Table: alicloud_vpc_vpn_gateway - Query Alicloud VPC VPN Gateways using SQL
An Alicloud VPC VPN Gateway is a component of Alibaba Cloud's Virtual Private Cloud (VPC) service. It is used to establish a secure, encrypted communication tunnel between a VPC and an on-premises data center or between VPCs. It supports both IPsec-VPN connections and GRE-VPN connections, and is designed to facilitate secure and convenient cloud network deployment.
Table Usage Guide
The alicloud_vpc_vpn_gateway table provides insights into VPN Gateways within Alibaba Cloud's VPC service. As a network administrator or cloud architect, you can explore gateway-specific details through this table, including its ID, description, status, bandwidth, and associated VPC information. Use it to monitor the status of your VPN gateways, analyze bandwidth usage, and manage your secure network connections.
Examples
Basic info
Explore the status and billing methods of your VPN gateways across different regions. This is useful for managing resource allocation and understanding the operational health of your network infrastructure.
select name, vpn_gateway_id, status, description, internet_ip, billing_method, business_status, regionfrom alicloud_vpc_vpn_gateway;select name, vpn_gateway_id, status, description, internet_ip, billing_method, business_status, regionfrom alicloud_vpc_vpn_gateway;Get the VPC and VSwitch info of VPN gateway
Determine the areas in which the VPN gateway is connected by identifying the associated VPC and VSwitch. This aids in network management and understanding the connectivity of your virtual private network.
select name, vpn_gateway_id, vpc_id vswitch_idfrom alicloud_vpc_vpn_gateway;select name, vpn_gateway_id, vpc_id as vswitch_idfrom alicloud_vpc_vpn_gateway;Get the vpn gateways where SSL VPN is enabled
Determine the areas in your network where SSL VPN is enabled, allowing you to assess security measures and manage potential vulnerabilities. This query is useful for identifying and mitigating potential security risks in your network infrastructure.
select name, vpn_gateway_id, ssl_vpn, ssl_max_connectionsfrom alicloud_vpc_vpn_gatewaywhere ssl_vpn = 'enable';select name, vpn_gateway_id, ssl_vpn, ssl_max_connectionsfrom alicloud_vpc_vpn_gatewaywhere ssl_vpn = 'enable';VPN gateway count by VPC ID
Identify the number of VPN gateways associated with each VPC to better manage network resources and optimize security configurations.
select vpc_id, count(vpn_gateway_id) as vpn_gateway_countfrom alicloud_vpc_vpn_gatewaygroup by vpc_id;select vpc_id, count(vpn_gateway_id) as vpn_gateway_countfrom alicloud_vpc_vpn_gatewaygroup by vpc_id;List of VPN gateways without application tag key
Discover the segments that are missing application tags in VPN gateways. This is useful for identifying untagged resources that may need to be categorized for better resource management.
select vpn_gateway_id, tagsfrom alicloud_vpc_vpn_gatewaywhere tags -> 'application' is null;select vpn_gateway_id, tagsfrom alicloud_vpc_vpn_gatewaywhere json_extract(tags, '$.application') is null;List inactive VPN gateways
Identify instances where VPN gateways are not active in your Alicloud VPC. This can be useful to audit and manage your network resources effectively by pinpointing potential network vulnerabilities or unnecessary costs.
select vpn_gateway_id, status, create_time, jsonb_pretty(tags)from alicloud_vpc_vpn_gatewaywhere status <> 'active';select vpn_gateway_id, status, create_time, tagsfrom alicloud_vpc_vpn_gatewaywhere status <> 'active';Schema for alicloud_vpc_vpn_gateway
| Name | Type | Operators | Description |
|---|---|---|---|
| _ctx | jsonb | Steampipe context in JSON form, e.g. connection_name. | |
| account_id | text | The Alicloud Account ID in which the resource is located. | |
| akas | jsonb | Array of globally unique identifier strings (also known as) for the resource. | |
| auto_propagate | boolean | Indicates whether auto propagate is enabled, or not. | |
| billing_method | text | The billing method of the VPN gateway. | |
| business_status | text | The business state of the VPN gateway. | |
| create_time | timestamp with time zone | The time when the VPN gateway was created. | |
| description | text | The description of the VPN gateway. | |
| enable_bgp | boolean | Indicates whether bgp is enabled. | |
| end_time | timestamp with time zone | The creation time of the VPC. | |
| internet_ip | inet | The public IP address of the VPN gateway. | |
| ipsec_vpn | text | Indicates whether the IPsec-VPN feature is enabled. | |
| name | text | The name of the VPN gateway. | |
| region | text | The Alicloud region in which the resource is located. | |
| reservation_data | jsonb | A set of reservation details. | |
| spec | text | The maximum bandwidth of the VPN gateway. | |
| ssl_max_connections | bigint | The maximum number of concurrent SSL-VPN connections. | |
| ssl_vpn | text | Indicates whether the SSL-VPN feature is enabled. | |
| status | text | The status of the VPN gateway. | |
| tag | text | The tag of the VPN gateway. | |
| tags | jsonb | A map of tags for the resource. | |
| tags_src | jsonb | A list of tags attached with the resource. | |
| title | text | Title of the resource. | |
| vpc_id | text | The ID of the VPC for which the VPN gateway is created. | |
| vpn_gateway_id | text | = | The ID of the VPN gateway. |
| vswitch_id | text | The ID of the VSwitch to which the VPN gateway belongs. |
Export
This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.
You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:
/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- alicloudYou can pass the configuration to the command with the --config argument:
steampipe_export_alicloud --config '<your_config>' alicloud_vpc_vpn_gateway