azure_ad_groupazure_ad_service_principalazure_ad_userazure_alert_managementazure_api_managementazure_api_management_backendazure_app_configurationazure_app_service_environmentazure_app_service_function_appazure_app_service_planazure_app_service_web_appazure_app_service_web_app_slotazure_application_gatewayazure_application_insightazure_application_security_groupazure_automation_accountazure_automation_variableazure_backup_policyazure_bastion_hostazure_batch_accountazure_cdn_frontdoor_profileazure_cognitive_accountazure_compute_availability_setazure_compute_diskazure_compute_disk_accessazure_compute_disk_encryption_setazure_compute_disk_metric_read_opsazure_compute_disk_metric_read_ops_dailyazure_compute_disk_metric_read_ops_hourlyazure_compute_disk_metric_write_opsazure_compute_disk_metric_write_ops_dailyazure_compute_disk_metric_write_ops_hourlyazure_compute_imageazure_compute_resource_skuazure_compute_snapshotazure_compute_ssh_keyazure_compute_virtual_machineazure_compute_virtual_machine_metric_available_memoryazure_compute_virtual_machine_metric_available_memory_dailyazure_compute_virtual_machine_metric_available_memory_hourlyazure_compute_virtual_machine_metric_cpu_utilizationazure_compute_virtual_machine_metric_cpu_utilization_dailyazure_compute_virtual_machine_metric_cpu_utilization_hourlyazure_compute_virtual_machine_scale_setazure_compute_virtual_machine_scale_set_network_interfaceazure_compute_virtual_machine_scale_set_vmazure_consumption_usageazure_container_groupazure_container_registryazure_cosmosdb_accountazure_cosmosdb_mongo_collectionazure_cosmosdb_mongo_databaseazure_cosmosdb_restorable_database_accountazure_cosmosdb_sql_databaseazure_data_factoryazure_data_factory_datasetazure_data_factory_pipelineazure_data_lake_analytics_accountazure_data_lake_storeazure_data_protection_backup_jobazure_data_protection_backup_vaultazure_databox_edge_deviceazure_databricks_workspaceazure_diagnostic_settingazure_dns_zoneazure_eventgrid_domainazure_eventgrid_topicazure_eventhub_namespaceazure_express_route_circuitazure_firewallazure_firewall_policyazure_frontdoorazure_hdinsight_clusterazure_healthcare_serviceazure_hpc_cacheazure_hybrid_compute_machineazure_hybrid_kubernetes_connected_clusterazure_iothubazure_iothub_dpsazure_key_vaultazure_key_vault_certificateazure_key_vault_deleted_vaultazure_key_vault_keyazure_key_vault_key_versionazure_key_vault_managed_hardware_security_moduleazure_key_vault_secretazure_kubernetes_clusterazure_kubernetes_service_versionazure_kusto_clusterazure_lbazure_lb_backend_address_poolazure_lb_nat_ruleazure_lb_outbound_ruleazure_lb_probeazure_lb_ruleazure_lighthouse_assignmentazure_lighthouse_definitionazure_locationazure_log_alertazure_log_analytics_workspaceazure_log_profileazure_logic_app_workflowazure_machine_learning_workspaceazure_maintenance_configurationazure_management_groupazure_management_lockazure_mariadb_serverazure_monitor_activity_log_eventazure_monitor_log_profileazure_mssql_elasticpoolazure_mssql_managed_instanceazure_mssql_virtual_machineazure_mysql_flexible_serverazure_mysql_serverazure_nat_gatewayazure_network_interfaceazure_network_security_groupazure_network_watcherazure_network_watcher_flow_logazure_policy_assignmentazure_policy_definitionazure_postgresql_flexible_serverazure_postgresql_serverazure_private_dns_zoneazure_private_endpointazure_providerazure_public_ipazure_recovery_services_backup_jobazure_recovery_services_vaultazure_redis_cacheazure_resourceazure_resource_groupazure_resource_linkazure_role_assignmentazure_role_definitionazure_route_tableazure_search_serviceazure_security_center_auto_provisioningazure_security_center_automationazure_security_center_contactazure_security_center_jit_network_access_policyazure_security_center_settingazure_security_center_sub_assessmentazure_security_center_subscription_pricingazure_service_fabric_clusterazure_servicebus_namespaceazure_signalr_serviceazure_spring_cloud_serviceazure_sql_databaseazure_sql_serverazure_storage_accountazure_storage_blobazure_storage_blob_serviceazure_storage_containerazure_storage_queueazure_storage_share_fileazure_storage_syncazure_storage_tableazure_storage_table_serviceazure_stream_analytics_jobazure_subnetazure_subscriptionazure_synapse_workspaceazure_tenantazure_virtual_networkazure_virtual_network_gatewayazure_web_application_firewall_policy
Table: azure_network_interface - Query Azure Network Interfaces using SQL
A Network Interface in Azure is the interconnection between a Virtual Machine (VM) and the underlying Azure VNet. This interface enables an Azure VM to communicate with internet, Azure, and on-premises resources. Network interfaces consist of one or more IP configurations and a network security group.
