Table: aws_vpc_internet_gateway - Query AWS VPC Internet Gateway using SQL

The AWS VPC Internet Gateway is a horizontally scalable, redundant, and highly available AWS resource that provides a connection between an Amazon Virtual Private Cloud (VPC) and the internet. It serves two purposes: to provide a target in your VPC route tables for internet-routable traffic, and to perform network address translation for instances that have been assigned public IPv4 addresses. An internet gateway supports IPv4 and IPv6 traffic.

Table Usage Guide

The aws_vpc_internet_gateway table in Steampipe provides you with information about Internet Gateways within AWS Virtual Private Cloud (VPC). This table allows you, as a DevOps engineer or other technical professional, to query Internet Gateway-specific details, including its state, the VPCs it is attached to, and associated metadata. You can utilize this table to gather insights on Internet Gateways, such as their attachment state, the VPCs they are attached to, and more. The schema outlines the various attributes of the Internet Gateway for you, including the gateway ID, owner ID, and associated tags.

Examples

List unattached internet gateways

Identify instances where internet gateways within your AWS VPC are not attached to any resources. This helps in managing resources effectively and avoiding unnecessary costs.

select
  internet_gateway_id,
  attachments
from
  aws_vpc_internet_gateway
where
  attachments is null;

select
  internet_gateway_id,
  attachments
from
  aws_vpc_internet_gateway
where
  attachments is null;

Find VPCs attached to the internet gateways

Determine the areas in which your Virtual Private Clouds (VPCs) are directly linked to internet gateways. This is beneficial for reviewing your network infrastructure and assessing potential security risks.

select
  internet_gateway_id,
  att ->> 'VpcId' as vpc_id
from
  aws_vpc_internet_gateway
  cross join jsonb_array_elements(attachments) as att;

select
  internet_gateway_id,
  json_extract(att.value, '$.VpcId') as vpc_id
from
  aws_vpc_internet_gateway,
  json_each(attachments) as att;

Query examples

vpc_gateways_for_vpc

Control examples

VPC internet gateways should be attached to authorized vpc

Schema for aws_vpc_internet_gateway

Name	Type	Operators	Description
_ctx	jsonb		Steampipe context in JSON form.
account_id	text	=, !=, ~~, ~~, !~~, !~~	The AWS Account ID in which the resource is located.
akas	jsonb		Array of globally unique identifier strings (also known as) for the resource.
attachments	jsonb		Any VPCs attached to the internet gateway.
internet_gateway_id	text	=	The ID of the internet gateway.
owner_id	text	=	The ID of the AWS account that owns the internet gateway.
partition	text		The AWS partition in which the resource is located (aws, aws-cn, or aws-us-gov).
region	text		The AWS Region in which the resource is located.
sp_connection_name	text	=, !=, ~~, ~~, !~~, !~~	Steampipe connection name.
sp_ctx	jsonb		Steampipe context in JSON form.
tags	jsonb		A map of tags for the resource.
tags_src	jsonb		tags assigned to the internet gateway.
title	text		Title of the resource.

Export

This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.

You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:

/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- aws

You can pass the configuration to the command with the --config argument:

steampipe_export_aws --config '<your_config>' aws_vpc_internet_gateway