v1.0 for Steampipe, Powerpipe, Flowpipe, 116 plugins, and 44 mods →
Steampipe logo 
Hub
Plugins
turbot/aws
Overview
496Tables
Versions
PowerpipeMods
GitHub
steampipe plugin install aws

Table: aws_ec2_key_pair - Query AWS EC2 Key Pairs using SQL

The AWS EC2 Key Pair is a security feature utilized within Amazon's Elastic Compute Cloud (EC2). It provides a simple, secure way to log into your instances using SSH. The key pair is composed of a public key that AWS stores, and a private key file that you store, enabling an encrypted connection to your instance.

Table Usage Guide

The aws_ec2_key_pair table in Steampipe provides you with information about Key Pairs within AWS EC2 (Elastic Compute Cloud). This table allows you, as a DevOps engineer, security team member, or system administrator, to query key pair-specific details, including key fingerprints, key material, and associated tags. You can utilize this table to gather insights on key pairs, such as verifying key fingerprints, checking the existence of specific key pairs, and more. The schema outlines the various attributes of the EC2 key pair for you, including the key pair name, key pair ID, key type, public key, and associated tags.

Examples

Basic keypair info

Analyze the settings to understand the distribution of your EC2 key pairs across various regions. This can help in managing your AWS resources efficiently and ensuring balanced utilization.

select
  key_name,
  key_pair_id,
  region
from
  aws_ec2_key_pair;
select
  key_name,
  key_pair_id,
  region
from
  aws_ec2_key_pair;

List of keypairs without owner tag key

Identify instances where AWS EC2 key pairs are not tagged with an owner. This is useful for maintaining efficient tag management and ensuring accountability for key pair usage.

select
  key_name,
  tags
from
  aws_ec2_key_pair
where
  not tags :: JSONB ? 'owner';
select
  key_name,
  tags
from
  aws_ec2_key_pair
where
  json_extract(tags, '$.owner') IS NULL;

Schema for aws_ec2_key_pair

NameTypeOperatorsDescription
_ctxjsonbSteampipe context in JSON form.
account_idtext=, !=, ~~, ~~*, !~~, !~~*The AWS Account ID in which the resource is located.
akasjsonbArray of globally unique identifier strings (also known as) for the resource.
create_timetimestamp with time zoneIf you used Amazon EC2 to create the key pair, this is the date and time when the key was created.
key_fingerprinttext=If key pair was created using CreateKeyPair, this is the SHA-1 digest of the DER encoded private key. If key pair was created using ImportKeyPair to provide AWS the public key, this is the MD5 public key fingerprint as specified in section 4 of RFC4716
key_nametext=The name of the key pair
key_pair_idtext=The ID of the key pair
key_typetextThe type of key pair.
partitiontextThe AWS partition in which the resource is located (aws, aws-cn, or aws-us-gov).
public_keytextThe public key material.
regiontextThe AWS Region in which the resource is located.
sp_connection_nametext=, !=, ~~, ~~*, !~~, !~~*Steampipe connection name.
sp_ctxjsonbSteampipe context in JSON form.
tagsjsonbA map of tags for the resource.
tags_srcjsonbA list of tags assigned to the key pair
titletextTitle of the resource.

Export

This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.

You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:

/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- aws

You can pass the configuration to the command with the --config argument:

steampipe_export_aws --config '<your_config>' aws_ec2_key_pair