Case Study

How software companies use Steampipe to enhance their products and services

Whether you embed Steampipe in your product or integrate with it, we welcome your stories and contributions!

Bob Tordella
4 min. read - May 15, 2023
Whether you embed Steampipe in your product or integrate with it, we welcome your stories and contributions!

The Steampipe open-source project thrives on the ingenuity and contributions of its community, and software companies are integral members of this vibrant ecosystem. By integrating Steampipe's capabilities into their offerings, companies have found innovative ways to automate tasks, ensure compliance, and streamline data access.

Steampipe is one among many open-source tools that software companies can confidently adopt and promote. We encourage you to share your experiences and insights, just as you would with other open-source technologies like Terraform. Let your website and documentation reflect how Steampipe contributes to your success!

How to use and extend Steampipe

Here are some of the ways companies use Steampipe for the benefit of their customers and themselves.

Embed Steampipe in your product or service

Steampipe's versatility and ease of integration have made it a powerful addition to software companies' toolkits. By embedding Steampipe into their solutions, along with plugins for API access and mods for security and compliance, they enhance existing features and unlock new capabilities. For example, Deepfence embeds Steampipe to broaden its scope beyond the host layer to encompass cloud asset inventory and compliance checks. Zercurity embeds Steampipe to query cloud resources. And Gruntwork embeds Steampipe's compliance mods to offer continuous compliance as a service.

Connect to Steampipe from BI tools and programming languages

Because Steampipe and Turbot Pipes is based on Postgres, any tool or programming language that can connect to Postgres can also connect to Steampipe and use its suite of plugins to query APIs. That includes BI tools like Metabase and Tableau, as well as languages like Python, JavaScript, and Go.

Run Steampipe in a pipeline or cloud shell

Steampipe deploys as a single binary that can run in a GitHub Action, in a CircleCI pipeline, in Jenkins, or anywhere else you need to query APIs or run security and compliance checks. For one-off tasks you can run Steampipe in your favorite cloud shell: AWS, Azure, or Google.

Shift Left Join

Joining across diverse data sources is one of Steampipe's superpowers. For example, we've shown how to use Shodan to check for public IP addresses in AWS. Simply join data from your product or service with the data provided by any of Steampipe's 100+ plugins, or you can consider building a new plugin. It's straightforward, especially if your product already has a Go SDK. You can do this work yourself, as the team did when creating the Make plugin, or collaborate with us as the Equinix Metal team did for the Equinix plugin.

For basic API access you can also use Steampipe as an HTTP client that fetches data from your REST endpoints and uses Postgres' JSONB operators to transform that data and join it with data from other Steampipe plugins. Or use the CSV plugin to turn data exported from your product into dynamic tables that can join with any other Steampipe tables.

Run mods for security, compliance, and insights

Steampipe's security and compliance mods, like Tailscale Compliance, help ensure that your infrastructure complies with recommended best practices. And Insights mods, like Digital Ocean Insights, help you understand the operational status of your infrastructure and the relationships among resources.

You can also create your own mods, using SQL to query APIs and HCL to define benchmarks and dashboards. And you can reuse, remix, and extend existing mods.

Integrate with Turbot Pipes

Turbot Pipes offers exciting opportunities for collaboration and integration. It provides a central hub for plugins and mods that run in workspaces from which your teams can share query results and dashboards among themselves, and with your customers. As with Steampipe CLI, anything that can connect to Postgres can connect to Turbot Pipes's Postgres endpoint. There's also a REST API for those who prefer that method.

Give back to the Steampipe community

Steampipe is more than just an open-source project. It's a thriving community of innovators, problem-solvers, and contributors. By sharing your story and contributing to the project, you help drive Steampipe's continued growth and success.

Share your story

We're excited to hear about how you're leveraging Steampipe to benefit your customers. Whether you've built a unique embedded use of Steampipe, integrated with Steampipe in an interesting way, or are leveraging Turbot Pipes to share dashboards and results, your story can inspire others and showcase the potential of Steampipe. We're happy to collaborate with you on developing a case study as we've done with ThreatMapper and Gruntwork

Feel free to highlight your use of Steampipe in your documentation and product pages. Let others know how Steampipe enhances your software. For example, Zercurity and Tailscale display Steampipe as an integration on their product pages.


Contributions are the lifeblood of the Steampipe project, and they can take many forms. You can:

The friendly folks in our Slack community are happy to collaborate on your ideas and help with any of these efforts.

Strengthening our community together

Your contributions strengthen the Steampipe community, and we're grateful for your involvement. Together, we'll continue to innovate and elevate the capabilities of Steampipe for the benefit of all users.

We're open to exploring all possibilities for collaboration, from go-to-market strategies and integration opportunities to business development initiatives. If you're interested in discussing any of these topics, we welcome you to connect with us directly through the Slack community or via email