steampipe plugin install gcp

Table: gcp_dns_policy - Query Google Cloud DNS Policies using SQL

Google Cloud DNS Policies are a resource that allows users to configure how DNS queries are handled in Google Cloud. These policies can be used to control DNS behavior in a flexible and granular way, such as by configuring DNS forwarding, alternative name servers, or enabling private DNS zones. Google Cloud DNS Policies provide a way to manage DNS settings across multiple networks, improving network security and reliability.

Table Usage Guide

The gcp_dns_policy table provides insights into DNS Policies within Google Cloud DNS. As a network engineer or a security analyst, explore policy-specific details through this table, including configurations, settings, and associated metadata. Utilize it to uncover information about policies, such as those with specific forwarding paths, the alternative name servers, and the status of private DNS zones.

Examples

Basic info

Explore the configuration settings of your Google Cloud Platform's DNS policies to understand their current setup. This can help in identifying instances where inbound forwarding or logging is enabled, which can be crucial for security and network management.

select
name,
id,
kind,
enable_inbound_forwarding,
enable_logging,
target_name_servers
from
gcp_dns_policy;
select
name,
id,
kind,
enable_inbound_forwarding,
enable_logging,
target_name_servers
from
gcp_dns_policy;

List DNS policies with logging disabled

Discover the DNS policies that have logging disabled. This can be useful to identify potential security risks or compliance issues related to lack of logging in your GCP environment.

select
name,
id,
enable_logging
from
gcp_dns_policy
where
not enable_logging;
select
name,
id,
enable_logging
from
gcp_dns_policy
where
enable_logging = 0;

List DNS policies not associated with any network

Discover policies in Google Cloud Platform's DNS service that aren't linked to any network. This can help identify unused resources or potential configuration issues.

select
name,
id,
networks
from
gcp_dns_policy
where
networks = '[]';
select
name,
id,
networks
from
gcp_dns_policy
where
networks = '[]';

Schema for gcp_dns_policy

NameTypeOperatorsDescription
_ctxjsonbSteampipe context in JSON form.
akasjsonbArray of globally unique identifier strings (also known as) for the resource.
descriptiontextA mutable string of at most 1024 characters associated with this resource for the user's convenience. Has no effect on the policy's function.
enable_inbound_forwardingbooleanAllows networks bound to this policy to receive DNS queries sent by VMs or applications over VPN connections. When enabled, a virtual IP address will be allocated from each of the sub-networks that are bound to this policy.
enable_loggingbooleanControls whether logging is enabled for the networks bound to this policy. Defaults to no logging if not set.
idbigintAn unique identifier for the resource, defined by the server.
kindtextThe type of the resource.
locationtextThe GCP multi-region, region, or zone in which the resource is located.
nametext=An user assigned name for this policy.
networksjsonbA list of network names specifying networks to which this policy is applied.
projecttext=, !=, ~~, ~~*, !~~, !~~*The GCP Project in which the resource is located.
sp_connection_nametext=, !=, ~~, ~~*, !~~, !~~*Steampipe connection name.
sp_ctxjsonbSteampipe context in JSON form.
target_name_serversjsonbSets an alternative name server for the associated networks. When specified, all DNS queries are forwarded to a name server that you choose. Names such as .internal are not available when an alternative name server is specified.
titletextTitle of the resource.

Export

This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.

You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:

/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- gcp

You can pass the configuration to the command with the --config argument:

steampipe_export_gcp --config '<your_config>' gcp_dns_policy