Cloud Multi Query is a library & CLI tool that allows you to run queries across multiple cloud accounts in parallel.
Cloud Multi Query (CMQ) is a Python library & CLI tool that allows you to run the same query across multiple cloud accounts in parallel, making it easy to gather insights and manage multi-account environments efficiently.
So far, CMQ only supports AWS cloud accounts. However, the plugable structure of CMQ allows for the creation of new session and resource types to include other cloud providers.
pip install cmq
CMQ works using profiles defined in your local machine (AWS CLI configuration). It's expected that every profile defines the access to an account/region.
Let's start listing the configured profiles:
cmq 'profile().list()'
[
{
"name": "account_a",
"region": "us-east-1"
},
{
"name": "account_b",
"region": "eu-west-1"
}
]
We can list resources for these accounts. CMQ will execute the queries in parallel. For example, lets list RDS resources:
cmq 'profile().rds().list()'
[
{
"DBInstanceIdentifier": "account-a-users",
"DBInstanceClass": "db.m6g.large",
"Engine": "postgres",
...
},
{
"DBInstanceIdentifier": "account-b-users",
"DBInstanceClass": "db.m6g.large",
"Engine": "postgres",
...
},
...
]
We can also use cmq as a Python library. This is more convenient when you need to process the results:
>>> from cmq.aws.session.profile import profile
>>> profile().sqs().list()
[
{"resource": "https://sqs.us-east-1.amazonaws.com/123456789012/account-a-products"},
{"resource": "https://sqs.us-east-1.amazonaws.com/123456789012/account-a-orders"},
{"resource": "https://sqs.eu-west-1.amazonaws.com/210987654321/account-b-products"},
{"resource": "https://sqs.eu-west-1.amazonaws.com/210987654321/account-b-orders"}
]
We can export the environment variable CMQ_VERBOSE_OUTPUT=true or use the option verbose in the CLI to output the progress of the query. This is particular useful when you have many accounts to process:
cmq --verbose 'profile().elasticache().list()'
100.00% :::::::::::::::::::::::::::::::::::::::: | 1 / 1 |: account-dev elasticache
100.00% :::::::::::::::::::::::::::::::::::::::: | 1 / 1 |: account-test elasticache
100.00% :::::::::::::::::::::::::::::::::::::::: | 1 / 1 |: account-prd1 elasticache
100.00% :::::::::::::::::::::::::::::::::::::::: | 1 / 1 |: account-prd2 elasticache
100.00% :::::::::::::::::::::::::::::::::::::::: | 1 / 1 |: account-prd3 elasticache
[
... resource list ...
]
List RDS resources in one profile with name account_a
cmq 'profile(name="account_a").rds().list()'
List SNS topics for all profiles, but returning a dictionary where the key is the name of the profile:
cmq 'profile().sns().dict()'
{
"account_a": [
... topics from account a ...
],
"account_b": [
... topics from account b ...
],
}
List all roles for all accounts, but return only the RoleName field:
cmq 'profile().role().attr("RoleName").list()'
List DynamoDB tables, but limit the results to 10 tables:
cmq 'profile().dynamodb().limit(10).list()'
CMQ uses boto3 to list/describe resources. You can also use the parameters of the boto3 functions to filter resources in the request. For example, this will list all SQS queues with prefix order in all accounts:
cmq 'profile().sqs(QueueNamePrefix="order").list()'
We can also filter resources in the response. CMQ is built with a set of quick filters that you can use with any resource type. All the filters have the same structure: __filter__(key, value)
For example, the following query list Lambda functions running with python3.10 in all accounts:
cmq 'profile().function().eq("Runtime", "python3.10").list()'
These are the supported quick filters:
AWS
FAQs
Cloud Multi Query is a library & CLI tool that allows you to run queries across multiple cloud accounts in parallel.
We found that cmq demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Open source maintainers are urging GitHub to let them block Copilot from submitting AI-generated issues and pull requests to their repositories.
Research
Security News
Malicious Koishi plugin silently exfiltrates messages with hex strings to a hardcoded QQ account, exposing secrets in chatbots across platforms.
Research
Security News
Malicious PyPI checkers validate stolen emails against TikTok and Instagram APIs, enabling targeted account attacks and dark web credential sales.