Steampipe sees Cloud as a simple Database. Yes you guessed it right, you can query your cloud using SQL. Steampipe is a tool which can be simply defined as So the question is what am I using now if not Boto? It is Steampipe. Using Boto on crazy number of accounts feels like this: I am not saying its really hard to write that code, but it gets harder to maintain it, pass it on to a fellow developer. But lets say I want you to get all my Guard Duty findings in ALL Regions ALL Accounts, it becomes frustratingly complex. Here I have taken IAM as an example, which is Global, so no worries about specifying Regions and stuff. Now adding little more detail to the requirement - don’t just scan our Prod account, scan all our 15 or 20 accounts for that matter, number here is just an example. Steampipe reaktor code#Let me add some more detail here, the account which you will scan has 700+ users in it, code becomes little complex due to pagination and stuff but still does the job. For example - this is my requirement: know which user has not enabled their MFA but is still able to do things in the account and is not added to any group which enforces MFA, sounds clear and simple right?. But just like any other tool, we started seeing the cons of it when it is being used at scale. It really felt good to use Boto3 which makes it easier to query and analyze data at same place. Boto3 is undoubtedly one of the most used and wonderful SDKs used to make API calls to AWS in order to configure, manage and Query AWS Resources. Exploring Steampipe as an alternative for Querying What is Boto3?īoto3 is just the name of Python SDK for AWS.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |