steampipe plugin install aws

Table: aws_vpc_verified_access_trust_provider - Query AWS VPC Verified Access Trust Providers using SQL

The AWS VPC Verified Access Trust Provider is an AWS service that helps manage and verify access to your Virtual Private Cloud (VPC). This service allows you to control and secure network access to your AWS resources within the VPC. It provides a layer of security that helps you control who can access your resources within a VPC from the internet.

Table Usage Guide

The aws_vpc_verified_access_trust_provider table in Steampipe provides you with information about the trust providers for VPC endpoints within AWS Virtual Private Cloud (VPC). This table allows you, as a DevOps engineer, to query trust provider-specific details, including the provider type, owner, and associated metadata. You can utilize this table to gather insights on trust relationships, such as the services that VPC endpoints can access, verification of trust providers, and more. The schema outlines the various attributes of the trust provider for you, including the provider type, owner, and associated tags.

Examples

Basic info

Explore the creation and update timeline of verified access trust providers in your AWS VPC. This can help in maintaining security by identifying the type of trust providers and understanding their policy references.

select
verified_access_trust_provider_id,
creation_time,
device_trust_provider_type,
last_updated_time,
policy_reference_name,
trust_provider_type
from
aws_vpc_verified_access_trust_provider;
select
verified_access_trust_provider_id,
creation_time,
device_trust_provider_type,
last_updated_time,
policy_reference_name,
trust_provider_type
from
aws_vpc_verified_access_trust_provider;

List trusted providers that are of the user type

Explore which trusted providers are specifically categorized as 'user' type within your AWS VPC. This can help in managing access controls and understanding the security posture of your virtual private cloud environment.

select
verified_access_trust_provider_id,
creation_time,
device_trust_provider_type,
last_updated_time,
policy_reference_name,
trust_provider_type
from
aws_vpc_verified_access_trust_provider
where
trust_provider_type = 'user';
select
verified_access_trust_provider_id,
creation_time,
device_trust_provider_type,
last_updated_time,
policy_reference_name,
trust_provider_type
from
aws_vpc_verified_access_trust_provider
where
trust_provider_type = 'user';

List trusted providers older than 90 days

Discover the segments that are trusted providers and have been active for over 90 days. This can be useful for assessing the longevity and reliability of these providers in your AWS VPC environment.

select
verified_access_trust_provider_id,
creation_time,
last_updated_time,
policy_reference_name,
trust_provider_type
from
aws_vpc_verified_access_trust_provider
where
creation_time >= now() - interval '90' day;
select
verified_access_trust_provider_id,
creation_time,
last_updated_time,
policy_reference_name,
trust_provider_type
from
aws_vpc_verified_access_trust_provider
where
creation_time >= datetime('now', '-90 day');

Schema for aws_vpc_verified_access_trust_provider

NameTypeOperatorsDescription
_ctxjsonbSteampipe context in JSON form.
account_idtext=, !=, ~~, ~~*, !~~, !~~*The AWS Account ID in which the resource is located.
creation_timetimestamp with time zoneThe creation time.
descriptiontextA description for the AWS Verified Access trust provider.
device_trust_provider_typetextThe type of device-based trust provider.
last_updated_timetimestamp with time zoneThe last updated time.
oidc_optionsjsonbThe OpenID Connect details for an oidc-type, user-identity based trust provider.
partitiontextThe AWS partition in which the resource is located (aws, aws-cn, or aws-us-gov).
policy_reference_nametextThe identifier to be used when working with policy rules.
regiontextThe AWS Region in which the resource is located.
sp_connection_nametext=, !=, ~~, ~~*, !~~, !~~*Steampipe connection name.
sp_ctxjsonbSteampipe context in JSON form.
tagsjsonbA map of tags for the resource.
tags_srcjsonbA map of tags for the resource.
titletextTitle of the resource.
trust_provider_typetextThe type of Verified Access trust provider.
user_trust_provider_typetextThe type of user-based trust provider.
verified_access_trust_provider_idtext=The ID of the AWS Verified Access trust provider.

Export

This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.

You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:

/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- aws

You can pass the configuration to the command with the --config argument:

steampipe_export_aws --config '<your_config>' aws_vpc_verified_access_trust_provider