Merge pull request #110 from turbot/release/v0.25

Release/v0.25

.github/ISSUE_TEMPLATE/bug_report.md

@@ -10,6 +10,9 @@ assignees: ''
 **Describe the bug**
 A clear and concise description of what the bug is.
 
+**Powerpipe version (`powerpipe -v`)**
+Example: v0.3.0
+
 **Steampipe version (`steampipe -v`)**
 Example: v0.3.0
 
@@ -23,4 +26,4 @@ Steps to reproduce the behavior (please include relevant code and/or commands).
 A clear and concise description of what you expected to happen.
 
 **Additional context**
-Add any other context about the problem here.
+Add any other context about the problem here.

.github/ISSUE_TEMPLATE/config.yml

@@ -3,6 +3,9 @@ contact_links:
   - name: Questions
     url: https://turbot.com/community/join
     about: GitHub issues in this repository are only intended for bug reports and feature requests. Other issues will be closed. Please ask and answer questions through the Steampipe Slack community.
+  - name: Powerpipe CLI Bug Reports and Feature Requests
+    url: https://github.com/turbot/powerpipe/issues/new/choose
+    about: Powerpipe CLI has its own codebase. Bug reports and feature requests for those pieces of functionality should be directed to that repository.
   - name: Steampipe CLI Bug Reports and Feature Requests
     url: https://github.com/turbot/steampipe/issues/new/choose
     about: Steampipe CLI has its own codebase. Bug reports and feature requests for those pieces of functionality should be directed to that repository.

.github/ISSUE_TEMPLATE/feature_request.md

@@ -1,10 +1,9 @@
 ---
 name: Feature request
 about: Suggest an idea for this project
-title: ''
+title: ""
 labels: enhancement
-assignees: ''
-
+assignees: ""
 ---
 
 **Is your feature request related to a problem? Please describe.**

.gitignore

@@ -10,4 +10,10 @@
 
 # Steampipe variable files
 *.spvars
-*.auto.spvars
+*.auto.spvars
+
+# Powerpipe variable files
+*.ppvars
+*.auto.ppvars
+
+.DS_Store

CHANGELOG.md

@@ -1,3 +1,16 @@
+## v0.25 [2024-03-06]
+
+_Powerpipe_
+
+[Powerpipe](https://powerpipe.io) is now the preferred way to run this mod!  [Migrating from Steampipe →](https://powerpipe.io/blog/migrating-from-steampipe)
+
+All v0.x versions of this mod will work in both Steampipe and Powerpipe, but v1.0.0 onwards will be in Powerpipe format only.
+
+_Enhancements_
+
+- Focus documentation on Powerpipe commands.
+- Show how to combine Powerpipe mods with Steampipe plugins.
+
 ## v0.24 [2024-02-15]
 
 _Bug fixes_

README.md

@@ -1,4 +1,9 @@
-# Terraform AWS Compliance Mod for Steampipe
+# Terraform AWS Compliance Mod for Powerpipe
+
+> [!IMPORTANT]
+> [Powerpipe](https://powerpipe.io) is now the preferred way to run this mod! [Migrating from Steampipe →](https://powerpipe.io/blog/migrating-from-steampipe)
+>
+> All v0.x versions of this mod will work in both Steampipe and Powerpipe, but v1.0.0 onwards will be in Powerpipe format only.
 
 140+ compliance and security controls to test your Terraform AWS resources against security best practices prior to deployment in your AWS accounts.
 
@@ -10,158 +15,109 @@ Or in a terminal:
 
 ![image](https://raw.githubusercontent.com/turbot/steampipe-mod-terraform-aws-compliance/main/docs/terraform_aws_compliance_console_output.png)
 
-## Getting started
+## Documentation
+
+- **[Benchmarks and controls →](https://hub.powerpipe.io/mods/turbot/terraform_aws_compliance/controls)**
+- **[Named queries →](https://hub.powerpipe.io/mods/turbot/terraform_aws_compliance/queries)**
+
+## Getting Started
 
