Solution

Build on
Stategraph

Full programmatic access to your infrastructure state. REST API for querying, automation, and deep integration with your toolchain.

REST API SQL Queries
vim check_before_deploy.py
#!/usr/bin/env python3 # Pre-deploy validation: check what will be affected import requests import sys api = 'https://api.stategraph.dev/v1' headers = {'Authorization': 'Bearer $STATEGRAPH_API_KEY'} resource = sys.argv[1] # e.g., "aws_security_group.web" # Get dependency information deps = requests.get(f'{api}/resources/{resource}/dependencies', headers=headers).json() print(f"Planning to modify: {resource}\n") print(f"This will affect {len(deps['dependents'])} resources:") for dep in deps['dependents'][:10]: print(f" → {dep['name']} ({dep['type']})") if len(deps['dependents']) > 10: print(f" ... and {len(deps['dependents']) - 10} more") # Check if anyone else is currently working on these resources locks = requests.get(f'{api}/locks', headers=headers).json() if locks: print(f"\n⚠️ Warning: {len(locks)} resources are currently locked") "check_before_deploy.py" 25L, 871C

Core Endpoints

GET /api/v1/resources

List all resources with filtering, pagination, and field selection

curl -H "Authorization: Bearer $API_KEY" \
"https://api.stategraph.dev/v1/resources?type=aws_s3_bucket&limit=10"
POST /api/v1/query

Execute SQL queries against your state database

curl -X POST -H "Authorization: Bearer $API_KEY" \
-H "Content-Type: application/json" \
-d '{"sql": "SELECT * FROM resources WHERE tags->>'env' = 'prod'"}' \
"https://api.stategraph.dev/v1/query"
GET /api/v1/resources/{id}/dependencies

Get the dependency graph for a specific resource

curl -H "Authorization: Bearer $API_KEY" \
"https://api.stategraph.dev/v1/resources/aws_instance.api_server/dependencies"
GET /api/v1/locks

Get current lock status to see who's working on what resources

curl -H "Authorization: Bearer $API_KEY" \
"https://api.stategraph.dev/v1/locks"

SQL Query Examples

query-examples.sql
-- Find resources with open security group rules
SELECT name, type, attributes->>'ingress' as rules
FROM resources
WHERE type = 'aws_security_group'
AND attributes->'ingress' @> '[{"cidr_blocks": ["0.0.0.0/0"]}]';
 
-- Find orphaned resources (no dependencies)
SELECT r.name, r.type
FROM resources r
LEFT JOIN dependencies d ON r.id = d.resource_id
WHERE d.resource_id IS NULL;
 
-- Resources modified by specific user
SELECT name, type, last_modified
FROM resources
WHERE last_modified_by = 'alice@example.com'
ORDER BY last_modified DESC;

What You Can Build

PRE-DEPLOY VALIDATION

Check Before You Break

Query dependencies before changes to understand blast radius. Know exactly what will be affected before you apply.

GET /resources/{id}/dependencies
RESOURCE DISCOVERY

Find Anything with SQL

Search resources by type, tags, or any attribute. Identify orphaned resources and configuration drift instantly.

POST /query • SQL
CUSTOM INTERFACES

Build Custom UIs

Create tailored dashboards, approval workflows, and visualization tools. The API gives you full control to build exactly what your team needs.

REST API • WebSockets
STATE ANALYSIS

No More JSON Parsing

Query state history, audit changes, analyze relationships. Your infrastructure state as a proper database.

POST /query • SQL

Stop coordinating. Start shipping.

Resource-level locking. Graph-based state. SQL queries on your infra.
Teams work in parallel. No more lock contention.

Get Updates Become a Design Partner

// Zero spam. Just progress updates as we build Stategraph.