Table: alicloud_vpc_vpn_connection
An IPsec-VPN connection provides support to establish an encrypted communication tunnel between a VPN Gateway and a customer gateway.
Examples
Basic info
Explore the status of your VPN connections to determine their operational condition and identify the local and remote subnets they are connected to. This can be helpful in troubleshooting network connectivity issues or planning network expansions.
select name, vpn_connection_id, status, local_subnet, remote_subnet, vpn_gateway_idfrom alicloud_vpc_vpn_connection;select name, vpn_connection_id, status, local_subnet, remote_subnet, vpn_gateway_idfrom alicloud_vpc_vpn_connection;Get the vpn connections which are not healthy
Identify instances where VPN connections are not in a healthy state. This is useful for troubleshooting network issues and ensuring secure and reliable connectivity.
select name, vpn_connection_id, vco_health_check ->> 'Status' as health_check_status, statusfrom alicloud_vpc_vpn_connectionwhere vco_health_check ->> 'Status' = 'failed';select name, vpn_connection_id, json_extract(vco_health_check, '$.Status') as health_check_status, statusfrom alicloud_vpc_vpn_connectionwhere json_extract(vco_health_check, '$.Status') = 'failed';Get the BGP configuration information of vpn connections
Assess the elements within your VPN connections to understand the status and configuration of Border Gateway Protocol (BGP). This is useful for monitoring the health and performance of your VPN connections.
select name, vpn_connection_id, vpn_bgp_config ->> 'EnableBgp' as enable_bgp, vpn_bgp_config ->> 'LocalAsn' as local_asn, vpn_bgp_config ->> 'LocalBgpIp' as local_bgp_ip, vpn_bgp_config ->> 'PeerAsn' as peer_asn, vpn_bgp_config ->> 'PeerBgpIp' as peer_bgp_ip, vpn_bgp_config ->> 'Status' as status, vpn_bgp_config ->> 'TunnelCidr' as tunnel_cidrfrom alicloud_vpc_vpn_connection;select name, vpn_connection_id, json_extract(vpn_bgp_config, '$.EnableBgp') as enable_bgp, json_extract(vpn_bgp_config, '$.LocalAsn') as local_asn, json_extract(vpn_bgp_config, '$.LocalBgpIp') as local_bgp_ip, json_extract(vpn_bgp_config, '$.PeerAsn') as peer_asn, json_extract(vpn_bgp_config, '$.PeerBgpIp') as peer_bgp_ip, json_extract(vpn_bgp_config, '$.Status') as status, json_extract(vpn_bgp_config, '$.TunnelCidr') as tunnel_cidrfrom alicloud_vpc_vpn_connection;Get the vpn connections where NAT traversal feature is enabled
Identify instances where the NAT traversal feature is enabled in VPN connections. This can be useful to ensure secure and efficient data communication in scenarios where private networks are interconnected over the internet.
select name, vpn_connection_id, enable_nat_traversalfrom alicloud_vpc_vpn_connectionwhere enable_nat_traversal;select name, vpn_connection_id, enable_nat_traversalfrom alicloud_vpc_vpn_connectionwhere enable_nat_traversal = 1;Schema for alicloud_vpc_vpn_connection
| Name | Type | Operators | Description |
|---|---|---|---|
| _ctx | jsonb | Steampipe context in JSON form. | |
| account_id | text | =, !=, ~~, ~~*, !~~, !~~* | The Alicloud Account ID in which the resource is located. |
| akas | jsonb | Array of globally unique identifier strings (also known as) for the resource. | |
| create_time | timestamp with time zone | The time when the IPsec-VPN connection was created. | |
| customer_gateway_id | text | The ID of the customer gateway. | |
| effect_immediately | boolean | Indicates whether IPsec-VPN negotiations are initiated immediately. | |
| enable_dpd | boolean | Indicates whether dead peer detection (DPD) is enabled. | |
| enable_nat_traversal | boolean | Indicates whether to enable the NAT traversal feature. | |
| ike_config | jsonb | The configurations of Phase 1 negotiations. | |
| ipsec_config | jsonb | The configurations for Phase 2 negotiations. | |
| local_subnet | cidr | The CIDR block of the virtual private cloud (VPC). | |
| name | text | The name of the IPsec-VPN connection. | |
| region | text | The Alicloud region in which the resource is located. | |
| remote_subnet | cidr | The CIDR block of the on-premises data center. | |
| sp_connection_name | text | =, !=, ~~, ~~*, !~~, !~~* | Steampipe connection name. |
| sp_ctx | jsonb | Steampipe context in JSON form. | |
| status | text | The status of the IPsec-VPN connection. | |
| title | text | Title of the resource. | |
| vco_health_check | jsonb | The health check configurations. | |
| vpn_bgp_config | jsonb | BGP configuration information. | |
| vpn_connection_id | text | = | The ID of the IPsec-VPN connection. |
| vpn_gateway_id | text | The ID of the VPN gateway. |
Export
This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.
You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:
/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- alicloudYou can pass the configuration to the command with the --config argument:
steampipe_export_alicloud --config '<your_config>' alicloud_vpc_vpn_connection