Changelog
Subscribe to Powerpipe changelog via RSS or join #changelog on our Slack community to stay updated on everything we ship.
Powerpipe CLI v0.2.0 - Added timeout flags for benchmark and dashboard execution commands
Whats new
- It is now possible to set a timeout for benchmark and dashboard execution. These can be set:
- In the workspace using properties:
dashboard_timeout
andbenchmark_timeout
- Using the
--dashboard-timeout
flag for thedashboard run
andserver
commands - Using the
--benchmark-timeout
flag for thebenchmark run
commands. - Using the environment variables
POWERPIPE_DASHBOARD_TIMEOUT
andPOWERPIPE_BENCHMARK_TIMEOUT
respectively. (#336)
- In the workspace using properties:
- Support installing private mods using a GitHub app token. (#381).
- Improve the layout of filter and grouping components for control tags and dimensions. (#263)
- Remove the
dashboard input list
anddashboard input show
commands. - Add thousands separator to numeric values in dashboard tables. (#315)
- Only show benchmark cards for statuses that are contained in the current filter and add status to filter on card click. (#322)
Bug fixes
Guardrails Insights mod v0.4 - Updated the workspace_dashboard to include information on the accounts, resources, and active controls across different workspaces
Enhancements
- Updated the
workspace_dashboard
dashboard to include information on the accounts, resources, and active controls across different workspaces. (#31) - Updated the
workspace_account_report
dashboard to display resources, policy settings, alerts, and active controls across workspaces instead of the TE version. (#31)
AWS Compliance mod v0.92 - Enhanced several queries to minimize API usage, achieving faster performance
Enhancements
- Optimized several queries to minimize API usage, achieving faster performance. (#786)
GCP Compliance mod v0.30 - Added CIS v3.0.0 benchmark
What's new?
- Added CIS v3.0.0 benchmark (
powerpipe benchmark run gcp_compliance.benchmark.cis_v300
). (#158)
AWS Compliance mod v0.91 - Updated foundational_security_lambda_2 control to check for the latest Lambda runtimes as per the AWS FSBP documentation
Bug fixes
- Updated the
foundational_security_lambda_2
control to check for the latest Lambda runtimes as per the AWS FSBP document. (#778) (Thanks @sbldevnet for the contribution!) - Fixed the title of
secretsmanager_secret_unused_90_day
control. (#783)
Azure Compliance mod v0.43 - Added new controls to All Controls benchmark
Enhancements
- Added the following controls to the
All Controls
benchmark: (#253)cosmosdb_account_uses_aad_and_rbac
iam_user_not_allowed_to_create_tenants
securitycenter_image_scan_enabled
Bug fixes
- Updated the
postgres_db_server_allow_access_to_azure_services_disabled
query to check if theendIpAddress
column is set to0.0.0.0
instead of255.255.255.255
as per the CIS documentation. (#253)
AWS Thrifty mod v0.29 - Added new control rds_mysql_postresql_db_no_unsupported_version
What's new?
- New control added:
rds_mysql_postresql_db_no_unsupported_version
(#174)
AWS Insights mod v0.20 - Fixed the `ecs_cluster_active_service_count` query in the `AWS ECS Cluster Dashboard` to correctly return the count of `Cluster Active Services` instead of `ECS Clusters`
AWS Compliance mod v0.90 - Added new sub-benchmarks and controls to AWS Foundational Security Best Practices benchmark
Breaking changes
- The
Foundational Security Best Practices v1.0.0
benchmark has been updated to better align with the matching AWS Security Hub. The following updates have been made: (#772)- The
foundational_security_elbv2
sub-benchmark have been removed. - The following controls are no longer included in the benchmarks:
foundational_security_cloudfront_2
foundational_security_ec2_22
foundational_security_s3_4
- The
Enhancements
- The
Foundational Security Best Practices v1.0.0
benchmark has been updated to better align with the matching AWS Security Hub. The following updates have been made: (#772)- The following sub-benchmarks have been added to the
foundational_security
benchmark:foundational_security_appsync
foundational_security_backup
foundational_security_eventbridge
foundational_security_fsx
foundational_security_msk
foundational_security_pca
foundational_security_route53
foundational_security_sfn
- The following controls have been added to the benchmarks:
foundational_security_acm_2
foundational_security_appsync_2
foundational_security_backup_1
