Config Query Examples
Some examples for Config Query for all cloud types.
Use this section for some examples that show you how to use Config Query Attributes in RQL for investigating issues on each cloud platform:
AWS—Config Query Examples
View users who enabled console access with both access keys and passwords.
List root accounts that do not have MFA enabled.
List active access keys.
View all S3 buckets that are accessible to the public through bucket ACLs.
View all S3 buckets that are accessible to the public through bucket policy.
Displays the number of VPCs that do not have subnets associated only when there are more than 2 VPCs.
Check for S3:GetObject operations.
You can include other operations related to S3 buckets, such as s3:PutObject, s3:*, s3:GetBucketAcl, s3:ListBucket, s3:ListAllMyBuckets, s3:PutObjectAcl, s3:GetObjectAcl, and s3:GetObjectVersion.
Azure—Config Query Examples
View SQL Server firewall rules that allow access to any Azure internal resources.
List security center resource groups in Azure that do not specify a security contact email address.
View SQL databases where encryption is disabled.
List Azure VNETs that are peered successfully.
Display a count of the number of Azure Activity log alerts if the total number is less than one.
Display Azure hosts that match the queried private IP address.
GCP—Config Query Examples
View firewall rules that allow internet traffic through the MongoDB port (27017).
List SQL Instances where SSL is not configured.
List virtual machine (VM) instances where preemptive termination is enabled.
View all storage buckets or objects that are publicly accessible.
Recommended For You
Recommended videos not found.