This PR contains all Security Hub Products that were not already included. All new Account IDs were added on a per-vendor (not per-product) basis. Account IDs were appended to existing records for vendors, where possible.
The data was pulled using the following steampipe query:
WITH twelve_digit_data AS (
SELECT
company_name,
product_arn,
unnest(
ARRAY_CAT(
regexp_matches(product_subscription_resource_policy::text, '\d{12}', 'g'),
regexp_matches(product_arn, '\d{12}', 'g')
)
) AS twelve_digit_number
FROM
aws_securityhub_product
)
SELECT
company_name,
array_agg(DISTINCT twelve_digit_number) FILTER (WHERE twelve_digit_number != 'ACCOUNT_ID_IM_RUNNING_FROM') AS account_ids
FROM
twelve_digit_data
GROUP BY
company_name HAVING array_length(array_agg(DISTINCT twelve_digit_number) FILTER (WHERE twelve_digit_number != 'ACCOUNT_ID_IM_RUNNING_FROM'), 1) > 0;
0xdabbad00
commented
9 months ago
This PR contains all Security Hub Products that were not already included. All new Account IDs were added on a per-vendor (not per-product) basis. Account IDs were appended to existing records for vendors, where possible.
The data was pulled using the following steampipe query:
The raw data is attached, for posterity. securityhub_accountids.json