steampipe plugin install vantasteampipe plugin install vanta

Vanta + Steampipe

Vanta helps businesses get and stay compliant by continuously monitoring your people, systems and tools to improve the security posture.

Steampipe is an open source CLI to instantly query cloud APIs using SQL.

List all active users in your organization:

| display_name | id | email | is_active |
| Simba | 5fb30b86a228f6b6f7024535 | simba@test.com | true |
| Timon | 5fb30b86a228f6b6f70245e7 | timon@test.com | true |


Get started


Download and install the latest Vanta plugin:

steampipe plugin install vanta


The plugin uses two different endpoints that uses different credential mechanism

CredentialsThe plugin uses two different endpoints that use different credential mechanisms:
1. Using a user's personal API token.
2. Using the cookie-based authentication by passing a unique session ID for every request.
PermissionsUser requires admin access to generate an API token to access the resources.
RadiusEach connection represents a single Vanta installation.
ResolutionCredentials explicitly set in a steampipe config file (~/.steampipe/config/vanta.spc).


Installing the latest vanta plugin will create a config file (~/.steampipe/config/vanta.spc) with a single connection named vanta:

connection "vanta" {
plugin = "vanta"
# A personal API token to access Vanta API
# This is only required while querying `vanta_evidence` table.
# To generate an API token, refer: https://developer.vanta.com/docs/quick-start#1-make-an-api-token
# api_token = "97GtVsdAPwowRToaWDtgZtILdXI_agszONwajQslZ1o"
# Session ID of your current vanta session
# Set the value of `connect.sid` cookie from a logged in Vanta browser session
# Required to access tables that are using the https://app.vanta.com/graphql endpoint
# session_id = "s:3nZSteamPipe1fSu4iNV_1TB5UTesTToGK.zVANtaplugintest+GVxPvQffhnFY3skWlfkceZxXKSCjc"

The Vanta APIs generally use a user's personal API token to authenticate the requests. But some of the tables in this plugin use a different endpoint, which requires a unique session ID to access the query endpoint.

To retrieve your Session ID:

  • Log into the Vanta console.
  • Open your browser developer tools.
  • Open the Network view to see and analyze the network requests that make up each individual page load within a single user's session.
  • Open any graphql request from the list and check the Cookies section to get the list of request cookies.
  • Get the session ID value from the list named as connect.sid.

Get involved