Steampipe
AGPL-3.0☁️ Cloud Recon · Go
Steampipe is an open-source tool from Turbot that lets you query cloud infrastructure, SaaS services, and more using standard SQL. Rather than learning dozens of CLI tools and API formats, you write SQL queries against a unified schema powered by PostgreSQL. With over 140 plugins covering AWS, Azure, GCP, Kubernetes, GitHub, Slack, and many others, Steampipe provides a single pane of glass for infrastructure visibility. Its compliance frameworks (called Mods) include pre-built benchmarks for CIS, NIST, PCI DSS, and SOC 2, making it a powerful tool for both security auditing and operational troubleshooting. Steampipe also supports dashboards for visualization and can export results in JSON, CSV, or markdown.
Installation
brew (macOS)
$ brew install turbot/tap/steampipeLinux
$ sudo /bin/sh -c "$(curl -fsSL https://steampipe.io/install/steampipe.sh)"Windows
$ iwr -useb https://steampipe.io/install/steampipe.ps1 | iexUse Cases
- Running CIS and NIST compliance benchmarks across multi-cloud environments
- Querying S3 bucket policies, IAM configurations, and security groups with SQL
- Building custom security dashboards for cloud posture management
- Detecting misconfigured resources across AWS, Azure, and GCP simultaneously
- Exporting infrastructure audit results for compliance reporting
Tags
Details
- Category
- ☁️ Cloud Recon
- Language
- Go
- Repository
- turbot/steampipe
- License
- AGPL-3.0
- Platforms
- 🐧linux🍎macos🪟windows
Links
Alternatives & Comparisons
Prowler
PythonCloud security assessment tool. 300+ checks for AWS, Azure, GCP, and Kubernetes against CIS benchmarks.
Compare Steampipe vs ProwlerScoutSuite
PythonMulti-cloud security auditing tool for AWS, Azure, GCP, Alibaba Cloud, and Oracle Cloud.
Compare Steampipe vs ScoutSuiteCloudMapper
PythonAnalyze AWS environments to create network diagrams and identify security risks.
Compare Steampipe vs CloudMapperCloudBrute
GoCloud infrastructure enumerator to find company assets across multiple cloud providers.
Compare Steampipe vs CloudBruteCloudFox
GoFind exploitable attack paths in cloud infrastructure by enumerating IAM permissions, secrets, and network exposure.
Compare Steampipe vs CloudFoxCloudSploit
JavaScriptOpen-source cloud security configuration scanner for AWS, Azure, GCP, and Oracle Cloud Infrastructure.
Compare Steampipe vs CloudSploitCartography
PythonIntel graph of cloud infrastructure. Maps relationships between AWS, GCP, Azure, and other services into a Neo4j graph.
Compare Steampipe vs Cartographycloud_enum
PythonMulti-cloud OSINT enumeration. Discovers public resources across AWS, Azure, and GCP from keyword input.
Compare Steampipe vs cloud_enumMore in Cloud Recon
ScoutSuite
PythonMulti-cloud security auditing tool for AWS, Azure, GCP, Alibaba Cloud, and Oracle Cloud.
CloudMapper
PythonAnalyze AWS environments to create network diagrams and identify security risks.
S3Scanner
GoScan for misconfigured S3 buckets across AWS regions and dump accessible contents.
CloudBrute
GoCloud infrastructure enumerator to find company assets across multiple cloud providers.
MicroBurst
PowerShellPowerShell toolkit for attacking Azure services including storage, key vaults, and automation.
ROADtools
PythonFramework for Azure AD enumeration and exploitation via the internal ROADrecon and ROADlib modules.