 ### Installation
 
-Download and install Steampipe (https://steampipe.io/downloads). Or use Brew:
+Install Powerpipe (https://powerpipe.io/downloads), or use Brew:
 
 ```sh
-brew tap turbot/tap
-brew install steampipe
+brew install turbot/tap/powerpipe
 ```
 
-Install the terraform plugin with [Steampipe](https://steampipe.io):
+This mod also requires [Steampipe](https://steampipe.io) with the [Terraform plugin](https://hub.steampipe.io/plugins/turbot/terraform) as the data source. Install Steampipe (https://steampipe.io/downloads), or use Brew:
 
 ```sh
+brew install turbot/tap/steampipe
 steampipe plugin install terraform
 ```
 
-Clone:
+Finally, install the mod:
 
 ```sh
-git clone https://github.com/turbot/steampipe-mod-terraform-aws-compliance.git
+mkdir dashboards
+cd dashboards
+powerpipe mod init
+powerpipe mod install github.com/turbot/steampipe-mod-terraform-aws-compliance
 ```
 
-### Usage
-
-By default, the Terraform plugin configuration loads Terraform configuration
-files in your current working directory (CWD).
+### Browsing Dashboards
 
-To get started, change your CWD to where your TF files are located:
+Start Steampipe as the data source:
 
 ```sh
-cd /path/to/tf_files
+steampipe service start
 ```
 
-Then set the `STEAMPIPE_WORKSPACE_CHDIR` environment variable to the mod directory so Steampipe knows where to load benchmarks from:
+Start the dashboard server:
 
 ```sh
-export STEAMPIPE_WORKSPACE_CHDIR=/path/to/steampipe-mod-terraform-aws-compliance
+powerpipe server
 ```
 
-Start your dashboard server:
+Browse and view your dashboards at **http://localhost:9033**.
 
-```sh
-steampipe dashboard
-```
-
-By default, the dashboard interface will then be launched in a new browser
-window at http://localhost:9194. From here, you can run benchmarks by
-selecting one or searching for a specific one.
+### Running Checks in Your Terminal
 
 Instead of running benchmarks in a dashboard, you can also run them within your
-terminal with the `steampipe check` command.
-
-Run all benchmarks:
+terminal with the `powerpipe benchmark` command:
 
-```sh
-steampipe check all
-```
-
-Run all benchmarks for a specific compliance framework using tags:
+List available benchmarks:
 
 ```sh
-steampipe check all --tag gdpr=true
+powerpipe benchmark list
 ```
 
 Run a benchmark:
 
 ```sh
-steampipe check terraform_aws_compliance.benchmark.s3
-```
-
-Run a specific control:
-
-```sh
-steampipe check terraform_aws_compliance.control.s3_bucket_default_encryption_enabled
-```
-
-When running checks from the CWD, you can also run the `steampipe dashboard` and `steampipe check` commands using the `--workspace-chdir` command line argument:
-
-```sh
-steampipe dashboard --workspace-chdir=/path/to/steampipe-mod-terraform-aws-compliance
-steampipe check all --workspace-chdir=/path/to/steampipe-mod-terraform-aws-compliance
+powerpipe benchmark run terraform_aws_compliance.benchmark.s3
 ```
 
 Different output formats are also available, for more information please see
-[Output Formats](https://steampipe.io/docs/reference/cli/check#output-formats).
-
-### Credentials
+[Output Formats](https://powerpipe.io/docs/reference/cli/benchmark#output-formats).
 
-No credentials are required.
+### Common and Tag Dimensions
 
-### Configuration
+The benchmark queries use common properties (like `path` and `connection_name`) and tags that are defined in the form of a default list of strings in the `variables.sp` file. These properties can be overwritten in several ways:
 
-If you want to run benchmarks and controls across multiple directories
-containing Terraform configuration files, they can be run from within the
-`steampipe-mod-terraform-aws-compliance` mod directory after configuring the
-Terraform plugin configuration:
+It's easiest to setup your vars file, starting with the sample:
 
 ```sh
-vi ~/.steampipe/config/terraform.spc
-```
-
-```hcl
-connection "terraform" {
-  plugin = "terraform"
-  paths  = ["/path/to/files/*.tf", "/path/to/nested/files/**/*.tf"]
-}
+cp steampipe.spvars.example steampipe.spvars
+vi steampipe.spvars
 ```
 
