• Details on installing are here, https://github.com/turbot/steampipe-mod-azure-compliance

1. Install Powerpipe
2. Install Steampipe
3. Install Steampipe Azure Compliance Mod

sudo /bin/sh -c "$(curl -fsSL https://powerpipe.io/install/powerpipe.sh)"

sudo /bin/sh -c "$(curl -fsSL https://steampipe.io/install/steampipe.sh)"


mkdir dashboards
cd dashboards
powerpipe mod init
powerpipe mod install github.com/turbot/steampipe-mod-azure-compliance

az login --tenant cfc.avertium.com --use-device-code

For Azure modules I provide authentication using the Azure CLI. Below is an example logging into a tenant.

 az login --tenant <tenant id> --use-device-code

Run CIS Benchmark checks and output the results to HTML.

powerpipe benchmark run azure_compliance.benchmark.cis_v300 --export html

To install and run Powerpipe and Steampipe for Azure CIS benchmarks, you will follow a four-stage process: installing the binaries, configuring Azure authentication, setting up the plugins, and finally running the compliance mod. [1](https://avertium-my.sharepoint.com/personal/michael_gupton_avertium_com/Documents/Microsoft%20Copilot%20Chat%20Files/powerpipe_azure_assessment.md)

Run these commands in your bash terminal to install the latest versions using the official install scripts.

# Install Steampipe
sudo /bin/sh -c "$(curl -fsSL https://steampipe.io/install/steampipe.sh)"
# Install Powerpipe
sudo /bin/sh -c "$(curl -fsSL https://powerpipe.io/install/powerpipe.sh)"

Steampipe uses your existing Azure CLI credentials by default. Ensure you are logged in and have the correct subscription active.

# Log in to Azure
az login
# (Optional) Set the specific subscription you want to scan
az account set --subscription "Your-Subscription-ID"

Steampipe needs the Azure and Azure AD plugins to fetch data, while Powerpipe needs the Azure Compliance mod to run the CIS checks.

# Install required Steampipe plugins
steampipe plugin install azure
steampipe plugin install azuread
# Create a directory for your compliance checks and initialize a mod
mkdir azure-compliance
cd azure-compliance
powerpipe mod init
# Install the Azure Compliance mod
powerpipe mod install github.com/turbot/steampipe-mod-azure-compliance

You must start the Steampipe service so Powerpipe can query it, then run the benchmark command.

# Start the Steampipe service in the background
steampipe service start
# Run the CIS v3.0.0 benchmark (or choose your preferred version)
powerpipe benchmark run azure_compliance.benchmark.cis_v300

<WRAP tip> Prefer a visual dashboard? Instead of ``run``, use ``powerpipe server`` and navigate to ``http://localhost:9033`` in your browser to view the results in a rich, interactive UI. </WRAP>

``