eddie/SGO
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
SGO/wiki/Home.md
Eduardo Figueroa e0fc3bdd42
wiki
2025-11-20 14:41:17 -08:00

3.7 KiB
Raw Blame History

SGO: Security Groups Observatory

A web-based tool for exploring AWS EC2 instances and Security Groups with direct AWS import, MFA support, and CSV export capabilities.

⚠️ Security Warning

This application is designed for LOCAL USE ONLY. Do NOT expose it to the internet.

  • SGO has no authentication or authorization mechanisms
  • It provides direct access to your AWS infrastructure data
  • It reads AWS credentials from your local system
  • Exposing it publicly would allow unauthorized access to sensitive AWS information

Always run on localhost (127.0.0.1) only. Never expose port 5000 to external networks.

Features

  • Direct AWS Import: Import data directly from AWS using ~/.aws/config with MFA/OTP support
  • Parallel Import: Import from multiple AWS accounts simultaneously
  • Search & Filter: Search by EC2 name, SG name, instance ID, group ID, or IP address
  • Regex Search: Enable regex checkbox for advanced pattern matching
  • Filter by Type: View all resources, only EC2 instances, or only Security Groups
  • CSV Export: Export search results, EC2 details, SG details, and security group rules to CSV
  • Detailed Views:
    • EC2 View: Shows EC2 instance details with nested boxes for attached Security Groups
    • Security Group View: Shows SG details with nested boxes for all attached EC2 instances
  • Security Group Rules: View and search ingress/egress rules for any security group
  • Statistics Dashboard: Quick overview of total SGs, EC2s, and accounts

Quick Links

Data Structure

Security Groups Table

  • Account ID & Name
  • Group ID & Name
  • Tag Name
  • Wave Tag
  • Git Repo Tag
  • Ingress Rule Count

EC2 Instances Table

  • Account ID & Name
  • Instance ID
  • Tag Name
  • State (running, stopped, etc.)
  • Private IP Address
  • Security Groups (IDs and Names)
  • Git Repo Tag

File Structure

sgo/
├── app.py                      # Flask web application
├── import_from_aws.py          # AWS direct import functions
├── import_data.py              # CSV to SQLite import (legacy)
├── requirements.txt            # Python dependencies
├── Dockerfile                  # Container image definition
├── docker-compose.yml          # Container orchestration (Docker volume)
├── docker-compose.local.yml    # Alternative with local directory storage
├── entrypoint.sh               # Container entrypoint with PUID/PGID support
├── .dockerignore               # Files to exclude from container
├── .env.example                # Example environment configuration
├── .gitignore                  # Git ignore patterns
├── README.md                   # This file
├── data/                       # Local data directory (if using local mode)
│   └── aws_export.db           # SQLite database
├── static/
│   ├── css/
│   │   └── style.css           # Application styles
│   └── images/
│       └── logo.svg            # Application logo
└── templates/
    ├── import.html             # Import/profile selection page
    └── index.html              # Main explorer interface

License

This project is dual-licensed:

  • FREE for individual, personal, educational, and non-commercial use
  • PAID LICENSE REQUIRED for commercial use by businesses and organizations

You may NOT modify this software for the purpose of selling or commercially distributing it.

See the LICENSE file for full details.

For commercial licensing inquiries, please open an issue in the repository.