turbot/terraform_gcp_compliance

Query: compute_security_policy_prevent_message_lookup

Usage

powerpipe query terraform_gcp_compliance.query.compute_security_policy_prevent_message_lookup

Steampipe Tables

SQL

select
address as resource,
case
when jsonb_typeof(attributes_std -> 'rule') = 'object' and ((attributes_std -> 'rule' -> 'match' -> 'expr' ->> 'expression' <> 'evaluatePreconfiguredExpr(''cve-canary'')') or (attributes_std -> 'rule' ->> 'action' = 'allow') or (attributes_std -> 'rule' ->> 'preview' = 'true')) then 'alarm'
when jsonb_typeof(attributes_std -> 'rule') = 'array' and exists(select 1 from jsonb_array_elements(attributes_std -> 'rule') as rules where ((rules -> 'match' -> 'expr' ->> 'expression' <> 'evaluatePreconfiguredExpr(''cve-canary'')') or (rules ->> 'action' = 'allow') or (rules ->> 'preview' = 'true'))) then 'alarm'
else 'ok'
end status,
split_part(address, '.', 2) || case
when jsonb_typeof(attributes_std -> 'rule') = 'object' and ((attributes_std -> 'rule' -> 'match' -> 'expr' ->> 'expression' <> 'evaluatePreconfiguredExpr(''cve-canary'')') or (attributes_std -> 'rule' ->> 'action' = 'allow') or (attributes_std -> 'rule' ->> 'preview' = 'true')) then ' does not prevent message lookup'
when jsonb_typeof(attributes_std -> 'rule') = 'array' and exists(select 1 from jsonb_array_elements(attributes_std -> 'rule') as rules where ((rules -> 'match' -> 'expr' ->> 'expression' <> 'evaluatePreconfiguredExpr(''cve-canary'')') or (rules ->> 'action' = 'allow') or (rules ->> 'preview' = 'true'))) then ' does not prevent message lookup'
else ' prevents message lookup'
end || '.' reason
, path || ':' || start_line
from
terraform_resource
where
type = 'google_compute_security_policy';

Controls

The query is being used by the following controls: