steampipe plugin install aws

Table: aws_api_gateway_api_key - Query AWS API Gateway API Keys using SQL

AWS API Gateway API Keys are used to control and track API usage in Amazon API Gateway. They are associated with API stages to manage access and can be used in conjunction with usage plans to authorize access to specific APIs. API keys are not meant for client-side security, but rather for tracking and controlling how your customers use your API.

Table Usage Guide

The aws_api_gateway_api_key table in Steampipe provides you with information about API Keys within AWS API Gateway. This table allows you, as a DevOps engineer, to query API Key-specific details, including its ID, value, enabled status, and associated metadata. You can utilize this table to gather insights on API Keys, such as keys that are enabled, keys associated with specific stages, and more. The schema outlines the various attributes of the API Key for you, including the key ID, creation date, enabled status, and associated tags.

Examples

API gateway API key basic info

Discover the segments that utilize the API gateway key within the AWS infrastructure. This query can provide insights into the status and usage of API keys, which can be beneficial for monitoring security and optimizing resource utilization.

select
name,
id,
enabled,
created_date,
last_updated_date,
customer_id,
stage_keys
from
aws_api_gateway_api_key;
select
name,
id,
enabled,
created_date,
last_updated_date,
customer_id,
stage_keys
from
aws_api_gateway_api_key;

List of API keys which are not enabled

Determine the areas in which API keys are not activated to assess potential security risks or unused resources within your AWS API Gateway.

select
name,
id,
customer_id
from
aws_api_gateway_api_key
where
not enabled;
select
name,
id,
customer_id
from
aws_api_gateway_api_key
where
enabled = 0;

Schema for aws_api_gateway_api_key

NameTypeOperatorsDescription
_ctxjsonbSteampipe context in JSON form, e.g. connection_name.
account_idtextThe AWS Account ID in which the resource is located.
akasjsonbArray of globally unique identifier strings (also known as) for the resource.
created_datetimestamp with time zoneThe timestamp when the API Key was created
customer_idtext=An AWS Marketplace customer identifier , when integrating with the AWS SaaS Marketplace
descriptiontextThe description of the API Key
enabledbooleanSpecifies whether the API Key can be used by callers
idtext=The identifier of the API Key
last_updated_datetimestamp with time zoneThe timestamp when the API Key was last updated
nametextThe name of the API Key
partitiontextThe AWS partition in which the resource is located (aws, aws-cn, or aws-us-gov).
regiontextThe AWS Region in which the resource is located.
stage_keysjsonbA list of Stage resources that are associated with the ApiKey resource
tagsjsonbA map of tags for the resource.
tags_srcjsonbA list of tags attached to API key
titletextTitle of the resource.
valuetextThe value of the API Key

Export

This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.

You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:

/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- aws

You can pass the configuration to the command with the --config argument:

steampipe_export_aws --config '<your_config>' aws_api_gateway_api_key