Resoto vs. Steampipe
Resoto can be used as an alternative to Steampipe.
Steampipe is an open-source project that uses SQL to query cloud infrastructure, SaaS, code, logs, and more.
Steampipe uses foreign data wrappers to create a PostgreSQL abstraction on top of APIs.
Steampipe is developed and maintained by Turbot, a cloud governance platform.
Similarities Between Resoto and Steampipe​
Just like Resoto, Steampipe queries cloud APIs to deliver resource metadata.
With both Resoto and Steampipe, you can:
- Write queries to ask questions about your cloud infrastructure
- Correlate data from different sources (e.g., a GitHub repository and a cloud resource)
- Run security and compliance checks write the output of a query to a CSV file
Differences Between Resoto and Steampipe​
At its core, Steampipe is a CLI tool with a wrapper around an embedded PostgreSQL instance.
The PostgreSQL instance starts and stops with the tool—i.e., Steampipe does not store any data. That makes Steampipe suitable for ad-hoc queries, but less ideal for exploration and tracking metrics.
| Resoto | Steampipe | |
|---|---|---|
| Full-Text Search | Creates an inventory of discovered resources and offers full-text search as an easy way to explore your cloud inventory. | Does not offer full-text search capabilities. |
| Remediation | Integrates analytics and governance into a single product to enforce policies and perform actions on resources. Offers commands and jobs to automate remediation. Can be used to write custom code and rules for any resource in a cloud-agnostic way. | Only runs queries and does not make changes to the state of resources. An infrastructure-as-code tool (e.g., Terraform) or governance tool (e.g., Cloud Custodian) is required to modify resources,introducing friction, delays, and human error. |
| Data Collection | Runs an ETL process that syncs data on a regular schedule into a graph database. Also exports metrics automatically to a time-series database. | Performs ad-hoc queries to cloud APIs and does not store data. |
| Context | Provides context for each resource through its asset inventory graph. | Collects a list of resources, but not their dependencies and relationships. (For example, Steampipe can surface a non-compliant resource, but not the "blast radius" that would result from deleting the resource.) |
| Performance | Separates data ingest, transformations, storage, and queries for a scalable approach to analyzing infrastructure. | Works well for ad-hoc queries in smaller environments. For larger infrastructures with hundreds of different accounts or complex queries, triggers a lot of connections and can stall during initialization. Every query opens up a new live connection. Performing data collection in all accounts takes time and is resource intensive. Let's say a user wants to query 100 Google Cloud projects with 85 services and 100 AWS accounts with 380 services. That's PostgreSQL tables to initialize (all foreign tables containing no data). |
| Resources | Supports popular data sources and allows you to build your own plugins to collect data from any source. | Currently supports more platforms and resources than Resoto. |
| License | Uses the permissive Apache 2.0 license. | Licensed under AGPLv3, a restrictive copy-left license. |
