Install Powerpipe (https://powerpipe.io/downloads), or use Brew:
brew install turbot/tap/powerpipeThis mod also requires Steampipe with the AWS plugin as the data source. Install Steampipe (https://steampipe.io/downloads), or use Brew:
brew install turbot/tap/steampipe
steampipe plugin install awsSteampipe will automatically use your default AWS credentials. Optionally, you can setup multiple accounts or customize AWS credentials.
Finally, install the mod:
mkdir dashboards
cd dashboards
powerpipe mod init
git clone git@github.com:anandapteversent/well_architected_framework.git
powerpipe mod installStart Steampipe as the data source:
steampipe service startStart the dashboard server:
powerpipe serverBrowse and view your dashboards at http://localhost:9033.
Instead of running benchmarks in a dashboard, you can also run them within your
terminal with the powerpipe benchmark command:
List available benchmarks:
powerpipe benchmark listRun a benchmark:
powerpipe benchmark run well_architected_frameworkRun a benchmark for a specific pillar:
powerpipe benchmark run well_architected_framework_securityRun a benchmark for a specific question:
powerpipe benchmark run well_architected_framework_sec01Run a benchmark for a specific best practice:
powerpipe benchmark run well_architected_framework_sec01_bp01Different output formats are also available, for more information please see Output Formats.
The benchmark queries use common properties (like account_id, connection_name and region) and tags that are defined in the dependent AWS Compliance mod These properties can be executed in the following ways:
It's easiest to setup your vars file, starting with the sample:
cp steampipe.spvars.example steampipe.spvars
vi steampipe.spvarsAlternatively you can pass variables on the command line:
powerpipe benchmark run well_architected_framework_security --var 'common_dimensions=["account_id", "connection_name", "region"]'Or through environment variables:
export PP_VAR_common_dimensions='["account_id", "connection_name", "region"]'
export PP_VAR_tag_dimensions='["Environment", "Owner"]'
powerpipe benchmark run well_architected_framework_securityCommands -
powerpipe benchmark run aws_well_architected.benchmark.well_architected_framework --export csv
Well Architected Pillar IDs