azure_ad_groupazure_ad_service_principalazure_ad_userazure_alert_managementazure_api_managementazure_api_management_backendazure_app_configurationazure_app_service_environmentazure_app_service_function_appazure_app_service_planazure_app_service_web_appazure_app_service_web_app_slotazure_application_gatewayazure_application_insightazure_application_security_groupazure_automation_accountazure_automation_variableazure_bastion_hostazure_batch_accountazure_cognitive_accountazure_compute_availability_setazure_compute_diskazure_compute_disk_accessazure_compute_disk_encryption_setazure_compute_disk_metric_read_opsazure_compute_disk_metric_read_ops_dailyazure_compute_disk_metric_read_ops_hourlyazure_compute_disk_metric_write_opsazure_compute_disk_metric_write_ops_dailyazure_compute_disk_metric_write_ops_hourlyazure_compute_imageazure_compute_resource_skuazure_compute_snapshotazure_compute_ssh_keyazure_compute_virtual_machineazure_compute_virtual_machine_metric_available_memoryazure_compute_virtual_machine_metric_available_memory_dailyazure_compute_virtual_machine_metric_available_memory_hourlyazure_compute_virtual_machine_metric_cpu_utilizationazure_compute_virtual_machine_metric_cpu_utilization_dailyazure_compute_virtual_machine_metric_cpu_utilization_hourlyazure_compute_virtual_machine_scale_setazure_compute_virtual_machine_scale_set_network_interfaceazure_compute_virtual_machine_scale_set_vmazure_consumption_usageazure_container_groupazure_container_registryazure_cosmosdb_accountazure_cosmosdb_mongo_collectionazure_cosmosdb_mongo_databaseazure_cosmosdb_restorable_database_accountazure_cosmosdb_sql_databaseazure_data_factoryazure_data_factory_datasetazure_data_factory_pipelineazure_data_lake_analytics_accountazure_data_lake_storeazure_databox_edge_deviceazure_databricks_workspaceazure_diagnostic_settingazure_dns_zoneazure_eventgrid_domainazure_eventgrid_topicazure_eventhub_namespaceazure_express_route_circuitazure_firewallazure_firewall_policyazure_frontdoorazure_hdinsight_clusterazure_healthcare_serviceazure_hpc_cacheazure_hybrid_compute_machineazure_hybrid_kubernetes_connected_clusterazure_iothubazure_iothub_dpsazure_key_vaultazure_key_vault_deleted_vaultazure_key_vault_keyazure_key_vault_key_versionazure_key_vault_managed_hardware_security_moduleazure_key_vault_secretazure_kubernetes_clusterazure_kubernetes_service_versionazure_kusto_clusterazure_lbazure_lb_backend_address_poolazure_lb_nat_ruleazure_lb_outbound_ruleazure_lb_probeazure_lb_ruleazure_locationazure_log_alertazure_log_profileazure_logic_app_workflowazure_machine_learning_workspaceazure_maintenance_configurationazure_management_groupazure_management_lockazure_mariadb_serverazure_monitor_activity_log_eventazure_monitor_log_profileazure_mssql_elasticpoolazure_mssql_managed_instanceazure_mssql_virtual_machineazure_mysql_flexible_serverazure_mysql_serverazure_nat_gatewayazure_network_interfaceazure_network_security_groupazure_network_watcherazure_network_watcher_flow_logazure_policy_assignmentazure_policy_definitionazure_postgresql_flexible_serverazure_postgresql_serverazure_private_dns_zoneazure_providerazure_public_ipazure_recovery_services_backup_jobazure_recovery_services_vaultazure_redis_cacheazure_resource_groupazure_resource_linkazure_role_assignmentazure_role_definitionazure_route_tableazure_search_serviceazure_security_center_auto_provisioningazure_security_center_automationazure_security_center_contactazure_security_center_jit_network_access_policyazure_security_center_settingazure_security_center_sub_assessmentazure_security_center_subscription_pricingazure_service_fabric_clusterazure_servicebus_namespaceazure_signalr_serviceazure_spring_cloud_serviceazure_sql_databaseazure_sql_serverazure_storage_accountazure_storage_blobazure_storage_blob_serviceazure_storage_containerazure_storage_queueazure_storage_share_fileazure_storage_syncazure_storage_tableazure_storage_table_serviceazure_stream_analytics_jobazure_subnetazure_subscriptionazure_synapse_workspaceazure_tenantazure_virtual_networkazure_virtual_network_gateway
Table: azure_virtual_network_gateway - Query Azure Virtual Network Gateways using SQL
Azure Virtual Network Gateway is a component used to send network traffic between Azure virtual networks and on-premises locations. It works as a specific type of virtual network gateway, designed to send encrypted traffic between an Azure virtual network and an on-premises location over the public Internet. It also enables communication between Azure virtual networks.
