steampipe plugin install aws

Table: aws_vpc_vpn_gateway - Query AWS VPC VPN Gateway using SQL

The AWS VPC VPN Gateway is a component of Amazon Virtual Private Cloud (VPC) that enables the establishment of a secure and private tunnel from your network or device to the AWS global network. It provides connectivity between your virtual network and your on-premises or other cloud network. A VPN gateway is the VPN concentrator on the Amazon side of the VPN connection.

Table Usage Guide

The aws_vpc_vpn_gateway table in Steampipe provides you with information about Virtual Private Cloud (VPC) VPN gateways within AWS. This table allows you as a DevOps engineer, developer, or data analyst to query VPN gateway-specific details, including the state of the VPN gateway, the type of VPN gateway, the availability zone, and the VPC attachments. You can utilize this table to gather insights on VPN gateways, such as the number of VPN gateways in a specific state, the types of VPN gateways used, and the VPCs to which they are attached. The schema outlines the various attributes of the VPN gateway for you, including the VPN gateway ID, the Amazon Resource Name (ARN), and the associated tags.

Examples

VPN gateways basic info

Explore the status and type of your VPN gateways within your Amazon Web Services environment. This can help you understand the current configuration and availability of your gateways, which is crucial for maintaining secure and efficient network connections.

select
vpn_gateway_id,
state,
type,
amazon_side_asn,
availability_zone,
vpc_attachments
from
aws_vpc_vpn_gateway;
select
vpn_gateway_id,
state,
type,
amazon_side_asn,
availability_zone,
vpc_attachments
from
aws_vpc_vpn_gateway;

List Unattached VPN gateways

Discover the segments that have VPN gateways without any VPC attachments. This is useful for identifying unused resources and optimizing cloud infrastructure management.

select
vpn_gateway_id
from
aws_vpc_vpn_gateway
where
vpc_attachments is null;
select
vpn_gateway_id
from
aws_vpc_vpn_gateway
where
vpc_attachments is null;

List all the VPN gateways attached to default VPC

Explore which VPN gateways are connected to your default VPC. This is beneficial to understand your default network infrastructure and identify any potential security risks or misconfigurations.

select
vpn_gateway_id,
vpc.is_default
from
aws_vpc_vpn_gateway
cross join jsonb_array_elements(vpc_attachments) as i
join aws_vpc vpc on i ->> 'VpcId' = vpc.vpc_id
where
vpc.is_default = true;
select
vpn_gateway_id,
vpc.is_default
from
aws_vpc_vpn_gateway,
json_each(vpc_attachments)
join aws_vpc vpc on json_extract(value, '$.VpcId') = vpc.vpc_id
where
vpc.is_default = 1;

Schema for aws_vpc_vpn_gateway

NameTypeOperatorsDescription
_ctxjsonbSteampipe context in JSON form, e.g. connection_name.
account_idtextThe AWS Account ID in which the resource is located.
akasjsonbArray of globally unique identifier strings (also known as) for the resource.
amazon_side_asnbigint=The private Autonomous System Number (ASN) for the Amazon side of a BGP session.
availability_zonetext=The Availability Zone where the virtual private gateway was created, if applicable. This field may be empty or not returned.
partitiontextThe AWS partition in which the resource is located (aws, aws-cn, or aws-us-gov).
regiontextThe AWS Region in which the resource is located.
statetext=The current state of the virtual private gateway.
tagsjsonbA map of tags for the resource.
tags_srcjsonbA list of tags that are attached to VPN gateway.
titletextTitle of the resource.
typetext=The type of VPN connection the virtual private gateway supports.
vpc_attachmentsjsonbAny VPCs attached to the virtual private gateway.
vpn_gateway_idtext=The ID of the virtual private gateway.

Export

This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.

You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:

/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- aws

You can pass the configuration to the command with the --config argument:

steampipe_export_aws --config '<your_config>' aws_vpc_vpn_gateway