Table: aws_docdb_cluster_snapshot - Query Amazon DocumentDB Cluster Snapshots using SQL
The aws_docdb_cluster_snapshot
table provides detailed information about snapshots of Amazon DocumentDB clusters. These snapshots are storage volume snapshots that back up the entire cluster, enabling data recovery and historical analysis.
Table Usage Guide
This table allows DevOps engineers, database administrators, and other technical professionals to query detailed information about Amazon DocumentDB cluster snapshots. Utilize this table to analyze snapshot configurations, encryption statuses, and other metadata. The schema includes attributes of the DocumentDB cluster snapshots, such as identifiers, creation times, and the associated cluster details.
Examples
List of cluster snapshots that are not encrypted
Identify unencrypted cluster snapshots to assess and improve your security posture.
select db_cluster_snapshot_identifier, snapshot_type, not storage_encrypted as storage_not_encrypted, split_part(kms_key_id, '/', 1) as kms_key_idfrom aws_docdb_cluster_snapshotwhere not storage_encrypted;
select db_cluster_snapshot_identifier, snapshot_type, not storage_encrypted as storage_not_encrypted, substr(kms_key_id, 1, instr(kms_key_id, '/') - 1) as kms_key_idfrom aws_docdb_cluster_snapshotwhere not storage_encrypted;
Cluster information of each snapshot
Retrieve basic information about each cluster snapshot, including its creation time and the engine details.
select db_cluster_snapshot_identifier, cluster_create_time, engine, engine_versionfrom aws_docdb_cluster_snapshot;
select db_cluster_snapshot_identifier, cluster_create_time, engine, engine_versionfrom aws_docdb_cluster_snapshot;
Cluster snapshot count per cluster
Determine the number of snapshots taken for each cluster to help manage snapshot policies and storage.
select db_cluster_identifier, count(db_cluster_snapshot_identifier) as snapshot_countfrom aws_docdb_cluster_snapshotgroup by db_cluster_identifier;
select db_cluster_identifier, count(db_cluster_snapshot_identifier) as snapshot_countfrom aws_docdb_cluster_snapshotgroup by db_cluster_identifier;
List of manual cluster snapshots
Filter for manually created cluster snapshots to distinguish them from automatic backups.
select db_cluster_snapshot_identifier, engine, snapshot_typefrom aws_docdb_cluster_snapshotwhere snapshot_type = 'manual';
select db_cluster_snapshot_identifier, engine, snapshot_typefrom aws_docdb_cluster_snapshotwhere snapshot_type = 'manual';
Schema for aws_docdb_cluster_snapshot
Name | Type | Operators | Description |
---|---|---|---|
_ctx | jsonb | Steampipe context in JSON form. | |
account_id | text | =, !=, ~~, ~~*, !~~, !~~* | The AWS Account ID in which the resource is located. |
akas | jsonb | Array of globally unique identifier strings (also known as) for the resource. | |
arn | text | The Amazon Resource Name (ARN) for the cluster snapshot. | |
availability_zones | jsonb | A list of Availability Zones (AZs) where instances in the cluster snapshot can be restored. | |
cluster_create_time | timestamp with time zone | Specifies the time when the cluster was created. | |
db_cluster_identifier | text | = | The friendly name to identify the cluster, that the snapshot snapshot was created from. |
db_cluster_snapshot_attributes | jsonb | A list of DB cluster snapshot attribute names and values for a manual cluster snapshot. | |
db_cluster_snapshot_identifier | text | = | The friendly name to identify the cluster snapshot. |
engine | text | Specifies the name of the database engine. | |
engine_version | text | Specifies the version of the database engine for this cluster snapshot. | |
include_public | boolean | = | Set to true to include manual cluster snapshots that are public and can be copied or restored by any Amazon Web Services account, and otherwise false. |
include_shared | boolean | = | Set to true to include shared manual cluster snapshots from other Amazon Web Services accounts that this Amazon Web Services account has been given permission to copy or restore, and otherwise false. |
kms_key_id | text | The AWS KMS key identifier for the AWS KMS customer master key (CMK). | |
master_user_name | text | Provides the master username for the cluster snapshot. | |
partition | text | The AWS partition in which the resource is located (aws, aws-cn, or aws-us-gov). | |
percent_progress | bigint | Specifies the percentage of the estimated data that has been transferred. | |
port | bigint | Specifies the port that the cluster was listening on at the time of the snapshot. | |
region | text | The AWS Region in which the resource is located. | |
snapshot_create_time | timestamp with time zone | The time when the snapshot was taken. | |
snapshot_type | text | = | The type of the cluster snapshot. |
source_db_cluster_snapshot_arn | text | The Amazon Resource Name (ARN) for the source cluster snapshot, if the cluster snapshot was copied from a source cluster snapshot. | |
sp_connection_name | text | =, !=, ~~, ~~*, !~~, !~~* | Steampipe connection name. |
sp_ctx | jsonb | Steampipe context in JSON form. | |
status | text | Specifies the status of this cluster snapshot. | |
storage_encrypted | boolean | Specifies whether the cluster snapshot is encrypted, or not. | |
tags | jsonb | A map of tags for the resource. | |
tags_src | jsonb | A list of tags attached to the cluster snapshot. | |
title | text | Title of the resource. | |
vpc_id | text | Provides the VPC ID associated with the cluster snapshot. |
Export
This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.
You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh
script:
/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- aws
You can pass the configuration to the command with the --config
argument:
steampipe_export_aws --config '<your_config>' aws_docdb_cluster_snapshot