turbot/snowflake_compliance

Query: iam_user_default_role_must_not_be_accountadmin

Usage

powerpipe query snowflake_compliance.query.iam_user_default_role_must_not_be_accountadmin

Steampipe Tables

SQL

select
name as resource,
case when default_role = 'ACCOUNTADMIN' then
'alarm'
else
'ok'
end as status,
name || ' default_role is ' || default_role || '.' as reason,
account
from
snowflake_user;

Controls

The query is being used by the following controls: