title | description |
---|---|
Steampipe Table: salesforce_permission_set - Query Salesforce Permission Sets using SQL |
Allows users to query Salesforce Permission Sets, providing insights into the permissions and access settings within a Salesforce organization. |
Salesforce Permission Sets are a flexible and granular means of assigning permissions and access settings within a Salesforce organization. They allow you to extend user's functional access without changing their roles or profiles. Permission Sets can be used to grant additional permissions and access settings to users, on top of what their profile provides.
The salesforce_permission_set
table provides insights into Salesforce Permission Sets within a Salesforce organization. As a Salesforce administrator, explore permission set-specific details through this table, including assigned permissions, access settings, and associated metadata. Utilize it to uncover information about permission sets, such as those with specific user access, the permissions associated with each set, and the verification of access settings.
Important Notes
- If the
naming_convention
configuration argument is set toapi_native
, please see API Native Examples. - This table has one field for each permission with the pattern
permissions_permission_name
, e.g.,permissions_edit_task
. If true, users assigned to this permission set have the named permission. The number of fields varies depending on the permissions for the organization and license type.
Explore which permissions are custom-made within your Salesforce environment. This can help you better manage user access and understand the creation timeline of these permissions.
select
id,
name,
label,
description,
is_custom,
created_date,
from
salesforce_permission_set
select
id,
name,
label,
description,
is_custom,
created_date
from
salesforce_permission_set
Explore which permission sets in your Salesforce environment are not custom-made. This helps to understand the default permissions given and aids in maintaining security standards.
select
id,
name,
label,
description,
is_custom,
created_date,
from
salesforce_permission_set
where
not is_custom;
select
id,
name,
label,
description,
is_custom,
created_date
from
salesforce_permission_set
where
not is_custom;
Explore which permission sets in Salesforce have been granted the capability to modify all data. This is useful to identify potential security risks and ensure only appropriate roles have such extensive permissions.
select
id,
name,
label,
description,
is_custom,
created_date,
permissions_modify_all_data
from
salesforce_permission_set
where
permissions_modify_all_data;
select
id,
name,
label,
description,
is_custom,
created_date,
permissions_modify_all_data
from
salesforce_permission_set
where
permissions_modify_all_data;
If the naming_convention
config argument is set to api_native
, the table and column names will match Salesforce naming conventions.
Explore the basic details of your permission sets to understand their custom status and creation date. This can help you manage and organize your permission sets effectively.
select
"ID",
"Name",
"Label",
"Description",
"IsCustom",
"CreatedDate"
from
"PermissionSet";
select
"ID",
"Name",
"Label",
"Description",
"IsCustom",
"CreatedDate"
from
"PermissionSet";
Discover the segments that consist of non-custom permission sets. This can be useful in understanding the default sets provided by the platform and to ensure they align with your organization's security guidelines.
select
"ID",
"Name",
"Label",
"Description",
"IsCustom",
"CreatedDate"
from
"PermissionSet"
where
not "IsCustom";
select
"ID",
"Name",
"Label",
"Description",
"IsCustom",
"CreatedDate"
from
"PermissionSet"
where
"IsCustom" = 0;
Discover the segments that have recently updated their access rights by focusing on those that have made changes within the past month. This is useful for maintaining security and ensuring that permissions are up-to-date.
select
"ID",
"Name",
"Label",
"Description",
"IsCustom",
"CreatedDate"
from
"PermissionSet"
where
"CreatedDate" <= now() - interval '30' day;
select
"ID",
"Name",
"Label",
"Description",
"IsCustom",
"CreatedDate"
from
"PermissionSet"
where
"CreatedDate" <= datetime('now', '-30 day');
Discover the segments that require activation within your permission sets. This can help you identify areas where additional steps may be needed before the permission set can be used, improving your system's security and compliance.
select
"ID",
"Name",
"Label",
"Description",
"IsCustom",
"CreatedDate"
from
"PermissionSet"
where
"HasActivationRequired";
select
"ID",
"Name",
"Label",
"Description",
"IsCustom",
"CreatedDate"
from
"PermissionSet"
where
"HasActivationRequired" = 1;