eddie/SGO
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
No description
2 commits 1 branch 0 tags 176 KiB
HTML 58.8%
Python 32.3%
CSS 8.6%
Dockerfile 0.3%
Find a file
edfig 7cb647d437 Update README.md
2025-11-20 22:55:21 +01:00
.github/ISSUE_TEMPLATE Initial Commit 2025-11-20 12:03:30 -08:00
static Initial Commit 2025-11-20 12:03:30 -08:00
templates Initial Commit 2025-11-20 12:03:30 -08:00
.dockerignore Initial Commit 2025-11-20 12:03:30 -08:00
.env.example Initial Commit 2025-11-20 12:03:30 -08:00
.gitignore Initial Commit 2025-11-20 12:03:30 -08:00
app.py Initial Commit 2025-11-20 12:03:30 -08:00
CONTRIBUTING.md Initial Commit 2025-11-20 12:03:30 -08:00
docker-compose.local.yml Initial Commit 2025-11-20 12:03:30 -08:00
docker-compose.yml Initial Commit 2025-11-20 12:03:30 -08:00
Dockerfile Initial Commit 2025-11-20 12:03:30 -08:00
entrypoint.sh Initial Commit 2025-11-20 12:03:30 -08:00
import_from_aws.py Initial Commit 2025-11-20 12:03:30 -08:00
LICENSE Initial Commit 2025-11-20 12:03:30 -08:00
README.md Update README.md 2025-11-20 22:55:21 +01:00
requirements.txt Initial Commit 2025-11-20 12:03:30 -08:00

README.md

SGO: Security Groups Observatory

A web-based tool for exploring AWS EC2 instances and Security Groups with direct AWS import, MFA support, and CSV export capabilities.

Quick Start

# 1. Create .env file with your AWS credentials path
cat > .env << EOF
AWS_CONFIG_PATH=$HOME/.aws
PUID=$(id -u)
PGID=$(id -g)
EOF

# 2. Start the container
docker-compose up --build
# or with Podman:
podman-compose up --build

# 3. Open browser to http://localhost:5000

# 4. Select AWS profiles, enter MFA codes, and import!

Features

  • Direct AWS Import: Import data directly from AWS using ~/.aws/config with MFA/OTP support
  • Parallel Import: Import from multiple AWS accounts simultaneously
  • Search & Filter: Search by EC2 name, SG name, instance ID, group ID, or IP address
  • Regex Search: Enable regex checkbox for advanced pattern matching
  • Filter by Type: View all resources, only EC2 instances, or only Security Groups
  • CSV Export: Export search results, EC2 details, SG details, and security group rules to CSV
  • Detailed Views:
    • EC2 View: Shows EC2 instance details with nested boxes for attached Security Groups
    • Security Group View: Shows SG details with nested boxes for all attached EC2 instances
  • Security Group Rules: View and search ingress/egress rules for any security group
  • Statistics Dashboard: Quick overview of total SGs, EC2s, and accounts

Quick Start (Container - Recommended)

The easiest way to run SGO is using Docker or Podman. Works on Linux, macOS, and Windows.

Prerequisites

Install either:

Run the Application

# Docker
docker-compose up --build

# Podman
podman-compose up --build

Environment Variables

SGO supports configuration through environment variables. Create a .env file:

# Copy the example file
cp .env.example .env

# Edit with your settings
nano .env  # or your preferred editor

Or create it manually:

cat > .env << EOF
AWS_CONFIG_PATH=$HOME/.aws
PUID=$(id -u)
PGID=$(id -g)
EOF

Available Options:

Variable Description Required Default
AWS_CONFIG_PATH Absolute path to AWS credentials directory Yes None
PUID User ID for file permissions No 1000
PGID Group ID for file permissions No 1000
DATA_PATH Path for database storage (local mode) No ./data
SGO_PORT Port to expose on host No 5000
DEBUG Enable Flask debug logging No false
FLASK_ENV Flask environment No production

Data Storage Options

Option 1: Docker Volume (Default - Recommended)

  • Data stored in Docker-managed volume sgo-data
  • Survives container restarts and rebuilds
  • Better performance on macOS/Windows
  • Use default docker-compose.yml

Option 2: Local Directory

  • Data stored in ./data directory
  • Easy to backup and access
  • Better for development
  • Use docker-compose.local.yml:

File Structure

sgo/
├── app.py                      # Flask web application
├── import_from_aws.py          # AWS direct import functions
├── requirements.txt            # Python dependencies
├── Dockerfile                  # Container image definition
├── docker-compose.yml          # Container orchestration (Docker volume)
├── docker-compose.local.yml    # Alternative with local directory storage
├── entrypoint.sh               # Container entrypoint with PUID/PGID support
├── .dockerignore               # Files to exclude from container
├── .env.example                # Example environment configuration
├── .gitignore                  # Git ignore patterns
├── README.md                   # This file
├── data/                       # Local data directory (if using local mode)
│   └── aws_export.db           # SQLite database
├── static/                     # CSS and images
└── templates/                  # HTML

License

This project is dual-licensed:

  • FREE for individual, personal, educational, and non-commercial use
  • PAID LICENSE REQUIRED for commercial use by businesses and organizations

You may NOT modify this software for the purpose of selling or commercially distributing it.

See the LICENSE file for full details.

For commercial licensing inquiries, please open an issue in this repository.