v1.0 for Steampipe, Powerpipe, Flowpipe, 116 plugins, and 44 mods →
Steampipe logo 
Hub
Plugins
turbot/aws
Overview
504Tables
Versions
PowerpipeMods
GitHub
steampipe plugin install aws

Table: aws_shield_attack_statistic - Query AWS Shield Attack Statistics using SQL

AWS Shield is a DDoS protection service from AWS. AWS Shield provide statistics about the number and type of attacks Shield has detected in the last year for all resources that belong to your account. These statistics are available to you regardless of whether you have subscribed to Shield Advanced or not.

Table Usage Guide

The aws_shield_attack_statistic table in Steampipe allows you to query AWS Shield Attack Statistics and information about layer 3, 4 and 7 attacks that Shield has detected in the last year. It gives you an overview which kind of attacks have the most impact on your resources and how many attacks Shield was able to detect. For more information about the individual columns and their values, please refer to the official AWS documentation.

Examples

Basic info

select
  max,
  unit,
  attack_count
from
  aws_shield_attack_statistic
order by
  attack_count desc;
select
  max,
  unit,
  attack_count
from
  aws_shield_attack_statistic
order by
  attack_count desc;

Schema for aws_shield_attack_statistic

NameTypeOperatorsDescription
_ctxjsonbSteampipe context in JSON form.
account_idtext=, !=, ~~, ~~*, !~~, !~~*The AWS Account ID in which the resource is located.
attack_countbigintThe number of attacks detected during the time period. This is always present, but might be zero.
end_timetimestamp with time zoneThe end time of the observation time range (should be always the current date).
maxdouble precisionThe maximum attack volume observed in the observation time range for the given unit.
partitiontextThe AWS partition in which the resource is located (aws, aws-cn, or aws-us-gov).
regiontextThe AWS Region in which the resource is located.
sp_connection_nametext=, !=, ~~, ~~*, !~~, !~~*Steampipe connection name.
sp_ctxjsonbSteampipe context in JSON form.
start_timetimestamp with time zoneThe start time of observation time range (should be always one year ago).
unittextUnit of the attack statistic.

Export

This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.

You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:

/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- aws

You can pass the configuration to the command with the --config argument:

steampipe_export_aws --config '<your_config>' aws_shield_attack_statistic