Table: aws_vpc_verified_access_group - Query AWS VPC Verified Access Groups using SQL

The AWS VPC Verified Access Groups are used to manage access to your Virtual Private Cloud (VPC) resources. They enable you to specify which principals in your AWS environment have access to the resources in your VPC. This helps in maintaining security and control over your networked AWS resources.

Table Usage Guide

The aws_vpc_verified_access_group table in Steampipe provides you with information about each verified access group within a VPC in AWS Virtual Private Cloud (VPC). This table enables you, as a network administrator or security personnel, to query group-specific details, including the group ID, group name, and the VPC ID it is associated with. You can utilize this table to gain insights on access groups, such as which VPCs have certain access groups, the names of these groups, and more. The schema outlines for you the various attributes of the verified access group, including the group ID, group name, and associated VPC ID.

Examples

Basic info

Determine the areas in which your AWS VPC verified access groups were created and last updated. This allows you to monitor and manage your AWS resources effectively, ensuring optimal security and performance.

select
  verified_access_group_id,
  arn,
  verified_access_instance_id,
  creation_time,
  description,
  last_updated_time
from
  aws_vpc_verified_access_group;

select
  verified_access_group_id,
  arn,
  verified_access_instance_id,
  creation_time,
  description,
  last_updated_time
from
  aws_vpc_verified_access_group;

List groups older than 30 days

Uncover the details of specific access groups in your AWS VPC that were created more than 30 days ago. This can be useful for routine cleanup or auditing purposes, ensuring your environment remains optimized and secure.

select
  verified_access_group_id,
  creation_time,
  description,
  last_updated_time
from
  aws_vpc_verified_access_group
where
  creation_time <= now() - interval '30' day;

select
  verified_access_group_id,
  creation_time,
  description,
  last_updated_time
from
  aws_vpc_verified_access_group
where
  creation_time <= datetime('now', '-30 day');

List active groups

Discover the segments that are currently active within your AWS VPC by identifying groups that have not been deleted. This can help in managing and maintaining the security and access control of your virtual private cloud.

select
  verified_access_group_id,
  creation_time,
  deletion_time,
  description,
  last_updated_time
from
  aws_vpc_verified_access_group
where
  deletion_time is null;

select
  verified_access_group_id,
  creation_time,
  deletion_time,
  description,
  last_updated_time
from
  aws_vpc_verified_access_group
where
  deletion_time is null;

Get trusted provider details for each group

Explore the trusted provider details associated with each group to understand when and how these relationships were established, providing valuable context for managing and optimizing your AWS VPC access security.

select
  g.verified_access_group_id,
  g.creation_time,
  i.creation_time as instance_create_time,
  i.verified_access_instance_id,
  jsonb_pretty(i.verified_access_trust_providers) as verified_access_trust_providers
from
  aws_vpc_verified_access_group as g,
  aws_vpc_verified_access_instance as i
where
  g.verified_access_instance_id = i.verified_access_instance_id;

select
  g.verified_access_group_id,
  g.creation_time,
  i.creation_time as instance_create_time,
  i.verified_access_instance_id,
  i.verified_access_trust_providers as verified_access_trust_providers
from
  aws_vpc_verified_access_group as g
  join aws_vpc_verified_access_instance as i on g.verified_access_instance_id = i.verified_access_instance_id;

Schema for aws_vpc_verified_access_group

Name	Type	Operators	Description
_ctx	jsonb		Steampipe context in JSON form.
account_id	text	=, !=, ~~, ~~, !~~, !~~	The AWS Account ID in which the resource is located.
akas	jsonb		Array of globally unique identifier strings (also known as) for the resource.
arn	text		The ARN of the verified access group.
creation_time	timestamp with time zone		The creation time.
deletion_time	timestamp with time zone		The deleteion time.
description	text		A description for the AWS verified access group.
last_updated_time	timestamp with time zone		The last updated time.
owner	text		The AWS account number that owns the group.
partition	text		The AWS partition in which the resource is located (aws, aws-cn, or aws-us-gov).
region	text		The AWS Region in which the resource is located.
sp_connection_name	text	=, !=, ~~, ~~, !~~, !~~	Steampipe connection name.
sp_ctx	jsonb		Steampipe context in JSON form.
tags	jsonb		A map of tags for the resource.
tags_src	jsonb		A map of tags for the resource.
title	text		Title of the resource.
verified_access_group_id	text	=	The ID of the verified access group.
verified_access_instance_id	text	=	The ID of the AWS Verified Access instance.

Export

This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.

You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:

/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- aws

You can pass the configuration to the command with the --config argument:

steampipe_export_aws --config '<your_config>' aws_vpc_verified_access_group