Table: consul_namespace - Query Consul Namespaces using SQL
A Consul Namespace is a resource within HashiCorp Consul that allows you to isolate Consul resources and configurations into separate, distinct entities. It provides a way to segment the Consul ecosystem into smaller, manageable parts for different teams, applications, or environments. Consul Namespaces helps in ensuring the right level of access and control over the Consul resources.
Table Usage Guide
The consul_namespace
table provides insights into Consul Namespaces within HashiCorp Consul. As a DevOps engineer, you can explore namespace-specific details through this table, including their names, descriptions, ACLs, and associated metadata. Utilize it to uncover information about namespaces, such as their access controls, configurations, and the metadata associated with each namespace.
Important Notes
- You need to specify the
namespace
and partition parameters in theconsul.spc
file to be able to query this table.
Examples
Basic info
Explore the namespaces within your Consul environment to understand their creation and modification indices, which can help in tracking changes and managing your resources effectively.
select name, create_index, description, modify_index, partitionfrom consul_namespace;
select name, create_index, description, modify_index, partitionfrom consul_namespace;
List deleted namespaces
Discover the segments that were previously created but have since been removed. This is beneficial in assessing the changes in your system's organization and structure over time.
select name, create_index, description, modify_index, partitionfrom consul_namespacewhere deleted_at is not null;
select name, create_index, description, modify_index, partitionfrom consul_namespacewhere deleted_at is not null;
Show ACLs of each namespace
Assess the access control lists (ACLs) for each namespace to understand their policy and role defaults, which can be useful for auditing security configurations and permissions.
select name, create_index, partition, jsonb_pretty(acls -> 'PolicyDefaults') as policy_defaults, jsonb_pretty(acls -> 'RoleDefaults') as role_defaultsfrom consul_namespace;
select name, create_index, partition, acls as policy_defaults, acls as role_defaultsfrom consul_namespace;
Schema for consul_namespace
Name | Type | Operators | Description |
---|---|---|---|
_ctx | jsonb | Steampipe context in JSON form. | |
acls | jsonb | ACLs is the configuration of ACLs for this namespace. | |
address_url | text | The address URL. | |
create_index | bigint | = | CreateIndex is the Raft index at which the Namespace was created. |
deleted_at | timestamp with time zone | DeletedAt is the time when the Namespace was marked for deletion. | |
description | text | Description is where the user puts any information they want about the namespace. It is not used internally. | |
meta | jsonb | Meta is a map that can be used to add kv metadata to the namespace definition. | |
modify_index | bigint | ModifyIndex is the latest Raft index at which the Namespace was modified. | |
name | text | = | Name is the name of the Namespace. It must be unique and must be a DNS hostname. There are also other reserved names that may not be used. |
partition | text | Partition which contains the Namespace. | |
sp_connection_name | text | =, !=, ~~, ~~*, !~~, !~~* | Steampipe connection name. |
sp_ctx | jsonb | Steampipe context in JSON form. | |
title | text | The title of the namespace. |
Export
This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.
You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh
script:
/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- consul
You can pass the configuration to the command with the --config
argument:
steampipe_export_consul --config '<your_config>' consul_namespace