steampipe plugin install aws

Table: aws_ecs_task - Query AWS ECS Tasks using SQL

AWS Elastic Container Service (ECS) Tasks are a running instance of an Amazon ECS task. They are a scalable unit of computing that contain everything needed to run an application on Amazon ECS. ECS tasks can be used to run applications on a managed cluster of Amazon EC2 instances.

Table Usage Guide

The aws_ecs_task table in Steampipe provides you with information about tasks within Amazon Elastic Container Service (ECS). This table enables you, as a DevOps engineer, to query task-specific details, including the current task status, task definition, associated cluster, and other metadata. You can utilize this table to gather insights on tasks, such as tasks that are running, stopped, or pending, tasks associated with specific clusters, and more. The schema outlines the various attributes of the ECS task for you, including the task ARN, last status, task definition ARN, and associated tags.


Basic info

Determine the status and launch type of tasks within your AWS Elastic Container Service (ECS) to manage and optimize your ECS resources effectively. This can help in maintaining the desired state of your tasks and ensuring they are running as expected.


List task attachment details

This query is useful for gaining insights into the status and types of attachments associated with specific tasks within a cluster. This can help in managing and troubleshooting tasks effectively in a real-world scenario.

a ->> 'Id' as attachment_id,
a ->> 'Status' as attachment_status,
a ->> 'Type' as attachment_type,
jsonb_pretty(a -> 'Details') as attachment_details
jsonb_array_elements(attachments) as a;
json_extract(a.value, '$.Id') as attachment_id,
json_extract(a.value, '$.Status') as attachment_status,
json_extract(a.value, '$.Type') as attachment_type,
json(a.value, '$.Details') as attachment_details
json_each(attachments) as a;

List task protection details

Explore the protection status and expiry dates of tasks within your AWS ECS clusters. This can help ensure all tasks are adequately protected and any expiring protections are promptly renewed.

protection ->> 'ProtectionEnabled' as protection_enabled,
protection ->> 'ExpirationDate' as protection_expiration_date
json_extract(protection, '$.ProtectionEnabled') as protection_enabled,
json_extract(protection, '$.ExpirationDate') as protection_expiration_date

Schema for aws_ecs_task

_ctxjsonbSteampipe context in JSON form.
account_idtext=, !=, ~~, ~~*, !~~, !~~*The AWS Account ID in which the resource is located.
akasjsonbArray of globally unique identifier strings (also known as) for the resource.
attachmentsjsonbThe Elastic Network Adapter associated with the task if the task uses the awsvpc network mode.
attributesjsonbThe attributes of the task.
availability_zonetextThe availability zone of the task.
capacity_provider_nametextThe capacity provider associated with the task.
cluster_arntextThe ARN of the cluster that hosts the task.
cluster_nametextA user-generated string that you use to identify your cluster.
connectivitytextThe connectivity status of a task.
connectivity_attimestamp with time zoneThe Unix timestamp for when the task last went into CONNECTED status.
container_instance_arntext=The ARN of the container instances that host the task.
containersjsonbThe containers associated with the task.
cpubigintThe number of CPU units used by the task as expressed in a task definition.
created_attimestamp with time zoneThe Unix timestamp for when the task was created.
desired_statustext=The desired status of the task.
enable_execute_commandbooleanWhether or not execute command functionality is enabled for this task. If true, this enables execute command functionality on all containers in the task.
ephemeral_storagejsonbThe ephemeral storage settings for the task.
execution_stopped_attimestamp with time zoneThe Unix timestamp for when the task execution stopped.
grouptextThe name of the task group associated with the task.
health_statustextThe health status for the task, which is determined by the health of the essential containers in the task. If all essential containers in the task are reporting as HEALTHY, then the task status also reports as HEALTHY.
inference_acceleratorsjsonbThe Elastic Inference accelerator associated with the task.
last_statustextThe last known status of the task.
launch_typetext=The infrastructure on which your task is running.
memorybigintThe amount of memory (in MiB) used by the task as expressed in a task definition.
overridesjsonbOne or more container overrides.
partitiontextThe AWS partition in which the resource is located (aws, aws-cn, or aws-us-gov).
platform_versiontextThe platform version on which your task is running.
protectionjsonbProtection status of task in an Amazon ECS service.
pull_started_attimestamp with time zoneThe Unix timestamp for when the container image pull began.
pull_stopped_attimestamp with time zoneThe Unix timestamp for when the container image pull completed.
regiontextThe AWS Region in which the resource is located.
service_nametext=The name of the service.
sp_connection_nametext=, !=, ~~, ~~*, !~~, !~~*Steampipe connection name.
sp_ctxjsonbSteampipe context in JSON form.
started_attimestamp with time zoneThe Unix timestamp for when the task started.
started_bytextThe tag specified when a task is started.
stop_codetextThe stop code indicating why a task was stopped.
stopped_attimestamp with time zoneThe Unix timestamp for when the task was stopped.
stopped_reasontextThe reason that the task was stopped.
stopping_attimestamp with time zoneThe Unix timestamp for when the task stops.
tagsjsonbA map of tags for the resource.
tags_srcjsonbA list of tags associated with task.
task_arntextThe Amazon Resource Name (ARN) of the task.
task_definition_arntextThe ARN of the task definition that creates the task.
versionbigintThe version counter for the task.


This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.

You can download the tarball for your platform from the Releases page, but it is simplest to install them with the script:

/bin/sh -c "$(curl -fsSL" -- aws

You can pass the configuration to the command with the --config argument:

steampipe_export_aws --config '<your_config>' aws_ecs_task