steampipe

by turbot

7.7Kstars

326forks

33watchers

Updated about 1 month ago

About

Steampipe enables real-time SQL querying of APIs and cloud services without the need for ETL or a database.

Zero-ETL, infinite possibilities. Live query APIs, code & more with SQL. No DB required.

Primary Use Case

Steampipe is designed for security, compliance, and cloud engineers who need to perform compliance auditing, risk assessment, and security automation by querying live data from multiple APIs using familiar SQL syntax. It simplifies access to diverse data sources by translating APIs into queryable tables, enabling faster and concurrent data retrieval without managing databases.

Key Features

Zero-ETL approach to query APIs and services
Real-time live data querying with SQL
High-speed and concurrent queries across multiple data sources
Single binary CLI tool for local use and CI/CD integration
Extensive plugin ecosystem mapping APIs to database tables
Supports over 145 APIs with more than 2000 documented tables
Multiple distributions including CLI, Postgres FDWs, and SQLite extensions
Comprehensive documentation and community support

Installation

For MacOS: brew install turbot/tap/steampipe
For Linux or Windows (WSL2): sudo /bin/sh -c "$(curl -fsSL https://steampipe.io/install/steampipe.sh)"
Install a plugin, e.g., steampipe plugin install hackernews

Usage

>_ steampipe plugin install hackernews

Installs the Hacker News plugin to enable querying Hacker News API data.

>_ steampipe query

Starts an interactive SQL query session against installed plugins and their API-mapped tables.

>_ select * from hackernews_new limit 10

Example SQL query to retrieve the latest 10 entries from the Hacker News new stories table.

Security Frameworks

Discovery

Collection

Credential Access

Reconnaissance

Execution

Usage Insights

Leverages SQL familiarity to accelerate querying of live cloud and API data, improving real-time compliance auditing and risk assessment.
Ideal for blue teams to automate continuous security posture monitoring across multi-cloud environments without managing complex ETL pipelines or databases.
Can be integrated into CI/CD pipelines to enable security gate checks and automated compliance validation before deployment.
Supports rapid development of custom queries and dashboards, empowering purple teams to simulate attack surface discovery and validate detection rules.
Extensive plugin ecosystem allows expansion to new APIs and services, enabling comprehensive visibility across hybrid environments.