Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Info

Customers can leverage CLI to run queries against Cloudaware CMDB. The article provides query examples for common use cases.

Table of Contents
7
minLevel1
maxLevel6
outlinefalse
typelist
printablefalse

Retrieve a list of EKS deployments using CLI

DevOps teams require complete visibility into Kubernetes infrastructure. Using Cloudaware CLI, DevOps engineers can query all EKS deployments across multiple EKS Clusters, AWS Regions and Accounts with a single query.

Code Block
sfdxsf force:data:soql: query -q-query "SELECT Name, CA10A1__cluster__r.Name, CA10A1__account__r.Name FROM CA10A1__CaAwsEksClusterDeployment__c" -u-target-org <Org Alias from Authentication>

Update an application catalog with

...

Cost Center data

Cloudaware maintains a complete application catalog with full an entire cloud resource inventory for each application. FinOps teams often customize the application attributes using additional fields such as Cost Center, Product, or Product Line in order to filter and group spending not only by Business Application but also by Business Product or Product Line. Using CLI, FinOps engineers can quickly retrieve and update application attributes and even link applications to other entities in CMDB.

Here is a sample use case:

  • Get AWS EC2 Instances with Cost Center and Product data attached to a specific Cloudaware Application and save the result in a CSV file on your device:

Code Block
languagenone
# Use Child Relationship Names in sub-queries;
# Find a necessary Child Relationship Name by executing the following command for a Parent object: 

sfdx force:schema:sobject:describe -s <Parent Object's API Name> -u <Org Alias from Authentication>

# Use the "childRelationships" key in the result to find all Child Relationship Names ("relationshipName") across all listed child objects;

# Example of querying cloud inventory of a specific Application:

sfdx force:data:soql:sf data query --query "SELECT CA10__applicationName__c, (SELECT Name, Id, Cost_Center__c, Product__c FROM CA10__AWS_EC2_Instances__r) FROM CA10__CaApplicationTier__c WHERE CA10__applicationName__c = '<specific application name>'" --target-org <Org Alias from Authentication> --result-format csv > output.csv
  • Modify the CSV file you have saved the query result in and perform a bulk update using the modified CSV:

Code Block
sf data upsert bulk --sobject CA10__CaAwsInstance__c --file <your_folder>/UpdatedValues.csv --external-id Id

Get a list of current and past public IPs across multiple cloud providers

Security incident response often begins with an investigation to track down public IP address ownership. Using CLI, SOC team members can quickly search for all public IP addresses currently allocated across three different cloud providers.

Code Block
* AWS
EC2 Elastic IPs:
sf data query --query "SELECT Name, CA10__instanceId2__c, CA10__account__r.Name, CA10__regionName__c FROM CA10__CaAwsElasticIp__c WHERE CA10__instanceId2__c != NULL AND CA10__type__c = 'Public IP'" --target-org <Org Alias from Authentication>
EC2 Public IPs:
sf data query --query -q "SELECT CA10__applicationNamepublicIpAddress__c, (SELECT Name, FROM CA10__AWS_EC2_InstancesinstanceId__c, CA10__account__r).Name, (SELECT NameCA10__stateName__c, CA10__regionName__c FROM CA10__AWS_S3_Buckets__r), (SELECT Name FROM CA10__AWS_EBS_Snapshots__r) FROM CA10__CaApplicationTier__c WHERE CA10__applicationName__c = '<specific application name>'" -uCaAwsInstance__c WHERE CA10__publicIpAddress__c != NULL" --target-org <Org Alias from Authentication>
    
* Azure
sf data query --query -q "SELECT Name, CA10__associatedResourceId__c, CA10__associatedResourceType__c FROM CA10__CaAzurePublicIpAddress__c" --target-org <Org Alias from Authentication>

* Google
sf data query --query -q "SELECT CA10__address__c, Name, CA10__googleId__c, CA10__project__r.Name, CA10__regionName__c FROM CA10__CaGoogleGceStaticAddress__c" --target-org <Org Alias from Authentication>

Get a list of

...

Security incident response often begins with an investigation to track down public IP address ownership. Using CLI, SOC team members can quickly search for all public IP addresses currently allocated across three different cloud providers.

...

incidents related to a specific asset and take action

Using Cloudaware CLI, engineers can retrieve incidents related to a specific asset and update incident details. Here are sample queries:

Get an incident related to an AWS Lambda Function and update the incident severity:

Code Block
sf data query --query "SELECT Id, CA10__incidentId__c, CA10__severity__c FROM CA10__CaIncident__c WHERE CA10__awsLambdaFunctionArn__c = '<lambda_function_arn>' LIMIT 1"

WHERE

<specific application name> - a placeholder of the name of the application that is queried

Update the incident severity to ‘High’.

Code Block
sf data update record --sobject CA10__CaIncident__c --record-id <record_id> --values "CA10__severity__c=High"

WHERE

<record_id> - a placeholder of the record ID for the incident returned from the previous query

Query all cloud services used by a specific application

When a cloud provider is having an outage, Cloudaware assists in establishing immediate business impact. Using CLI, engineers can quickly retrieve a list of computing resources that are unavailable to perform business service recovery in failover region.

...

Compliance: Query MTTR (Mean Time To Resolution) across all incidents for a specific team1) Use Child Relationship Names in sub-queries

Find a necessary Child Relationship Name by executing the following command for a Parent object:

Code Block
sfdx force:schema:sobject:describe -s <Parent Object's API Name> -u <Org Alias from Authentication>

2) Use the "childRelationships" key in the result to find all Child Relationship Names ("relationshipName") across all listed child objects. Get the cloud inventory of a specific Application:

Code Block
sf data query --query "SELECT CA10__applicationName__c, (SELECT Name FROM CA10__AWS_EC2_Instances__r), (SELECT Name FROM CA10__AWS_S3_Buckets__r), (SELECT Name FROM CA10__AWS_EBS_Snapshots__r) FROM CA10__CaApplicationTier__c WHERE CA10__applicationName__c = '<specific application name>'" --target-org <Org Alias from Authentication>

WHERE

CA10__AWS_EC2_Instances__r, CA10__AWS_S3_Buckets__r, CA10__AWS_EBS_Snapshots__r - application attachable objects (see more here)

<specific application name> - a placeholder of the name of the application that is queried