What is Steampipe?
→ Query cloud APIs.→ Visualize queries on dashboards.
→ Run compliance controls and benchmarks.
→ Blazing fast multi-threaded Golang CLI.
→ Connect anything to the embedded PostgreSQL.
select region, instance_state as state, instance_type as typefrom aws_ec2_instance;+-----------+---------+-----------+
| region | state | type |
+-----------+---------+-----------+
| eu-west-1 | running | t3.medium |
| eu-west-2 | running | m5a.large |
| us-east-1 | running | t3.large |
+-----------+---------+-----------+
tl;dr
→ Benchmark dashboards.
→ Postgres 14.
→ ARM64.
→ New plugins and mods.
→ Even more goodies in the full release notes.
Benchmark dashboards
In v0.13.0 we introduced Dashboards, a major new Steampipe feature that makes it easy to visualize queries using HCL + SQL. And we added a new class of Insights mods, for all the major clouds, that answer key questions ("How old are my resources?", "Where is encryption not enabled?") with charts, tables, infocards, and flow diagrams.
We've grown these Insights mods substantially since the v0.13.0 launch, and we encourage you to write and contribute your own. Now, in v0.14.0, all existing benchmarks and controls work automatically as interactive dashboards! For example, here's AWS Thrifty.
The setup is the same as before.
You can still use steampipe check all to run all the checks, optionally exporting results to HTML and/or CSV. But now, in that same directory, you can use steampipe dashboard and then visit localhost:9194 to view an interactive report that you can also export to CSV.
Postgres 14
We've upgraded the embedded Postgres engine from 12.1 to 14.2. The Postgres feature matrix documents all the new features now available. The new JSONB subscripting will be of particular interest to Steampipe users who often unpack information in JSONB columns. Here's the original (and still-supported) way to extract the Name field from the tags column of aws_ec2_instance.
Now you can do this in way that feels more familiar if you've used other JSON implementations.
If you have created tables or materialized views based on Steampipe data, and/or written Postgres functions to work with that data, those objects -- stored in the Postgres public schema -- will automatically migrate to the new database. The tools that Steampipe uses to do that migration -- pg_dump and pg_restore -- are also now included in this release.
ARM64 binaries for MacOS and Linux
With the advent of Apple silicon, aka M1, it became possible to ship Steampipe binaries for this new architecture. And in v14.0 that's what what you get. When you install Steampipe on MacOS you get an M1 version of both Steampipe and the Steampipe foreign data wrapper (FDW). When you install new plugins, those will be M1 binaries too. What about existing plugins? We've got you covered! Steampipe will upgrade those in place.
These binaries will run faster than their x86 counterparts. They will also download faster, and occupy smaller disk footprints, than would universal (aka "fat") binaries.
You can also now use ARM64 binaries on other systems, like those based on AWS Graviton, provided they are running Linux.
New plugins and mods
Since our last release, we've added 2 new plugins:
- Snowflake - query database, role, session, user, etc
- AWS CloudFormation - query mapping, output, parameter, resource
And we've added 5 new mods:
We are always improving the suites of plugins and mods. During this cycle, tables were added to these plugins: Alibaba Cloud, AWS, Azure, DigitalOcean, GitLab, and Oracle Cloud.
We added dashboards to these Insights mods: Alibaba Cloud, AWS, Azure, GCP, and Oracle Cloud.
Finally, we added 19 new AWS Foundational Security Best Practices controls to AWS Compliance.
Let’s get building!
Steampipe delivers tools to build, execute, and visualize and share cloud configuration, compliance, and security frameworks using HCL + SQL and a little elbow grease. To support those tools, it maps a growing suite of APIs to tables that you can query, and join across, in Postgres.
Do you want to help us expand the open source documentation and control coverage for CIS, PCI, HIPAA, and NIST? Add tables to existing plugins? Create plugins to bring new APIs into the mix? Create dashboards to visualize those APIs? The best way to get started is to join our Slack workspace and raise your hand. We would love to talk to you!
For even more good stuff in v0.14.0, check out the full release notes on GitHub.