Table: cloudflare_zone - Query Cloudflare Zones using SQL
A Cloudflare Zone represents a domain name that is registered with Cloudflare. It includes settings related to DNS, SSL/TLS, and other features that help protect and speed up your website. It is a crucial component in managing the performance and security of your web presence.
Table Usage Guide
The cloudflare_zone table provides insights into zones within Cloudflare. As a network administrator, explore zone-specific details through this table, including DNS settings, SSL/TLS configurations, and associated metadata. Utilize it to uncover information about zones, such as their security level, development mode status, and the original DNS servers.
Examples
Query all zones for the user
Explore all zones associated with your user account on Cloudflare. This allows you to see a comprehensive overview of all your zones, useful for managing multiple domains or subdomains.
select *from cloudflare_zone;select *from cloudflare_zone;List all settings for the zone
Explore the various settings for a specific zone to gain insights into its configuration and values. This can aid in understanding the zone's current setup and potentially identifying areas for optimization or troubleshooting.
select name, setting.key, setting.valuefrom cloudflare_zone, jsonb_each_text(settings) as setting;select name, setting.key, setting.valuefrom cloudflare_zone, json_each(settings) as setting;Get details of the TLS 1.3 setting
Explore the configuration of your Cloudflare zones to understand the status of the TLS 1.3 setting. This can help ensure your zones are utilizing the latest security protocols.
select name, settings ->> 'tls_1_3'from cloudflare_zone;select name, json_extract(settings, '$.tls_1_3')from cloudflare_zone;List all permissions available to the user for this zone
Discover the segments that outline the range of permissions a user has in a certain zone, giving a comprehensive overview of their access rights. This is beneficial in maintaining security and ensuring appropriate access levels.
select name, permfrom cloudflare_zone, jsonb_array_elements_text(permissions) as perm;select name, perm.valuefrom cloudflare_zone, json_each(permissions) as perm;Check DNSSEC status for zones
Analyze the security status of your domain zones to ensure DNSSEC, a crucial internet security protocol, is properly enabled. This is essential for protecting your website from DNS spoofing and other DNS-related attacks.
select name, dnssec ->> 'status'from cloudflare_zone;select name, json_extract(dnssec, '$.status')from cloudflare_zone;Schema for cloudflare_zone
| Name | Type | Operators | Description |
|---|---|---|---|
| _ctx | jsonb | Steampipe context in JSON form, e.g. connection_name. | |
| betas | jsonb | Beta feature flags associated with the zone. | |
| created_on | timestamp with time zone | When the zone was created. | |
| deactivation_reason | text | TODO | |
| development_mode | bigint | The interval (in seconds) from when development mode expires (positive integer) or last expired (negative integer) for the domain. If development mode has never been enabled, this value is 0. | |
| dnssec | jsonb | DNSSEC settings for the zone. | |
| host | jsonb | TODO | |
| id | text | = | Zone identifier tag. |
| meta | jsonb | Metadata associated with the zone. | |
| modified_on | timestamp with time zone | When the zone was last modified. | |
| name | text | The domain name. | |
| name_servers | jsonb | Cloudflare-assigned name servers. This is only populated for zones that use Cloudflare DNS. | |
| original_dnshost | text | DNS host at the time of switching to Cloudflare. | |
| original_name_servers | jsonb | Original name servers before moving to Cloudflare. | |
| original_registrar | text | Registrar for the domain at the time of switching to Cloudflare. | |
| owner | jsonb | Information about the user or organization that owns the zone. | |
| paused | boolean | Indicates if the zone is only using Cloudflare DNS services. A true value means the zone will not receive security or performance benefits. | |
| permissions | jsonb | Available permissions on the zone for the current user requesting the item. | |
| plan | jsonb | Current plan associated with the zone. | |
| plan_pending | jsonb | Pending plan change associated with the zone. | |
| settings | jsonb | Simple key value map of zone settings like advanced_ddos = on. Full settings details are in settings_src. | |
| status | text | Status of the zone. | |
| type | text | A full zone implies that DNS is hosted with Cloudflare. A partial zone is typically a partner-hosted zone or a CNAME setup. | |
| vanity_name_servers | jsonb | Custom name servers for the zone. |
Export
This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.
You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:
/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- cloudflareYou can pass the configuration to the command with the --config argument:
steampipe_export_cloudflare --config '<your_config>' cloudflare_zone