steampipe plugin install aws

Table: aws_ssm_maintenance_window - Query AWS Systems Manager Maintenance Windows using SQL

The AWS Systems Manager Maintenance Windows is a feature that allows you to define a schedule for when to perform potentially disruptive actions on your instances such as patching an operating system, updating drivers, or installing software or patches. During these windows, AWS Systems Manager performs the tasks you've assigned, and you can track tasks and executions in detail. It provides a safe and consistent method to apply patches and updates to your instances.

Table Usage Guide

The aws_ssm_maintenance_window table in Steampipe provides you with information about Maintenance Windows within AWS Systems Manager. This table allows you, as a DevOps engineer, to query details about scheduled maintenance tasks for AWS resources, including the maintenance window ID, name, description, and schedule. You can utilize this table to gather insights on maintenance windows, such as their duration, cut-off time, and whether they are enabled or not. The schema outlines the various attributes of the maintenance window for you, including the window ID, ARN, owner, enabled status, priority, and associated tags.

Examples

Basic info

Determine the areas in which AWS System Manager's Maintenance Windows are enabled and scheduled. This is useful for understanding the operational status and schedule of maintenance tasks across different regions.

select
name,
window_id,
enabled,
schedule,
tags_src,
region
from
aws_ssm_maintenance_window;
select
name,
window_id,
enabled,
schedule,
tags_src,
region
from
aws_ssm_maintenance_window;

Get target details for each maintenance window

This query is useful for gaining insights into each maintenance window's target details within your AWS Simple Systems Manager (SSM). This can help manage and schedule tasks on your resources more effectively.

select
name,
p ->> 'WindowTargetId' as window_target_id,
p ->> 'ResourceType' as resource_type,
p ->> 'Name' as target_name
from
aws_ssm_maintenance_window,
jsonb_array_elements(targets) as p;
select
name,
json_extract(p.value, '$.WindowTargetId') as window_target_id,
json_extract(p.value, '$.ResourceType') as resource_type,
json_extract(p.value, '$.Name') as target_name
from
aws_ssm_maintenance_window,
json_each(targets) as p;

Get tasks details for each maintenance window

Explore the specifics of tasks within each maintenance window in your AWS Simple Systems Manager (SSM) to better manage system maintenance and updates.

select
name,
p ->> 'WindowTaskId' as window_task_id,
p ->> 'ServiceRoleArn' as service_role_arn,
p ->> 'Name' as task_name
from
aws_ssm_maintenance_window,
jsonb_array_elements(tasks) as p;
select
name,
json_extract(p.value, '$.WindowTaskId') as window_task_id,
json_extract(p.value, '$.ServiceRoleArn') as service_role_arn,
json_extract(p.value, '$.Name') as task_name
from
aws_ssm_maintenance_window,
json_each(tasks) as p;

List maintenance windows that are enabled

Identify the active maintenance windows within your AWS environment. This can help in planning system updates or troubleshooting activities without disrupting regular operations.

select
name,
window_id,
enabled
from
aws_ssm_maintenance_window
where
enabled;
select
name,
window_id,
enabled
from
aws_ssm_maintenance_window
where
enabled = 1;

Schema for aws_ssm_maintenance_window

NameTypeOperatorsDescription
_ctxjsonbSteampipe context in JSON form.
account_idtext=, !=, ~~, ~~*, !~~, !~~*The AWS Account ID in which the resource is located.
akasjsonbArray of globally unique identifier strings (also known as) for the resource.
allow_unassociated_targetsbooleanIndicates whether targets must be registered with the Maintenance Window before tasks can be defined for those targets.
created_datetimestamp with time zoneThe date the maintenance window was created.
cutoffbigintThe number of hours before the end of the Maintenance Window that Systems Manager stops scheduling new tasks for execution.
descriptiontextA description of the Maintenance Window.
durationbigintThe duration of the Maintenance Window in hours.
enabledboolean=, !=Indicates whether the Maintenance Window is enabled.
end_datetextThe date and time, in ISO-8601 Extended format, for when the maintenance window is scheduled to become inactive. The maintenance window will not run after this specified time.
modified_datetimestamp with time zoneThe date the Maintenance Window was last modified.
nametext=The name of the Maintenance Window.
next_execution_timetextThe next time the maintenance window will actually run, taking into account any specified times for the Maintenance Window to become active or inactive.
partitiontextThe AWS partition in which the resource is located (aws, aws-cn, or aws-us-gov).
regiontextThe AWS Region in which the resource is located.
scheduletextThe schedule of the Maintenance Window in the form of a cron or rate expression.
schedule_offsetbigintThe number of days to wait to run a Maintenance Window after the scheduled CRON expression date and time.
schedule_timezonetextThe schedule of the maintenance window in the form of a cron or rate expression.
sp_connection_nametext=, !=, ~~, ~~*, !~~, !~~*Steampipe connection name.
sp_ctxjsonbSteampipe context in JSON form.
start_datetextThe date and time, in ISO-8601 Extended format, for when the maintenance window is scheduled to become active.
tagsjsonbA map of tags for the resource.
tags_srcjsonbA list of tags assigned to the Maintenance Window
targetsjsonbThe targets of Maintenance Window.
tasksjsonbThe Tasks of Maintenance Window.
titletextTitle of the resource.
window_idtext=The ID of the Maintenance Window.

Export

This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.

You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:

/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- aws

You can pass the configuration to the command with the --config argument:

steampipe_export_aws --config '<your_config>' aws_ssm_maintenance_window