Table: alicloud_vpc_ssl_vpn_server - Query Alicloud VPC SSL VPN Servers using SQL
An Alicloud VPC SSL VPN Server is a resource within the Alicloud Virtual Private Cloud (VPC) that enables secure remote access to your private networks. It uses the SSL protocol to establish encrypted connections between remote users and your VPC. This service is critical for managing secure access to your VPC resources.
Table Usage Guide
The alicloud_vpc_ssl_vpn_server table provides insights into SSL VPN servers within Alicloud VPC. As a network administrator, you can explore detailed information about each SSL VPN server, including its configuration, connection details, and associated network resources. Use this table to manage and monitor secure remote access to your VPC resources.
Examples
Basic info
Discover the segments that are utilizing the highest capacity in your VPN server. This can help in identifying potential bottlenecks and planning for necessary upgrades or changes to maintain optimal performance.
select name, ssl_vpn_server_id, cipher, max_connections, port, protofrom alicloud_vpc_ssl_vpn_server;select name, ssl_vpn_server_id, cipher, max_connections, port, protofrom alicloud_vpc_ssl_vpn_server;Get the SSL VPN servers that do not compress the transmitted data
Explore which SSL VPN servers are not compressing transmitted data, enabling you to identify potential areas for bandwidth optimization and improved performance.
select name, ssl_vpn_server_id, is_compressedfrom alicloud_vpc_ssl_vpn_serverwhere not is_compressed;select name, ssl_vpn_server_id, is_compressedfrom alicloud_vpc_ssl_vpn_serverwhere not is_compressed;List of all SSL VPN servers that do not use AES-256-CBC encryption
Discover the segments that are utilizing encryption standards other than AES-256-CBC for their SSL VPN servers. This can be particularly useful in identifying potential security risks and ensuring the highest level of data protection.
select name, ssl_vpn_server_id, cipherfrom alicloud_vpc_ssl_vpn_serverwhere cipher <> 'AES-256-CBC';select name, ssl_vpn_server_id, cipherfrom alicloud_vpc_ssl_vpn_serverwhere cipher <> 'AES-256-CBC';List of all SSL VPN servers for which Two-factor Authentication is not enabled
Determine the areas in which two-factor authentication is not enabled for SSL VPN servers. This can be valuable in identifying potential security vulnerabilities in your network infrastructure.
select name, ssl_vpn_server_id, enable_multi_factor_authfrom alicloud_vpc_ssl_vpn_serverwhere not enable_multi_factor_auth;select name, ssl_vpn_server_id, enable_multi_factor_authfrom alicloud_vpc_ssl_vpn_serverwhere not enable_multi_factor_auth;View SSL VPN server IP information
Explore the IP details of your SSL VPN servers, including their internet-facing IP and the client IP pool. This can be beneficial in network troubleshooting and security audits to ensure correct configuration and operation.
select name, ssl_vpn_server_id, internet_ip, client_ip_pool, local_subnetfrom alicloud_vpc_ssl_vpn_server;select name, ssl_vpn_server_id, internet_ip, client_ip_pool, local_subnetfrom alicloud_vpc_ssl_vpn_server;List of Client Certs for each SSL VPN server
Explore the relationship between your SSL VPN servers and their associated client certificates. This can help in managing and maintaining your network's security infrastructure by ensuring that each VPN server has the appropriate client certificates.
select s.name, s.ssl_vpn_server_id, c.name, c.ssl_vpn_client_cert_idfrom alicloud_vpc_ssl_vpn_server as s left join alicloud_vpc_ssl_vpn_client_cert as c on s.ssl_vpn_server_id = c.ssl_vpn_server_idselect s.name, s.ssl_vpn_server_id, c.name, c.ssl_vpn_client_cert_idfrom alicloud_vpc_ssl_vpn_server as s left join alicloud_vpc_ssl_vpn_client_cert as c on s.ssl_vpn_server_id = c.ssl_vpn_server_idCount of Client Certs for each SSL VPN server
This example helps to analyze the distribution of client certificates across various SSL VPN servers. It's useful in understanding the load distribution and managing the capacity of each server efficiently.
select s.name, count(c.ssl_vpn_client_cert_id)from alicloud_vpc_ssl_vpn_server as s left join alicloud_vpc_ssl_vpn_client_cert as c on s.ssl_vpn_server_id = c.ssl_vpn_server_idgroup by s.name;select s.name, count(c.ssl_vpn_client_cert_id)from alicloud_vpc_ssl_vpn_server as s left join alicloud_vpc_ssl_vpn_client_cert as c on s.ssl_vpn_server_id = c.ssl_vpn_server_idgroup by s.name;Schema for alicloud_vpc_ssl_vpn_server
| Name | Type | Operators | Description |
|---|---|---|---|
| _ctx | jsonb | Steampipe context in JSON form, e.g. connection_name. | |
| account_id | text | The Alicloud Account ID in which the resource is located. | |
| akas | jsonb | Array of globally unique identifier strings (also known as) for the resource. | |
| cipher | text | The encryption algorithm. | |
| client_ip_pool | cidr | The client IP address pool. | |
| connections | bigint | The total number of current connections. | |
| create_time | timestamp with time zone | The time when the SSL-VPN server was created. | |
| enable_multi_factor_auth | boolean | Indicates whether the multi factor authenticaton is enabled. | |
| internet_ip | inet | The public IP address. | |
| is_compressed | boolean | Indicates whether the transmitted data is compressed. | |
| local_subnet | text | The CIDR block of the client. | |
| max_connections | bigint | The maximum number of connections. | |
| name | text | The name of the SSL-VPN server. | |
| port | bigint | The port used by the SSL-VPN server. | |
| proto | text | The protocol used by the SSL-VPN server. | |
| region | text | The Alicloud region in which the resource is located. | |
| ssl_vpn_server_id | text | = | The ID of the SSL-VPN server. |
| title | text | Title of the resource. | |
| vpn_gateway_id | text | The ID of the VPN gateway. |
Export
This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.
You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:
/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- alicloudYou can pass the configuration to the command with the --config argument:
steampipe_export_alicloud --config '<your_config>' alicloud_vpc_ssl_vpn_server