Table: aws_vpc_peering_connection - Query AWS VPC Peering Connections using SQL
The AWS VPC Peering Connection is a networking connection between two Virtual Private Clouds (VPCs) that enables you to route traffic between them using private IPv4 addresses or IPv6 addresses. It's a one-to-one relationship, and doesn't require a gateway, VPN connection, or separate network hardware. This connection can be made between your own VPCs, or with a VPC in another AWS account within a single region.
Table Usage Guide
The aws_vpc_peering_connection
table in Steampipe provides you with information about VPC Peering Connections within Amazon Virtual Private Cloud (VPC). This table allows you, as a DevOps engineer, security team member, or system administrator, to query peering connection-specific details, including peering statuses, VPC IDs, region, and associated metadata. You can utilize this table to gather insights on peering connections, such as connection status, verification of peering options, and more. The schema outlines the various attributes of the VPC peering connection for you, including the peering connection ID, creation date, requester VPC info, accepter VPC info, and associated tags.
Examples
Basic Info
Determine the areas in which Virtual Private Cloud (VPC) peering connections are established between different AWS accounts and regions. This information can help you manage network access, improve security, and optimize resource allocation.
select id, accepter_owner_id, accepter_region, accepter_vpc_id, expiration_time, requester_owner_id, requester_region, requester_vpc_idfrom aws_vpc_peering_connection;
select id, accepter_owner_id, accepter_region, accepter_vpc_id, expiration_time, requester_owner_id, requester_region, requester_vpc_idfrom aws_vpc_peering_connection;
List VPC peering connections by approval status
Determine the areas in which Virtual Private Cloud (VPC) peering connections are still awaiting approval. This is particularly useful in managing network accessibility and ensuring secure and efficient data transfer between different VPCs.
select id, accepter_vpc_id, requester_vpc_id, status_code, status_messagefrom aws_vpc_peering_connectionwhere status_code = 'pending-acceptance';
select id, accepter_vpc_id, requester_vpc_id, status_code, status_messagefrom aws_vpc_peering_connectionwhere status_code = 'pending-acceptance';
List requester VPC connection details
Discover the segments that involve details of VPC connections requested in an AWS environment, enabling you to understand who is requesting connections, from which regions, and what their specific peering options are.
select id, requester_cidr_block, requester_owner_id, requester_region, requester_vpc_id, jsonb_pretty(requester_cidr_block_set) as requester_cidr_block_set, jsonb_pretty(requester_ipv6_cidr_block_set) as requester_ipv6_cidr_block_set, jsonb_pretty(requester_peering_options) as requester_peering_optionsfrom aws_vpc_peering_connection;
select id, requester_cidr_block, requester_owner_id, requester_region, requester_vpc_id, requester_cidr_block_set, requester_ipv6_cidr_block_set, requester_peering_optionsfrom aws_vpc_peering_connection;
List accepter VPC connection details
Explore the details of accepted VPC connections to understand their configurations, ownership, and regional distribution. This can aid in managing network access and ensuring secure data transfers within your AWS environment.
select id, accepter_cidr_block, accepter_owner_id, accepter_region, accepter_vpc_id, jsonb_pretty(accepter_cidr_block_set) as accepter_cidr_block_set, jsonb_pretty(accepter_ipv6_cidr_block_set) as accepter_ipv6_cidr_block_set, jsonb_pretty(accepter_peering_options) as accepter_peering_optionsfrom aws_vpc_peering_connection;
select id, accepter_cidr_block, accepter_owner_id, accepter_region, accepter_vpc_id, accepter_cidr_block_set, accepter_ipv6_cidr_block_set, accepter_peering_optionsfrom aws_vpc_peering_connection;
List VPC peering connections by specific VPC peering connection IDs
This query is useful to identify specific VPC peering connections by their IDs. It allows you to gain insights into the ownership, region, and associated VPC details of both the accepter and requester, which can be beneficial for network management and troubleshooting tasks.
select id, accepter_owner_id, accepter_region, accepter_vpc_id, expiration_time, requester_owner_id, requester_region, requester_vpc_idfrom aws_vpc_peering_connectionwhere id in ('pcx-0a0403619dd2f3b24', 'pcx-048825e2c43ffd99e');
select id, accepter_owner_id, accepter_region, accepter_vpc_id, expiration_time, requester_owner_id, requester_region, requester_vpc_idfrom aws_vpc_peering_connectionwhere id in ('pcx-0a0403619dd2f3b24', 'pcx-048825e2c43ffd99e');
List VPC peering connections with tag details
Discover the segments that have VPC peering connections along with their respective tags. This can be beneficial for gaining insights into the connections between different VPCs and their associated metadata, aiding in network management and security audits.