foundational_security_cloudfront_13
foundational_security_dms_6
foundational_security_dms_7
foundational_security_dms_8
foundational_security_dms_9
foundational_security_docdb_3
foundational_security_docdb_4
foundational_security_docdb_5
foundational_security_dms_9
foundational_security_dynamodb_6
foundational_security_ec2_51
foundational_security_ecs_9
foundational_security_eks_8
foundational_security_elasticbeanstalk_3
foundational_security_emr_2
foundational_security_eventbridge_3
foundational_security_fsx_1
foundational_security_msk_1
foundational_security_networkfirewall_2
foundational_security_networkfirewall_9
foundational_security_opensearch_10
foundational_security_pca_1
foundational_security_rds_34
foundational_security_rds_35
foundational_security_route53_2
foundational_security_s3_19
foundational_security_sfn_1
foundational_security_waf_12
- The following sub-benchmarks have been added to the
GitLab Insights mod v0.4 - Fixed the `project_license_table`, `project_other_license_count` and `project_weak_copyleft_license_count` queries to use the latest version of EUP (European Union Public License 1.2)
Bug fixes
- Fixed the
project_license_table
,project_other_license_count
andproject_weak_copyleft_license_count
queries to use the latest version of EUP (European Union Public License 1.2). (#13)
GitHub Insights mod v0.5 - Fixed the `project_license_table`, `project_other_license_count` and `project_weak_copyleft_license_count` queries to use the latest version of EUP (European Union Public License 1.2)
Bug fixes
- Fixed the
repository_license_table
,repository_other_license_count
andrepository_weak_copyleft_license_count
queries to use the latest version of EUP (European Union Public License 1.2). (#25)
GCP Compliance mod v0.29 - Fixed the CIS controls from `cis_v200_2_4` to `cis_v200_2_11` to correctly evaluate results when using the aggregator connection of the GCP plugin
Bug fixes
- Fixed the CIS controls from
cis_v200_2_4
tocis_v200_2_11
to correctly evaluate results when using the aggregator connection of the GCP plugin. (#154)
Powerpipe CLI v0.1.3 - Fix snapshot output for `benchmark run` command
Bug fixes
- When exporting or displaying a
benchmark run
result as a snapshot, ensure the top level panel has a valid summary. (#274) - Update
mod list
output to includeresource_name
andmod
fields.
Azure Compliance mod v0.42 - Added CIS v2.1.0 benchmark
What's new?
- Added CIS v2.1.0 benchmark (
powerpipe benchmark run azure_compliance.benchmark.cis_v210
). (#250)
Powerpipe CLI v0.1.2 - Optimize workspace load time when many mod dependencies are installed.
Whats new
- Optimize workspace load time for large workspaces with multiple dependent mods. (#365)
Powerpipe CLI v0.1.1 - Fix notification when updated CLI version is available
Powerpipe Mods - 52 new mods
We're thrilled to announce the release of 52 new Powerpipe mods, featuring pre-built dashboards and benchmarks for cloud inventory & insights, security & compliance, cost management and shift-left scanning. These include the 43 Steampipe mods to visualize AWS, Azure, GCP, GitHub, Terraform and more using Steampipe as the database. And 9 new, ready-to-use Powerpipe mods providing easy to learn examples to visualize data in Postgres, SQLite, DuckDB, and MySQL!
A full list of mods can be found in the Powerpipe Hub.
For more information on how you can get started incorporating these mods into your own custom dashboards and benchmarks, please see Introducing Powerpipe - Composable Mods.
Powerpipe v0.1.0 - Dashboards for DevOps
Introducing Powerpipe - Dashboards for DevOps.
Benchmarks - 5,000+ open-source controls from CIS, NIST, PCI, HIPAA, FedRamp and more. Run instantly on your machine or as part of your deployment pipeline.
Relationship Diagrams - The only dashboarding tool designed from the ground up to visualize DevOps data. Explore your cloud,understand relationships and drill down to the details.
Dashboards & Reports - High level dashboards provide a quick management view. Reports highlight misconfigurations and attention areas. Filter, pivot and snapshot results.
Code, not clicks - Our dashboards are code. Version controlled, composable, shareable, easy to edit - designed for the way you work. Join our open-source community!
Learn more at:
- Website - https://powerpipe.io
- Docs - https://powerpipe.io/docs
- Hub - https://hub.powerpipe.io
- Introduction - https://powerpipe.io/blog/introducing-powerpipe