steampipe plugin install gcp

Table: gcp_compute_vpn_tunnel - Query GCP Compute VPN Tunnels using SQL

Google Cloud Platform's VPN Tunnels are part of the Compute service, providing secure encrypted connections between your network and your cloud network. They are used to securely extend your private network into your Google Cloud Virtual Private Cloud network through an IPsec VPN connection. They provide an essential layer of security for your data.

Table Usage Guide

The gcp_compute_vpn_tunnel table provides insights into VPN tunnels within Google Cloud Platform's Compute service. As a network engineer, explore tunnel-specific details through this table, including the associated network, target VPN gateway, and routing configuration. Utilize it to uncover information about tunnels, such as their statuses, the IKE versions used, and the shared secrets for the tunnels.

Examples

VPN tunnel basic info

Explore the basic information about VPN tunnels to understand their configuration and security settings. This can be useful for network administrators to assess and manage the VPN infrastructure within their organization.

select
name,
id,
peer_ip,
shared_secret_hash
from
gcp_compute_vpn_tunnel;
select
name,
id,
peer_ip,
shared_secret_hash
from
gcp_compute_vpn_tunnel;

Get VPN gateway peer details

Determine the areas in which you can gain insights into the details of your VPN gateway peers. This can be beneficial in understanding the configuration and connectivity of your virtual private network.

select
name,
peer_ip,
vpn_gateway_name
from
gcp_compute_vpn_tunnel;
select
name,
peer_ip,
vpn_gateway_name
from
gcp_compute_vpn_tunnel;

Traffic selector info of each tunnel

This example helps you identify the traffic selectors for each VPN tunnel in your Google Cloud Platform. It's particularly useful for network administrators seeking to understand how traffic is being directed and managed within their VPN infrastructure.

select
name,
jsonb_array_elements_text(local_traffic_selector) as local_traffic_selector,
jsonb_array_elements_text(remote_traffic_selector) as remote_traffic_selector
from
gcp_compute_vpn_tunnel;
select
name,
json_each.value as local_traffic_selector,
json_each.value as remote_traffic_selector
from
gcp_compute_vpn_tunnel,
json_each(gcp_compute_vpn_tunnel.local_traffic_selector),
json_each(gcp_compute_vpn_tunnel.remote_traffic_selector);

Schema for gcp_compute_vpn_tunnel

NameTypeOperatorsDescription
_ctxjsonbSteampipe context in JSON form.
akasjsonbArray of globally unique identifier strings (also known as) for the resource.
creation_timestamptimestamp with time zoneThe creation timestamp of the resource.
descriptiontextA user-specified, human-readable description of the vpn tunnel.
detailed_statustextDetailed status message for the VPN tunnel.
idbigintThe unique identifier for the resource.
ike_versionbigintSpecifies the IKE protocol version to use when establishing the VPN tunnel with the peer VPN gateway.
kindtextThe type of the resource.
local_traffic_selectorjsonbA list of local traffic selector to use when establishing the VPN tunnel with the peer VPN gateway. The value should be a CIDR formatted string.
locationtextThe GCP multi-region, region, or zone in which the resource is located.
nametext=A friendly name that identifies the resource.
peer_external_gatewaytextThe URL of the peer side external VPN gateway to which this VPN tunnel is connected.
peer_external_gateway_interfacebigintThe interface ID of the external VPN gateway to which this VPN tunnel is connected.
peer_gcp_gatewaytextThe URL of the peer side HA GCP VPN gateway to which this VPN tunnel is connected.
peer_ipinetSpecifies the IP address of the peer VPN gateway.
projecttext=, !=, ~~, ~~*, !~~, !~~*The GCP Project in which the resource is located.
regiontextThe URL of the region where the VPN tunnel resides.
remote_traffic_selectorjsonbA list of remote traffic selector to use when establishing the VPN tunnel with the peer VPN gateway. The value should be a CIDR formatted string.
routertextThe URL of the router resource to be used for dynamic routing.
self_linktextThe server-defined URL for the resource.
shared_secrettextSpecifies the shared secret, used to set the secure session between the Cloud VPN gateway and the peer VPN gateway.
shared_secret_hashtextSpecifies the hash of the shared secret.
sp_connection_nametext=, !=, ~~, ~~*, !~~, !~~*Steampipe connection name.
sp_ctxjsonbSteampipe context in JSON form.
statustext!=, =Specifies the current status of the vpn tunnel.
target_vpn_gatewaytextThe URL of the Target VPN gateway with which this VPN tunnel is associated.
titletextTitle of the resource.
vpn_gatewaytext!=, =The URL of the VPN gateway with which this VPN tunnel is associated.
vpn_gateway_interfacebigintThe interface ID of the VPN gateway with which this VPN tunnel is associated
vpn_gateway_nametextThe URL of the VPN gateway with which this VPN tunnel is associated.

Export

This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.

You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:

/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- gcp

You can pass the configuration to the command with the --config argument:

steampipe_export_gcp --config '<your_config>' gcp_compute_vpn_tunnel