steampipe plugin install gcp

Table: gcp_dns_managed_zone - Query Google Cloud DNS Managed Zones using SQL

Google Cloud DNS is a scalable, reliable, and managed authoritative Domain Name System (DNS) service running on the same infrastructure as Google. It provides a simple, cost-effective way to make your applications and services available to your users. This service translates requests for domain names like www.google.com into IP addresses like 74.125.29.101.

Table Usage Guide

The gcp_dns_managed_zone table provides insights into DNS Managed Zones within Google Cloud DNS. As a network engineer, explore zone-specific details through this table, including DNS configuration, visibility, and associated metadata. Utilize it to uncover information about zones, such as those with private visibility, DNSSEC state, and the verification of DNS configurations.

Examples

Basic info

Explore the basic information about Google Cloud Platform's DNS managed zones, such as their names, identifiers, DNS names, creation times, and visibility settings. This query can help you gain insights into the configuration and status of your DNS managed zones to ensure they are set up as expected.

select
name,
id,
dns_name,
creation_time,
visibility
from
gcp_dns_managed_zone;
select
name,
id,
dns_name,
creation_time,
visibility
from
gcp_dns_managed_zone;

List public zones with DNSSEC disabled

Explore which public zones have the DNSSEC feature disabled. This can be used to identify potential security vulnerabilities in your DNS configuration.

select
name,
id,
dns_name,
dnssec_config_state,
visibility
from
gcp_dns_managed_zone
where
visibility = 'public'
and (
dnssec_config_state is null
or dnssec_config_state = 'off'
);
select
name,
id,
dns_name,
dnssec_config_state,
visibility
from
gcp_dns_managed_zone
where
visibility = 'public'
and (
dnssec_config_state is null
or dnssec_config_state = 'off'
);

Schema for gcp_dns_managed_zone

NameTypeOperatorsDescription
_ctxjsonbSteampipe context in JSON form.
akasjsonbArray of globally unique identifier strings (also known as) for the resource.
creation_timetimestamp with time zoneThe time that this resource was created on the server.
descriptiontextA user-specified, human-readable description of the managed zone.
dns_nametextThe DNS name of this managed zone.
dnssec_config_default_key_specsjsonbSpecifies parameters for generating initial DnsKeys for this ManagedZone.
dnssec_config_non_existencetextSpecifies the mechanism for authenticated denial-of-existence responses.
dnssec_config_statetextSpecifies whether DNSSEC is enabled, and what mode it is in.
forwarding_config_target_name_serversjsonbA list of target name servers to forward to.
idbigintThe unique identifier for the resource, defined by the server.
kindtextThe type of the resource.
labelsjsonbA set labels attached with the resource.
locationtextThe GCP multi-region, region, or zone in which the resource is located.
nametext=An user assigned, friendly name that identifies the resource.
name_server_settextSpecifies the NameServerSet for this ManagedZone. A NameServerSet is a set of DNS name servers that all host the same ManagedZones.
name_serversjsonbDelegate your managed_zone to these virtual name servers; defined by the server.
peering_config_target_networkjsonbSpecifies the configuration of the network with which to peer.
private_visibility_config_networksjsonbA set of Virtual Private Cloud resources that the zone is visible from.
projecttext=, !=, ~~, ~~*, !~~, !~~*The GCP Project in which the resource is located.
self_linktextServer-defined URL for the managed zone.
service_directory_config_namespace_deletion_timetimestamp with time zoneThe time that the namespace backing this zone was deleted.
sp_connection_nametext=, !=, ~~, ~~*, !~~, !~~*Steampipe connection name.
sp_ctxjsonbSteampipe context in JSON form.
tagsjsonbA map of tags for the resource.
titletextTitle of the resource.
visibilitytextSpecifies the zone's visibility. public zones are exposed to the Internet, while private zones are visible only to Virtual Private Cloud resources.

Export

This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.

You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:

/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- gcp

You can pass the configuration to the command with the --config argument:

steampipe_export_gcp --config '<your_config>' gcp_dns_managed_zone