# SGO: Security Groups Observatory

A web-based tool for exploring AWS EC2 instances and Security Groups with direct AWS import, MFA support, and CSV export capabilities.

## ⚠️ Security Warning

**This application is designed for LOCAL USE ONLY. Do NOT expose it to the internet.**

- SGO has no authentication or authorization mechanisms
- It provides direct access to your AWS infrastructure data
- It reads AWS credentials from your local system
- Exposing it publicly would allow unauthorized access to sensitive AWS information

**Always run on localhost (127.0.0.1) only. Never expose port 5000 to external networks.**

## Features

- **Direct AWS Import**: Import data directly from AWS using `~/.aws/config` with MFA/OTP support
- **Parallel Import**: Import from multiple AWS accounts simultaneously
- **Search & Filter**: Search by EC2 name, SG name, instance ID, group ID, or IP address
- **Regex Search**: Enable regex checkbox for advanced pattern matching
- **Filter by Type**: View all resources, only EC2 instances, or only Security Groups
- **CSV Export**: Export search results, EC2 details, SG details, and security group rules to CSV
- **Detailed Views**:
  - **EC2 View**: Shows EC2 instance details with nested boxes for attached Security Groups
  - **Security Group View**: Shows SG details with nested boxes for all attached EC2 instances
- **Security Group Rules**: View and search ingress/egress rules for any security group
- **Statistics Dashboard**: Quick overview of total SGs, EC2s, and accounts

## Quick Links

- [Quick Start Guide](Quick-Start.md)
- [Configuration Options](Configuration.md)
- [Usage Guide](Usage.md)
- [AWS Configuration](AWS-Configuration.md)
- [Troubleshooting](Troubleshooting.md)

## Data Structure

### Security Groups Table
- Account ID & Name
- Group ID & Name
- Tag Name
- Wave Tag
- Git Repo Tag
- Ingress Rule Count

### EC2 Instances Table
- Account ID & Name
- Instance ID
- Tag Name
- State (running, stopped, etc.)
- Private IP Address
- Security Groups (IDs and Names)
- Git Repo Tag

## File Structure

```
sgo/
├── app.py                      # Flask web application
├── import_from_aws.py          # AWS direct import functions
├── import_data.py              # CSV to SQLite import (legacy)
├── requirements.txt            # Python dependencies
├── Dockerfile                  # Container image definition
├── docker-compose.yml          # Container orchestration (Docker volume)
├── docker-compose.local.yml    # Alternative with local directory storage
├── entrypoint.sh               # Container entrypoint with PUID/PGID support
├── .dockerignore               # Files to exclude from container
├── .env.example                # Example environment configuration
├── .gitignore                  # Git ignore patterns
├── README.md                   # This file
├── data/                       # Local data directory (if using local mode)
│   └── aws_export.db           # SQLite database
├── static/
│   ├── css/
│   │   └── style.css           # Application styles
│   └── images/
│       └── logo.svg            # Application logo
└── templates/
    ├── import.html             # Import/profile selection page
    └── index.html              # Main explorer interface
```

## License

This project is dual-licensed:

- **FREE** for individual, personal, educational, and non-commercial use
- **PAID LICENSE REQUIRED** for commercial use by businesses and organizations

You may NOT modify this software for the purpose of selling or commercially distributing it.

See the [LICENSE](../LICENSE) file for full details.

For commercial licensing inquiries, please open an issue in the repository.