turbot/terraform_aws_compliance

Query: rds_db_instance_logging_enabled

Usage

powerpipe query terraform_aws_compliance.query.rds_db_instance_logging_enabled

Steampipe Tables

SQL

select
address as resource,
(attributes_std -> 'engine')::text as engine,
case
when
(attributes_std ->> 'engine')::text like any (array ['mariadb', '%mysql'])
and (attributes_std -> 'enabled_cloudwatch_logs_exports') is not null
and (attributes_std -> 'enabled_cloudwatch_logs_exports')::jsonb <@ '["audit","error","general","slowquery"]'::jsonb
and (attributes_std -> 'enabled_cloudwatch_logs_exports')::jsonb @> '["audit","error","general","slowquery"]'::jsonb then 'ok'
when
(attributes_std ->> 'engine')::text like any (array['%postgres%'])
and (attributes_std -> 'enabled_cloudwatch_logs_exports') is not null
and (attributes_std -> 'enabled_cloudwatch_logs_exports')::jsonb <@ '["postgresql","upgrade"]'::jsonb
and (attributes_std -> 'enabled_cloudwatch_logs_exports')::jsonb @> '["postgresql","upgrade"]'::jsonb then 'ok'
when
(attributes_std ->> 'engine')::text like 'oracle%' and (attributes_std -> 'enabled_cloudwatch_logs_exports') is not null
and (attributes_std -> 'enabled_cloudwatch_logs_exports')::jsonb <@ '["alert","audit", "trace","listener"]'::jsonb
and (attributes_std -> 'enabled_cloudwatch_logs_exports')::jsonb @> '["alert","audit", "trace","listener"]'::jsonb then 'ok'
when
(attributes_std ->> 'engine')::text = 'sqlserver-ex'
and (attributes_std -> 'enabled_cloudwatch_logs_exports') is not null
and (attributes_std -> 'enabled_cloudwatch_logs_exports')::jsonb <@ '["error"]'::jsonb
and (attributes_std -> 'enabled_cloudwatch_logs_exports')::jsonb @> '["error"]'::jsonb then 'ok'
when
(attributes_std ->> 'engine')::text like 'sqlserver%'
and (attributes_std -> 'enabled_cloudwatch_logs_exports')is not null
and (attributes_std -> 'enabled_cloudwatch_logs_exports')::jsonb <@ '["error","agent"]' then 'ok'
else 'alarm'
end as status,
split_part(address, '.', 2) || case
when
(attributes_std ->> 'engine')::text like any (array ['mariadb', '%mysql'])
and (attributes_std -> 'enabled_cloudwatch_logs_exports') is not null
and (attributes_std -> 'enabled_cloudwatch_logs_exports')::jsonb <@ '["audit","error","general","slowquery"]'::jsonb
and (attributes_std -> 'enabled_cloudwatch_logs_exports')::jsonb @> '["audit","error","general","slowquery"]'::jsonb then ' logging enabled'
when
(attributes_std ->> 'engine')::text like any (array['%postgres%'])
and (attributes_std -> 'enabled_cloudwatch_logs_exports') is not null
and (attributes_std -> 'enabled_cloudwatch_logs_exports')::jsonb <@ '["postgresql","upgrade"]'::jsonb
and (attributes_std -> 'enabled_cloudwatch_logs_exports')::jsonb @> '["postgresql","upgrade"]'::jsonb then ' logging enabled'
when
(attributes_std ->> 'engine')::text like 'oracle%'
and (attributes_std -> 'enabled_cloudwatch_logs_exports') is not null
and (attributes_std -> 'enabled_cloudwatch_logs_exports')::jsonb <@ '["alert","audit", "trace","listener"]'::jsonb
and (attributes_std -> 'enabled_cloudwatch_logs_exports')::jsonb @> '["alert","audit", "trace","listener"]'::jsonb then ' logging enabled'
when
(attributes_std ->> 'engine')::text = 'sqlserver-ex'
and (attributes_std -> 'enabled_cloudwatch_logs_exports') is not null
and (attributes_std -> 'enabled_cloudwatch_logs_exports')::jsonb <@ '["error"]'::jsonb
and (attributes_std -> 'enabled_cloudwatch_logs_exports')::jsonb @> '["error"]'::jsonb then ' logging enabled'
when
(attributes_std ->> 'engine')::text like 'sqlserver%'
and (attributes_std -> 'enabled_cloudwatch_logs_exports')is not null
and (attributes_std -> 'enabled_cloudwatch_logs_exports')::jsonb <@ '["error","agent"]' then ' logging enabled'
else ' logging disabled'
end || '.' as reason
, path || ':' || start_line
from
terraform_resource
where
type = 'aws_db_instance';

Controls

The query is being used by the following controls: