Table: tfe_user_token - Query Terraform Enterprise User Tokens using SQL
A User Token in Terraform Enterprise represents the authentication details for a specific user. These tokens are used to access the Terraform Enterprise API, and they carry the security credentials for a user authentication request. User tokens are unique to each user and can be created, listed, and deleted through the API.
Table Usage Guide
The tfe_user_token
table provides insights into User Tokens within Terraform Enterprise. As a DevOps engineer, explore token-specific details through this table, including the associated user, creation time, and last access time. Utilize it to monitor user activity, manage access control, and ensure secure usage of Terraform Enterprise API.
Examples
List user tokens
Determine the areas in which user tokens are being utilized. This can provide insights into user activity and potential security risks, allowing for proactive management and prevention of unauthorized access.
select *from tfe_user_token;
select *from tfe_user_token;
Tokens by age in days
Analyze the age of user tokens to understand their longevity and usage patterns. This can aid in identifying outdated or rarely used tokens for potential clean-up or renewal.
select id, description, created_at, date_part('day', age(current_timestamp, created_at)) as age_daysfrom tfe_user_tokenorder by age_days desc;
select id, description, created_at, julianday('now') - julianday(created_at) as age_daysfrom tfe_user_tokenorder by age_days desc;
Tokens not used in the last 30 days
Explore which user tokens have been inactive for the past 30 days. This is useful for identifying potentially unused or forgotten tokens that may need to be reviewed or deleted for security purposes.
select id, description, last_used_atfrom tfe_user_tokenwhere last_used_at < current_date - interval '30 days';
select id, description, last_used_atfrom tfe_user_tokenwhere last_used_at < date('now', '-30 day');
Schema for tfe_user_token
Name | Type | Operators | Description |
---|---|---|---|
_ctx | jsonb | Steampipe context in JSON form. | |
created_at | timestamp with time zone | Time when the token was created. | |
description | text | Description of the token. | |
id | text | ID of the token. | |
last_used_at | timestamp with time zone | Time when the token was last used. | |
organization_name | text | =, !=, ~~, ~~*, !~~, !~~* | Name of the organization containing the organization member. |
sp_connection_name | text | =, !=, ~~, ~~*, !~~, !~~* | Steampipe connection name. |
sp_ctx | jsonb | Steampipe context in JSON form. |
Export
This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.
You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh
script:
/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- tfe
You can pass the configuration to the command with the --config
argument:
steampipe_export_tfe --config '<your_config>' tfe_user_token