steampipe plugin install tfe

Table: tfe_oauth_client - Query Terraform Enterprise OAuth Clients using SQL

An OAuth Client in Terraform Enterprise is a fundamental building block when working with OAuth-based connections in the platform. It represents the applications that are registered to use the OAuth 2.0 authorization framework. OAuth Clients are responsible for managing the OAuth tokens and their associated scopes, providing a secure way to authenticate users and interact with the Terraform Enterprise API.

Table Usage Guide

The tfe_oauth_client table provides insights into OAuth Clients within Terraform Enterprise. As a security administrator, explore OAuth client-specific details through this table, including client credentials, token details, and associated metadata. Utilize it to uncover information about OAuth clients, such as those with specific permissions, the relationships between clients, and the verification of token scopes.

Examples

Basic info

Explore the OAuth client details within your infrastructure to gain insights into their configuration and usage. This can be useful in understanding the client's behavior and identifying any potential issues or areas for improvement.

select
*
from
tfe_oauth_client;
select
*
from
tfe_oauth_client;

Get OAuth client by ID

Explore which OAuth client corresponds to a specific ID to manage access and permissions more effectively. This can be useful in scenarios where you need to understand the access granted to a particular client or troubleshoot issues related to client permissions.

select
*
from
tfe_oauth_client
where
id = 'oc-JM8tnPzgdo1wM3jy';
select
*
from
tfe_oauth_client
where
id = 'oc-JM8tnPzgdo1wM3jy';

List OAuth clients sorted by age

Analyze the settings to understand the age of your OAuth clients, allowing you to prioritize updates or maintenance based on their age. This can be useful in managing the lifecycle of your OAuth clients and ensuring older clients are still functioning properly.

select
id,
created_at,
date_part('day', age(current_timestamp, created_at)) as age_days
from
tfe_oauth_client
order by
age_days desc;
select
id,
created_at,
julianday('now') - julianday(created_at) as age_days
from
tfe_oauth_client
order by
age_days desc;

Schema for tfe_oauth_client

NameTypeOperatorsDescription
_ctxjsonbSteampipe context in JSON form.
api_urltextThe API url of the service provider.
callback_urltextThe callback url of the oauth client.
connect_pathtextThe connection path of the oauth client.
created_attimestamp with time zoneTime when the oauth client was created.
http_urltextThe HTTP url of the service provider.
idtext=The ID of the oauth client.
keytextThe key of the oauth client.
oauth_tokenjsonbThe token information you were given by your VCS provider.
organizationjsonbThe organization information.
organization_nametext=, !=, ~~, ~~*, !~~, !~~*Name of the organization containing the oauth client.
rsa_public_keytextThe public key of the oauth client.
service_providertextThe VCS provider being connected with. Valid options are ado_server, ado_services, github, github_enterprise, gitlab_hosted, gitlab_community_edition, or gitlab_enterprise_edition.
service_provider_nametextThe name of VCS provider being connected with.
sp_connection_nametext=, !=, ~~, ~~*, !~~, !~~*Steampipe connection name.
sp_ctxjsonbSteampipe context in JSON form.

Export

This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.

You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:

/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- tfe

You can pass the configuration to the command with the --config argument:

steampipe_export_tfe --config '<your_config>' tfe_oauth_client