/steampipe

Use SQL to instantly query your cloud services (AWS, Azure, GCP and more). Open source CLI. No DB required.

Primary LanguageGoGNU Affero General Public License v3.0AGPL-3.0

Steampipe Logo

plugins   benchmarks   dashboards   slack   maintained by

Steampipe is the universal interface to APIs. Use SQL to query cloud infrastructure, SaaS, code, logs, and more.

With Steampipe you can:

Steampipe CLI - The SQL console for API queries

The Steampipe community has grown a suite of plugins that map APIs to tables.

Cloud AWS, Alibaba, Azure, GCP, IBM, Oracle
SaaS Airtable, Jira, GitHub, Google Workspace, Salesforce, Slack, Stripe, Zoom …
Security CrowdStrike, PAN-OS, VirusTotal, Shodan, Trivy
Identity Azure AD, Duo, Keycloack, Google Directory, LDAP
DevOps Docker, Grafana, Kubernetes, Prometheus
Net Baleen, Cloudflare, crt.sh, Gandi, IMAP, ipstack, updown.io, WHOIS
IaC CloudFormation, Terraform
Logs Algolia, AWS CloudWatch, Splunk, Datadog
Social HackerNews, Twitter, Reddit, RSS
Your API Build your own custom plugins

The interactive query shell is one way you can query those tables.

You can also use psql, pgcli, Metabase, Tableau, or any client that can connect to Postgres.

Get started with the CLI

Install Steampipe

The downloads page shows you how but tl;dr:

Linux or WSL

sudo /bin/sh -c "$(curl -fsSL https://raw.githubusercontent.com/turbot/steampipe/main/install.sh)"

MacOS

brew tap turbot/tap
brew install steampipe
Add a plugin

Choose a plugin from the hub, for example: Net.

Run the steampipe plugin command to install it.

steampipe plugin install net
Run steampipe query
Launch the interactive shell.
steampipe query

Run your first query!

select
  *
from
  net_certificate
where
  domain = 'google.com';
Learn more about the CLI

Steampipe Mods - Benchmarks & dashboards

The Steampipe community has also grown a suite of mods which are sets of benchmarks that check your cloud resources for compliance, and dashboards that visualize your resources.

Compliance Check AWS, Azure, GCP, etc for compliance with HIPAA, PCI, etc
Cost Review what AWS, Azure, GCP, and other clouds are costing you
Insights Visualize cloud resources with charts, tables, and interactive widgets
Security Use CIS, NIST, FedRAMP etc to assess the security of AWS, Azure, GCP, etc
Tags Verify the consistency of tags applied to AWS, Azure, and GCP resources
Your mod Build your own benchmarks and dashboards

The CIS 1.4 benchmark in AWS Compliance

gh-readme-cis-benchmark-in-dashboard

The AWS EC2 Instance dashboard in AWS Insights

aws-ec2-dashboard-in-cloud

Benchmarks and dashboards use SQL to gather data and HCL to flow the data into benchmark controls and dashboard widgets. You can use the existing suites of benchmarks and dashboards, or build derivative versions, or create your own.

Get started with benchmarks and dashboards

Install the Net Insights mod
The Net Insights mod works with the Net plugin shown above. To run it, first clone its repo and change to that directory.
git clone https://github.com/turbot/steampipe-mod-net-insights
cd steampipe-mod-net-insights

Run benchmarks in the CLI

All the benchmarks:

steampipe check all

A single benchmark:

steampipe check benchmark.dns_best_practices

A single control:

steampipe check control.dns_ns_name_valid

Available formats include JSON, CSV, HTML, and ASFF. You can use custom ouput templates to create new output formats.

Run benchmarks as dashboards
Launch the dashboard server: `steampipe dashboard`, then open `http://localhost:9194` in your browser.

The home page lists available dashboards. Click DNS Best Practices to view that dashboard.

Note that the default domains are microsoft.com and github.com. You can change those defaults to check other domains.

Explore your resources
Dashboards use charts, tables, and interactive widgets to help you explore and visualize your resources.

The AWS Insights mod, for example, provides dozens of dashboards that exercise the full set of widgets. To use these dashboards, first install the AWS plugin and authenticate. Then clone AWS Insights, change to its directory, launch steampipe dashboard, and open localhost:9194.

Community

We thrive on feedback and community involvement!

Have a question? → Join our Slack community or open a GitHub issue.

Want to get involved? → Learn how to contribute.

Want to work with the team? → We are hiring!

Steampipe Cloud

Want a hosted version of Steampipe? Bring your team to Steampipe Cloud.