-After setting up your Terraform plugin configuration, navigate to the `steampipe-mod-terraform-aws-compliance` mod directory and start the dashboard server:
+Alternatively you can pass variables on the command line:
 
 ```sh
-cd /path/to/steampipe-mod-terraform-aws-compliance
-steampipe dashboard
+powerpipe benchmark run terraform_aws_compliance.benchmark.s3 --var 'tag_dimensions=["Environment", "Owner"]'
 ```
 
-For more details on connection configuration, please refer to [Terraform Plugin Configuration](https://hub.steampipe.io/plugins/turbot/terraform#configuration).
-
-### Common and Tag Dimensions
-
-The benchmark queries use common properties (like `connection_name` and `path`) and tags that are defined in the form of a default list of strings in the `mod.sp` file. These properties can be overwritten in several ways:
-
-- Copy and rename the `steampipe.spvars.example` file to `steampipe.spvars`, and then modify the variable values inside that file
-- Pass in a value on the command line:
-
-  ```shell
-  steampipe check benchmark.ec2 --var 'common_dimensions=["connection_name", "path"]'
-  ```
+Or through environment variables:
 
-  ```shell
-  steampipe check benchmark.ec2 --var 'tag_dimensions=["Environment", "Owner"]'
-  ```
-
-- Set an environment variable:
-
-  ```shell
-  SP_VAR_common_dimensions='["connection_name", "path"]' steampipe check control.ec2_instance_not_publicly_accessible
-  ```
+```sh
+export PP_VAR_common_dimensions='["path", "connection_name"]'
+export PP_VAR_tag_dimensions='["Environment", "Owner"]'
+powerpipe benchmark run terraform_aws_compliance.benchmark.s3
+```
 
-  ```shell
-  SP_VAR_tag_dimensions='["Environment", "Owner"]' steampipe check control.ec2_instance_not_publicly_accessible
-  ```
+## Open Source & Contributing
 
-## Contributing
+This repository is published under the [Apache 2.0 license](https://www.apache.org/licenses/LICENSE-2.0). Please see our [code of conduct](https://github.com/turbot/.github/blob/main/CODE_OF_CONDUCT.md). We look forward to collaborating with you!
 
-If you have an idea for additional controls or just want to help maintain and extend this mod ([or others](https://github.com/topics/steampipe-mod)) we would love you to join the community and start contributing.
+[Steampipe](https://steampipe.io) and [Powerpipe](https://powerpipe.io) are products produced from this open source software, exclusively by [Turbot HQ, Inc](https://turbot.com). They are distributed under our commercial terms. Others are allowed to make their own distribution of the software, but cannot use any of the Turbot trademarks, cloud services, etc. You can learn more in our [Open Source FAQ](https://turbot.com/open-source).
 
-- **[Join #steampipe on Slack →](https://turbot.com/community/join)** and hang out with other Mod developers.
+## Get Involved
 
-Please see the [contribution guidelines](https://github.com/turbot/steampipe/blob/main/CONTRIBUTING.md) and our [code of conduct](https://github.com/turbot/steampipe/blob/main/CODE_OF_CONDUCT.md). All contributions are subject to the [Apache 2.0 open source license](https://github.com/turbot/steampipe-mod-terraform-aws-compliance/blob/main/LICENSE).
+**[Join #powerpipe on Slack →](https://turbot.com/community/join)**
 
-Want to help but not sure where to start? Pick up one of the `help wanted` issues:
+Want to help but don't know where to start? Pick up one of the `help wanted` issues:
 
-- [Steampipe](https://github.com/turbot/steampipe/labels/help%20wanted)
-- [Terraform AWS Compliance Mod](https://github.com/turbot/steampipe-mod-terraform-aws-compliance/labels/help%20wanted)
+- [Powerpipe](https://github.com/turbot/powerpipe/labels/help%20wanted)
+- [Terraform AWS Compliance Mod](https://github.com/turbot/steampipe-mod-terraform-aws-compliance/labels/help%20wanted)