oci_adm_knowledge_baseoci_adm_vulnerability_auditoci_ai_anomaly_detection_ai_private_endpointoci_ai_anomaly_detection_data_assetoci_ai_anomaly_detection_modeloci_ai_anomaly_detection_projectoci_analytics_instanceoci_apigateway_apioci_application_migration_migrationoci_application_migration_sourceoci_artifacts_container_imageoci_artifacts_container_image_signatureoci_artifacts_container_repositoryoci_artifacts_generic_artifactoci_artifacts_repositoryoci_autoscaling_auto_scaling_configurationoci_autoscaling_auto_scaling_policyoci_bastion_bastionoci_bastion_sessionoci_bds_bds_instanceoci_budget_alert_ruleoci_budget_budgetoci_certificates_authority_bundleoci_certificates_management_associationoci_certificates_management_ca_bundleoci_certificates_management_certificateoci_certificates_management_certificate_authorityoci_certificates_management_certificate_authority_versionoci_certificates_management_certificate_versionoci_cloud_guard_configurationoci_cloud_guard_detector_recipeoci_cloud_guard_managed_listoci_cloud_guard_responder_recipeoci_cloud_guard_targetoci_container_instances_containeroci_container_instances_container_instanceoci_containerengine_clusteroci_core_block_volume_replicaoci_core_boot_volumeoci_core_boot_volume_attachmentoci_core_boot_volume_backupoci_core_boot_volume_metric_read_opsoci_core_boot_volume_metric_read_ops_dailyoci_core_boot_volume_metric_read_ops_hourlyoci_core_boot_volume_metric_write_opsoci_core_boot_volume_metric_write_ops_dailyoci_core_boot_volume_metric_write_ops_hourlyoci_core_boot_volume_replicaoci_core_cluster_networkoci_core_dhcp_optionsoci_core_drgoci_core_imageoci_core_image_customoci_core_instanceoci_core_instance_configurationoci_core_instance_metric_cpu_utilizationoci_core_instance_metric_cpu_utilization_dailyoci_core_instance_metric_cpu_utilization_hourlyoci_core_internet_gatewayoci_core_load_balanceroci_core_local_peering_gatewayoci_core_nat_gatewayoci_core_network_load_balanceroci_core_network_security_groupoci_core_public_ipoci_core_public_ip_pooloci_core_route_tableoci_core_security_listoci_core_service_gatewayoci_core_subnetoci_core_vcnoci_core_vnic_attachmentoci_core_volumeoci_core_volume_attachmentoci_core_volume_backupoci_core_volume_backup_policyoci_core_volume_default_backup_policyoci_core_volume_groupoci_database_autonomous_databaseoci_database_autonomous_db_metric_cpu_utilizationoci_database_autonomous_db_metric_cpu_utilization_dailyoci_database_autonomous_db_metric_cpu_utilization_hourlyoci_database_autonomous_db_metric_storage_utilizationoci_database_autonomous_db_metric_storage_utilization_dailyoci_database_autonomous_db_metric_storage_utilization_hourlyoci_database_cloud_vm_clusteroci_database_dboci_database_db_homeoci_database_db_systemoci_database_pluggable_databaseoci_database_software_imageoci_devops_projectoci_devops_repositoryoci_dns_rrsetoci_dns_tsig_keyoci_dns_zoneoci_events_ruleoci_file_storage_file_systemoci_file_storage_mount_targetoci_file_storage_snapshotoci_functions_applicationoci_functions_functionoci_identity_api_keyoci_identity_auth_tokenoci_identity_authentication_policyoci_identity_availability_domainoci_identity_compartmentoci_identity_customer_secret_keyoci_identity_db_credentialoci_identity_domainoci_identity_dynamic_groupoci_identity_groupoci_identity_network_sourceoci_identity_policyoci_identity_tag_defaultoci_identity_tag_namespaceoci_identity_tenancyoci_identity_useroci_kms_keyoci_kms_key_versionoci_kms_vaultoci_logging_logoci_logging_log_groupoci_logging_searchoci_mysql_backupoci_mysql_channeloci_mysql_configurationoci_mysql_configuration_customoci_mysql_db_systemoci_mysql_db_system_metric_connectionsoci_mysql_db_system_metric_connections_dailyoci_mysql_db_system_metric_connections_hourlyoci_mysql_db_system_metric_cpu_utilizationoci_mysql_db_system_metric_cpu_utilization_dailyoci_mysql_db_system_metric_cpu_utilization_hourlyoci_mysql_db_system_metric_memory_utilizationoci_mysql_db_system_metric_memory_utilization_dailyoci_mysql_heat_wave_clusteroci_network_firewall_firewalloci_network_firewall_policyoci_nosql_tableoci_nosql_table_metric_read_throttle_countoci_nosql_table_metric_read_throttle_count_dailyoci_nosql_table_metric_read_throttle_count_hourlyoci_nosql_table_metric_storage_utilizationoci_nosql_table_metric_storage_utilization_dailyoci_nosql_table_metric_storage_utilization_hourlyoci_nosql_table_metric_write_throttle_countoci_nosql_table_metric_write_throttle_count_dailyoci_nosql_table_metric_write_throttle_count_hourlyoci_objectstorage_bucketoci_objectstorage_objectoci_ons_notification_topicoci_ons_subscriptionoci_queue_queueoci_regionoci_resource_searchoci_resourcemanager_stackoci_streaming_streamoci_vault_secret
Table: oci_certificates_management_certificate - Query OCI Certificates Management Certificates using SQL
Oracle Cloud Infrastructure (OCI) Certificates Management is a service that helps in managing and controlling SSL/TLS certificates. It allows users to create, import, and manage SSL/TLS certificates for their cloud-based applications and resources. This service ensures that the certificates are valid, trusted, and can be used for secure connections.
