CloudQuery, a startup giving developers visibility into their cloud infrastructure assets and configuration, today announced that it has closed a $3.5 million seed funding round led by boldstart ventures, with participation from Work-Bench, Mango Capital and Haystack.
As cloud infrastructure providers and service catalogues have grown, the burden on developer workflow has been ever more custom scripts, hacking and hassle for developers to get the insights they need over their sprawling cloud infrastructure. Each cloud provider has its own proprietary tooling for infrastructure visibility — AWS Identity and Access Management (IAM), Azure Cloud Discovery, Google Cloud Asset — each with its own learning curve, and each siloed within that single cloud provider environment.
CloudQuery — born as an open source project nine months ago — is the first tool that allows developers to aggregate all of their cloud assets in a single relational database, where they can query their inventory with a common SQL query language, and a pre-supported library of cloud infrastructure providers that keeps growing through community contributions. In the short time since its introduction as an open source project, CloudQuery has already secured more than 1.8k stars on GitHub and more than 40 contributors; major users including Bloomberg, CloudBees, Salesforce and Zendesk; and seven integrations that have been contributed back to the project by the community, including recent integrations contributed and maintained by Yandex Cloud and Equinix.
“The amount of Python scripts that people had to write to substitute for a tool like this is kind of ridiculous. So I think it’s got a great future ahead of it,” said Salesforce Lead Security Engineer Kinnaird McQuade in a recent CloudQuery Demo on the OWASP DevSlop YouTube show.
“A burning pain that we constantly hear about from developers is handling increasing infrastructure sprawl, especially as cloud assets grow,” said Shomik Ghosh at boldstart ventures. “When we first met Yevgeny and Ron, we were blown away by the early developer love and meaningful contributions that we saw from developers using the open source project from various companies. CloudQuery has built a dev-friendly way for users to gain an understanding of their cloud infrastructure through an easy to use relational database that can handle a variety of use cases, from security and compliance to infrastructure cost savings and asset inventory.”
After his previous DevSecOps startup, Fuzzit, was acquired by GitLab, CloudQuery founder Yevgeny Pats saw that cloud infrastructure visibility was a major constraint for developers. He saw an opportunity for a better way to unify cloud infrastructure data in a relational model, and then to expose that data with SQL as the query language. And he envisioned a Terraform-style open source community model that would allow developers to collectively contribute and benefit from contributed cloud providers and queries submitted through a pluggable architecture and software development kit (SDK).
“With cloud infrastructure, developers too often find themselves blind about what their assets are and what they are managing,” said Pats. “They only get spotlights on small parts of their infrastructure, and spend a lot of cycles writing manual scripts for specific APIs, doing transformations, and managing code. The vision for CloudQuery is ‘dev-first’ visibility into infrastructure. That means continuous extract, transform load (ETL) of your cloud infrastructure assets into a relational database, a simplified SQL query model that lets you ask all the questions you need to know for your use cases, and a vibrant community of contributors that lets you tap into pre-supported cloud providers and queries, so you don’t have to build everything from scratch yourself.”
CloudQuery integrates with the cloud service providers, including AWS, Azure and Google Cloud. CloudQuery fetches read-only data and normalises that data (via ETL) into a relational database. By exposing cloud infrastructure data as SQL-queryable, CloudQuery does not require mastering new DSLs. And the project boasts more than 100 pre-written queries for all of the cloud providers that it supports, so developers enjoy a running start for all of the common queries they have of their cloud assets – but CloudQuery makes it easy to build custom queries too.
With CloudQuery’s pluggable architecture and SDK, users get access not only to the most popular cloud service providers, but a growing collection of other technologies that users and vendors are contributing to the project, including Digital Ocean, Kubernetes, Okta, Terraform, Yandex Cloud and many more coming soon.
While CloudQuery was designed to solve cloud infrastructure discovery for developers across broad use cases, the platform today ships with deep support for specific security engineering use cases as well. Its policies are said to bring policy-as-code to the CloudQuery ecosystem, which allows users to codify, version and run security, governance, cost and compliance rules, using SQL as the query layer and HCL as the logic layer.