🚀Launch Week 04, May 13th - 17th, 2024!🚀

Running Benchmarks

Powerpipe controls and benchmarks provide a generic mechanism for defining and running control frameworks such as CIS, NIST, HIPAA, etc, as well as your own customized groups of controls.

There are many control frameworks in existence today, and though they are all implemented with their own specific syntax and structure, they are generally organized in a defined, hierarchical structure, with a pass/fail type of status for each item. The control and benchmark resources allow Powerpipe to provide simplified, consistent mechanisms for defining, running, and returning output from these disparate frameworks.

Powerpipe benchmarks automatically appear as dashboards when you run powerpipe server in the mod. From the dashboard home, you can select any benchmark to run it and view it in an interactive HTML format.

As with any dashboard, you can change the search path, take a snapshot once the benchmark is complete, see details in the panel view, and download the results in a CSV file!


You can also run controls and benchmarks in batch mode with the powerpipe benchmark run and powerpipe control run commands. These commands provide options for selecting the controls to run, the output format, and other options you may need when using powerpipe in your scripts, pipelines, and other automation scenarios.

Powerpipe commands must be run in the contest of a mod, and are relative to the current directory. You can pass the mod directory with the --mod-location argument, but it's usually easier just to change to the mod directory:

cd ~/my_powerpipe_mod

You can list the runnable benchmarks:

powerpipe benchmark list

To run a benchmark, run it by name:

powerpipe benchmark run all_benchmarks

You can run benchmarks in any direct mod dependency, but you have to fully qualify them:

powerpipe benchmark run my_other_mod.benchmark.my_benchmark

You can even run all benchmarks in the mod with the keyword all. Note that powerpipe benchmark run all will not run benchmarks in the dependencies:

powerpipe benchmark run all

The console will show progress as it runs, and will print the results to the screen when it is complete:

You can find controls and benchmarks in the Powerpipe Hub, or by searching Github directly.

You can also create your own controls and benchmarks, and package them into a mod.