Plugins

turbot/onepassword

GitHub
Overview
11Tables
Versions
GitHub
steampipe plugin install onepasswordsteampipe plugin install onepassword
On This Page
Documentation
Quick start
Get involved
Get Involved
Edit on GitHub
Discuss on Slack
Source Code
turbot/steampipe-plugin-onepassword
License
Apache License 2.0
Version
v0.0.2
Published
26 Jul 2023

1Password + Steampipe

1Password is a password manager, digital vault, form filler and secure digital wallet.

Steampipe is an open source CLI to instantly query cloud APIs using SQL.

List your 1Password items:

select
  id,
  title,
  vault_id,
  favorite,
  category,
  created_at
from
  onepassword_item;
+----------------------------+---------------------------------------------+----------------------------+----------+------------------+---------------------------+
| id                         | title                                       | vault_id                   | favorite | category         | created_at                |
+----------------------------+---------------------------------------------+----------------------------+----------+------------------+---------------------------+
| kvmaoszyhzbvze6g5tvr6qg2a  | steampipe-test Access Token: steampipe-test | wygy6zfmgzdlzckgruraltkma | false     | API_CREDENTIAL   | 2022-10-11T20:36:34+05:30 |
| ys6wwudn2jchffycnvaruun7y  | Secure Note                                 | wygy6zfmgzdlzckgturaltkma | false     | SECURE_NOTE      | 2023-04-24T15:15:56+05:30 |
| jskefwj3k5nefswdwfopxv4ca  | API Credential                              | wygy6zfmgzdlzckgturaltkma | false     | API_CREDENTIAL   | 2023-04-24T14:51:08+05:30 |
+----------------------------+---------------------------------------------+----------------------------+----------+------------------+---------------------------+

Documentation

Quick start

Install

Download and install the latest 1Password plugin:

steampipe plugin install onepassword

Credentials

ItemDescription
Credentials1Password requires an Access Token or Access Token and a URL for all requests.
PermissionsThe permission scope of access tokens is limited to the vaults that the admin provides access to.
RadiusEach connection represents a single 1Password Installation.
Resolution1. Credentials explicitly set in a steampipe config file (~/.steampipe/config/onepassword.spc)
2. Credentials specified in environment variables, e.g., OP_CONNECT_TOKEN, OP_CONNECT_HOST.

Configuration

Installing the latest 1Password plugin will create a config file (~/.steampipe/config/onepassword.spc) with a single connection named onepassword:

Configure your account details in ~/.steampipe/config/onepassword.spc:

connection "onepassword" {
  plugin = "onepassword"


  # Token is required for requests. Required.
  # See instructions at https://developer.1password.com/docs/connect/manage-secrets-automation#issue-revoke-or-rename-an-access-token
  # This can also be set via the `OP_CONNECT_TOKEN` environment variable.
  # token = "eyJhbGciOiJFUzI1NiIsImtpZCI6InFuN3JwcmZhbnJqZ2V1bWU2eTNidGpjdHN5IiwidHlwIjoiSldUIn0.eyIxcGFzc3dvcmQuY29tL2F1dWlkIjoiVEpGVzVZTlRJSkMzSkNXRFgzQ0dWTUpCSDQiLCIxcGFzc3dvcmQuY29tL3Rva2VuIjoib2tnZGZJWHpEaDhWWkNkRHVNRjZNSUplRUlwN3ZrYUQiLCIxcGFzc3dvcmQuY29tL2Z0cyI6WyJ2YXVsdGFjY2VzcyJdLCIxcGFzc3dvcmQuY29tL3Z0cyI6W3sidSI6ImZwZDR1dW00bHJicTMycG8ybXR2ZGo0c3hpI"


  # The host URL set to default http://localhost:8080. Optional.
  # This can also be set via the `OP_CONNECT_HOST` environment variable.
  # url = "http://localhost:8080"
}

Alternatively, you can also use the standard 1Password environment variables to obtain credentials only if token and url are not specified in the connection:

export OP_CONNECT_TOKEN=eyJhbGciOiJFUzI1NiIsImtpZCI6InFuN3JwcmZhbnJqZ2V1bWU2eTNidGpjdHN5IiwidHlwIjoiSldUIn0.eyIxcGFzc3dvcmQuY29tL2F1dWlkIjoiVEpGVzVZTlRJSkMzSkNXRFgzQ0dWTUpCSDQiLCIxcGFzc3dvcmQuY29tL3Rva2VuIjoib2tnZGZJWHpEaDhWWkNkRHVNRjZNSUplRUlwN3ZrYUQiLCIxcGFzc3dvcmQuY29tL2Z0cyI6WyJ2YXVsdGFjY2VzcyJdLCIxcGFzc3dvcmQuY29tL3Z0cyI6W3sidSI6ImZwZDR1dW00bHJicTMycG8ybXR2ZGo0c3hpI
export OP_CONNECT_HOST=http://localhost:8080

Get involved