eddie/SGO
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
SGO/README.md
Eduardo Figueroa ff19326100
simple readme
2025-11-20 14:32:14 -08:00

81 lines
2.9 KiB
Markdown
Raw Blame History

# SGO: Security Groups Observatory
A web-based tool for exploring AWS EC2 instances and Security Groups with direct AWS import, MFA support, and CSV export capabilities.
## Quick Start
```bash
1. Setup container files
wget https://codeberg.org/edfig/SGO/src/branch/main/docker-compose.yml
cp .env.example .env
# edit the .env as needed
# 2. Start the container
docker-compose up
# or with Podman:
podman-compose up
# 3. Open browser to http://localhost:5000
```
## ⚠️ Security Warning
**This application is designed for LOCAL USE ONLY. Do NOT expose it to the internet.**
- SGO has no authentication or authorization mechanisms
- It provides direct access to your AWS infrastructure data
- It reads AWS credentials from your local system
- Exposing it publicly would allow unauthorized access to sensitive AWS information
**Always run on localhost (127.0.0.1) only. Never expose port 5000 to external networks.**
### Environment Variables
**Available Options:**
| Variable | Description | Required | Default |
|----------|-------------|----------|---------|
| `AWS_CONFIG_PATH` | Absolute path to AWS credentials directory | Yes | None |
| `PUID` | User ID for file permissions | No | `1000` |
| `PGID` | Group ID for file permissions | No | `1000` |
| `DATA_PATH` | Path for database storage (local mode) | No | `./data` |
| `SGO_PORT` | Port to expose on host | No | `5000` |
| `DEBUG` | Enable Flask debug logging | No | `false` |
| `FLASK_ENV` | Flask environment | No | `production` |
## File Structure
```
sgo/
├── app.py # Flask web application
├── import_from_aws.py # AWS direct import functions
├── requirements.txt # Python dependencies
├── Dockerfile # Container image definition
├── docker-compose.yml # Container orchestration (Docker volume)
├── docker-compose.local.yml # Alternative with local directory storage
├── entrypoint.sh # Container entrypoint with PUID/PGID support
├── .dockerignore # Files to exclude from container
├── .env.example # Example environment configuration
├── .gitignore # Git ignore patterns
├── README.md # This file
├── data/ # Local data directory (if using local mode)
│ └── aws_export.db # SQLite database
├── static/ # CSS and images
└── templates/ # HTML
```
## License
This project is dual-licensed:
- **FREE** for individual, personal, educational, and non-commercial use
- **PAID LICENSE REQUIRED** for commercial use by businesses and organizations
You may NOT modify this software for the purpose of selling or commercially distributing it.
See the [LICENSE](LICENSE) file for full details.
For commercial licensing inquiries, please open an issue in this repository.
Reference in a new issue View git blame Copy permalink