Table: aws_vpc_vpn_gateway - Query AWS VPC VPN Gateway using SQL
The AWS VPC VPN Gateway is a component of Amazon Virtual Private Cloud (VPC) that enables the establishment of a secure and private tunnel from your network or device to the AWS global network. It provides connectivity between your virtual network and your on-premises or other cloud network. A VPN gateway is the VPN concentrator on the Amazon side of the VPN connection.
Table Usage Guide
The aws_vpc_vpn_gateway
table in Steampipe provides you with information about Virtual Private Cloud (VPC) VPN gateways within AWS. This table allows you as a DevOps engineer, developer, or data analyst to query VPN gateway-specific details, including the state of the VPN gateway, the type of VPN gateway, the availability zone, and the VPC attachments. You can utilize this table to gather insights on VPN gateways, such as the number of VPN gateways in a specific state, the types of VPN gateways used, and the VPCs to which they are attached. The schema outlines the various attributes of the VPN gateway for you, including the VPN gateway ID, the Amazon Resource Name (ARN), and the associated tags.
Examples
VPN gateways basic info
Explore the status and type of your VPN gateways within your Amazon Web Services environment. This can help you understand the current configuration and availability of your gateways, which is crucial for maintaining secure and efficient network connections.
select vpn_gateway_id, state, type, amazon_side_asn, availability_zone, vpc_attachmentsfrom aws_vpc_vpn_gateway;
select vpn_gateway_id, state, type, amazon_side_asn, availability_zone, vpc_attachmentsfrom aws_vpc_vpn_gateway;
List Unattached VPN gateways
Discover the segments that have VPN gateways without any VPC attachments. This is useful for identifying unused resources and optimizing cloud infrastructure management.
select vpn_gateway_idfrom aws_vpc_vpn_gatewaywhere vpc_attachments is null;
select vpn_gateway_idfrom aws_vpc_vpn_gatewaywhere vpc_attachments is null;
List all the VPN gateways attached to default VPC
Explore which VPN gateways are connected to your default VPC. This is beneficial to understand your default network infrastructure and identify any potential security risks or misconfigurations.
select vpn_gateway_id, vpc.is_defaultfrom aws_vpc_vpn_gateway cross join jsonb_array_elements(vpc_attachments) as i join aws_vpc vpc on i ->> 'VpcId' = vpc.vpc_idwhere vpc.is_default = true;
select vpn_gateway_id, vpc.is_defaultfrom aws_vpc_vpn_gateway, json_each(vpc_attachments) join aws_vpc vpc on json_extract(value, '$.VpcId') = vpc.vpc_idwhere vpc.is_default = 1;
Schema for aws_vpc_vpn_gateway
Name | Type | Operators | Description |
---|---|---|---|
_ctx | jsonb | Steampipe context in JSON form. | |
account_id | text | =, !=, ~~, ~~*, !~~, !~~* | The AWS Account ID in which the resource is located. |
akas | jsonb | Array of globally unique identifier strings (also known as) for the resource. | |
amazon_side_asn | bigint | = | The private Autonomous System Number (ASN) for the Amazon side of a BGP session. |
availability_zone | text | = | The Availability Zone where the virtual private gateway was created, if applicable. This field may be empty or not returned. |
partition | text | The AWS partition in which the resource is located (aws, aws-cn, or aws-us-gov). | |
region | text | The AWS Region in which the resource is located. | |
sp_connection_name | text | =, !=, ~~, ~~*, !~~, !~~* | Steampipe connection name. |
sp_ctx | jsonb | Steampipe context in JSON form. | |
state | text | = | The current state of the virtual private gateway. |
tags | jsonb | A map of tags for the resource. | |
tags_src | jsonb | A list of tags that are attached to VPN gateway. | |
title | text | Title of the resource. | |
type | text | = | The type of VPN connection the virtual private gateway supports. |
vpc_attachments | jsonb | Any VPCs attached to the virtual private gateway. | |
vpn_gateway_id | text | = | The ID of the virtual private gateway. |
Export
This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.
You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh
script:
/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- aws
You can pass the configuration to the command with the --config
argument:
steampipe_export_aws --config '<your_config>' aws_vpc_vpn_gateway