We want to highlight some of the features that we have released that will improve the usability for CloudQuery users looking to catalog their AWS assets.
CloudQuery is the open-source cloud asset inventory powered by SQL, enabling you to catalog, audit, and evaluate the configurations and even drifts of your cloud assets.
CloudQuery key use-cases and features:
Org Support:
You used to have to manually create (and maintain) an account
block for each account in your entire organization. This was difficult for larger organizations where accounts are constantly being added and removed. We now integrate directly with AWS Organizations to find and configure all accounts in your Organization or in specific Organizational Units. Here is an example of a configuration for using the new orgs feature:
provider "aws" {
configuration {
org {
admin_account "admin" {
local_profile = "<NAMED_PROFILE>"
}
member_role_name = "OrganizationAccountAccessRole"
}
}
# Grab all supported resources
resources = [
"*"
]
}
for more information feel free to check out the documentation here
Credentials:
~/.aws/config
or ~/.aws/credentials
files. Prior to this all accounts sourced their credentials from default credential chain.
In the example below, account1
utilizes the default credential provider chain while account2
sources its credentials from the shared credentials fileprovider "aws" {
configuration {
\\ This account gets its credentials from the default credential chain (env variable, shared credentials file, ec2 metadata endpoint)
accounts "account1" {
role_arn = "<ARN_OF_ROLE_IN_account1>"
}
accounts "account2" {
local_profile = "<NAMED_PROFILE>"
role_arn = "<ARN_OF_ROLE_IN_account2>"
session_name = "NAMED_OF_SESSION"
}
}
}
ARN Field in All Tables:
New Resources:
If we are not supporting a resource that you need please reach out to us on Github, Discord or Twitter
What's next? As always more resources, providers, policies, improved stability, and support for storing policy results in your database. If you would like to influence our roadmap feel free to open an issue on our Github or Discord!