Instantly Query AWS with Steampipe Using SQL

Blog post on using Steampipe to find S3 misconfigurations

How can I find security misconfigurations in my AWS accounts within minutes? How can I do that without spending weeks setting up data pipelines, or having to rely on old and outdated data?

You can do that with an open source tool named Steampipe with simple SQL queries. Let’s break it down.

What is Steampipe?

Steampipe is a Zero-ETL solution that lets you instantly query your AWS environments, which is helpful for finding security misconfigurations, for cost optimization, to generate inventories, etc…

It doesn’t require using a database, yet it still gives you the ability to query with SQL instead of having to learn a new proprietary language.

Example Use Cases

There are far too many use cases to list them all, but we just launched a Hands-On Lab for our Amazon Security course that teaches how to query AWS accounts to find S3 misconfigurations, so let’s talk about S3-related use cases. You can:

  • Retrieve basic S3 configuration information
  • List buckets that have versioning disabled
  • List objects that don’t comply with your policies
  • List buckets that don’t block public access
  • List buckets that don’t enforce encryption in transit
  • etc…

Steampipe has the ability to look at policies (like bucket policies) as well as account-level and service-level or resource-level configurations. It’s pretty cool and definitely worth trying out.

Follow the cheat sheet to get up and running in minutes, or launch our 1-click deploy now available to Cybr members: Instantly query AWS accounts for S3 security issues using Steampipe

Learn more about Steampipe https://steampipe.io/

Cheat Sheet

Cheat sheet showing how to find S3 misconfigurations using Steampipe

> More AWS Security cheat sheets <

Related Articles

Responses

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.