iasql
steampipe-plugin-aws
iasql | steampipe-plugin-aws | |
---|---|---|
15 | 8 | |
578 | 171 | |
0.2% | 0.6% | |
5.8 | 9.3 | |
about 1 month ago | 6 days ago | |
TypeScript | Go | |
MIT License | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
iasql
- Osquery: An sqlite3 virtual table exposing operating system data to SQL
-
Save $ on public S3 buckets using VPC endpoints via SQL
When the VPC endpoints are enabled you can access your S3 buckets using this endpoint. In this post, we will walk you through how to control your buckets from an internal network with the desired security, and without the extra costs of a NAT gateway using a VPC endpoint and IaSQL. IaSQL is an open-source software tool that creates a two-way connection between an unmodified PostgreSQL database and an AWS account so you can manage your infrastructure from a database.
- Show HN: IaSQL – Open-source tool to manage cloud infra as data in PostgreSQL
-
Deploy an app to AWS using ECS+ECR+ELB quickly using PostgreSQL
IaSQL is an open-source software tool that creates a two-way connection between an unmodified PostgreSQL database and an AWS account so you can manage your infrastructure from a database. In this post, we're going to discover an IaSQL module that's built to make deploying to ECS, simplified. Most of the details for deploying a container to AWS ECS are the same (load balancers, security groups, IAM roles, etc), and we have created the aws_ecs_simplified module for you so that you can give it any Github repo with a Dockerfile and get your app deployed to ECS in the fastest time possible, with scalability available! All the needed resources are going to be created automatically in your AWS account, and you'll have full access to the details while you're gaining the benefit of a higher-level simple deployment.
-
Pulumi VS iasql - a user suggested alternative
2 projects | 24 Feb 2023
There are definitely some similarities with IaC tools in IaSQL; at it's core there's a diffing system between the cloud infrastructure state and the desired state that is used to execute AWS SDK calls to update your infrastructure. But we also use the same mechanism to take changes in your infrastructure, perhaps made via the AWS console or an IaC tool like Terraform, and pull that into your IaSQL database. We use an audit log tracking who made changes where to determine which way the synchronization process goes, and this gives us a lot of "powers" over normal IaC. First, you can inspect the tables in IaSQL and be sure that it's actually the state of our cloud (within a few minutes of difference), so you can be more sure that the changes you're writing up are likely to work. Second, the changes you write are SQL statements to mutate your infrastructure rather than editing a declaration file, which is a different mental model vs IaC. But you gain from the constraints and foreign key relations on tables to catch mistakes in configuration before execution even happens to a greater degree than IaC tools can as this is like a "type safety" on top of dynamic information (other tables you depend on). Third, you can enter an IaSQL transaction (slightly different from a normal Postgres transaction as you can't hook function calls on `BEGIN` and `COMMIT`) to make these changes and inspect what IaSQL will do like you can with IaC tools, but if there is a failure, the `iasql_commit` will take the information from the audit log and roll back the changes that were applied by applying the prior versions in reverse, so IaSQL should always be in a working state. Finally, (since this is getting long) the live-infra data model of IaSQL makes dynamic infrastructure much simpler (eg, you deploy isolated instances of your services per customer) -- anything with a SQL client and credentials for the IaSQL database can connect and initiate these changes, which can be Postgres stored procedures you write and added to the database. We're in beta so our coverage is not as large as existing IaC tools, but we now cover 25 different AWS services with our modules: https://iasql.com/docs/modules/ But please let us know if there's something you use that's missing. :)
-
terraform VS iasql - a user suggested alternative
2 projects | 24 Feb 2023
There are definitely some similarities with IaC tools in IaSQL; at it's core there's a diffing system between the cloud infrastructure state and the desired state that is used to execute AWS SDK calls to update your infrastructure. But we also use the same mechanism to take changes in your infrastructure, perhaps made via the AWS console or an IaC tool like Terraform, and pull that into your IaSQL database. We use an audit log tracking who made changes where to determine which way the synchronization process goes, and this gives us a lot of "powers" over normal IaC. First, you can inspect the tables in IaSQL and be sure that it's actually the state of our cloud (within a few minutes of difference), so you can be more sure that the changes you're writing up are likely to work. Second, the changes you write are SQL statements to mutate your infrastructure rather than editing a declaration file, which is a different mental model vs IaC. But you gain from the constraints and foreign key relations on tables to catch mistakes in configuration before execution even happens to a greater degree than IaC tools can as this is like a "type safety" on top of dynamic information (other tables you depend on). Third, you can enter an IaSQL transaction (slightly different from a normal Postgres transaction as you can't hook function calls on `BEGIN` and `COMMIT`) to make these changes and inspect what IaSQL will do like you can with IaC tools, but if there is a failure, the `iasql_commit` will take the information from the audit log and roll back the changes that were applied by applying the prior versions in reverse, so IaSQL should always be in a working state. Finally, (since this is getting long) the live-infra data model of IaSQL makes dynamic infrastructure much simpler (eg, you deploy isolated instances of your services per customer) -- anything with a SQL client and credentials for the IaSQL database can connect and initiate these changes, which can be Postgres stored procedures you write and added to the database. We're in beta so our coverage is not as large as existing IaC tools, but we now cover 25 different AWS services with our modules: https://iasql.com/docs/modules/ But please let us know if there's something you use that's missing. :)
-
Show HN: IaSQL beta – cloud infra as data in PostgreSQL
By "cloud infra" you mean AWS cloud infra, right? https://github.com/iasql/iasql/blob/v0.1.1/package.json#L75-...