Table Usage Guide
The azure_network_interface table provides insights into Network Interfaces within Azure. As an Infrastructure Engineer, explore detailed information about each network interface through this table, including its IP configuration, associated network security group, and subnet. Use this table to manage and optimize your network interface configurations, ensuring seamless communication between your Azure VMs and other resources.
Examples
Basic IP address info
Explore the configuration of your Azure network interface to gain insights into your private IP address details. This can help you understand your IP allocation methods and versions, which is useful for managing your network resources effectively.
select name, ip ->> 'name' as config_name, ip -> 'properties' ->> 'privateIPAddress' as private_ip_address, ip -> 'properties' ->> 'privateIPAddressVersion' as private_ip_address_version, ip -> 'properties' ->> 'privateIPAllocationMethod' as private_ip_address_allocation_methodfrom azure_network_interface cross join jsonb_array_elements(ip_configurations) as ip;select name, json_extract(ip.value, '$.name') as config_name, json_extract(ip.value, '$.properties.privateIPAddress') as private_ip_address, json_extract(ip.value, '$.properties.privateIPAddressVersion') as private_ip_address_version, json_extract( ip.value, '$.properties.privateIPAllocationMethod' ) as private_ip_address_allocation_methodfrom azure_network_interface, json_each(ip_configurations) as ip;Find all network interfaces with private IPs that are in a given subnet (10.66.0.0/16)
Determine the areas in which your Azure network interfaces have private IPs within a specific subnet. This is useful for understanding how your network resources are distributed and identifying potential areas of congestion or security vulnerabilities.
select name, ip ->> 'name' as config_name, ip -> 'properties' ->> 'privateIPAddress' as private_ip_addressfrom azure_network_interface cross join jsonb_array_elements(ip_configurations) as ipwhere ip -> 'properties' ->> 'privateIPAddress' = '10.66.0.0/16';select name, json_extract(ip.value, '$.name') as config_name, json_extract(ip.value, '$.properties.privateIPAddress') as private_ip_addressfrom azure_network_interface, json_each(ip_configurations) as ipwhere json_extract(ip.value, '$.properties.privateIPAddress') = '10.66.0.0/16';Security groups attached to each network interface
Explore which security groups are linked to each network interface in your Azure environment. This can help in managing and improving the security posture of your network.
