API Friction Complicates Hunting for Cloud Vulnerabilities. SQL Makes it Simple
InfoQ Homepage Articles API Friction Complicates Hunting for Cloud Vulnerabilities. SQL Makes it Simple
Pen testers, compliance auditors, and other DevSecOps pros spend a lot of time writing scripts to query cloud infrastructure. Boto3, the AWS SDK for Python, is a popular way to query AWS APIs and reason over the data they return.
It gets the job done, but things get complicated when you need to query across many AWS accounts and regions. And that doesn't begin to cover API access to other major clouds (Azure, GCP, Oracle Cloud), never mind services such as GitHub, Salesforce, Shodan, Slack, and Zendesk. Practitioners spend far too much time and effort acquiring data from such APIs, then normalizing it so the real work of analysis can begin.
What if you could query all the APIs, and reason over the data they return, in a common way? That's what Steampipe is for. It's an open-source Postgres-based engine that enables you to write SQL queries that indirectly call APIs within, across, and beyond the major clouds. This isn’t a data warehouse. The tables made from those API calls are transient; they reflect the live state of your infrastructure; you use SQL to ask and answer questions in real time.
