turbot/vanta

GitHub
steampipe plugin install vantasteampipe plugin install vanta

Vanta + Steampipe

Vanta helps businesses get and stay compliant by continuously monitoring your people, systems and tools to improve the security posture.

Steampipe is an open source CLI to instantly query cloud APIs using SQL.

List all active users in your organization:

select
display_name,
id,
email,
is_active
from
vanta_user
where
is_active;
+--------------+--------------------------+----------------+-----------+
| display_name | id | email | is_active |
+--------------+--------------------------+----------------+-----------+
| Simba | 5fb30b86a228f6b6f7024535 | simba@test.com | true |
| Timon | 5fb30b86a228f6b6f70245e7 | timon@test.com | true |
+--------------+--------------------------+----------------+-----------+

Documentation

Get started

Install

Download and install the latest Vanta plugin:

steampipe plugin install vanta

Credentials

The plugin uses two different endpoints that uses different credential mechanism

ItemDescription
CredentialsThe plugin uses two different endpoints that use different credential mechanisms:
1. Using a user's personal API token.
2. Using the cookie-based authentication by passing a unique session ID for every request.
PermissionsUser requires admin access to generate an API token to access the resources.
RadiusEach connection represents a single Vanta installation.
ResolutionCredentials explicitly set in a steampipe config file (~/.steampipe/config/vanta.spc).

Configuration

Installing the latest vanta plugin will create a config file (~/.steampipe/config/vanta.spc) with a single connection named vanta:

connection "vanta" {
plugin = "vanta"
# A personal API token to access Vanta API
# This is only required while querying `vanta_evidence` table.
# To generate an API token, refer: https://developer.vanta.com/docs/quick-start#1-make-an-api-token
# api_token = "97GtVsdAPwowRToaWDtgZtILdXI_agszONwajQslZ1o"
# Session ID of your current vanta session
# Set the value of `connect.sid` cookie from a logged in Vanta browser session
# Required to access tables that are using the https://app.vanta.com/graphql endpoint
# session_id = "s:3nZSteamPipe1fSu4iNV_1TB5UTesTToGK.zVANtaplugintest+GVxPvQffhnFY3skWlfkceZxXKSCjc"
}

The Vanta APIs generally use a user's personal API token to authenticate the requests. But some of the tables in this plugin use a different endpoint, which requires a unique session ID to access the query endpoint.

To retrieve your Session ID:

  • Log into the Vanta console.
  • Open your browser developer tools.
  • Open the Network view to see and analyze the network requests that make up each individual page load within a single user's session.
  • Open any graphql request from the list and check the Cookies section to get the list of request cookies.
  • Get the session ID value from the list named as connect.sid.

Get involved