Stackql使ってみた

Posted at 2026-06-25

❌️❌️❌️❌️❌️❌️❌️❌️❌️❌️❌️❌️❌️❌️❌️❌️❌️❌️❌️❌️
まだ未完成
❌️❌️❌️❌️❌️❌️❌️❌️❌️❌️❌️❌️❌️❌️❌️❌️❌️❌️❌️❌️

Stackql is 何❓️

SQLを使用して、さまざまなクラウドおよび SaaS プロバイダー (Google、AWS、Azure、Okta、GitHub など) のサービスとリソースの状態を作成、変更、および照会できるCLIツール
Golang で開発
Windows、MacOS、Linux、Docker、GitHub Actions などで利用可能
詳しくはHPを見たほうが早いです

使ってみる

自分はMacを利用してるため、brewにてインストール
オプション多いなｗ

copy

$ brew install stackql
$ stackql

         __             __         __
   _____/ /_____ ______/ /______ _/ /
  / ___/ __/ __  / ___/ //_/ __  / /
 (__  ) /_/ /_/ / /__/ ,< / /_/ / /
/____/\__/\__,_/\___/_/|_|\__, /_/
                            /_/
Cloud asset management and automation using SQL. For example:

SELECT name, status FROM google.compute.instances
WHERE project = 'my-project' AND zone = 'us-west1-b';

Usage:
  stackql [flags]
  stackql [command]

Available Commands:
  exec        Run one or more stackql commands or queries
  help        Help about any command
  registry    Interaction with the stackql provider registry, as configured at initialisation time.  Usage: stackql registry {subcommand} [{arg}]
  shell       Interactive shell for running stackql commands
  srv         run postgres wire server

Flags:
      --acid string                       JSON / YAML string representing ACID config (default "{}")
      --apirequesttimeout int             API request timeout in seconds, 0 for no timeout. (default 45)
      --approot string                    Application config and cache root path (default "/Users/t00944/work/nextjs-dashboard/.stackql")
      --approotfilemode uint32            Application config and cache file mode (default 493)
      --auth string                       auth contexts keyvals in json form, eg: '{ "google": { "credentialsfilepath": "/path/to/google/sevice/account/key.json",  "type": "service_account" }, "okta": { "credentialsenvvar": "OKTA_SECRET_KEY",  "type": "api_key" } }'
      --cachekeycount int                 Cache initial key count (default 100)
      --colorscheme string                DEPRECATED: color schems no longer active
      --configfile string                 Config file full path; defaults to current dir (default "/Users/t00944/work/nextjs-dashboard/.stackqlrc")
      --cpuprofile string                 cpuprofile file, none if empty
      --dataflow.components.max int       max dataflow weakly connected components for a given query (default 50)
      --dataflow.dependency.max int       max dataflow dependency depth for a given query (default 50)
      --dbInternal string                 JSON / YAML string to configure DBMS housekeeping query handling (default "{}")
  -d, --delimiter string                  Delimiter for csv output;  single character only, ignored for all non-csv output (default ",")
      --dryrun                            dryrun flag; preprocessor only will run and output returned
      --execution.concurrency.limit int   concurrency limit for query execution (default 1)
      --export.alias string               export alias prefix (namespace or schema)
      --gc string                         JSON / YAML string representing GC config (default "{}")
  -h, --help                              help for stackql
  -H, --hideheaders                       Disable CSV headers flag
      --http.log.enabled                  Display http request info in terminal
      --http.proxy.host string            http proxy host, empty means no proxy
      --http.proxy.password string        http proxy password
      --http.proxy.port int               http proxy port, any number <=0 will result in the default port for a given scheme (eg: http -> 80) (default -1)
      --http.proxy.scheme string          http proxy scheme, eg 'http' (default "http")
      --http.proxy.user string            http proxy user
      --http.response.maxResults int      Max results per http request, any number <=0 results in no limitation (default -1)
      --http.response.pageLimit int       Max pages of results that will be returned per resource, any number <=0 results in no limitation (default 20)
      --indirect.depth.max int            max depth for indirect queries: views and subqueries (default 5)
  -i, --infile string                     Input file from which queries are read (default "stdin")
  -q, --iqldata string                    Context file for templating
      --loglevel string                   Log level (default "fatal")
      --metadatattl int                   TTL for cached metadata documents, in seconds (default 3600)
      --namespaces string                 JSON / YAML string representing namespaces for cacheing, views etc (default "{}")
      --offline                           Work offline, using cached data
  -f, --outfile string                    Output file into which results are written (default "stdout")
  -o, --output string                     Output format, must be (json | table | csv) (default "table")
      --pgsrv.address string              server address, for server mode only (default "0.0.0.0")
      --pgsrv.loglevel string             Log level, for server mode only (default "WARN")
      --pgsrv.port int                    TCP server port, for server mode only (default 5466)
      --pgsrv.tls string                  tls config for server, for server mode only
      --provider string                   stackql provider
      --querycachesize int                Size in number of entries of LRU cache for query plans (default 10000)
      --registry string                   openapi registry context keyvals in json form, eg: '{ "url": "https://registry.stackql.app/providers" }'. (default "{ \"url\": \"https://registry.stackql.app/providers\", \"localDocRoot\": \"/Users/t00944/work/nextjs-dashboard/.stackql\", \"verifyConfig\": { \"nopVerify\": true } }")
      --session string                    JSON / YAML string representing session config (default "{}")
      --sqlBackend string                 JSON / YAML string representing SQL Backend System Config (default "{}")
      --store.txn string                  JSON / YAML string representing Txn store config (default "{}")
      --tls.CABundle string               Path to CA bundle, if not specified then system defaults used.
      --tls.allowInsecure                 Allow trust of insecure certificates (not recommended)
  -t, --toggle                            Help message for toggle
      --usenonpreferredapis               Flag to enable non-preferred APIs
      --var strings                       list of variables to be used in queries
  -v, --verbose                           Verbose flag
      --version                           version for stackql