Table Usage Guide
The azure_virtual_network_gateway table provides insights into the configuration and status of Azure Virtual Network Gateways. As a network administrator, explore gateway-specific details through this table, including its IP configuration, SKU, and associated virtual network. Utilize it to manage and monitor your network gateways, ensuring secure and efficient communication between your Azure virtual networks and on-premises locations.
Examples
Basic info
Explore which Azure Virtual Network Gateways have Border Gateway Protocol (BGP) enabled. This can be useful for network administrators seeking to understand their network's configuration and routing protocols.
select name, id, enable_bgp, region, resource_groupfrom azure_virtual_network_gateway;select name, id, enable_bgp, region, resource_groupfrom azure_virtual_network_gateway;List network gateways with no connections
Discover the segments of your Azure virtual network gateways that are not connected to any resources. This can help in identifying unused network gateways, potentially reducing infrastructure costs and improving network management.
select name, id, enable_bgp, region, resource_groupfrom azure_virtual_network_gatewaywhere gateway_connections is null;select name, id, enable_bgp, region, resource_groupfrom azure_virtual_network_gatewaywhere gateway_connections is null;Control examples
Schema for azure_virtual_network_gateway
| Name | Type | Operators | Description |
|---|---|---|---|
| _ctx | jsonb | Steampipe context in JSON form, e.g. connection_name. | |
| active_active | boolean | Indicates whether virtual network gateway configured with active-active mode, or not. If true, each Azure gateway instance will have a unique public IP address, and each will establish an IPsec/IKE S2S VPN tunnel to your on-premises VPN device specified in your local network gateway and connection. | |
| akas | jsonb | Array of globally unique identifier strings (also known as) for the resource. | |
| bgp_settings | jsonb | Virtual network gateway's BGP speaker settings. | |
| cloud_environment | text | The Azure Cloud Environment. | |
| custom_routes_address_prefixes | jsonb | A list of address blocks reserved for this virtual network in CIDR notation. | |
| enable_bgp | boolean | Indicates whether BGP is enabled for this virtual network gateway, or not. | |
| enable_dns_forwarding | boolean | Indicates whether DNS forwarding is enabled, or not. | |
| enable_private_ip_address | boolean | Indicates whether private IP needs to be enabled on this gateway for connections or not. | |
| etag | text | An unique read-only string that changes whenever the resource is updated. | |
| gateway_connections | jsonb | A list of virtual network gateway connection resources that exists in a resource group. | |
| gateway_default_site | text | The reference to the LocalNetworkGateway resource, which represents local network site having default routes. Assign Null value in case of removing existing default site setting. | |
| gateway_type | text | The type of this virtual network gateway. Possible values include: 'Vpn', 'ExpressRoute'. | |
| id | text | Contains ID to identify a virtual network gateway uniquely. | |
| inbound_dns_forwarding_endpoint | text | The IP address allocated by the gateway to which dns requests can be sent. | |
| ip_configurations | jsonb | IP configurations for virtual network gateway. | |
| name | text | = | The friendly name that identifies the virtual network gateway. |
| provisioning_state | text | The provisioning state of the virtual network gateway resource. | |
| region | text | The Azure region/location in which the resource is located. | |
| resource_group | text | = | The resource group which holds this resource. |
| resource_guid | text | The resource GUID property of the virtual network gateway resource. | |
| sku_capacity | bigint | Gateway SKU capacity. | |
| sku_name | text | Gateway SKU name. | |
| sku_tier | text | Gateway SKU tier. | |
| subscription_id | text | The Azure Subscription ID in which the resource is located. | |
| tags | jsonb | A map of tags for the resource. | |
| title | text | Title of the resource. | |
| type | text | Type of the resource. | |
| vpn_client_configuration | jsonb | The reference to the VpnClientConfiguration resource which represents the P2S VpnClient configurations. | |
| vpn_gateway_generation | text | The generation for this virtual network gateway. Must be None if gatewayType is not VPN. Valid values are: 'None', 'Generation1', 'Generation2'. | |
| vpn_type | text | The type of this virtual network gateway. Valid values are: 'PolicyBased', 'RouteBased'. |
Export
This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.
You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:
/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- azureYou can pass the configuration to the command with the --config argument:
steampipe_export_azure --config '<your_config>' azure_virtual_network_gateway