organization | category | icon_url | brand_color | display_name | short_name | description | og_description | og_image | |
---|---|---|---|---|---|---|---|---|---|
Turbot |
|
/images/plugins/turbot/code.svg |
#000000 |
Code |
code |
Steampipe plugin to query secrets and more from Code. |
Query source code with SQL! Open source CLI. No DB required. |
/images/plugins/turbot/code-social-graphic.png |
Source code can be any string or data for querying.
Steampipe is an open source CLI to instantly query cloud APIs using SQL.
List instances in your Code account:
select
secret_type,
secret,
authenticated,
line,
col
from
code_secret
where
src =
E'Mixed secrets are matched:\n'
'* Slack: xoxp-5228148520-5228148525-1323104836872-10674849628c43b9d4b4660f7f9a7b65\n'
'* AWS: AKIA4YFAKFKFYXTDS353\n'
'* Basic auth: https://joe:passwd123@example.com/secret'
'* Stripe: sk_live_tR3PYbcVNZZ796tH88S4VQ2u'
order by
secret_type;
+-------------------+---------------------------------------------------------------------------+-----------------+------+-----+
| secret_type | secret | authenticated | line | col |
+-------------------+---------------------------------------------------------------------------+-----------------+------+-----+
| aws_access_key_id | AKIA4YFAKFKFYXTDS353 | not_implemented | 3 | 8 |
| basic_auth | https://joe:passwd123 | not_implemented | 4 | 15 |
| slack_api_token | xoxp-5228148520-5228148525-1323104836872-10674849628c43b9d4b4660f7f9a7b65 | unauthenticated | 2 | 10 |
| stripe_api_key | sk_live_tR3PYbcVNZZ796tH88S4VQ2u | unauthenticated | 5 | 11 |
+-------------------+---------------------------------------------------------------------------+-----------------+------+-----+
Download and install the latest Code plugin:
steampipe plugin install code
No credentials are required.
Installing the latest code plugin will create a config file (~/.steampipe/config/code.spc
) with a single connection named code
.
connection "code" {
plugin = "code"
}
Secret | Slug | Authentication |
---|---|---|
AWS Access Key ID | aws_access_key_id | Available |
Azure Storage Account Key | azure_storage_account_key | N/A |
Basic Auth | basic_auth | N/A |
Facebook Access Token | facebook_access_token | N/A |
Facebook OAuth | facebook_oauth | N/A |
Facebook Secret Key | facebook_secret_key | N/A |
GitHub App Token | github_app_token | N/A |
GitHub OAuth Access Token | github_oauth_access_token | N/A |
GitHub Personal Access Token | github_personal_access_token | N/A |
GitHub Refresh Token | github_refresh_token | N/A |
Google API Key | google_api_key | N/A |
JWT | jwt | N/A |
Mailchimp Access Key | mailchimp_access_key | Available |
Okta Token | okta_token | N/A |
Slack API Token | slack_api_token | Available |
Stripe API Key | stripe_api_key | Available |
Twilio Auth Token | twilio_auth_token | N/A |
Twitter Secret Key | twitter_secret_key | N/A |
For secret types that support authentication, the results are returned in the authenticated
column with one of the following values:
authenticated
: Secret is activeunauthenticated
: Secret is inactivenot_implemented
: Secret was not tested due to lack of authentication functionunknown
: Secret was tested but results were inconclusive
- The
code_secret
table is based on Yelp's detect secrets project. The general matching approach and regular expressions are copied and based on their amazing work.
- Open source: https://github.com/turbot/steampipe-plugin-code
- Community: Slack Channel