Table: aws_ec2_load_balancer_listener_rule - Query AWS EC2 Load Balancer Listener Rules using SQL
AWS Elastic Load Balancing automatically distributes incoming application traffic across multiple targets, such as EC2 instances. The listener rules determine how traffic is routed based on conditions specified by the user. The aws_ec2_load_balancer_listener_rule
table in Steampipe allows you to query information about these listener rules, including their actions, conditions, priorities, and more.
Table Usage Guide
The aws_ec2_load_balancer_listener_rule
table enables cloud administrators and DevOps engineers to gather detailed insights into their load balancer listener rules. You can query various aspects of the rules, such as their actions, conditions, priorities, and associated listeners. This table is particularly useful for monitoring traffic routing, ensuring compliance with traffic rules, and managing load balancer configurations.
Important Notes
- You must specify
arn
orlistener_arn
in awhere
clause in order to use this table.
Examples
Basic info
Retrieve basic information about your AWS EC2 Load Balancer Listener Rules, including their ARN, priority, and associated listener.
select arn, listener_arn, priority, is_default, regionfrom aws_ec2_load_balancer_listener_rulewhere arn = 'arn:aws:elasticloadbalancing:us-east-1:123456789098:listener-rule/app/test53333/f7cc8cdc44ff910b/c9418b57592205f0/a8fe6d8842838dfa';
select arn, listener_arn, priority, is_default, regionfrom aws_ec2_load_balancer_listener_rulewhere arn = 'arn:aws:elasticloadbalancing:us-east-1:123456789098:listener-rule/app/test53333/f7cc8cdc44ff910b/c9418b57592205f0/a8fe6d8842838dfa';
List rules for a specific listener
Fetch all the rules associated with a specific listener by providing the listener ARN.
select arn, priority, is_default, actions, conditionsfrom aws_ec2_load_balancer_listener_rulewhere listener_arn = 'arn:aws:elasticloadbalancing:us-east-1:123456789012:listener/app/my-load-balancer/50dc6c495c0c9188/70d7923f8398b272';
select arn, priority, is_default, actions, conditionsfrom aws_ec2_load_balancer_listener_rulewhere listener_arn = 'arn:aws:elasticloadbalancing:us-east-1:123456789012:listener/app/my-load-balancer/50dc6c495c0c9188/70d7923f8398b272';
Get rule action details
Retrieve rules action details.
select arn, a ->> 'Type' as action_type, a ->> 'Order' as action_order, a ->> 'TargetGroupArn' as target_group_arn, a -> 'RedirectConfig' as redirect_config, a -> 'ForwardConfig' as forward_config, a -> 'FixedResponseConfig' as fixed_response_config, a -> 'AuthenticateOidcConfig' as authenticate_oidc_config, a -> 'AuthenticateCognitoConfig' as authenticate_cognito_configfrom aws_ec2_load_balancer_listener_rule, jsonb_array_elements(actions) as awhere listener_arn = 'arn:aws:elasticloadbalancing:us-east-1:123456789012:listener/app/my-load-balancer/50dc6c495c0c9188/70d7923f8398b272';
select arn, json_extract(a.value, '$.Type') as action_type, json_extract(a.value, '$.Order') as action_order, json_extract(a.value, '$.TargetGroupArn') as target_group_arn, json_extract(a.value, '$.RedirectConfig') as redirect_config, json_extract(a.value, '$.ForwardConfig') as forward_config, json_extract(a.value, '$.FixedResponseConfig') as fixed_response_config, json_extract(a.value, '$.AuthenticateOidcConfig') as authenticate_oidc_config, json_extract(a.value, '$.AuthenticateCognitoConfig') as authenticate_cognito_configfrom aws_ec2_load_balancer_listener_rule, json_each(actions) as awhere listener_arn = 'arn:aws:elasticloadbalancing:us-east-1:123456789012:listener/app/my-load-balancer/50dc6c495c0c9188/70d7923f8398b272';
List default listener rules
Identify the listener rules that are set as the default rule for a listener.
