WARNING: SteamPipe Mods are being replaced by PowerPipe

Prepare the environment

No prep - steampipe is installed via an install script (it's just easier that way)

Updates

Steampipe, Modules, and Plugins are updated at container image start-up

Modules

All modules can be found in /opt/steampipe-mod-*/. Review the specific documentation for each module for additional information The following examples will run ALL checks and benchmarks - use carefully - and refer to the documentation.

AWS

AWS Compliance Mod

cd /opt/steampipe-mod-aws-compliance
steampipe check all --export csv,html,json,md # CLI Documentation will cover off other file formats

CIS Example (with capturing output to a colour text file)

unbuffer steampipe check aws_compliance.benchmark.cis_v300 --export csv,html,json,md | tee steampipe.txt

AWS Insights Mod

cd /opt/steampipe-mod-aws-insights
steampipe dashboard --dashboard-listen network

http://localhost:9194

AWS Thrifty Mod

cd /opt/steampipe-mod-aws-thrifty
steampipe dashboard --dashboard-listen network

http://localhost:9194

Terraform AWS Compliance Mod

cd /opt/steampipe-mod-terraform-aws-compliance
unbuffer steampipe check all --export csv,html,json,md | tee steampipe.txt

AWS Perimeter Mod

cd /opt/steampipe-mod-aws-perimeter
unbuffer steampipe check all --export csv,html,json,md | tee steampipe.txt

AWS Top 10 Mod

cd /opt/steampipe-mod-aws-top-10
unbuffer steampipe check aws_top_10.benchmark.account_security --export csv,html,json,md | tee steampipe.txt

AWS Well-Architected Mod

cd /opt/steampipe-mod-aws-well-architected
unbuffer steampipe check aws_well_architected.benchmark.well_architected_framework --export csv,html,json,md | tee steampipe.txt

AzureAD & Azure & Microsoft 365

Azure Compliance Mod

cd /opt/steampipe-mod-azure-compliance
steampipe check all --export csv,html,json,md # CLI Documentation will cover off other file formats

CIS Example (with capturing output to a colour text file)

unbuffer steampipe check azure_compliance.benchmark.cis_v210 --export csv,html,json,md | tee steampipe.txt

Azure Insights Mod

cd /opt/steampipe-mod-azure-insights
steampipe dashboard --dashboard-listen network

http://localhost:9194

Azure Thrifty Mod

cd /opt/steampipe-mod-azure-thrifty
steampipe dashboard --dashboard-listen network

http://localhost:9194

Microsoft 365 Compliance Mod

cd /opt/steampipe-mod-microsoft365-compliance
unbuffer steampipe check microsoft365_compliance.benchmark.cis_v300 --export csv,html,json,md | tee steampipe.txt

Terraform Azure Compliance Mod

cd /opt/steampipe-mod-terraform-azure-compliance
unbuffer steampipe check all --export csv,html,json,md | tee steampipe.txt

GCP & Google Directory

GCP Compliance Mod

cd /opt/steampipe-mod-gcp-compliance
steampipe check all --export csv,html,json,md # CLI Documentation will cover off other file formats

CIS Example (with capturing output to a colour text file)

unbuffer steampipe check gcp_compliance.benchmark.cis_v300 --export csv,html,json,md | tee steampipe.txt

http://localhost:9194

GCP Insights Mod

cd /opt/steampipe-mod-gcp-insights
steampipe dashboard --dashboard-listen network

GCP Thrifty Mod

cd /opt/steampipe-mod-gcp-thrifty
steampipe dashboard --dashboard-listen network

http://localhost:9194

Terraform GCP Compliance Mod

cd /opt/steampipe-mod-terraform-gcp-compliance
unbuffer steampipe check all --export csv,html,json,md | tee steampipe.txt

Kubernetes

Kubernetes Compliance Mod

cd /opt/steampipe-mod-kubernetes-compliance
unbuffer steampipe check all --export csv,html,json,md | tee steampipe.txt

http://localhost:9194

Kubernetes Insights Mod

cd /opt/steampipe-mod-kubernetes-insights
steampipe dashboard --dashboard-listen network

http://localhost:9194

DNS and Web Server

cd /opt/steampipe-mod-net-insights
steampipe check all --var 'domain_names=["FQDN1", "FQDN2"]' --export csv,html,json,md

GitHub

GitHub Compliance

cd steampipe-mod-github-compliance
unbuffer steampipe check github_compliance.benchmark.cis_supply_chain_v100 --export csv,html,json,md | tee steampipe.txt

GitHub Sherlock Mod

cd /opt/steampipe-mod-github-sherlock
unbuffer steampipe check all --export csv,html,json,md | tee steampipe.txt

DigitalOcean

DigitalOcean Insights Mod

cd /opt/steampipe-mod-digitalocean-insights
steampipe dashboard

http://localhost:9194

Snowflake

Snowflake Compliance

cd steampipe-mod-snowflake-compliance
unbuffer steampipe check all --export csv,html,json,md | tee steampipe.txt

Report Files

Report files will be generated in the current folder, move these to /output/ to find them on the local machines mapped volume location (by default this is ~/Documents)

Additional Information

It is recommended you read through the different controls and benchmarks before using steampipe

• Website
• AWS Compliance
• AWS Insights
• AWS Spend Insights
• Azure Compliance
• Azure Insights
• Azure Spend Insights
• GCP Compliance
• GCP Insights
• GCP Spend Insights
• Kubernetes Compliance
• Kubernetes Insights
• Domain and Web Server Insights
• Snowflake Compliance