blockstorage_block_volume_backup_enabledblockstorage_block_volume_encryption_enabledblockstorage_boot_volume_backup_encryption_enabledblockstorage_boot_volume_encryption_enabledcloudguard_enabledcompute_instance_boot_volume_encryption_in_transit_enabledcompute_instance_metadata_service_disabledcompute_instance_monitoring_enableddatabase_db_encryption_enableddatabase_db_home_encryption_enableddatabase_db_system_encryption_enabledfile_storage_file_system_encryption_enabledidentity_authentication_password_policy_contains_lowercase_charactersidentity_authentication_password_policy_contains_numeric_charactersidentity_authentication_password_policy_contains_special_charactersidentity_authentication_password_policy_contains_uppercase_charactersidentity_authentication_password_policy_strong_min_length_14objectstorage_bucket_encryption_enabledobjectstorage_bucket_object_events_enabledobjectstorage_bucket_public_access_blockedobjectstorage_bucket_versioning_enabledvcn_default_security_group_allow_icmp_onlyvcn_has_inbound_security_list_configuredvcn_inbound_security_lists_are_statelessvcn_network_security_group_restrict_ingress_rdp_allvcn_network_security_group_restrict_ingress_ssh_allvcn_security_group_has_stateless_ingress_security_rulesvcn_security_list_restrict_ingress_rdp_allvcn_security_list_restrict_ingress_ssh_allvcn_subnet_public_access_blocked
Query: vcn_security_list_restrict_ingress_ssh_all
Usage
powerpipe query terraform_oci_compliance.query.vcn_security_list_restrict_ingress_ssh_allSteampipe Tables
SQL
with all_security_list as ( select * from terraform_resource where type = 'oci_core_security_list'), non_complaint as ( select name, count(name) as count from all_security_list, jsonb_array_elements( case jsonb_typeof(attributes_std -> 'ingress_security_rules') when 'array' then (attributes_std -> 'ingress_security_rules') else null end ) as p where p ->> 'source' = '0.0.0.0/0' and ( p ->> 'protocol' = 'all' or ( p ->> 'protocol' = '6' and (p -> 'tcp_options' ->> 'min')::integer <= 22 and (p -> 'tcp_options' ->> 'max')::integer >= 22 ) ) group by name)select a.address as resource, case when b.count > 0 or ((a.attributes_std -> 'ingress_security_rules' ->> 'source' = '0.0.0.0/0' ) and ( (a.attributes_std -> 'ingress_security_rules' ->> 'protocol' = 'all') or ((a.attributes_std -> 'ingress_security_rules' ->> 'protocol' = '6') and (a.attributes_std -> 'ingress_security_rules' -> 'tcp_options' is null)) or ((a.attributes_std -> 'ingress_security_rules' -> 'tcp_options' ->> 'min') ::integer <= 22 and (a.attributes_std -> 'ingress_security_rules' -> 'tcp_options' ->> 'max')::integer >= 22 ) )) then 'alarm' else 'ok' end as status, split_part(a.address, '.', 2) || case when b.count > 0 or ((a.attributes_std -> 'ingress_security_rules' ->> 'source' = '0.0.0.0/0' ) and ( (a.attributes_std -> 'ingress_security_rules' ->> 'protocol' = 'all') or ((a.attributes_std -> 'ingress_security_rules' ->> 'protocol' = '6') and (a.attributes_std -> 'ingress_security_rules' -> 'tcp_options' is null)) or ((a.attributes_std -> 'ingress_security_rules' -> 'tcp_options' ->> 'min') ::integer <= 22 and (a.attributes_std -> 'ingress_security_rules' -> 'tcp_options' ->> 'max')::integer >= 22 ) )) then ' ingress rule(s) allowing SSH from 0.0.0.0/0' else ' ingress restricted for SSH from 0.0.0.0/0' end || '.' reason , path || ':' || start_linefrom all_security_list as a left join non_complaint as b on a.name = b.name;Controls
The query is being used by the following controls: