Major memory reduction, new benchmarks, secure AWS regions →
Announcement

v0.15.0: Improved usability, telemetry, 9 new plugins

Discover the great new features in Steampipe's open source v0.15.0 release!

Steampipe Team
6 min. read - June 23, 2022

What is Steampipe?

→ Query cloud APIs.
→ Visualize queries on dashboards.
→ Run compliance controls and benchmarks.
→ Blazing fast multi-threaded Golang CLI.
→ Connect anything to the embedded PostgreSQL.
steampipe cli
>
select
region,
instance_state as state,
instance_type as type
from
aws_ec2_instance;
+-----------+---------+-----------+
| region    | state   | type      |
+-----------+---------+-----------+
| eu-west-1 | running | t3.medium |
| eu-west-2 | running | m5a.large |
| us-east-1 | running | t3.large  |
+-----------+---------+-----------+
        

tl;dr

Improved usability.
Telemetry.
New/updated plugins.
New/updated mods.
Even more goodies in the full release notes.

Improved usability

The v0.15 release bundles a set of improvements requested by users.

Dashboard progress bar

In v0.14 we introduced benchmark dashboards, a new way to run benchmarks and controls. You could see the progress of individual controls but there wasn't an all-up progress bar for the dashboard. Now there is.

And it works for all dashboards, not just benchmark dashboards.

Show password only on request

When you start Steampipe as a service it prints the details that Postgres clients need to connect to the service. Until now that included the database password. GitHub user kaiba42 kicked off a fruitful discussion and contributed the consensus solution: hide the password by default, reveal it when requested with --show-password.

Enhanced .timing info

One of the Steampipe CLI's meta-commands, .timing, reports the execution time for a query. Users have wanted to know more about what Steampipe is doing when it runs a query. So now .timing also reports the number of rows fetched, how many were cached, and how many hydrate calls happened.

Telemetry

Developers who run Steampipe often use the STEAMPIPE_LOG_LEVEL environment variable to increase the amount of information that flows to the logs. This release adds support for OpenTelemetry. You can now use an analogous environment variable, STEAMPIPE_OTEL_LEVEL, in conjunction with OTEL_EXPORTER_OTLP_ENDPOINT which points to an OpenTelemetry Collector. The collector receives telemetry data from Steampipe and provides it to a visualizer such as Jaeger.

In this example, Jaeger visualizes traces for the query select * from aws_s3_bucket.

Plugins

Since our last release, we've added 9 new plugins.

  • Baleen - query rules, namespaces, etc
  • Buildkite - query agent, build, org, team, etc
  • Duo Security - query account, auth_log_record, group, user, etc
  • Gandi - query certificate, domain, mailbox, etc
  • HIBP - query breach, breached_account, password, paste
  • MongoDB Atlas - query cluster, container, database_user, team, etc
  • OVH - query database, instance, storage, volume, etc
  • PAN-OS - query address_object, administrative_tag, nat_rule, security_rule
  • Reddit - query reddit_my_post, subreddit_post_search, subreddit_search, etc

Note that three of these -- Baleen, Gandi, and OVH -- were contributed by François de Metz who is also the author of the Airtable and Scalingo plugins.

Other community members contributed these fixes and enhancements.

  • harlequin fixed a bug in the LDAP plugin
  • Jelmer Borst added three new tables to the GitHub plugin
  • Mark Heiges implemented experimental support for GitHub Enterprise
  • srgg added the endpoint_url config arg for the AWS plugin
  • Miles Smith created the initial implementation of the HIBP plugin

Thank you!

Mods

2 new Insights mods were released this cycle.

The most notable update was to AWS Compliance. Its new NIST 800-53 Revision 5 benchmark comprises 122 controls that cover access control, auditing, configuration management, and more.

Let’s get building!

Steampipe delivers tools to build, execute, and visualize and share cloud configuration, compliance, and security frameworks using HCL + SQL and a little elbow grease. To support those tools, it maps a growing suite of APIs to tables that you can query, and join across, in Postgres.

Do you want to help us expand the open source documentation and control coverage for CIS, PCI, HIPAA, and NIST? Add tables to existing plugins? Create plugins to bring new APIs into the mix? Create dashboards to visualize those APIs? The best way to get started is to join our Slack workspace and raise your hand. We would love to talk to you!

For even more good stuff in v0.15.0, check out the full release notes on GitHub.