Use "stackql [command] --help" for more information about a command.

利用できるプロバイダのリスト出してみる(v0.5.742時点)
firebase、vercel、aws、googleなどいろいろ👏

copy

$ stackql shell

stackql Command Shell 0.5.742
Copyright (c) 2021, stackql studios. All rights reserved.
Welcome to the interactive shell for running stackql commands.
---

stackql  >>REGISTRY LIST;
|--------------|--------------|
|   provider   |   version    |
|--------------|--------------|
| aws          | v24.07.00246 |
|--------------|--------------|
| awscc        | v24.03.00220 |
|--------------|--------------|
| fivetran     | v23.04.00132 |
|--------------|--------------|
| github       | v24.04.00227 |
|--------------|--------------|
| godaddy      | v23.12.00190 |
|--------------|--------------|
| google       | v24.09.00254 |
|--------------|--------------|
| googleadmin  | v24.09.00251 |
|--------------|--------------|
| homebrew     | v24.03.00212 |
|--------------|--------------|
| k8s          | v23.03.00121 |
|--------------|--------------|
| linode       | v23.05.00149 |
|--------------|--------------|
| netlify      | v23.04.00141 |
|--------------|--------------|
| okta         | v23.03.00121 |
|--------------|--------------|
| azure        | v24.09.00251 |
|--------------|--------------|
| pagerduty    | v23.12.00190 |
|--------------|--------------|
| sumologic    | v23.04.00143 |
|--------------|--------------|
| vercel       | v23.12.00183 |
|--------------|--------------|
| azure_extras | v24.06.00242 |
|--------------|--------------|
| azure_isv    | v24.06.00242 |
|--------------|--------------|
| azure_stack  | v24.06.00242 |
|--------------|--------------|
| cloudflare   | v23.03.00130 |
|--------------|--------------|
| datadog      | v23.12.00194 |
|--------------|--------------|
| digitalocean | v23.04.00139 |
|--------------|--------------|
| firebase     | v23.03.00121 |
|--------------|--------------|

利用する対象のレジストリをPULLして利用する模様👀
とりあえず、AWSで試してみる。
AWS向けのドキュメントはこちら👇️

aws | StackQL Provider Registry Docs

copy

stackql  >>REGISTRY PULL aws;
aws provider, version 'v24.07.00246' successfully installed
stackql  >>SHOW PROVIDERS;
|------|--------------|
| name |   version    |
|------|--------------|
| aws  | v24.07.00246 |
|------|--------------|

AWSの場合、デフォルトでは下記の環境変数で指定されてるアクセスキーやシークレットを利用する模様

AWS_ACCESS_KEY_ID - AWS Access Key ID (see How to Create AWS Credentials)
AWS_SECRET_ACCESS_KEY - AWS Secret Access Key (see How to Create AWS Credentials)
AWS_SESSION_TOKEN - [OPTIONAL: only required if using aws sts assume-role] AWS Session Token (see Temporary security credentials in IAM)

$ AWS_ACCESS_KEY_ID=XXXXXXXX
$ AWS_SECRET_ACCESS_KEY=XXXXXXXX
$ stackql shell

stackql Command Shell 0.5.742
Copyright (c) 2021, stackql studios. All rights reserved.
Welcome to the interactive shell for running stackql commands.
---

stackql  >>


$ AUTH='{ "aws": { "type": "aws_signing_v4", "keyIDenvvar": "YOUR_ACCESS_KEY_ID_VAR", "credentialsenvvar": "YOUR_SECRET_KEY_VAR" }}'
$ stackql shell --auth="${AUTH}"

stackql Command Shell 0.5.742
Copyright (c) 2021, stackql studios. All rights reserved.
Welcome to the interactive shell for running stackql commands.
---

stackql  >>

まとめ

この設定を入れておけば本番環境で余計なログが出力されない状態にできる🙌
チーム開発をしてるときにも便利ですね👏

You get articles that match your needs
You can efficiently read back useful information
You can use dark theme

What you can do with signing up