eddie/SGO
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
No description
4 commits 1 branch 0 tags 176 KiB
HTML 58.8%
Python 32.3%
CSS 8.6%
Dockerfile 0.3%
Find a file
Eduardo Figueroa ff19326100
simple readme
2025-11-20 14:32:14 -08:00
.github/ISSUE_TEMPLATE Initial Commit 2025-11-20 12:03:30 -08:00
.woodpecker jobs, update readme, add source links 2025-11-20 14:27:44 -08:00
static Initial Commit 2025-11-20 12:03:30 -08:00
templates jobs, update readme, add source links 2025-11-20 14:27:44 -08:00
.dockerignore Initial Commit 2025-11-20 12:03:30 -08:00
.env.example Initial Commit 2025-11-20 12:03:30 -08:00
.gitignore Initial Commit 2025-11-20 12:03:30 -08:00
.woodpecker.yml jobs, update readme, add source links 2025-11-20 14:27:44 -08:00
app.py jobs, update readme, add source links 2025-11-20 14:27:44 -08:00
CONTRIBUTING.md Initial Commit 2025-11-20 12:03:30 -08:00
docker-compose.local.yml Initial Commit 2025-11-20 12:03:30 -08:00
docker-compose.yml Initial Commit 2025-11-20 12:03:30 -08:00
Dockerfile Initial Commit 2025-11-20 12:03:30 -08:00
entrypoint.sh Initial Commit 2025-11-20 12:03:30 -08:00
import_from_aws.py Initial Commit 2025-11-20 12:03:30 -08:00
LICENSE Initial Commit 2025-11-20 12:03:30 -08:00
README.md simple readme 2025-11-20 14:32:14 -08:00
requirements.txt Initial Commit 2025-11-20 12:03:30 -08:00

README.md

SGO: Security Groups Observatory

A web-based tool for exploring AWS EC2 instances and Security Groups with direct AWS import, MFA support, and CSV export capabilities.

Quick Start

1. Setup container files
wget https://codeberg.org/edfig/SGO/src/branch/main/docker-compose.yml
cp .env.example .env
# edit the .env as needed

# 2. Start the container
docker-compose up
# or with Podman:
podman-compose up

# 3. Open browser to http://localhost:5000

⚠️ Security Warning

This application is designed for LOCAL USE ONLY. Do NOT expose it to the internet.

  • SGO has no authentication or authorization mechanisms
  • It provides direct access to your AWS infrastructure data
  • It reads AWS credentials from your local system
  • Exposing it publicly would allow unauthorized access to sensitive AWS information

Always run on localhost (127.0.0.1) only. Never expose port 5000 to external networks.

Environment Variables

Available Options:

Variable Description Required Default
AWS_CONFIG_PATH Absolute path to AWS credentials directory Yes None
PUID User ID for file permissions No 1000
PGID Group ID for file permissions No 1000
DATA_PATH Path for database storage (local mode) No ./data
SGO_PORT Port to expose on host No 5000
DEBUG Enable Flask debug logging No false
FLASK_ENV Flask environment No production

File Structure

sgo/
├── app.py                      # Flask web application
├── import_from_aws.py          # AWS direct import functions
├── requirements.txt            # Python dependencies
├── Dockerfile                  # Container image definition
├── docker-compose.yml          # Container orchestration (Docker volume)
├── docker-compose.local.yml    # Alternative with local directory storage
├── entrypoint.sh               # Container entrypoint with PUID/PGID support
├── .dockerignore               # Files to exclude from container
├── .env.example                # Example environment configuration
├── .gitignore                  # Git ignore patterns
├── README.md                   # This file
├── data/                       # Local data directory (if using local mode)
│   └── aws_export.db           # SQLite database
├── static/                     # CSS and images
└── templates/                  # HTML

License

This project is dual-licensed:

  • FREE for individual, personal, educational, and non-commercial use
  • PAID LICENSE REQUIRED for commercial use by businesses and organizations

You may NOT modify this software for the purpose of selling or commercially distributing it.

See the LICENSE file for full details.

For commercial licensing inquiries, please open an issue in this repository.