eddie/SGO
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
SGO/wiki/Home.md
Eduardo Figueroa e0fc3bdd42
wiki
2025-11-20 14:41:17 -08:00

96 lines
3.7 KiB
Markdown
Raw Blame History

# SGO: Security Groups Observatory
A web-based tool for exploring AWS EC2 instances and Security Groups with direct AWS import, MFA support, and CSV export capabilities.
## ⚠️ Security Warning
**This application is designed for LOCAL USE ONLY. Do NOT expose it to the internet.**
- SGO has no authentication or authorization mechanisms
- It provides direct access to your AWS infrastructure data
- It reads AWS credentials from your local system
- Exposing it publicly would allow unauthorized access to sensitive AWS information
**Always run on localhost (127.0.0.1) only. Never expose port 5000 to external networks.**
## Features
- **Direct AWS Import**: Import data directly from AWS using `~/.aws/config` with MFA/OTP support
- **Parallel Import**: Import from multiple AWS accounts simultaneously
- **Search & Filter**: Search by EC2 name, SG name, instance ID, group ID, or IP address
- **Regex Search**: Enable regex checkbox for advanced pattern matching
- **Filter by Type**: View all resources, only EC2 instances, or only Security Groups
- **CSV Export**: Export search results, EC2 details, SG details, and security group rules to CSV
- **Detailed Views**:
- **EC2 View**: Shows EC2 instance details with nested boxes for attached Security Groups
- **Security Group View**: Shows SG details with nested boxes for all attached EC2 instances
- **Security Group Rules**: View and search ingress/egress rules for any security group
- **Statistics Dashboard**: Quick overview of total SGs, EC2s, and accounts
## Quick Links
- [Quick Start Guide](Quick-Start.md)
- [Configuration Options](Configuration.md)
- [Usage Guide](Usage.md)
- [AWS Configuration](AWS-Configuration.md)
- [Troubleshooting](Troubleshooting.md)
## Data Structure
### Security Groups Table
- Account ID & Name
- Group ID & Name
- Tag Name
- Wave Tag
- Git Repo Tag
- Ingress Rule Count
### EC2 Instances Table
- Account ID & Name
- Instance ID
- Tag Name
- State (running, stopped, etc.)
- Private IP Address
- Security Groups (IDs and Names)
- Git Repo Tag
## File Structure
```
sgo/
├── app.py # Flask web application
├── import_from_aws.py # AWS direct import functions
├── import_data.py # CSV to SQLite import (legacy)
├── requirements.txt # Python dependencies
├── Dockerfile # Container image definition
├── docker-compose.yml # Container orchestration (Docker volume)
├── docker-compose.local.yml # Alternative with local directory storage
├── entrypoint.sh # Container entrypoint with PUID/PGID support
├── .dockerignore # Files to exclude from container
├── .env.example # Example environment configuration
├── .gitignore # Git ignore patterns
├── README.md # This file
├── data/ # Local data directory (if using local mode)
│ └── aws_export.db # SQLite database
├── static/
│ ├── css/
│ │ └── style.css # Application styles
│ └── images/
│ └── logo.svg # Application logo
└── templates/
├── import.html # Import/profile selection page
└── index.html # Main explorer interface
```
## License
This project is dual-licensed:
- **FREE** for individual, personal, educational, and non-commercial use
- **PAID LICENSE REQUIRED** for commercial use by businesses and organizations
You may NOT modify this software for the purpose of selling or commercially distributing it.
See the [LICENSE](../LICENSE) file for full details.
For commercial licensing inquiries, please open an issue in the repository.
Reference in a new issue View git blame Copy permalink