Steampipe unbundled →
Steampipe Hub 
Hub
Plugins
turbot/linode
Overview
15Tables
Versions
GitHub
steampipe plugin install linode

Table: linode_token - Query Linode Personal Access Tokens using SQL

A Linode Personal Access Token (PAT) is an API token granting full access to your Linode account, with the ability to create, access, modify, and remove any aspect of your account. PATs are great for when you want to build your own applications or scripts. Just like OAuth tokens, you can limit a token's scope to restrict what parts of your account it can access.

Table Usage Guide

The linode_token table provides insights into Personal Access Tokens within Linode. As a DevOps engineer, explore token-specific details through this table, including its scopes, created and expiry dates. Utilize it to uncover information about tokens, such as those with certain scopes, and verification of expiry dates.

Examples

List tokens

Explore all the available tokens in your Linode account to manage and control access to your resources effectively. This helps in maintaining security and managing permissions within your account.

select
  *
from
  linode_token;
select
  *
from
  linode_token;

Tokens by age in days

Identify the age of your Linode tokens to understand how long they have been in existence. This can help in managing token lifecycle and ensuring security compliance by replacing or revoking old tokens.

select
  token,
  created,
  date_part('day', age(current_timestamp, created)) as age_days
from
  linode_token
order by
  age_days desc;
select
  token,
  created,
  julianday('now') - julianday(created) as age_days
from
  linode_token
order by
  age_days desc;

Tokens expiring in the next 30 days

Discover the segments that have tokens expiring in the next 30 days. This is useful for proactively managing and renewing such tokens before they lapse, ensuring uninterrupted access to linked services.

select
  token,
  expiry
from
  linode_token
where
  expiry < current_date + interval '30 days';
select
  token,
  expiry
from
  linode_token
where
  expiry < date('now', '+30 days');

Tokens will full permissions

Explore which tokens have full permissions in Linode. This can be useful for identifying potential security risks and ensuring appropriate access control.

select
  *
from
  linode_token
where
  scopes ? '*'
Error: SQLite does not support '?' operator for JSON objects.

Scopes by token

Explore which Linode API tokens have been granted specific permissions, as this information can be crucial for managing access rights and ensuring security within your system.

select
  t.token,
  scope
from
  linode_token as t,
  jsonb_array_elements_text(t.scopes) as scope;
select
  t.token,
  json_extract(
    scope.value,
    ')
from
  linode_token as t,
  json_each(t.scopes) as scope;

Schema for linode_token

NameTypeOperatorsDescription
_ctxjsonbSteampipe context in JSON form, e.g. connection_name.
createdtimestamp with time zoneThe date and time this token was created.
expirytimestamp with time zoneWhen this token will expire.
idbigint=This token's unique ID, which can be used to revoke it.
labeltextThis token's label. This is for display purposes only, but can be used to more easily track what you're using each token for.
scopesjsonbArray of scopes for the token, e.g. *, account:read_write, domains:read_only.
tokentextFirst 16 characters of the token.

Export

This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.

You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:

/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- linode

You can pass the configuration to the command with the --config argument:

steampipe_export_linode --config '<your_config>' linode_token