select arn, listener_arn, priorityfrom aws_ec2_load_balancer_listener_rulewhere listener_arn = 'arn:aws:elasticloadbalancing:us-east-1:123456789012:listener/app/my-load-balancer/50dc6c495c0c9188/70d7923f8398b272' and is_default = true;
select arn, listener_arn, priorityfrom aws_ec2_load_balancer_listener_rulewhere listener_arn = 'arn:aws:elasticloadbalancing:us-east-1:123456789012:listener/app/my-load-balancer/50dc6c495c0c9188/70d7923f8398b272' and is_default = 1;
Get all rules for listeners
Retrieve detailed information about the rules associated with AWS EC2 load balancer listeners.
select r.arn, r.listener_arn, l.load_balancer_arn, l.protocol as listener_protocol, l.ssl_policy, r.priority, r.is_default, r.actions, r.conditionsfrom aws_ec2_load_balancer_listener_rule as r join aws_ec2_load_balancer_listener as l on r.listener_arn = l.arn;
select r.arn, r.listener_arn, l.load_balancer_arn, l.protocol as listener_protocol, l.ssl_policy, r.priority, r.is_default, r.actions, r.conditionsfrom aws_ec2_load_balancer_listener_rule as r join aws_ec2_load_balancer_listener as l on r.listener_arn = l.arn;
Get listener rules for application load balancers
Retrieve detailed information about the rules associated with AWS EC2 Application load balancer listeners.
select r.arn, r.listener_arn, l.load_balancer_arn, l.protocol as listener_protocol, l.ssl_policy, a.canonical_hosted_zone_id, a.dns_name, a.ip_address_type, r.priority, r.is_default, r.actions, r.conditionsfrom aws_ec2_load_balancer_listener_rule as r join aws_ec2_load_balancer_listener as l on r.listener_arn = l.arn join aws_ec2_application_load_balancer as a on l.load_balancer_arn = a.arn;
select r.arn, r.listener_arn, l.load_balancer_arn, l.protocol as listener_protocol, l.ssl_policy, a.canonical_hosted_zone_id, a.dns_name, a.ip_address_type, r.priority, r.is_default, r.actions, r.conditionsfrom aws_ec2_load_balancer_listener_rule as r join aws_ec2_load_balancer_listener as l on r.listener_arn = l.arn join aws_ec2_application_load_balancer as a on l.load_balancer_arn = a.arn;
Schema for aws_ec2_load_balancer_listener_rule
Name | Type | Operators | Description |
---|---|---|---|
_ctx | jsonb | Steampipe context in JSON form. | |
account_id | text | =, !=, ~~, ~~*, !~~, !~~* | The AWS Account ID in which the resource is located. |
actions | jsonb | The actions. Each rule must include exactly one of the following types of actions: forward , redirect , or fixed-response , and it must be the last action to be performed. | |
arn | text | = | The Amazon Resource Name (ARN) of the rule. |
conditions | jsonb | The conditions. Each rule can include zero or one of the following conditions: http-request-method , host-header , path-pattern , and source-ip , and zero or more of the following conditions: http-header and query-string. | |
is_default | boolean | Indicates whether this is the default rule. | |
listener_arn | text | = | The Amazon Resource Name (ARN) of the listener. |
partition | text | The AWS partition in which the resource is located (aws, aws-cn, or aws-us-gov). | |
priority | text | The priority of the rule. | |
region | text | The AWS Region in which the resource is located. | |
sp_connection_name | text | =, !=, ~~, ~~*, !~~, !~~* | Steampipe connection name. |
sp_ctx | jsonb | Steampipe context in JSON form. |
Export
This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.
You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh
script:
/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- aws
You can pass the configuration to the command with the --config
argument:
steampipe_export_aws --config '<your_config>' aws_ec2_load_balancer_listener_rule