🚀Launch Week 07, January 27th - 31st, 2025🚀
Powerpipe Hub 
Hub
Mods
turbot/steampipe-mod-alicloud-insights
Overview
45Dashboards
0Benchmarks
416Queries
0Variables
GitHub

Dashboard: AliCloud RAM Credential Report

This report answers the following questions:

  • Which users do not have a password?
  • What is the age of the password?
  • When was the password last changed?
  • When were the access keys last used?
This dashboard contains 1 table and 2 texts.

Usage

Install the mod:

mkdir dashboards
cd dashboards
powerpipe mod init
powerpipe mod install github.com/turbot/steampipe-mod-alicloud-insights

Start the Powerpipe server:

steampipe service start
powerpipe server

Open http://localhost:9033 in your browser and select AliCloud RAM Credential Report dashboard.

You could also snapshot and share results via Turbot Pipes:

powerpipe login
powerpipe dashboard run alicloud_insights.dashboard.ram_credential_report --share

Queries

This dashboard uses the the following queries:
select
  user_name as "User Name",
  'acs:ram::' || r.account_id || ':user/' || user_name as "User ARN",


  password_exist as "Password Enabled",
  mfa_active as "MFA Active",
  password_active as "Password Status",
  now()::date - password_last_changed::date as "Password Age in Days",
  password_last_changed as "Password Changed Timestamp",
  date_trunc('day',age(now(),user_last_logon))::text as "Password Last Used",
  user_last_logon as "Password Last Used Timestamp",
  date_trunc('day',age(now(),password_next_rotation))::text as "Next Password Rotation",
  password_next_rotation "Next Password Rotation Timestamp",


  access_key_1_active as "Access Key 1 Active",
  now()::date - access_key_1_last_rotated::date as "Key 1 Age in Days",
  access_key_1_last_rotated as "Key 1 Last Rotated",
  date_trunc('day',age(now(),access_key_1_last_used))::text as  "Key 1 Last Used",
  access_key_1_last_used as "Key 1 Last Used Timestamp",


  access_key_2_active as "Access Key 2 Active",
  now()::date - access_key_2_last_rotated::date as "Key 2 Age in Days",
  access_key_2_last_rotated as "Key 2 Last Rotated Timestamp",
  date_trunc('day',age(now(),access_key_2_last_used))::text as  "Key 2 Last Used",
  access_key_2_last_used as "Key 2 Last Used Timestamp",


  a.title as "Account",
  r.account_id as "Account ID"


from
  alicloud_ram_credential_report as r,
  alicloud_account as a
where
  a.account_id = r.account_id
order by
  user_name;

Tags

category = Credential Report
service = AliCloud/RAM
type = Report