steampipe plugin install aws

Table: aws_route53_zone - Query AWS Route 53 Zone using SQL

The AWS Route 53 Zone is a component of Amazon's scalable Domain Name System (DNS) web service. It is designed to provide highly reliable and cost-effective domain registration, DNS routing, and health checking of resources within your environment. Route 53 effectively connects user requests to infrastructure running in AWS, such as Amazon EC2 instances, Elastic Load Balancing load balancers, or Amazon S3 buckets, and can also be used to route users to infrastructure outside of AWS.

Table Usage Guide

The aws_route53_zone table in Steampipe provides you with information about hosted zones within AWS Route 53. This table allows you, as a DevOps engineer, to query zone-specific details, including the hosted zone ID, name, type, record set count, and associated tags. You can utilize this table to gather insights on hosted zones, such as the number of record sets within each zone, the type of zone (public or private), and more. The schema outlines the various attributes of the hosted zone for you, including the zone ID, name, type, record set count, and associated tags.

Examples

Basic Zone Info

Explore which zones in your AWS Route53 service are private and assess the number of resource records within each. This information can be useful in managing DNS configurations and understanding the distribution of resources within your network.

select
name,
id,
private_zone,
resource_record_set_count
from
aws_route53_zone;
select
name,
id,
private_zone,
resource_record_set_count
from
aws_route53_zone;

List private zones

Discover the segments that are designated as private within the AWS Route53 service. This is particularly useful when you need to manage or review the privacy settings of your DNS zones.

select
name,
id,
comment,
private_zone,
resource_record_set_count
from
aws_route53_zone
where
private_zone;
select
name,
id,
comment,
private_zone,
resource_record_set_count
from
aws_route53_zone
where
private_zone = 1;

List public zones

Explore which DNS zones are public within your AWS Route53 service. This can be useful to understand your public-facing infrastructure and ensure appropriate security measures are in place.

select
name,
id,
comment,
private_zone,
resource_record_set_count
from
aws_route53_zone
where
not private_zone;
select
name,
id,
comment,
private_zone,
resource_record_set_count
from
aws_route53_zone
where
not private_zone;

Find zones by subdomain name

Explore which zones are linked to a specific subdomain to gain insights into their privacy settings and the volume of resource records they contain. This is particularly useful for managing and understanding the distribution of resources within a domain.

select
name,
id,
private_zone,
resource_record_set_count
from
aws_route53_zone
where
name like '%.turbot.com.'
select
name,
id,
private_zone,
resource_record_set_count
from
aws_route53_zone
where
name like '%.turbot.com.'

List VPCs associated with zones

Determine the areas in which virtual private clouds (VPCs) are associated with specific zones. This can be useful for understanding the geographical distribution of your VPCs and their connections to different zones.

select
name,
id,
v ->> 'VPCId' as vpc_id,
v ->> 'VPCRegion' as vpc_region
from
aws_route53_zone,
jsonb_array_elements(vpcs) as v;
select
name,
id,
json_extract(v.value, '$.VPCId') as vpc_id,
json_extract(v.value, '$.VPCRegion') as vpc_region
from
aws_route53_zone,
json_each(vpcs) as v;

Get VPC details associated with zones

Explore which Virtual Private Clouds (VPCs) are associated with specific zones in AWS Route53. This can be useful in understanding the network architecture and identifying potential security risks or configuration issues.

select
name,
id,
v.vpc_id as vpc_id,
v.cidr_block as cidr_block,
v.is_default as is_default,
v.dhcp_options_id as dhcp_options_id
from
aws_route53_zone,
jsonb_array_elements(vpcs) as p,
aws_vpc as v
where
p ->> 'VPCId' = v.vpc_id;
select
name,
id,
v.vpc_id as vpc_id,
v.cidr_block as cidr_block,
v.is_default as is_default,
v.dhcp_options_id as dhcp_options_id
from
aws_route53_zone,
aws_vpc as v
where
json_extract(vpcs, '$.VPCId') = v.vpc_id;

Schema for aws_route53_zone

NameTypeOperatorsDescription
_ctxjsonbSteampipe context in JSON form, e.g. connection_name.
account_idtextThe AWS Account ID in which the resource is located.
akasjsonbArray of globally unique identifier strings (also known as) for the resource.
caller_referencetextThe value that you specified for CallerReference when you created the hosted zone.
commenttextA comment for the zone.
dnssec_key_signing_keysjsonbThe key-signing keys (KSKs) in AWS account.
dnssec_statusjsonbThe status of DNSSEC.
idtext=The ID that Amazon Route 53 assigned to the hosted zone when it was created.
linked_service_descriptiontextIf the health check or hosted zone was created by another service, an optional description that can be provided by the other service.
linked_service_principaltextIf the health check or hosted zone was created by another service, the service that created the resource.
nametextThe name of the domain. For public hosted zones, this is the name that is registered with your DNS registrar.
partitiontextThe AWS partition in which the resource is located (aws, aws-cn, or aws-us-gov).
private_zonebooleanIf true, the zone is Private hosted Zone, otherwise it is public.
query_logging_configsjsonbA list of configuration for DNS query logging that is associated with the current AWS account.
regiontextThe AWS Region in which the resource is located.
resource_record_set_countbigintThe number of resource record sets in the hosted zone.
resource_record_set_limitjsonbThe maximum number of resource record sets allowed in the hosted zone.
tagsjsonbA map of tags for the resource.
tags_srcjsonbA map of tags for the resource.
titletextTitle of the resource.
vpcsjsonbThe list of VPCs that are authorized to be associated with the specified hosted zone.

Export

This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.

You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:

/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- aws

You can pass the configuration to the command with the --config argument:

steampipe_export_aws --config '<your_config>' aws_route53_zone