blockstorage_block_volume_backup_enabledblockstorage_block_volume_encryption_enabledblockstorage_boot_volume_backup_encryption_enabledblockstorage_boot_volume_encryption_enabledcloudguard_enabledcompute_instance_boot_volume_encryption_in_transit_enabledcompute_instance_metadata_service_disabledcompute_instance_monitoring_enableddatabase_db_encryption_enableddatabase_db_home_encryption_enableddatabase_db_system_encryption_enabledfile_storage_file_system_encryption_enabledidentity_authentication_password_policy_contains_lowercase_charactersidentity_authentication_password_policy_contains_numeric_charactersidentity_authentication_password_policy_contains_special_charactersidentity_authentication_password_policy_contains_uppercase_charactersidentity_authentication_password_policy_strong_min_length_14objectstorage_bucket_encryption_enabledobjectstorage_bucket_object_events_enabledobjectstorage_bucket_public_access_blockedobjectstorage_bucket_versioning_enabledvcn_default_security_group_allow_icmp_onlyvcn_has_inbound_security_list_configuredvcn_inbound_security_lists_are_statelessvcn_network_security_group_restrict_ingress_rdp_allvcn_network_security_group_restrict_ingress_ssh_allvcn_security_group_has_stateless_ingress_security_rulesvcn_security_list_restrict_ingress_rdp_allvcn_security_list_restrict_ingress_ssh_allvcn_subnet_public_access_blocked
Query: vcn_default_security_group_allow_icmp_only
Usage
powerpipe query terraform_oci_compliance.query.vcn_default_security_group_allow_icmp_onlySteampipe Tables
SQL
with all_security_rules as ( select * from terraform_resource where type = 'oci_core_security_list'), non_complaint as ( select name, count(name) as count from all_security_rules, jsonb_array_elements( case jsonb_typeof(attributes_std -> 'ingress_security_rules') when 'array' then (attributes_std -> 'ingress_security_rules') else null end ) as p where p ->> 'protocol' != '1' group by name)select a.address as resource, case when b.count > 0 or (a.attributes_std -> 'ingress_security_rules' ->> 'protocol' != '1') then 'alarm' else 'ok' end as status, split_part(a.address, '.', 2) || case when b.count > 0 or (a.attributes_std -> 'ingress_security_rules' ->> 'protocol' != '1') then ' configured with non ICMP ports' else ' configured with ICMP ports only' end || '.' reason , path || ':' || start_linefrom all_security_rules as a left join non_complaint as b on a.name = b.name;
Controls
The query is being used by the following controls: