turbot/alicloud
steampipe plugin install alicloud

Table: alicloud_vpc_ssl_vpn_client_cert

An SSL VPN client certificate is a digital certificate that is used by a SSL VPN client to authenticate and securely connect to an SSL VPN.

Examples

Basic info

Determine the status of your VPN client certificates in your network. This is useful for ensuring security compliance and identifying any inactive or expired certificates.

select
name,
ssl_vpn_client_cert_id,
status
from
alicloud_vpc_ssl_vpn_client_cert;
select
name,
ssl_vpn_client_cert_id,
status
from
alicloud_vpc_ssl_vpn_client_cert;

List of expired certificates

Identify instances where SSL VPN client certificates have expired in your AliCloud VPC environment. This query is useful for maintaining security standards and for timely renewal of certificates.

select
name,
ssl_vpn_client_cert_id,
status
from
alicloud_vpc_ssl_vpn_client_cert
where
status = 'expired';
select
name,
ssl_vpn_client_cert_id,
status
from
alicloud_vpc_ssl_vpn_client_cert
where
status = 'expired';

List of certificates that will expire in one week

Identify instances where SSL VPN client certificates are nearing their expiration date. This is useful for ensuring timely renewal and maintaining uninterrupted VPN service.

select
name,
ssl_vpn_client_cert_id,
status
from
alicloud_vpc_ssl_vpn_client_cert
where
status = 'expiring-soon';
select
name,
ssl_vpn_client_cert_id,
status
from
alicloud_vpc_ssl_vpn_client_cert
where
status = 'expiring-soon';

Certificate count by SSL server

Determine the number of certificates associated with each SSL server to monitor your network's security. This can help in managing certificate distribution and identifying servers with unusually high or low certificate counts.

select
ssl_vpn_server_id,
count (ssl_vpn_client_cert_id) as certificate_count
from
alicloud_vpc_ssl_vpn_client_cert
group by
ssl_vpn_server_id;
select
ssl_vpn_server_id,
count (ssl_vpn_client_cert_id) as certificate_count
from
alicloud_vpc_ssl_vpn_client_cert
group by
ssl_vpn_server_id;

Schema for alicloud_vpc_ssl_vpn_client_cert

NameTypeOperatorsDescription
_ctxjsonbSteampipe context in JSON form.
account_idtext=, !=, ~~, ~~*, !~~, !~~*The Alicloud Account ID in which the resource is located.
akasjsonbArray of globally unique identifier strings (also known as) for the resource.
ca_certtextThe CA certificate.
client_certtextThe client certificate.
client_configtextThe client configuration.
client_keytextThe client key.
create_timetimestamp with time zoneThe time when the SSL client certificate was created.
end_timetimestamp with time zoneThe time when the SSL client certificate expires.
nametextThe name of the SSL client certificate.
regiontextThe Alicloud region in which the resource is located.
sp_connection_nametext=, !=, ~~, ~~*, !~~, !~~*Steampipe connection name.
sp_ctxjsonbSteampipe context in JSON form.
ssl_vpn_client_cert_idtext=The ID of the SSL client certificate.
ssl_vpn_server_idtextThe ID of the SSL-VPN server.
statustextThe status of the client certificate.
titletextTitle of the resource.

Export

This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.

You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:

/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- alicloud

You can pass the configuration to the command with the --config argument:

steampipe_export_alicloud --config '<your_config>' alicloud_vpc_ssl_vpn_client_cert