Table: aws_api_gatewayv2_api - Query AWS API Gateway using SQL
The AWS API Gateway is a fully managed service that makes it easy for developers to create, publish, maintain, monitor, and secure APIs at any scale. It handles all the tasks involved in accepting and processing up to hundreds of thousands of concurrent API calls, including traffic management, authorization and access control, monitoring, and API version management. With the use of SQL, you can query and manage your API Gateway effectively.
Table Usage Guide
The aws_api_gatewayv2_api
table in Steampipe provides you with information about APIs within AWS API Gateway. This table allows you, as a DevOps engineer, to query API-specific details, including the API ID, name, protocol type, route selection expression, and associated tags. You can utilize this table to gather insights on APIs, such as their configuration details, associated resources, and more. The schema outlines the various attributes of the API for you, including the API key selection expression, CORS configuration, created date, and description.
Examples
Basic info
Explore the configuration of your AWS API Gateway to gain insights into its protocol type and endpoint. This allows for a better understanding of how your API is set up and can assist in troubleshooting or optimizing API performance."Explore the essential details of your AWS API Gateway configurations to understand the protocols used and how routes and keys are selected. This information can aid in optimizing your API setup and troubleshooting issues."
select name, api_id, api_endpoint, protocol_type, api_key_selection_expression, route_selection_expressionfrom aws_api_gatewayv2_api;
select name, api_id, api_endpoint, protocol_type, api_key_selection_expression, route_selection_expressionfrom aws_api_gatewayv2_api;
List APIs with protocol type WEBSOCKET
Uncover the details of APIs that are using the WebSocket protocol. This can be useful for identifying which APIs may need specific handling or monitoring due to their protocol type."Identify instances where AWS APIs are using the WebSocket protocol. This allows you to understand which APIs are designed for real-time, two-way interactive communication."
select name, api_id, protocol_typefrom aws_api_gatewayv2_apiwhere protocol_type = 'WEBSOCKET';
select name, api_id, protocol_typefrom aws_api_gatewayv2_apiwhere protocol_type = 'WEBSOCKET';
List APIs with default endpoint enabled
Determine the areas in which APIs are operating with the default endpoint enabled. This can be particularly useful for identifying potential security risks and ensuring best practices in endpoint configuration."Identify all APIs in your AWS environment where the default endpoint is enabled. This can be useful to ensure that no unnecessary endpoints are open, potentially reducing the risk of security breaches."
select name, api_id, api_endpointfrom aws_api_gatewayv2_apiwhere not disable_execute_api_endpoint;
select name, api_id, api_endpointfrom aws_api_gatewayv2_apiwhere disable_execute_api_endpoint = 0;
Schema for aws_api_gatewayv2_api
Name | Type | Operators | Description |
---|---|---|---|
_ctx | jsonb | Steampipe context in JSON form. | |
account_id | text | =, !=, ~~, ~~*, !~~, !~~* | The AWS Account ID in which the resource is located. |
akas | jsonb | Array of globally unique identifier strings (also known as) for the resource. | |
api_endpoint | text | The URI of the API, of the form {api-id}.execute-api.{region}.amazonaws.com | |
api_gateway_managed | boolean | Specifies whether an API is managed by API Gateway. | |
api_id | text | = | The API ID |
api_key_selection_expression | text | An API key selection expression. Supported only for WebSocket APIs | |
cors_configuration | jsonb | A CORS configuration. Supported only for HTTP APIs. | |
created_date | timestamp with time zone | The timestamp when the API was created | |
description | text | The description of the API. | |
disable_execute_api_endpoint | boolean | Specifies whether clients can invoke your API by using the default execute-api endpoint. | |
disable_schema_validation | boolean | Avoid validating models when creating a deployment. Supported only for WebSocket APIs. | |
import_info | jsonb | The validation information during API import. This may include particular properties of your OpenAPI definition which are ignored during import. Supported only for HTTP APIs. | |
name | text | The name of the API | |
partition | text | The AWS partition in which the resource is located (aws, aws-cn, or aws-us-gov). | |
protocol_type | text | The API protocol | |
region | text | The AWS Region in which the resource is located. | |
route_selection_expression | text | The route selection expression for the API. For HTTP APIs, the routeSelectionExpression must be ${request.method} ${request.path}. If not provided, this will be the default for HTTP APIs | |
sp_connection_name | text | =, !=, ~~, ~~*, !~~, !~~* | Steampipe connection name. |
sp_ctx | jsonb | Steampipe context in JSON form. | |
tags | jsonb | A map of tags for the resource. | |
title | text | Title of the resource. | |
version | text | A version identifier for the API. | |
warnings | jsonb | The warning messages reported when failonwarnings is turned on during API import. |
Export
This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.
You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh
script:
/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- aws
You can pass the configuration to the command with the --config
argument:
steampipe_export_aws --config '<your_config>' aws_api_gatewayv2_api