Datadog
query_firewall
Manage per-connection SQL rules: block dangerous patterns, require WHERE on large tables, log PII access. [ARCHITECT tier]
Remote thinair/data
Other tools also called query_firewall?
See providers with this name
Input Schema
{
"type": "object",
"properties": {
"sql": {
"type": "string",
"description": "SQL to test against rules"
},
"action": {
"enum": [
"add_rule",
"remove_rule",
"list_rules",
"test_query"
],
"type": "string",
"description": "What to do"
},
"message": {
"type": "string",
"description": "Message shown when rule triggers"
},
"pattern": {
"type": "string",
"description": "Regex pattern to match"
},
"rule_name": {
"type": "string",
"description": "Rule name"
},
"connection": {
"type": "string",
"description": "Target connection name from this tenant's inventory. Call `list_connections` to see every name + dialect, then match semantically to the user's intent (e.g. 'analytics' → a connection named `*-analytics-*`; 'prod' → a connection with `prod-` prefix). If the user didn't specify, use the tenant's default (first added). Do not invent names — resolve from `list_connections` output."
},
"block_action": {
"enum": [
"block",
"warn",
"log"
],
"type": "string",
"description": "Action when matched (default block)"
}
}
}