select * from cloud;
Dynamically query APIs, code and more with SQL.Zero-ETL from 140 data sources.
Turbot logo
  • logo
  • logo
  • logo
  • logo
  • logo
  • logo
  • logo
  • logo
  • logo
  • logo
  • logo
  • logo
  • logo
  • logo
  • logo
  • logo
  • logo
  • logo
  • logo
  • logo
  • logo
  • logo
Fall in love with our huge plugin library, and stay for our incredible community!
  • Steampipe provides a common SQL interface so I can work faster and avoid writing one-off scripts.
    Profile pic
    François de Metz
    Software Developer
  • it gives you a uniform interface to not just AWS, Azure, & GCP, but all sorts of other clouds.
    Profile pic
    Chris Farris
    Cloud Security Guy
  • No complex integrations needed, simple to use and configure!
    Profile pic
    Anusha
    @piece_of_irony
  • Steampipe is without a doubt one of the best open source tools for security compliance, operations and API orchestration.
    Profile pic
    Ashish Bansal
    Security Engineering Open Source Contributor
  • Everything our users ask for, Steampipe already provides
    Profile pic
    Shyam Krishnaswamy
    CTO Deepfence
  • This thing is cool!
    Profile pic
    Jamie Finnigan
    Product security @hashicorp
  • An example of a hidden gem 💎 is steampipe.
    Profile pic
    Danny Steenman
    Consultant: Towards the Cloud
  • Yes. Use this. I'm a fan.
    Profile pic
    Andy Hunt
    Forms infrastructure lead @gdsteam
  • I recently started using Steampipe and it has made my life about 30x better.
    Profile pic
    @bearjaws
    Hackernews Comment
  • I recently started using Steampipe and it has made my life about 30x better.
    Profile pic
    @bearjaws
    Hackernews Comment
  • It integrates with all our services, & gives us granular mapping from business objectives to SQL statements. That's the magic of Steampipe
    Profile pic
    Ciaran Finnegan
    Security Practice Lead: CMD Solutions
  • Steampipe is the Swiss Army knife for information gathering from different cloud sources
    Profile pic
    Martin Berger
    Tech Architecture Associate Manager, Accenture
  • Quickly find resources you can target for cost savings, leveraging the familiarity and flexibility of SQL.
    Profile pic
    Ryan Ryke
    Cloud Life Consulting
  • Trivial to connect live cloud configuration data with internal or external data sets...
    Profile pic
    Thoughtworks Radar
    thoughtworks.com
  • Powerful & flexible way to analyze your data, and scale to meet the needs of even the largest organizations.
    Profile pic
    Kai Jian Tan
    CCOE Senior Manager
  • Lastly, I just wanted to mention the documentation for Steampipe is great.
    Profile pic
    Robby Boney
    Director of Product Development @ Interject
  • Steampipe is freaking rad. Makes it so easy to audit resources in one place
    Profile pic
    James Booth
    @absolutejam
  • This fills my cloud developer tools heart with joy.
    Profile pic
    Justin Beckwith
    Director of Developer Oppression @Discord
pipe-connector

Features

Query like it's 1992

Stop hacking around with scripts; get real work done with the data access standard that's been rocking it for 4 decades.

> select
runtime,
count(*)
from
aws_lambda_function
group by
runtime;
+------------+-------+
| runtime | count |
+------------+-------+
| nodejs12.x | 1 |
| python3.7 | 1 |
| python3.8 | 2 |
+------------+-------+

Why SQL?

SQL has been the data access standard for decades. It levels the playing field for your team, easily integrates with other systems and accelerates delivery.
> select
aws.name as aws_user_name,
slack.id as slack_user_id,
slack.display_name as slack_name
from
aws_iam_user as aws,
slack_user as slack
where
aws.name = slack.email;
+--------------------------+---------------+------------+
| aws_user_name | slack_user_id | slack_name |
+--------------------------+---------------+------------+
| dwight@dundermifflin.com | U2EMB8HLP | dwight |
| jim@dundermifflin.com | U02HE4Z7E | jim |
+--------------------------+---------------+------------+

Explore, connect and join data

Painlessly join live cloud configuration data with internal or external data sets to create new insights.
> select
domain,
expiration_date
from
whois_domain
where
domain in ('apple.com','steampipe.io');
+--------------+---------------------+
| domain | expiration_date |
+--------------+---------------------+
| apple.com | 2021-02-20 05:00:00 |
| steampipe.io | 2021-10-13 19:28:29 |
+--------------+---------------------+

What is Zero-ETL?

