Closed KingBrewer closed 1 year ago
Welcome to Steampipe @KingBrewer and apologies for the bump!!
When tables or columns (REST APIs) are unavailable to assist us in creating a SQL query for any compliance check, we designate such controls as manual
.
However, in this case, the azure_postgresql_server table seems to have a column firewall_rules
.
@khushboo9024 could you please verify if we can create a query for this control?
Linking plugin referenced issue
Describe the bug CIS check 4.3.7 "Ensure 'Allow access to Azure services' for PostgreSQL Database Server is disabled" is missing implementation, being attributed as a manual control: https://github.com/turbot/steampipe-mod-azure-compliance/blob/v0.24/cis_v200/section_4.sp#L336
Steampipe version (
steampipe -v
) v0.19.4Plugin version (
steampipe plugin list
) steampipe-mod-azure-compliance@v0.24To reproduce Run assessment of 4.3.7 control:
steampipe check control.cis_v200_4_3_7
Expected behavior Firewall rules should be evaluated for each of Postgres servers. Currently the check is marked as manual, what is incorrect.