Table Usage Guide
The oci_certificates_management_certificate table provides insights into the SSL/TLS certificates managed by OCI Certificates Management. As a security analyst, you can delve into certificate-specific details through this table, including certificate type, validity, and associated metadata. Utilize it to uncover information about certificates, such as their expiration dates, the resources they're associated with, and their overall status within your OCI environment.
Examples
Basic info
Discover the details of your certificates, including their lifecycle state and associated metadata. This is useful to understand the status and configuration of your certificates for better management and security compliance.
select id, name, config_type, issuer_certificate_authority_id, description, certificate_rules, time_of_deletion, lifecycle_details, current_version, subject, certificate_revocation_list_details, key_algorithm, signature_algorithm, certificate_profile_type, lifecycle_state as statefrom oci_certificates_management_certificate;select id, name, config_type, issuer_certificate_authority_id, description, certificate_rules, time_of_deletion, lifecycle_details, current_version, subject, certificate_revocation_list_details, key_algorithm, signature_algorithm, certificate_profile_type, lifecycle_state as statefrom oci_certificates_management_certificate;List imported certificates
Explore imported certificates to understand their lifecycle state, rules, and signature algorithm. This can be helpful in managing and understanding the security and validity of certificates in your environment.
select name, id, certificate_rules, lifecycle_state, config_type, signature_algorithmfrom oci_certificates_management_certificatewhere config_type = 'IMPORTED';select name, id, certificate_rules, lifecycle_state, config_type, signature_algorithmfrom oci_certificates_management_certificatewhere config_type = 'IMPORTED';List failed certificates
Discover the segments that have failed certificates to gain insights into potential security risks or issues in your system. This is useful for quickly identifying and addressing problematic areas, enhancing the overall security of your system.
select name, id, current_version, subject, certificate_revocation_list_details, key_algorithmfrom oci_certificates_management_certificatewhere lifecycle_state = 'FAILED';select name, id, current_version, subject, certificate_revocation_list_details, key_algorithmfrom oci_certificates_management_certificatewhere lifecycle_state = 'FAILED';List certificates created in the last 30 days
Discover the segments that have been certified within the last month. This is useful for tracking recent changes and ensuring system security.
select name, id, current_version, key_algorithm, time_created, time_of_deletionfrom oci_certificates_management_certificatewhere time_created >= now() - interval '30' day;select name, id, current_version, key_algorithm, time_created, time_of_deletionfrom oci_certificates_management_certificatewhere time_created >= datetime('now', '-30 day');Get the current version details of each certificate
Explore which certificates are currently in use and their respective details. This is useful for tracking certificate versions and their revocation status, which aids in maintaining secure connections.
select name, id, current_version ->> 'certificateId' as certificate_id, current_version ->> 'issuerCaVersionNumber' as issuer_ca_version_number, current_version ->> 'revocationStatus' as revocation_status, current_version ->> 'serialNumber' as serial_number, current_version ->> 'stages' as stagesfrom oci_certificates_management_certificate;select name, id, json_extract(current_version, '$.certificateId') as certificate_id, json_extract(current_version, '$.issuerCaVersionNumber') as issuer_ca_version_number, json_extract(current_version, '$.revocationStatus') as revocation_status, json_extract(current_version, '$.serialNumber') as serial_number, json_extract(current_version, '$.stages') as stagesfrom oci_certificates_management_certificate;Schema for oci_certificates_management_certificate
| Name | Type | Operators | Description |
|---|---|---|---|
| _ctx | jsonb | Steampipe context in JSON form, e.g. connection_name. | |
| certificate_profile_type | text | The name of the profile used to create the certificate. | |
| certificate_revocation_list_details | jsonb | Certificate revocation details. | |
| certificate_rules | jsonb | A list of rules that control how the certificate is used and managed. | |
| compartment_id | text | = | The OCID of the compartment in Tenant in which the resource is located. |
| config_type | text | The origin of the certificate. | |
| current_version | jsonb | Details about the current version of the certificate. | |
| defined_tags | jsonb | Defined tags for this resource. | |
| description | text | A brief description of the certificate. | |
| freeform_tags | jsonb | Free-form tags for this resource. | |
| id | text | = | The OCID of the certificate. |
| issuer_certificate_authority_id | text | = | The OCID of the certificate authority (CA) that issued the certificate. |
| key_algorithm | text | The algorithm used to create key pairs. | |
| lifecycle_details | text | Additional information about the current lifecycle state of the certificate. | |
| lifecycle_state | text | = | The current lifecycle state of the certificate. |
| name | text | = | A user-friendly name for the certificate. |
| signature_algorithm | text | The algorithm used to sign the public key certificate. | |
| subject | jsonb | Certificate subject informnation. | |
| tags | jsonb | A map of tags for the resource. | |
| tenant_id | text | The OCID of the Tenant in which the resource is located. | |
| time_created | timestamp with time zone | Time that the Certificate was created. | |
| time_of_deletion | timestamp with time zone | An optional property indicating when to delete the certificate version. | |
| title | text | Title of the resource. |
Export
This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.
You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:
/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- ociYou can pass the configuration to the command with the --config argument:
steampipe_export_oci --config '<your_config>' oci_certificates_management_certificate