chore(turbot-pipes): save findings from experiments

2026-02-09 05:44:23 +00:00 · 2024-05-23 01:16:08 +02:00
parent a5025dd28b
commit 07d7f3545d
3 changed files with 114 additions and 21 deletions
--- a/pipes/powerpipe.md
+++ b/pipes/powerpipe.md
@@ -1,9 +1,6 @@
 # Turbot Powerpipe

-Dashboards for DevOps.
-
-<!-- Remove this line to uncomment if needed
-## Table of contents <!-- omit in toc -->
+Quick 'n' easy dashboards for DevOps.

 1. [TL;DR](#tldr)
 1. [Further readings](#further-readings)
@@ -11,17 +8,40 @@ Dashboards for DevOps.

 ## TL;DR

-<!-- Uncomment if needed
+Powerpipe **requires** a database to run its queries from.<br/>
+By default it uses [Steampipe]'s, but it [can be specified][selecting a database].
+
 <details>
  <summary>Installation and configuration</summary>
-</details>
-->

-<!-- Uncomment if needed
+```sh
+brew install 'turbot/tap/powerpipe'
+```
+
+```sh
+powerpipe mod init
+```
+
+</details>
+
 <details>
  <summary>Usage</summary>
+
+```sh
+# Install mods.
+# If none given, install all those specified in 'mod.pp' with their dependencies.
+powerpipe mod install
+powerpipe mod install 'github.com/turbot/steampipe-mod-aws-insights'
+powerpipe mod install --dry-run 'github.com/turbot/steampipe-mod-aws-compliance@v0.93.0'
+powerpipe mod install github.com/turbot/steampipe-mod-aws-compliance@'^1'
+
+# Start the dashboard.
+# Wait for server initialization before connecting.
+powerpipe server
+powerpipe server --listen 'network' --port '8080'
+```
+
 </details>
-->

 <!-- Uncomment if needed
 <details>
@@ -55,5 +75,6 @@ Dashboards for DevOps.
 <!-- Upstream -->
 [website]: https://powerpipe.io/
 [github]: https://github.com/turbot/powerpipe
+[selecting a database]: https://powerpipe.io/docs/run#selecting-a-database

 <!-- Others -->
--- a/pipes/steampipe.md
+++ b/pipes/steampipe.md
@@ -2,43 +2,111 @@

 Dynamically query APIs, code and more with SQL.

-<!-- Remove this line to uncomment if needed
-## Table of contents <!-- omit in toc -->
-
 1. [TL;DR](#tldr)
 1. [Further readings](#further-readings)
   1. [Sources](#sources)

 ## TL;DR

-<!-- Uncomment if needed
+Default config directory is `$HOME/.steampipe`.
+
 <details>
  <summary>Installation and configuration</summary>
-</details>
-->

-<!-- Uncomment if needed
+```sh
+brew install 'turbot/tap/steampipe'
+
+steampipe completion fish | source
+steampipe completion fish > "$HOME/.config/fish/completions/steampipe.fish"
+```
+
+</details>
+
 <details>
  <summary>Usage</summary>
-</details>
-->

-<!-- Uncomment if needed
+```sh
+# Install plugins.
+steampipe plugin install 'steampipe'
+steampipe plugin install 'aws'
+
+# Start the service.
+steampipe service start
+steampipe service start --database-port '9194'
+steampipe service start --database-listen 'local' --database-password 'MyCustomPassword'
+
+# Get the service's status.
+steampipe service status
+steampipe service status --all
+
+# View the database's password.
+steampipe service status --show-password
+
+# Restart the service.
+steampipe service restart
+
+# Stop the service.
+steampipe service stop
+steampipe service stop --force
+
+# List available queries.
+# Requires the 'mod' folder to exist.
+steampipe query list
+
+# Start the interactive query console.
+steampipe query
+
+# Execute batch queries.
+steampipe query 'query'
+steampipe query 'query' --output 'json'
+steampipe query 'query' --output 'csv' --separator '|'
+
+# Executes benchmarks and controls.
+steampipe check 'benchmark.cis_v130'
+steampipe check 'control.cis_v130_1_4' 'control.cis_v130_2_1_1'
+steampipe check 'all'
+steampipe check … --tag 'cis_level=1' --tag 'cis=true' --search-path-prefix 'aws_connection_2'
+steampipe check … --where "severity in ('critical', 'high')" --dry-run
+steampipe check … --theme 'light' --output 'brief' --export 'output.csv' --export 'output.json' --export 'md'
+steampipe check … --theme 'plain' --progress false
+```
+
+</details>
+
 <details>
  <summary>Real world use cases</summary>
+
+```sql
+-- Find all the roles that have AWS-managed policies attached
+select
+  r.name,
+  policy_arn,
+  p.is_aws_managed
+from
+  aws_iam_role as r,
+  jsonb_array_elements_text(attached_policy_arns) as policy_arn,
+  aws_iam_policy as p
+where
+  p.arn = policy_arn
+  and p.is_aws_managed;
+```
+
+Dashboards have been deprecated from Steampipe. Use [Powerpipe] instead.
+
 </details>
-->

 ## Further readings

 - [Website]
 - [Github]
+- [Steampipe unbundled]
 - [Flowpipe]
 - [Powerpipe]

 ### Sources

 - [Turbot pipes]
+- [Documentation]

 <!--
  Reference
@@ -53,7 +121,9 @@ Dynamically query APIs, code and more with SQL.

 <!-- Files -->
 <!-- Upstream -->
-[website]: https://steampipe.io/
+[documentation]: https://steampipe.io/docs
 [github]: https://github.com/turbot/steampipe
+[steampipe unbundled]: https://steampipe.io/blog/steampipe-unbundled
+[website]: https://steampipe.io/

 <!-- Others -->