Using Steampipe on AWS

15 Feb 2022, 11:07 a.m.
01:25 minutes

Steampipe is a tool that lets us gather information from AWS (or other sources) and lets us interact with that data the same way we would a relational database via SQL style queries.

    Installing steam pipe

    sudo /bin/sh -c "$(curl -fsSL"

    Checking the steam pipe version

    steampipe -v

    Installing steampipe plugin

    steampipe plugin install steampipe

    Making queries with steampipe

    steampipe query "select name from steampipe_registry_plugin;"

    Installing the AWS plugin

    steampipe plugin install aws

    Setting up AWS access keys and secrets for Single Sign On environments

    aws configure sso

    Configuring AWS access keys and secrets for standard environments

    aws configure

    Configuring the AWS configuration file for steampipe.

    nano ~/.steampipe/config/aws.spc

    Dropping down into an interactive query session.

    steampipe query

    Listing tables that are available


    Inspecting a table to see what columns it has

    .inspect aws_iam_role

    Example query

      type = 'ingress'
      and cidr_ip = '';

    Running compliance checks involves an additional module

    git clone

    To run the following commands we need to enter the newly created directory

    cd steampipe-mod-aws-compliance

    We can either run all of the checks

    steampipe check all

    Or specfic versions.

    steampipe check benchmark.cis_v140

    If needed we can even export a report in html and csv format

    steampipe check benchmark.cis_v140 --export=report.html --export=report.csv

    Captcha: What's the standard TCP port of the following service?