Your cloud is a live database that changes fast. Don't wait on ETL to sync, or rely on old data. Crunch it where it's born, fueling new use cases and swift decisions.
 
 

Use Cases

You've got questions, Steampipe has answers.

Which users have MFA enabled right now?

Compliance
select
id,
display_name,
real_name,
has_2fa
from
slack_user;

What security groups are open to the world?

Security
select
group_name,
group_id
from
aws_vpc_security_group_rule
where
type = 'ingress'
and cidr_ip = '0.0.0.0/0';

Which resources aren't tagged correctly?

Operations
select
id,
name
from
azure_compute_image
where
tags -> 'owner' is null or
tags -> 'app_id' is null;

What storage volumes are not in use?

Cost
select
volume_id,
volume_type
from
aws_ebs_volume
where
attachments is null;
pipe-connector

How It Works

Get Zero-ETL superpowers in < 60 seconds

Install your first plugin

Steampipe relies on plugins to implement the specific interfaces to cloud services, files, and other resources. Without a plugin, there is nothing to query!
$ steampipe plugin install aws
⠇ Installing plugin aws...
Installed plugin: aws

Browse available tables

Use one of Steampipe's 500+ data sources or roll your own. Explore metadata and documentation for our community plugins on the Steampipe Hub.
> .tables
+----------------------+-------------------------+
| Table | Description |
+----------------------+-------------------------+
| aws_ebs_snapshot | AWS EBS Snapshots |
| aws_ebs_volume | AWS EBS Volumes |
| aws_iam_user | AWS IAM Users |
| aws_iam_role | AWS IAM Roles |
... ...
| aws_vpc_route_table | AWS VPC Route Tables |
| aws_vpc_subnet | AWS VPC Subnets |
+----------------------+-------------------------+

Explore some metadata

Steampipe organizes your cloud metadata into tables and fields that are easily discoverable and readable by humans!
> .inspect aws.aws_iam_role
+---------------------------+--------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| column | type | description |
+---------------------------+--------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| name | text | The friendly name that identifies the role. |
| role_id | text | The stable and unique string identifying the role. |
| path | text | The path to the role. |
| arn | text | The Amazon Resource Name (ARN) specifying the role. |
| create_date | timestamp with time zone | The date and time when the role was created. |
... ...
| assume_role_policy | jsonb | The policy that grants an entity permission to assume the role. |
| tags_src | jsonb | A list of tags that are attached to the role. |
+---------------------------+--------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+

Write your first query

Every journey begins with the first step. Let us know what your first query was @steampipeio and we will send you a steampipe sticker.
> select create_date, arn
from aws_iam_role;
+---------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------+
| create_date | arn |
+---------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------+
| 2018-03-19T04:19:30+05:30 | arn:aws:iam::123456789012:role/OrganizationAccountAccessRole |
| 2018-07-18T22:13:28+05:30 | arn:aws:iam::123456789012:role/EMR_EC2_DefaultRole |
| 2018-07-18T22:13:28+05:30 | arn:aws:iam::123456789012:role/EMR_DefaultRole |
| 2019-03-14T20:12:09+05:30 | arn:aws:iam::123456789012:role/service-role/AmazonAppStreamServiceAccess |
+---------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------+

Run from your own DB

Install Steampipe as a PostgreSQL FDW or SQLite extension and instantly query your infrastructure and other cloud APIs Zero-ETL.
> sqlite3
SQLite version 3.39.2 2022-07-21 15:24:47
sqlite> .load steampipe_plugin_steampipe
sqlite> .mode column
sqlite> select
name,
update_time
from
steampipe_registry_plugin
limit 5;
 
 
Turbot logo
Steampipe Logo
GitHub
select * from cloud;
Instantly query your cloud, code, logs & more with SQL. Build on thousands of open-source benchmarks & dashboards for security & insights. Learn more →
Download CLI
Open source. No DB required.
logopipes →
Cloud. Free for developers!