->> 'name'), (r -> 'remote' ->> 'address')) as source, id as group_id, name as group_name, case when r ->>'protocol' = 'all' then 'All Traffic' when r ->>'protocol' = 'icmp' then 'All ICMP' when r ->>'protocol' = 'udp' and r ->> 'port_min' = '1' and r ->> 'port_max' = '65535' then 'All UDP' when r ->>'protocol' = 'tcp' and r ->>'port_min' = '1' and r ->>'port_max' = '65535' then 'All TCP' when r ->> 'port_min' is not null and r ->> 'port_max' is not null and r ->> 'port_min' = r ->>'port_max' then concat((r ->>'port_min'), '/', (r ->>'protocol')) else concat( (r ->>'port_min'), '-', (r ->>'port_max' ), '/', (r ->>'protocol') ) end as port_proto, case when (r -> 'remote' ->> 'cidr_block' = '0.0.0.0/0') and r ->>'protocol' <> 'icmp' and ((r ->>'port_min') = '1' and (r ->>'port_max') = '65535') then 'alert' else 'ok' end as category from ibm_is_security_group, jsonb_array_elements(rules) as r where crn = $1 and r ->> 'direction' = 'inbound' )
-- Nodes ---------
select distinct concat('src_',source) as id, source as title, 0 as depth, 'source' as category, null as from_id, null as to_id from rules
union select distinct port_proto as id, port_proto as title, 1 as depth, 'port_proto' as category, null as from_id, null as to_id from rules
union select distinct group_id as id, group_name as title, 2 as depth, 'security_group' as category, null as from_id, null as to_id from rules
union select distinct resource_id as id, resource_name || '(' || category || ')' as title, 3 as depth, category, group_id as from_id, null as to_id from associations
-- Edges --------- union select null as id, null as title, null as depth, category, concat('src_',source) as from_id, port_proto as to_id from rules
union select null as id, null as title, null as depth, category, port_proto as from_id, group_id as to_id from rules
Params
Args | Name | Default | Description | Variable |
---|---|---|---|---|
$1 | crn |
Dashboards
The query is used in the dashboards: