Introducing the Tailscale Source Plugin
December 15, 2022
CloudQuery is an open source high performance data integration platform designed for security and infrastructure teams. Today, we are happy to announce the release of the Tailscale source plugin for CloudQuery.
Tailscale provides zero-config VPN software and a web-based management service. To learn more about Tailscale visit their homepage.
CloudQuery now supports pulling ACL, Device and DNS resources from Tailscale using Tailscale API.
Take a look at our Configuration section to configure required credentials for the plugin.
Below are some query examples to get you started.
Detect unauthorized devices
If you have added some devices but haven't authorized them you will not be able to connect them to your tailnet. It's best practice to keep your inventory clean, as Tailscale limits the amount of devices. Here's a query to check for unauthorized devices:
select dev.id, dev.user
from tailscale_devices as dev
where not dev.authorized
order by id;
This query would output a table of device IDs and corresponding users for unauthorized devices:
id | user
-------------------+------------------
12345678901234567 | user@example.com
(1 row)
You can now put this in a dashboard or set up an alert on it.
Make sure all your devices have enabled key expiry
To keep your infrastructure secure it's best practice to make device keys expire. Here's a query to check for devices that have disabled key expiry.
select dev.id, dev.user
from tailscale_devices as dev
where dev.key_expiry_disabled
order by id;
This query would output a table of device IDs and corresponding users for devices that have key expiry disabled:
id | user
-------------------+------------------
12345678901234567 | user@example.com
(1 row)
What's next
We are going to continue expanding the Tailscale source plugin, adding support for more resources. Interested in seeing another plugin? Check out Creating a New Plugin and/or open an issue on our GitHub.