- open source tool to manage cloud infrastructure as data in postgresql
steampipe-plugin-aws
-
Osquery: An sqlite3 virtual table exposing operating system data to SQL
be mindful of its AGPLv3 https://github.com/turbot/steampipe/blob/v0.21.8/LICENSE (AFAIK v0.4.3 is the last MIT release https://github.com/turbot/steampipe/blob/v0.4.3/LICENSE ) and the actual providers are Apache 2 <https://github.com/turbot/steampipe-plugin-aws/blob/v0.131.0...> (but I don't know if provider drift makes them compatible with 0.4 or not)
iasql seems to be AWS only, but good for them for taking this on:
-
Need to audit an Azure environment, any tip?
It's a very similar approach querying any of the plugins (AWS, Azure, etc) as it's a common interface to query those APIs with SQL. The AWS plugin is one of the more widely used in the community, along with it's associated mods to visualize resources and compliance to security & ops benchmarks.
-
Easily Query your Cloud Inventory with Steampipe
~$ steampipe plugin install aws aws [====================================================================] Done Installed plugin: aws@latest v0.78.0 Documentation: https://hub.steampipe.io/plugins/turbot/aws
-
Where are those CloudTrail IP addresses coming from?
Setting up CloudTrail is essential to understanding your users' AWS API activity: what happened, by whom and from where. One field in the event logs is source IP address. But that doesn't tell you where in the world those AWS API actions are coming from. In this post we'll show how to use Steampipe with the AWS and ipstack plugins to enrich your CloudTrail events with location information.
-
How to perform a security audit of your AWS account in AWS CloudShell
In my last post I showed how to install Steampipe and use it to instantly query your AWS APIs using SQL right in AWS CloudShell. For example here's a query that uses the Steampipe AWS plugin to query which AWS IAM users have MFA enabled:
-
Instantly query your AWS APIs in CloudShell
It takes just a few seconds to install Steampipe itself, along with the AWS plugin that maps AWS API calls to Postgres tables.
- Querying AWS at scale across APIs, regions, and accounts
-
Categorizing Lambda functions based on their risk profile
Hint: We actually have some aws_cost_* tables in active development in this branch. Not ready for release yet, but we're excited about how they are coming together!
What are some alternatives?
terraform - Terraform enables you to safely and predictably create, change, and improve infrastructure. It is a source-available tool that codifies APIs into declarative configuration files that can be shared amongst team members, treated as code, edited, reviewed, and versioned.
steampipe - Zero-ETL, infinite possibilities. Live query APIs, code & more with SQL. No DB required.
t2d2 - Terraform Test Driven Development
steampipe-plugin-hackernews - Use SQL to instantly query stories, users and other items from Hacker News. Open source CLI. No DB required.
Quick Start - 🍔 A Node.js Serverless Framework for front-end/full-stack developers. Build the application for next decade. Works on AWS, Alibaba Cloud, Tencent Cloud and traditional VM/Container. Super easy integrate with React and Vue. 🌈
steampipe-mod-aws-compliance - Run individual controls or full compliance benchmarks for CIS, PCI, NIST, HIPAA and more across all of your AWS accounts using Powerpipe and Steampipe.
XSSFaaS - Distributed, serverless cloud powered by browser tabs
steampipe-plugin-okta - Use SQL to instantly query users, groups, applications and more from Okta. Open source CLI. No DB required.
StackJanitor - StackJanitor is a serverless, event-driven stack cleanup tool.
steampipe-plugin-virustotal - Use SQL to instantly query file, domain, URL and IP scanning results from VirusTotal.
cli
HomeBrew - 🍺 The missing package manager for macOS (or Linux)