Terraform Enterprise + Steampipe
Terraform Enterprise is a cloud hosting company that provides virtual private servers and other infrastructure services.
Steampipe is an open-source zero-ETL engine to instantly query cloud APIs using SQL.
List workspaces in your Terraform Enterprise organization:
select name, execution_mode, resource_countfrom tfe_workspace+-----------------+----------------+----------------+| name | execution_mode | resource_count |+-----------------+----------------+----------------+| getting-started | remote | 5 |+-----------------+----------------+----------------+Documentation
Get started
Install
Download and install the latest Terraform Enterprise plugin:
steampipe plugin install tfeCredentials
| Item | Description |
|---|---|
| Credentials | Terraform Cloud/Enterprise requires a token for all requests. |
| Radius | Each connection represents a single Terraform Cloud/Enterprise account. |
| Resolution | 1. Credentials explicitly set in a Steampipe config file (~/.steampipe/config/tfe.spc).2. Credentials specified in environment variables e.g. TFE_TOKEN. |
Configuration
Installing the latest tfe plugin will create a config file (~/.steampipe/config/tfe.spc) with a single connection named tfe:
connection "tfe" { plugin = "tfe"
# Get your API token per https://www.terraform.io/docs/cloud/users-teams-organizations/api-tokens.html # If `token` is not specified, Steampipe will use the token in the `TFE_TOKEN` environment variable, if set #token = "hE1hlYILrSqpqh.atlasv1.ARuZuyzl33F71WR55s6ln5GQ1HWIwTDDH3MiRjz7OnpCfaCb1RCF5zGaSncCWmJdCYA"
# Name of the organization to connect to #organization = "example-org"
# Terraform Cloud or Terraform Enterprise hostname # If `hostname` is not specified, the hostname will be determined in the following order: # - The `TFE_HOSTNAME` environment variable, if set; otherwise # - Default to app.terraform.io #hostname = "app.terraform.io"}Multi-Organization Connections
You may create multiple tfe connections:
connection "tfe_01" { plugin = "tfe" token = "5a76843869c183a4ea901c79102bfa1f667f39a2ea0ba857c9a35a9885d91fbd" organization = "example-org-872e34"}
connection "tfe_02" { plugin = "tfe" token = "6a76843869c183a4ea901c79102bfa1f667f39a2ea0ba857c9a35a9885d91fcd" organization = "example-org-123f45"}
connection "tfe_03" { plugin = "tfe" token = "7a76843869c183a4ea901c79102bfa1f667f39a2ea0ba857c9a35a9885d91fef" organization = "example-org-123f90"}Each connection is implemented as a distinct Postgres schema. As such, you can use qualified table names to query a specific connection:
select *from tfe_02.tfe_workspaceAlternatively, you can use an unqualified name and it will be resolved according to the Search Path:
select *from tfe_workspaceYou can use multi-organization connections by using an aggregator connection. Aggregators allow you to query data from multiple connections for a plugin as if they are a single connection:
connection "tfe_all" { plugin = "tfe" type = "aggregator" connections = ["tfe_01", "tfe_02", "tfe_03"]}Querying tables from this connection will return results from the tfe_01, tfe_02, and tfe_03 connections:
select *from tfe_all.tfe_workspaceSteampipe supports the * wildcard in the connection names. For example, to aggregate all the TFE plugin connections whose names begin with tfe_:
connection "tfe_all" { type = "aggregator" plugin = "tfe" connections = ["tfe_*"]}Aggregators are powerful, but they are not infinitely scalable. Like any other Steampipe connection, they query APIs and are subject to API limits and throttling.
Postgres FDW
This plugin is available as a native Postgres FDW. Unlike Steampipe CLI, which ships with an embedded Postgres server instance, the Postgres FDW can be installed in any supported Postgres database version.
You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_postgres_installer.sh script:
/bin/sh -c "$(curl -fsSL https://steampipe.io/install/postgres.sh)" -- tfeThe installer will prompt you for the plugin name and version, download and install the appropriate files for your OS, system architecture, and Postgres version.
To configure the Postgres FDW, you will create an extension, foreign server, and schema and import the foreign schema.
CREATE EXTENSION IF NOT EXISTS steampipe_postgres_tfe;CREATE SERVER steampipe_tfe FOREIGN DATA WRAPPER steampipe_postgres_tfe OPTIONS (config '<your_config>');CREATE SCHEMA tfe;IMPORT FOREIGN SCHEMA tfe FROM SERVER steampipe_tfe INTO tfe;SQLite Extension
This plugin is available as a SQLite Extension, making the tables available as SQLite virtual tables.
You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_sqlite_installer.sh script:
/bin/sh -c "$(curl -fsSL https://steampipe.io/install/sqlite.sh)" -- tfeThe installer will prompt you for the plugin name, version, and destination directory. It will then determine the OS and system architecture, and it will download and install the appropriate package.
To configure the SQLite extension, load the extension module and then run the steampipe_configure_tfe function to configure it with plugin-specific options.
$ sqlite3sqlite> .load ./steampipe_sqlite_extension_tfe.sosqlite> select steampipe_configure_tfe('<your_config>');Export
This plugin is available as a standalone Export CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.
You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:
/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- tfeYou can pass the configuration to the command with the --config argument:
steampipe_export_tfe --config '<your_config>' <table_name>