turbot/terraform_oci_compliance

Query: vcn_inbound_security_lists_are_stateless

Usage

powerpipe query terraform_oci_compliance.query.vcn_inbound_security_lists_are_stateless

Steampipe Tables

SQL

with all_security_rules as (
select
*
from
terraform_resource
where
type = 'oci_core_security_list'
), non_complaint as (
select
name,
count(name) as count
from
all_security_rules,
jsonb_array_elements(
case jsonb_typeof(attributes_std -> 'ingress_security_rules')
when 'array' then (attributes_std -> 'ingress_security_rules')
else null end
) as p
where
p ->> 'stateless' is not null and (p ->> 'stateless')::bool is not true
group by name
)
select
a.address as resource,
case
when b.count > 0 or (a.attributes_std -> 'ingress_security_rules' ->> 'stateless' is not null and (a.attributes_std -> 'ingress_security_rules' ->> 'stateless')::bool is not true) then 'alarm'
when (a.attributes_std ->> 'ingress_security_rules' is null) then 'skip'
else 'ok'
end as status,
split_part(a.address, '.', 2) || case
when b.count > 0 or (a.attributes_std -> 'ingress_security_rules' ->> 'stateless' is not null and (a.attributes_std -> 'ingress_security_rules' ->> 'stateless')::bool is not true) then ' has stateful ingress security rules'
when (a.attributes_std ->> 'ingress_security_rules' is null) then ' has no ingress security rules'
else ' has stateless ingress security rules'
end || '.' reason
, path || ':' || start_line
from
all_security_rules as a
left join non_complaint as b on a.name = b.name;

Controls

The query is being used by the following controls: