Steampipe is the universal interface to APIs. Use SQL to query cloud infrastructure, SaaS, code, logs, and more.
With Steampipe you can:
- Query → Use SQL to query (and join across!) APIs.
- Check → Ensure that cloud resources comply with security benchmarks such as CIS, NIST, and SOC2.
- Visualize → View prebuilt dashboards or build your own.
The Steampipe community has grown a suite of plugins that map APIs to tables.
|Cloud||AWS, Alibaba, Azure, GCP, IBM, Oracle …|
|SaaS||Airtable, Jira, GitHub, Google Workspace, Microsoft 365, Salesforce, Slack, Stripe, Zoom …|
|Security||CrowdStrike, GitGuardian, Have I Been Pwned, PAN-OS, Shodan, Trivy, VirusTotal …|
|Identity||Azure AD, Duo, Keycloak, Google Directory, LDAP …|
|DevOps||Docker, Grafana, Kubernetes, Prometheus …|
|Net||Baleen, Cloudflare, crt.sh, Gandi, IMAP, ipstack, Tailscale, updown.io, WHOIS …|
|IaC||CloudFormation, Terraform …|
|Logs||Algolia, AWS CloudWatch, Datadog, Splunk …|
|Social||HackerNews, Twitter, Reddit, RSS …|
|Your API||Build your own custom plugins|
The interactive query shell is one way you can query those tables.
You can also use psql, pgcli, Metabase, Tableau, or any client that can connect to Postgres.
Install SteampipeAdd a pluginRun steampipe queryLearn more about the CLI
- It’s just SQL!
- You can run queries on the command line and include them in scripts.
- Other commands run benchmarks, launch Steampipe as a service, and start the dashboard server.
- Meta-commands control caching, environment variables, the search path, and more.
- Queries can run in batch mode.
- You can bundle connections (e.g. for many AWS accounts) using an aggregator.
The Steampipe community has also grown a suite of mods which are sets of dashboards that visualize your resources and benchmarks that check your cloud resources for compliance.
|Compliance||Check AWS, Azure, GCP, etc for compliance with HIPAA, PCI, etc|
|Cost||Review what AWS, Azure, GCP, and other clouds are costing you|
|Insights||Visualize cloud resources with charts, tables, and interactive widgets|
|Security||Use CIS, NIST, FedRAMP etc to assess the security of AWS, Azure, GCP, etc|
|Tags||Verify the consistency of tags applied to AWS, Azure, and GCP resources|
|Your mod||Build your own benchmarks and dashboards|