What is Steampipe?

SELECT title, instance_id, instance_state, instance_status, subnet_id, vpc_id, public_dns_name, public_ip_address, placement_availability_zone, launch_time
FROM aws_ec2_instance
ORDER BY launch_time DESC
LIMIT 100;

How do I get started?

You can download Steampipe from https://steampipe.io/downloads. Once installed (or you can run it directly from the command line) you’ll need to first install some plugins. These plugins will allow Steampipe to interact with a variety of cloud services and retrieve the data required by the query. A full list of the available plugins can be found here.

steampipe plugin install aws
nano ~/.steampipe/config/aws.spc
AWS IAM ReadOnlyAccess permissions screen
[zercurity_ro]
aws_access_key_id=AZA...
aws_secret_access_key==btD...
connection "aws" {
plugin = "aws"
region = ["eu-west-1"]
profile = "zercurity_ro"
}
steampipe query "select instance_id, title, instance_state FROM aws_ec2_instance ORDER BY launch_time DESC LIMIT 10;"+---------------------+----------+----------------+
| instance_id | title | instance_state |
+---------------------+----------+----------------+
| i-1234567890abcdef0 | test | running |
+---------------------+----------+----------------+

Steampipe Mods

A common use case for Steampipe is compliance. Fortunately, Steampipe provides thousands of pre-written queries in the form of Mods. Which themselves can contain a collection pre-defined compliance benchmarks such as CIS, HIPPA, NIST, PCI and SOC to name a few. To get started you’ll need to initalise the mod configuration file.

steampipe mod init
steampipe mod install github.com/turbot/steampipe-mod-aws-compliance
steampipe check aws_compliance.benchmark.cis_v140
steampipe dashboard
Steampipe dashboard showing AWS CIS 1.4.0 compliance

Steampipe internals

Hows does all this work then? At its core the Steampipe CLI tool is a wrapper around an embedded PostgreSQL database which is started and stopped with the tool. The steampipe application manages the PostgreSQL service and handles the installation and configuration of mods, plugins.

Steampipe service

You may want to build Steampipe into your own service and require API access. Whilst Steampipe dosen’t provide a REST API. It will give you direct access to the PostgreSQL backend to query directly. Allowing you to build any application around it.

steampipe service start
psql -U steampipe -h localhost -p 9193steampipe=> SELECT instance_id FROM aws_ec2_instance;     instance_id     
---------------------
i-1234567890abcdef0
(1 row)

Want to schedule and automate queries via the web?

Zercurity provides a SaaS platform to query all of your cloud services from one single interface. It’ll also automatically enrich your results for you. It’s free to signup and you can query as many providers as you like.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Zercurity

Zercurity

Real-time security and compliance delivered.