steampipe plugin install vanta

Vanta + Steampipe

Vanta helps businesses get and stay compliant by continuously monitoring your people, systems and tools to improve the security posture.

Steampipe is an open-source zero-ETL engine to instantly query cloud APIs using SQL.

List all active users in your organization:

select
display_name,
id,
email,
is_active
from
vanta_user
where
is_active;
+--------------+--------------------------+----------------+-----------+
| display_name | id | email | is_active |
+--------------+--------------------------+----------------+-----------+
| Simba | 5fb30b86a228f6b6f7024535 | simba@test.com | true |
| Timon | 5fb30b86a228f6b6f70245e7 | timon@test.com | true |
+--------------+--------------------------+----------------+-----------+

Documentation

Get started

Install

Download and install the latest Vanta plugin:

steampipe plugin install vanta

Credentials

The plugin uses two different endpoints that uses different credential mechanism

ItemDescription
CredentialsThe plugin uses two different endpoints that use different credential mechanisms:
1. Using a user's personal API token.
2. Using the cookie-based authentication by passing a unique session ID for every request.
PermissionsUser requires admin access to generate an API token to access the resources.
RadiusEach connection represents a single Vanta installation.
ResolutionCredentials explicitly set in a steampipe config file (~/.steampipe/config/vanta.spc).

Configuration

Installing the latest vanta plugin will create a config file (~/.steampipe/config/vanta.spc) with a single connection named vanta:

connection "vanta" {
plugin = "vanta"
# A personal API token to access Vanta API
# This is only required while querying `vanta_evidence` table.
# To generate an API token, refer: https://developer.vanta.com/docs/quick-start#1-make-an-api-token
# api_token = "97GtVsdAPwowRToaWDtgZtILdXI_agszONwajQslZ1o"
# Session ID of your current vanta session
# Set the value of `connect.sid` cookie from a logged in Vanta browser session
# Required to access tables that are using the https://app.vanta.com/graphql endpoint
# session_id = "s:3nZSteamPipe1fSu4iNV_1TB5UTesTToGK.zVANtaplugintest+GVxPvQffhnFY3skWlfkceZxXKSCjc"
}

The Vanta APIs generally use a user's personal API token to authenticate the requests. But some of the tables in this plugin use a different endpoint, which requires a unique session ID to access the query endpoint.

To retrieve your Session ID:

  • Log into the Vanta console.
  • Open your browser developer tools.
  • Open the Network view to see and analyze the network requests that make up each individual page load within a single user's session.
  • Open any graphql request from the list and check the Cookies section to get the list of request cookies.
  • Get the session ID value from the list named as connect.sid.

Postgres FDW

This plugin is available as a native Postgres FDW. Unlike Steampipe CLI, which ships with an embedded Postgres server instance, the Postgres FDW can be installed in any supported Postgres database version.

You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_postgres_installer.sh script:

/bin/sh -c "$(curl -fsSL https://steampipe.io/install/postgres.sh)" -- vanta

The installer will prompt you for the plugin name and version, download and install the appropriate files for your OS, system architecture, and Postgres version.

To configure the Postgres FDW, you will create an extension, foreign server, and schema and import the foreign schema.

CREATE EXTENSION IF NOT EXISTS steampipe_postgres_vanta;
CREATE SERVER steampipe_vanta FOREIGN DATA WRAPPER steampipe_postgres_vanta OPTIONS (config '<your_config>');
CREATE SCHEMA vanta;
IMPORT FOREIGN SCHEMA vanta FROM SERVER steampipe_vanta INTO vanta;

SQLite Extension

This plugin is available as a SQLite Extension, making the tables available as SQLite virtual tables.

You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_sqlite_installer.sh script:

/bin/sh -c "$(curl -fsSL https://steampipe.io/install/sqlite.sh)" -- vanta

The installer will prompt you for the plugin name, version, and destination directory. It will then determine the OS and system architecture, and it will download and install the appropriate package.

To configure the SQLite extension, load the extension module and then run the steampipe_configure_vanta function to configure it with plugin-specific options.

$ sqlite3
sqlite> .load ./steampipe_sqlite_extension_vanta.so
sqlite> select steampipe_configure_vanta('<your_config>');

Export

This plugin is available as a standalone Export CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.

You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:

/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- vanta

You can pass the configuration to the command with the --config argument:

steampipe_export_vanta --config '<your_config>' <table_name>