turbot/alicloud
steampipe plugin install alicloud

Table: alicloud_vpc_nat_gateway

NAT gateways are enterprise-class gateways that provide the Source Network Address Translation (SNAT) and Destination Network Address Translation (DNAT) features. Each NAT gateway provides a throughput capacity of up to 10 Gbit/s. NAT gateways also support cross-zone disaster recovery.

Examples

Basic info

Explore the status and billing method of your Alibaba Cloud Virtual Private Cloud (VPC) NAT gateways. This is useful for understanding the operational status and cost management of your NAT gateways across different regions.

select
name,
nat_gateway_id,
vpc_id nat_type,
status,
description,
billing_method,
region,
account_id
from
alicloud_vpc_nat_gateway;
select
name,
nat_gateway_id,
vpc_id nat_type,
status,
description,
billing_method,
region,
account_id
from
alicloud_vpc_nat_gateway;

List IP address details for NAT gateways

Determine the details of IP addresses associated with Network Address Translation (NAT) gateways to manage and monitor your network's internet connectivity and security.

select
nat_gateway_id,
address ->> 'IpAddress' as ip_address,
address ->> 'AllocationId' as allocation_id
from
alicloud_vpc_nat_gateway,
jsonb_array_elements(ip_lists) as address;
select
nat_gateway_id,
json_extract(address.value, '$.IpAddress') as ip_address,
json_extract(address.value, '$.AllocationId') as allocation_id
from
alicloud_vpc_nat_gateway,
json_each(ip_lists) as address;

List private network info for NAT gateways

Discover the segments that provide private network details for NAT gateways. This query can be used to assess the elements within your network infrastructure and optimize resource allocation based on bandwidth usage and zone distribution.

select
name,
nat_gateway_id,
nat_gateway_private_info ->> 'EniInstanceId' as eni_instance_id,
nat_gateway_private_info ->> 'IzNo' as nat_gateway_zone_id,
nat_gateway_private_info ->> 'MaxBandwidth' as max_bandwidth,
nat_gateway_private_info ->> 'PrivateIpAddress' as private_ip_address,
nat_gateway_private_info ->> 'VswitchId' as vswitch_id
from
alicloud_vpc_nat_gateway;
select
name,
nat_gateway_id,
json_extract(nat_gateway_private_info, '$.EniInstanceId') as eni_instance_id,
json_extract(nat_gateway_private_info, '$.IzNo') as nat_gateway_zone_id,
json_extract(nat_gateway_private_info, '$.MaxBandwidth') as max_bandwidth,
json_extract(nat_gateway_private_info, '$.PrivateIpAddress') as private_ip_address,
json_extract(nat_gateway_private_info, '$.VswitchId') as vswitch_id
from
alicloud_vpc_nat_gateway;

List NAT gateways that have traffic monitoring disabled

Identify instances where NAT gateways do not have traffic monitoring enabled. This can be useful in ensuring all gateways are properly configured for optimal security and performance.

select
name,
nat_gateway_id,
ecs_metric_enabled
from
alicloud_vpc_nat_gateway
where
not ecs_metric_enabled;
select
name,
nat_gateway_id,
ecs_metric_enabled
from
alicloud_vpc_nat_gateway
where
not ecs_metric_enabled;

List NAT gateways that have deletion protection disabled

Determine the areas in which NAT gateways lack deletion protection to enhance your network's security and prevent accidental data loss.

select
name,
nat_gateway_id,
deletion_protection
from
alicloud_vpc_nat_gateway
where
not deletion_protection;
select
name,
nat_gateway_id,
deletion_protection
from
alicloud_vpc_nat_gateway
where
deletion_protection = 0;

Count of NAT gateways per VPC ID

Assess the elements within your Alicloud Virtual Private Cloud (VPC) to understand the distribution of Network Address Translation (NAT) gateways. This allows for effective resource allocation and network planning.

select
vpc_id,
count(*) as nat_gateway_count
from
alicloud_vpc_nat_gateway
group by
vpc_id;
select
vpc_id,
count(*) as nat_gateway_count
from
alicloud_vpc_nat_gateway
group by
vpc_id;

Schema for alicloud_vpc_nat_gateway

NameTypeOperatorsDescription
_ctxjsonbSteampipe context in JSON form.
account_idtext=, !=, ~~, ~~*, !~~, !~~*The Alicloud Account ID in which the resource is located.
akasjsonbArray of globally unique identifier strings (also known as) for the resource.
auto_paybooleanIndicates whether auto pay is enabled.
billing_methodtextThe billing method of the NAT gateway.
business_statustextThe status of the NAT gateway.
creation_timetimestamp with time zoneThe time when the NAT gateway was created.
deletion_protectionbooleanIndicates whether deletion protection is enabled.
descriptiontextThe description of the NAT gateway.
ecs_metric_enabledbooleanIndicates whether the traffic monitoring feature is enabled.
expired_imetimestamp with time zoneThe time when the NAT gateway expires.
forward_table_idsjsonbThe ID of the Destination Network Address Translation (DNAT) table.
internet_charge_typetextThe billing method of the NAT gateway.
ip_listsjsonbThe elastic IP address (EIP) that is associated with the NAT gateway.
nametextThe name of the NAT gateway.
nat_gateway_idtext=The ID of the NAT gateway.
nat_gateway_private_infojsonbThe information of the virtual private cloud (VPC) to which the enhanced NAT gateway belongs.
nat_typetextThe type of the NAT gateway. Valid values: 'Normal' and 'Enhanced'.
regiontextThe Alicloud region in which the resource is located.
resource_group_idtextThe ID of the resource group.
snat_table_idsjsonbThe ID of the SNAT table for the NAT gateway.
sp_connection_nametext=, !=, ~~, ~~*, !~~, !~~*Steampipe connection name.
sp_ctxjsonbSteampipe context in JSON form.
spectextThe size of the NAT gateway.
statustextThe state of the NAT gateway.
titletextTitle of the resource.
vpc_idtextThe ID of the virtual private cloud (VPC) to which the NAT gateway belongs.

Export

This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.

You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:

/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- alicloud

You can pass the configuration to the command with the --config argument:

steampipe_export_alicloud --config '<your_config>' alicloud_vpc_nat_gateway