select id, jsonb_pretty(tags) as tags, jsonb_pretty(tags_src) as tags_srcfrom aws_vpc_peering_connection;
select id, tags, tags_srcfrom aws_vpc_peering_connection;
select id, tags ->> 'Name' as namefrom aws_vpc_peering_connection;
select id, json_extract(tags, '$.Name') as namefrom aws_vpc_peering_connection;
List VPC peering connections by specific tag's key
Explore which Virtual Private Cloud (VPC) peering connections have been specifically marked with the 'turbot:TurbotCreatedPeeringConnection' tag. This could be useful in understanding and managing connections that were automatically created by Turbot, a cloud governance platform.
select v.id, jsonb_pretty(tags) as tagsfrom aws_vpc_peering_connection as v, jsonb_each(tags)where key = 'turbot:TurbotCreatedPeeringConnection';
select v.id, json_extract(t.value, '$') as tagsfrom aws_vpc_peering_connection as v, json_each(tags) as twhere json_extract(t.value, '$.key') = 'turbot:TurbotCreatedPeeringConnection';
List VPC peering connections by specific tag's key & value
Discover the segments that have specific peering connections within a virtual private cloud (VPC) network using specific tags. This is useful for managing and organizing your network connections based on their assigned tags.
select id, jsonb_pretty(tags) as tagsfrom aws_vpc_peering_connectionwhere tags @> '{"Name": "vpc-0639e12347e5b6bfb <=> vpc-8e1234f5"}';
Error: The corresponding SQLite query is unavailable.
Schema for aws_vpc_peering_connection
Name | Type | Operators | Description |
---|---|---|---|
_ctx | jsonb | Steampipe context in JSON form. | |
accepter_cidr_block | cidr | = | The IPv4 CIDR block for the accepter VPC. |
accepter_cidr_block_set | jsonb | Information about the IPv4 CIDR blocks for the accepter VPC. | |
accepter_ipv6_cidr_block_set | jsonb | The IPv6 CIDR block for the accepter VPC. | |
accepter_owner_id | text | = | The ID of the Amazon Web Services account that owns the accepter VPC. |
accepter_peering_options | jsonb | Information about the VPC peering connection options for the accepter VPC. | |
accepter_region | text | The Region in which the accepter VPC is located. | |
accepter_vpc_id | text | = | The ID of the accepter VPC. |
account_id | text | =, !=, ~~, ~~*, !~~, !~~* | The AWS Account ID in which the resource is located. |
expiration_time | timestamp with time zone | = | The time that an unaccepted VPC peering connection will expire. |
id | text | = | The ID of the VPC peering connection. |
partition | text | The AWS partition in which the resource is located (aws, aws-cn, or aws-us-gov). | |
region | text | The AWS Region in which the resource is located. | |
requester_cidr_block | cidr | = | The IPv4 CIDR block for the requester VPC. |
requester_cidr_block_set | jsonb | Information about the IPv4 CIDR blocks for the requester VPC. | |
requester_ipv6_cidr_block_set | jsonb | The IPv6 CIDR block for the requester VPC. | |
requester_owner_id | text | = | The ID of the Amazon Web Services account that owns the requester VPC. |
requester_peering_options | jsonb | Information about the VPC peering connection options for the requester VPC. | |
requester_region | text | The Region in which the requester VPC is located. | |
requester_vpc_id | text | = | The ID of the requester VPC. |
sp_connection_name | text | =, !=, ~~, ~~*, !~~, !~~* | Steampipe connection name. |
sp_ctx | jsonb | Steampipe context in JSON form. | |
status_code | text | The status of the VPC peering connection. Possible values include: 'pending-acceptance', 'failed', 'expired', 'provisioning', 'active', 'deleting', 'deleted' or 'rejected'. | |
status_message | text | = | A message that provides more information about the status, if applicable. |
tags | jsonb | A map of tags for the resource. | |
tags_src | jsonb | The tags assigned to the resource. | |
title | text | Title of the resource. |
Export
This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.
You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh
script:
/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- aws
You can pass the configuration to the command with the --config
argument:
steampipe_export_aws --config '<your_config>' aws_vpc_peering_connection