Turbot Pipes
Query everything. Code your controls. Automate your operations.
Overview
Turbot Pipes is an open-source tool that allows you to query your cloud environment using SQL. It provides a unified way to access data from your cloud providers, and you can use it to build custom security and compliance checks. While not a traditional IaC scanner, it can be used to audit your deployed infrastructure for compliance.
✨ Key Features
- Query your cloud environment with SQL
- Support for AWS, Azure, Google Cloud, and more
- Over 200 open-source mods with pre-built queries and controls
- Build custom security and compliance checks
- Automate your cloud operations
- Open-source and extensible
🎯 Key Differentiators
- Query your cloud with SQL
- Large library of open-source mods
- Focus on automation and operations
Unique Value: Provides a powerful and flexible way to query and manage your cloud environment using a familiar language (SQL).
🎯 Use Cases (4)
✅ Best For
- Finding all publicly accessible S3 buckets in your AWS account
- Checking for compliance with CIS benchmarks
💡 Check With Vendor
Verify these considerations match your specific requirements:
- Static analysis of IaC files (it operates on deployed resources)
- Real-time threat detection
🏆 Alternatives
Offers a more flexible and extensible approach than many traditional cloud management tools.
💻 Platforms
🔌 Integrations
💰 Pricing
Free tier: Full open-source version is free.
🔄 Similar Tools in IaC Compliance
Snyk IaC
Find and fix security issues in Terraform, CloudFormation, Kubernetes, and ARM templates....
Checkov
An open-source static analysis tool for infrastructure as code....
Terrascan
An open-source static code analyzer for Infrastructure as Code....
KICS by Checkmarx
An open-source solution for static analysis of IaC....
tfsec
A static analysis security scanner for Terraform code....
Open Policy Agent
An open-source, general-purpose policy engine....