organization | category | icon_url | brand_color | display_name | short_name | description | og_description | og_image | engines | |||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Turbot |
|
/images/plugins/turbot/vanta.svg |
#5230d7 |
Vanta |
vanta |
Steampipe plugin to query users, policies, compliances, and more from your Vanta organization. |
Query Vanta with SQL! Open source CLI. No DB required. |
/images/plugins/turbot/vanta-social-graphic.png |
|
Vanta helps businesses get and stay compliant by continuously monitoring your people, systems and tools to improve the security posture.
Steampipe is an open-source zero-ETL engine to instantly query cloud APIs using SQL.
List all active users in your organization:
select
display_name,
id,
email,
is_active
from
vanta_user
where
is_active;
+--------------+--------------------------+----------------+-----------+
| display_name | id | email | is_active |
+--------------+--------------------------+----------------+-----------+
| Simba | 5fb30b86a228f6b6f7024535 | simba@test.com | true |
| Timon | 5fb30b86a228f6b6f70245e7 | timon@test.com | true |
+--------------+--------------------------+----------------+-----------+
Download and install the latest Vanta plugin:
steampipe plugin install vanta
The plugin uses two different endpoints that uses different credential mechanism
Item | Description |
---|---|
Credentials | The plugin uses two different endpoints that use different credential mechanisms: 1. Using a user's personal API token. 2. Using the cookie-based authentication by passing a unique session ID for every request. |
Permissions | User requires admin access to generate an API token to access the resources. |
Radius | Each connection represents a single Vanta installation. |
Resolution | Credentials explicitly set in a steampipe config file (~/.steampipe/config/vanta.spc ). |
Installing the latest vanta plugin will create a config file (~/.steampipe/config/vanta.spc
) with a single connection named vanta
:
connection "vanta" {
plugin = "vanta"
# A personal API token to access Vanta API
# This is only required while querying `vanta_evidence` table.
# To generate an API token, refer: https://developer.vanta.com/docs/quick-start#1-make-an-api-token
# api_token = "97GtVsdAPwowRToaWDtgZtILdXI_agszONwajQslZ1o"
# Session ID of your current vanta session
# Set the value of `connect.sid` cookie from a logged in Vanta browser session
# Required to access tables that are using the https://app.vanta.com/graphql endpoint
# session_id = "s:3nZSteamPipe1fSu4iNV_1TB5UTesTToGK.zVANtaplugintest+GVxPvQffhnFY3skWlfkceZxXKSCjc"
}
The Vanta APIs generally use a user's personal API token to authenticate the requests. But some of the tables in this plugin use a different endpoint, which requires a unique session ID to access the query endpoint.
To retrieve your Session ID:
- Log into the Vanta console.
- Open your browser developer tools.
- Open the
Network
view to see and analyze the network requests that make up each individual page load within a single user's session. - Open any
graphql
request from the list and check theCookies
section to get the list of request cookies. - Get the session ID value from the list named as
connect.sid
.