v1.0 for Steampipe, Powerpipe, Flowpipe, 116 plugins, and 44 mods →
Steampipe logo 
Hub
Plugins
turbot/aws
Overview
496Tables
Versions
PowerpipeMods
GitHub
steampipe plugin install aws

Table: aws_ec2_network_load_balancer - Query AWS EC2 Network Load Balancer using SQL

The AWS EC2 Network Load Balancer is a high-performance load balancer that operates at the transport layer (Layer 4) and is designed to handle millions of requests per second while maintaining ultra-low latencies. It is best suited for load balancing of TCP traffic and capable of handling volatile workloads and traffic patterns. It also supports long-lived TCP connections, which are ideal for WebSocket type of applications.

Table Usage Guide

The aws_ec2_network_load_balancer table in Steampipe provides you with information about Network Load Balancers within AWS Elastic Compute Cloud (EC2). This table allows you, as a cloud administrator or DevOps engineer, to query load balancer-specific details, including type, state, availability zones, and associated metadata. You can utilize this table to gather insights on load balancers, such as their current status, associated subnets, and more. The schema outlines the various attributes of the Network Load Balancer for you, including the load balancer name, ARN, creation date, DNS name, scheme, and associated tags.

Examples

Count of AZs registered with network load balancers

Analyze the distribution of network load balancers across various availability zones to optimize resource allocation and ensure a balanced load. This can help in enhancing the application's performance and availability.

select
  name,
  count(az ->> 'ZoneName') as zone_count
from
  aws_ec2_network_load_balancer
  cross join jsonb_array_elements(availability_zones) as az
group by
  name;
select
  name,
  count(json_extract(az.value, '$.ZoneName')) as zone_count
from
  aws_ec2_network_load_balancer,
  json_each(availability_zones) as az
group by
  name;

List of network load balancers where Cross-Zone Load Balancing is enabled

Determine the areas in which Cross-Zone Load Balancing is enabled for network load balancers. This can be particularly useful to identify potential areas of network inefficiency or to optimize load balancing across zones.

select
  name,
  lb ->> 'Key' as cross_zone,
  lb ->> 'Value' as cross_zone_value
from
  aws_ec2_network_load_balancer
  cross join jsonb_array_elements(load_balancer_attributes) as lb
where
  lb ->> 'Key' = 'load_balancing.cross_zone.enabled'
  and lb ->> 'Value' = 'false';
select
  name,
  json_extract(lb.value, '$.Key') as cross_zone,
  json_extract(lb.value, '$.Value') as cross_zone_value
from
  aws_ec2_network_load_balancer,
  json_each(load_balancer_attributes) as lb
where
  json_extract(lb.value, '$.Key') = 'load_balancing.cross_zone.enabled'
  and json_extract(lb.value, '$.Value') = 'false';

List of network load balancers where logging is not enabled

Determine the areas in your network load balancers where logging is not enabled. This is essential for identifying potential security risks and ensuring compliance with data governance policies.

select
  name,
  lb ->> 'Key' as logging_key,
  lb ->> 'Value' as logging_value
from
  aws_ec2_network_load_balancer
  cross join jsonb_array_elements(load_balancer_attributes) as lb
where
  lb ->> 'Key' = 'access_logs.s3.enabled'
  and lb ->> 'Value' = 'false';
select
  name,
  json_extract(lb.value, '$.Key') as logging_key,
  json_extract(lb.value, '$.Value') as logging_value
from
  aws_ec2_network_load_balancer,
  json_each(load_balancer_attributes) as lb
where
  json_extract(lb.value, '$.Key') = 'access_logs.s3.enabled'
  and json_extract(lb.value, '$.Value') = 'false';

List of network load balancers where deletion protection is not enabled

Determine the areas in your network where load balancers are potentially vulnerable due to deletion protection not being enabled. This is particularly useful for identifying potential risks and ensuring the security and stability of your network.

select
  name,
  lb ->> 'Key' as deletion_protection_key,
  lb ->> 'Value' as deletion_protection_value
from
  aws_ec2_network_load_balancer
  cross join jsonb_array_elements(load_balancer_attributes) as lb
where
  lb ->> 'Key' = 'deletion_protection.enabled'
  and lb ->> 'Value' = 'false';
select
  name,
  json_extract(lb.value, '$.Key') as deletion_protection_key,
  json_extract(lb.value, '$.Value') as deletion_protection_value
from
  aws_ec2_network_load_balancer,
  json_each(load_balancer_attributes) as lb
where
  json_extract(lb.value, '$.Key') = 'deletion_protection.enabled'
  and json_extract(lb.value, '$.Value') = 'false';

Query examples

Control examples

Schema for aws_ec2_network_load_balancer

NameTypeOperatorsDescription
_ctxjsonbSteampipe context in JSON form.
account_idtext=, !=, ~~, ~~*, !~~, !~~*The AWS Account ID in which the resource is located.
akasjsonbArray of globally unique identifier strings (also known as) for the resource.
arntext=The Amazon Resource Name (ARN) of the load balancer
availability_zonesjsonbThe subnets for the load balancer
canonical_hosted_zone_idtextThe ID of the Amazon Route 53 hosted zone associated with the load balancer
created_timetimestamp with time zoneThe date and time the load balancer was created
customer_owned_ipv4_pooltextThe ID of the customer-owned address pool
dns_nametextThe public DNS name of the load balancer
enforce_security_group_inbound_rules_on_private_link_traffictextIndicates whether to evaluate inbound security group rules for traffic sent to a Network Load Balancer through Amazon Web Services PrivateLink.
ip_address_typetextThe type of IP addresses used by the subnets for your load balancer
load_balancer_attributesjsonbThe AWS account ID of the image owner
nametext=The friendly name of the Load Balancer
partitiontextThe AWS partition in which the resource is located (aws, aws-cn, or aws-us-gov).
regiontextThe AWS Region in which the resource is located.
schemetextThe load balancing scheme of load balancer
security_groupsjsonbThe IDs of the security groups for the load balancer
sp_connection_nametext=, !=, ~~, ~~*, !~~, !~~*Steampipe connection name.
sp_ctxjsonbSteampipe context in JSON form.
state_codetextCurrent state of the load balancer
state_reasontextA description of the state
tagsjsonbA map of tags for the resource.
tags_srcjsonbA list of tags attached to the load balancer
titletextTitle of the resource.
typetextThe type of load balancer
vpc_idtextThe ID of the VPC for the load balancer

Export

This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.

You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:

/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- aws

You can pass the configuration to the command with the --config argument:

steampipe_export_aws --config '<your_config>' aws_ec2_network_load_balancer