🚀Launch Week 05, July 22nd - 26th, 2024🚀
Steampipe Hub 
Hub
Plugins
turbot/dockerhub
Overview
4Tables
Versions
GitHub
steampipe plugin install dockerhub

Table: dockerhub_token - Query DockerHub Tokens using SQL

DockerHub Tokens are a feature of DockerHub, a cloud-based repository service where developers can manage, store, and distribute Docker images. Tokens allow secure access to DockerHub repositories, providing an additional layer of security for images and containers. They are used to authenticate Docker CLI and Docker API requests, replacing the need for using username and password.

Table Usage Guide

The dockerhub_token table provides insights into DockerHub Tokens within DockerHub. As a DevOps engineer, explore token-specific details through this table, including token ID, status, and associated metadata. Utilize it to manage and monitor tokens, such as those currently active, their permissions, and the time of their creation.

Examples

Basic info

Explore which DockerHub tokens are active and when they were created. This can be useful for auditing purposes, to track user activity and ensure security compliance.

select
  uuid,
  is_active,
  generated_by,
  creator_ua,
  creator_ip,
  created_at,
  client_id
from
  dockerhub_token;
select
  uuid,
  is_active,
  generated_by,
  creator_ua,
  creator_ip,
  created_at,
  client_id
from
  dockerhub_token;

List inactive tokens

Discover the segments that are associated with inactive tokens in DockerHub. This can be beneficial in identifying potential security risks and maintaining optimal system performance.

select
  uuid,
  is_active,
  generated_by,
  creator_ua,
  creator_ip,
  created_at,
  client_id
from
  dockerhub_token
where
  not is_active;
select
  uuid,
  is_active,
  generated_by,
  creator_ua,
  creator_ip,
  created_at,
  client_id
from
  dockerhub_token
where
  is_active = 0;

List tokens which have never been used

Identify unused tokens within your DockerHub setup to assess potential security risks or inefficiencies. This helps in maintaining a clean, secure, and efficient environment by removing or updating unused tokens.

select
  uuid,
  is_active,
  generated_by,
  creator_ua,
  creator_ip,
  created_at,
  client_id
from
  dockerhub_token
where
  last_used is null;
select
  uuid,
  is_active,
  generated_by,
  creator_ua,
  creator_ip,
  created_at,
  client_id
from
  dockerhub_token
where
  last_used is null;

List manually generated tokens

Explore which tokens have been manually generated. This is beneficial in identifying potential security risks or anomalies related to token generation.

select
  uuid,
  is_active,
  generated_by,
  creator_ua,
  creator_ip,
  created_at,
  client_id
from
  dockerhub_token
where
  generated_by = 'manual';
select
  uuid,
  is_active,
  generated_by,
  creator_ua,
  creator_ip,
  created_at,
  client_id
from
  dockerhub_token
where
  generated_by = 'manual';

List tokens which are older than 90 days

Determine the areas in which DockerHub tokens have remained active for more than 90 days. This can be useful for identifying potential security risks associated with outdated tokens.

select
  uuid,
  is_active,
  generated_by,
  creator_ua,
  creator_ip,
  created_at,
  client_id
from
  dockerhub_token
where
  created_at < now() - interval '90' day;
select
  uuid,
  is_active,
  generated_by,
  creator_ua,
  creator_ip,
  created_at,
  client_id
from
  dockerhub_token
where
  created_at < datetime('now', '-90 day');

Schema for dockerhub_token

NameTypeOperatorsDescription
_ctxjsonbSteampipe context in JSON form, e.g. connection_name.
client_idtextClient ID associated with the token.
created_attimestamp with time zoneTimestamp indicating when the token was created.
creator_iptextIP address of the creator or originator of the token.
creator_uatextUser-Agent (UA) string of the creator or originator of the token.
descriptiontextDescription or additional information about the token.
generated_bytextEntity that generated the token.
is_activebooleanBoolean value indicating whether the token is active or not.
last_usedtimestamp with time zoneTimestamp indicating the last time the token was used.
titletextTitle of the resource.
tokentextActual token value used for authentication or authorization purposes.
uuidtext=Universally Unique Identifier (UUID) of the token.

Export

This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.

You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:

/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- dockerhub

You can pass the configuration to the command with the --config argument:

steampipe_export_dockerhub --config '<your_config>' dockerhub_token