cloudgrep

command module
v0.0.25 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 24, 2022 License: Apache-2.0 Imports: 1 Imported by: 0

README


Cloud Asset Explorer

Current Release Tests License Commit Activity

Slack Community

What is Cloudgrep?

Cloudgrep is an asset explorer for cloud resources. It shows everything that's being run in the cloud and enables the user to slice and dice these based on tags and properties. It is a UI tool built on open source technologies and runs completely client side (so no data leaves user's machine).

Screenshot

Why use Cloudgrep?

Cloudgrep's goal is to help engineering teams ensure every resource follows consistent tagging schema. It helps identify missing tags, misspellings and unowned resources. Consistent tagging leads to better cost attribution and faster incident resolution.

Additionally, Cloudgrep is a great tool to visualize all cloud resources in a single place - across regions, accounts and providers.

Try it out by downloading the latest release! For any questions, feel free to join our Slack workspace.

Group 2
Demo video

Features

  • Cross-platform support OSX/Linux/Windows 32/64-bit
  • Simple installation (distributed as a single binary)
  • Zero dependencies
  • Supports AWS (If you'd like GCP/Azure support, do let us know by filing an issue!)
  • Supports for major AWS resources (like EC2, RDS, S3, and many others - please file an issue if something is missing!)

Installation

Basic Usage

Cloudgrep uses the cloud cloud provider credentials that are available on the user's machine. Make sure to properly set these up (see here for AWS).

NOTE: Cloudgrep only needs ReadOnly credentials -- it creates nothing, it modifies nothing. Moreover, it will do a best effort scan based on available permissions, so the user does not need to have read access to all resources.

Once downloaded, just execute the binary to run:

./cloudgrep

Cloudgrep will then:

  1. Scan the cloud account for global resources and resources on your currently configured AWS region
  2. Launch the webapp

Arguments

You can easily pass cli arguments to cloudgrep for customized behavior, such as multiple/different regions to scan, what port to serve the webapp on, etc... The cli arguments are all fully documented under the cli's help option. To view documentation for them, simply add the --help flag like so:

./cloudgrep --help

Advanced Usage

Cloudgrep's behavior can further be configured via a user-inputted config yaml. Configs are then resolved at runtime by considering the cli arguments, the user-passed config yaml, and the defaults in that order of precedence.

The config yaml can be passed in by using the -c or --config flag as follows:

cloudgrep -c my_config.yaml

The path is relative to the current working directory. Cloudgrep expects the follow possible values in the yaml (you do not need to markdown all if passing the file as it will always try to default to the original behavior):

# This config represents all the user-configurable settings for cloudgrep:
# https://github.com/run-x/cloudgrep/blob/main/pkg/config/config.yaml

# web represents the specs cloudgrep uses for creating the webapp server
web:
  # host is the host the server is running as
  host: localhost
  # port is the port the server is running in
  port: 8080
  # prefix is the url prefix the server uses
  prefix: "/"
  # skipOpen determines whether to automatically open the webui on startup
  skipOpen: false

# datastore represents the specs cloudgrep uses for creating and/or connecting to the datastore/database used.
datastore:
  # type is the kind of datastore to be used by cloudgrep (currently only supports SQLite)
  type: sqlite
  #  skipRefresh determines whether to refresh the data (i.e. scan the cloud) on startup.
  skipRefresh: false
  # dataSourceName is the Type-specific data source name or uri for connecting to the desired data source
  dataSourceName: "~/cloudgrep_data.db"

# providers represents the cloud providers cloudgrep will scan w/ the current credentials
providers:
  - cloud: aws # cloud is the type of the cloud provider (currently only AWS is supported)
    # regions is the list of different regions within the cloud provider to scan
    # The special "all" region can be specified by itself to scan all available regions
    regions: [us-east-1, global]

Development

We love user contributions! Check out our Dev guide to get started.

Important Resources

Documentation

Overview

Copyright © 2022 RunX

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at 

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Source Files

View all Source files

Directories

Path Synopsis
demo
setup
hack
awsgen
awsgen/cmd
awsgen/config
awsgen/generator
awsgen/template
awsgen/util
awsgen/writer
pkg
api
cli
config
datastore
engine
model
provider
provider/aws
provider/aws/regions
provider/aws/util
provider/types
resourceconverter
sequencer
testingutil
testingutil/datastore
testingutil/provider
util
util/rlimit
Backport of os/rlimit.go from go1.19.
 Backport of os/rlimit.go from go1.19.
version

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.