Find EC2, Lambda, and ECS Fargate resources with unrestricted outbound access in AWS using SQL. Why egress controls still break attack chains in 2026.
Joe Karlsson •
Set up AWS IAM Identity Center with Google Workspace: SAML authentication, SCIM user provisioning, and group sync with CLI or ssosync. Updated for 2026.
Joe Karlsson •
Create a GCP service account that reads across all your projects with one credential. Covers gcloud CLI, org-level vs. project-level grants, the API enablement gotcha that causes silent empty results, and a working CloudQuery config to query your entire GCP estate in SQL.
Joe Karlsson •
AWS CIS Benchmark hit v3.0 in 2024 with 40+ controls. Run automated compliance checks using SQL policies with exception management and multi-account views.
Joe Karlsson •
Enrich your cloud asset inventory with AbuseIPDB threat intelligence to identify public cloud IPs with known abuse reports.
Joe Karlsson •
AWS IAM Identity Center replaced AWS SSO in 2022. Learn how to set it up, configure permission sets, use the AWS CLI, and audit access with CloudQuery.
Joe Karlsson •
CWPP protects cloud workloads at runtime. CNAPP unifies CWPP, CSPM, and CIEM into one platform. Learn when each makes sense and how they compare.
Joe Karlsson •
Attack surface management finds exposed cloud assets before attackers do. Learn how ASM differs from CSPM and vulnerability management, with SQL examples.
Joe Karlsson •
Find out how CloudQuery can help you get clarity from a chaotic cloud environment with a personalized conversation and demo.
CloudQuery's use of cookies
We use tracking cookies to understand how you use the product and help us improve it. Your consent is required before we can enable these cookies. You can opt out via the link in the footer.