cloudquery
cloudquery
Home
Github
Schema Explorer
Welcome to cloudquery
Quick Start
Database Configuration
Deployment
CLI
Overview
Developers
Architecture
Developing New Providers
AWS
Authentication
AWS Query Examples
Reference
Azure
Reference
GCP
Authentication
GCP Query Examples
Reference
Okta
Authentication
Reference
Kubernetes
Reference
Authentication
Powered by GitBook

Quick Start

Download & Install

You can download the precompiled binary from releases, or using CLI:

Pre-Compiled Binaries
Homebrew
Docker
Pre-Compiled Binaries

Download latest version:

export OS=Darwin # Possible values: Linux,Windows,Darwin
curl -L https://github.com/cloudquery/cloudquery/releases/latest/download/cloudquery_${OS}_x86_64 -o cloudquery
chmod a+x cloudquery

Download specific version:

export OS=Darwin # Possible values: Linux,Windows,Darwin
export VERSION= # specifiy a version
curl -L https://github.com/cloudquery/cloudquery/releases/download/${VERSION}/cloudquery_${OS}_x86_64 -o cloudquery
Homebrew
brew install cloudquery/tap/cloudquery
# After initial install you can upgrade the version via:
brew upgrade cloudquery
Docker

config.yml should be mounted so cloudquery can read it

# Dockers are hosted at github container registry https://github.com/orgs/cloudquery/packages/container/package/cloudquery
docker pull ghcr.io/cloudquery/cloudquery:latest
docker run -v /data:/data -it ghcr.io/cloudquery/cloudquery:latest --path /data/config.yml --dsn "host=localhost user=postgres password=pass DB.name=postgres port=5432"

Running

Currently, we support: AWS, Azure, GCP, Okta. If you want us to add a new provider or resource please open an Issue.

First generate a config.yml file that will describe which resources you want cloudquery to pull, normalize and transform resources to the specified SQL database by running the following command:

./cloudquery gen config aws
# ./cloudquery gen config gcp okta # This will generate a config containing gcp and okta providers
# ./cloudquery gen config --help # Show all possible auto generated configs and flags

Once your config.yml is generated run the following command to fetch the resources (you need to be authenticated - see relevant section under each provider):

./cloudquery fetch
# ./cloudquery fetch --help # Show all possible fetch flags

If you used the default sqlite provider you can run the following example queries

List ec2_images:

SELECT * FROM aws_ec2_images;

Find all public facing AWS load balancers:

SELECT * FROM aws_elbv2_load_balancers WHERE scheme = 'internet-facing';

Running policy packs

cloudquery comes with some ready compliance policy pack which you can use as is or modify to fit your use-case.

Currently, cloudquery support AWS CIS policy pack (it is under active development, so it doesn't cover the whole spec yet).

To run AWS CIS pack enter the following commands (make sure you fetched all the resources beforehand by the fetch command):

./cloudquery gen policy aws_cis
./cloudquery query
Previous
Welcome to cloudquery
Next
Database Configuration
Last updated 1 month ago
Edit on GitHub
Contents
Download & Install
Running