Table: aws_ec2_target_group - Query AWS EC2 Target Groups using SQL
An AWS EC2 Target Group is a component of the Elastic Load Balancing service. It is used to route requests to one or more registered targets, such as EC2 instances, as part of a load balancing configuration. This allows the distribution of network traffic to multiple resources, improving availability and fault tolerance in your applications.
Table Usage Guide
The aws_ec2_target_group
table in Steampipe provides you with information about each Target Group within your AWS account. This table allows you, as a DevOps engineer, security auditor, or other technical professional, to query Target Group-specific details, including the associated load balancer, health check configuration, and attributes. You can utilize this table to gather insights on Target Groups, such as their configurations, associated resources, and more. The schema outlines the various attributes of the Target Group for you, including the ARN, Health Check parameters, and associated tags.
Examples
Basic target group info
Explore the different target groups within your AWS EC2 instances to understand their associated load balancer resources and the virtual private cloud (VPC) they belong to. This can help in managing and optimizing your cloud resources effectively.
select target_group_name, target_type, load_balancer_arns, vpc_idfrom aws_ec2_target_group;
select target_group_name, target_type, load_balancer_arns, vpc_idfrom aws_ec2_target_group;
Health check info of target groups
This query is used to gain insights into the health check configurations of target groups within an AWS EC2 environment. Its practical application lies in its ability to help identify potential issues or vulnerabilities in the system, ensuring optimal performance and security.
select health_check_enabled, protocol, matcher_http_code, healthy_threshold_count, unhealthy_threshold_count, health_check_enabled, health_check_interval_seconds, health_check_path, health_check_port, health_check_protocol, health_check_timeout_secondsfrom aws_ec2_target_group;
select health_check_enabled, protocol, matcher_http_code, healthy_threshold_count, unhealthy_threshold_count, health_check_enabled, health_check_interval_seconds, health_check_path, health_check_port, health_check_protocol, health_check_timeout_secondsfrom aws_ec2_target_group;
Registered target for each target group
Determine the areas in which each registered target is located for a specific target group. This can be useful for identifying potential issues with load balancing or for optimizing resource allocation across different availability zones.
select target_group_name, target_type, target -> 'Target' ->> 'AvailabilityZone' as availability_zone, target -> 'Target' ->> 'Id' as id, target -> 'Target' ->> 'Port' as portfrom aws_ec2_target_group cross join jsonb_array_elements(target_health_descriptions) as target;
select target_group_name, target_type, json_extract(target.value, '$.Target.AvailabilityZone') as availability_zone, json_extract(target.value, '$.Target.Id') as id, json_extract(target.value, '$.Target.Port') as portfrom aws_ec2_target_group, json_each(target_health_descriptions) as target;
Health status of registered targets
Identify instances where the health status of registered targets in EC2 instances can be assessed. This allows for proactive management of resources by pinpointing potential issues or disruptions in the target groups.
select target_group_name, target_type, target -> 'TargetHealth' ->> 'Description' as description, target -> 'TargetHealth' ->> 'Reason' reason, target -> 'TargetHealth' ->> 'State' as statefrom aws_ec2_target_group cross join jsonb_array_elements(target_health_descriptions) as target;
select target_group_name, target_type, json_extract(target.value, '$.TargetHealth.Description') as description, json_extract(target.value, '$.TargetHealth.Reason') as reason, json_extract(target.value, '$.TargetHealth.State') as statefrom aws_ec2_target_group, json_each(target_health_descriptions) as target;
Schema for aws_ec2_target_group
Name | Type | Operators | Description |
---|---|---|---|
_ctx | jsonb | Steampipe context in JSON form. | |
account_id | text | =, !=, ~~, ~~*, !~~, !~~* | The AWS Account ID in which the resource is located. |
akas | jsonb | Array of globally unique identifier strings (also known as) for the resource. | |
health_check_enabled | boolean | Indicates whether health checks are enabled. | |
health_check_interval_seconds | bigint | The approximate amount of time, in seconds, between health checks of an individual target. | |
health_check_path | text | The destination for health checks on the target. | |
health_check_port | text | The port to use to connect with the target. | |
health_check_protocol | text | The protocol to use to connect with the target. The GENEVE, TLS, UDP, and TCP_UDP protocols are not supported for health checks. | |
health_check_timeout_seconds | bigint | The amount of time, in seconds, during which no response means a failed health check. | |
healthy_threshold_count | bigint | The number of consecutive health checks successes required before considering an unhealthy target healthy. | |
ip_address_type | text | The type of IP address used for this target group. | |
load_balancer_arns | jsonb | The Amazon Resource Names (ARN) of the load balancers that route traffic to this target group. | |
matcher_grpc_code | text | The gRPC codes to use when checking for a successful response from a target. | |
matcher_http_code | text | The HTTP codes to use when checking for a successful response from a target. | |
partition | text | The AWS partition in which the resource is located (aws, aws-cn, or aws-us-gov). | |
port | bigint | The port on which the targets are listening. Not used if the target is a Lambda function. | |
protocol | text | The protocol to use for routing traffic to the target. | |
protocol_version | text | The protocol version. The possible values are GRPC , HTTP1 , and HTTP2 . | |
region | text | The AWS Region in which the resource is located. | |
sp_connection_name | text | =, !=, ~~, ~~*, !~~, !~~* | Steampipe connection name. |
sp_ctx | jsonb | Steampipe context in JSON form. | |
tags | jsonb | A map of tags for the resource. | |
tags_src | jsonb | A list of tags associated with target group. | |
target_group_arn | text | = | The Amazon Resource Name (ARN) of the target group. |
target_group_name | text | = | The name of the target group. |
target_health_descriptions | jsonb | Contains information about the health of the target. | |
target_type | text | The type of target that is specified when registering targets with this target group. The possible values are instance (register targets by instance ID), ip (register targets by IP address), or lambda (register a single Lambda function as a target). | |
title | text | Title of the resource. | |
unhealthy_threshold_count | bigint | The number of consecutive health checks successes required before considering an unhealthy target healthy. | |
vpc_id | text | The ID of the VPC for the target. |
Export
This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.
You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh
script:
/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- aws
You can pass the configuration to the command with the --config
argument:
steampipe_export_aws --config '<your_config>' aws_ec2_target_group