select name, split_part(network_security_group_id, '/', 8) as security_groupsfrom azure_network_interface;Error: SQLite does not support split functions.Query examples
- azure_network_private_ip
- compute_virtual_machine_by_attachment_to_network
- compute_virtual_machine_network_interfaces
- compute_virtual_machine_unattached_with_network_count
- compute_virtual_machines_for_network_interface
- compute_virtual_machines_for_network_load_balancer
- compute_virtual_machines_for_network_public_ip
- compute_virtual_machines_for_network_security_group
- compute_virtual_machines_for_network_virtual_network
- network_application_gateways_for_compute_virtual_machine
- network_interface_accelerated_networking_enabled
- network_interface_attached_nsg
- network_interface_attached_virtual_machine
- network_interface_ip_configurations_details
- network_interface_ip_forwarding_enabled
- network_interface_private_ip_address
- network_interface_public_ip_address
- network_interface_tags
- network_load_balancer_backend_address_pools_for_compute_virtual_machine
- network_load_balancer_backend_address_pools_for_network_virtual_network
- network_load_balancers_for_compute_virtual_machine
- network_load_balancers_for_network_virtual_network
- network_network_interfaces_for_compute_virtual_machine
- network_network_interfaces_for_network_load_balancer
- network_network_interfaces_for_network_public_ip
- network_network_interfaces_for_network_security_group
- network_public_ip_association_details
- network_public_ips_for_compute_virtual_machine
- network_public_ips_for_network_interface
- network_security_group_assoc
- network_security_group_egress_rule_sankey
- network_security_group_ingress_rule_sankey
- network_security_groups_for_compute_virtual_machine
- network_security_groups_for_network_interface
- network_subnets_for_compute_virtual_machine
- network_subnets_for_network_interface
- network_virtual_networks_for_compute_virtual_machine
- network_virtual_networks_for_network_interface
Control examples
Schema for azure_network_interface
| Name | Type | Operators | Description |
|---|---|---|---|
| _ctx | jsonb | Steampipe context in JSON form. | |
| akas | jsonb | Array of globally unique identifier strings (also known as) for the resource. | |
| applied_dns_servers | jsonb | A list of applied dns servers. | |
| auxiliary_mode | text | Auxiliary mode of network interface resource. | |
| cloud_environment | text | The Azure Cloud Environment. | |
| disable_tcp_state_tracking | boolean | Indicates whether to disable TCP state tracking. | |
| dns_servers | jsonb | A collection of DNS servers IP addresses. | |
| dscp_configuration | jsonb | A reference to the DSCP configuration to which the network interface is linked. | |
| enable_accelerated_networking | boolean | Indicates whether the network interface is accelerated networking enabled. | |
| enable_ip_forwarding | boolean | Indicates whether IP forwarding is enabled on this network interface. | |
| etag | text | An unique read-only string that changes whenever the resource is updated. | |
| hosted_workloads | jsonb | A collection of references to linked BareMetal resources. | |
| id | text | Contains ID to identify a network interface uniquely. | |
| internal_dns_name_label | text | Relative DNS name for this NIC used for internal communications between VMs in the same virtual network. | |
| internal_domain_name_suffix | text | Contains domain name suffix for the network interface. | |
| internal_fqdn | text | Fully qualified DNS name supporting internal communications between VMs in the same virtual network. | |
| ip_configurations | jsonb | A list of IPConfigurations of the network interface. | |
| is_primary | boolean | Indicates whether this is a primary network interface on a virtual machine. | |
| mac_address | text | The MAC address of the network interface. | |
| migration_phase | text | Migration phase of network interface resource. | |
| name | text | = | The friendly name that identifies the network interface. |
| network_security_group_id | text | The reference to the NetworkSecurityGroup resource. | |
| nic_type | text | Type of network interface resource (e.g., Standard, Elastic). | |
| private_endpoint | jsonb | A reference to the private endpoint to which the network interface is linked. | |
| private_link_service | jsonb | Private link service of the network interface resource. | |
| provisioning_state | text | Providsioning state of the network interface resource. | |
| region | text | The Azure region/location in which the resource is located. | |
| resource_group | text | = | The resource group which holds this resource. |
| resource_guid | text | The resource GUID property of the network interface resource. | |
| sp_connection_name | text | =, !=, ~~, ~~*, !~~, !~~* | Steampipe connection name. |
| sp_ctx | jsonb | Steampipe context in JSON form. | |
| subscription_id | text | =, !=, ~~, ~~*, !~~, !~~* | The Azure Subscription ID in which the resource is located. |
| tags | jsonb | A map of tags for the resource. | |
| tap_configurations | jsonb | A collection of TapConfigurations of the network interface. | |
| title | text | Title of the resource. | |
| type | text | The resource type of the network interface. | |
| virtual_machine_id | text | The reference to a virtual machine. | |
| vnet_encryption_supported | boolean | Whether the virtual machine this NIC is attached to supports encryption. | |
| workload_type | text | Workload type of the network interface for BareMetal resources. |
Export
This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.
You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:
/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- azureYou can pass the configuration to the command with the --config argument:
steampipe_export_azure --config '<your_config>' azure_network_interface