Lambda function that streamlines containment of an AWS account compromise.
AWS Kill Switch is a Lambda function (and proof of concept client) that an organization can implement in a dedicated "Security" account to give their security engineers the ability to delete IAM roles or apply a highly restrictive service control policy (SCP) on any account in their organization.
Simple and flexible tool for managing secrets.
SOPS is an editor of encrypted files that supports YAML, JSON, ENV, INI and BINARY formats and encrypts with AWS KMS, GCP KMS, Azure Key Vault, age, and PGP.
List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
Terraform, Terragrunt, and IaC Automated Management. Collaborate, deploy, and manage your Infrastructure as Code with confidence
env0 automates your Terraform, Terragrunt, AWS CloudFormation and other Infrastructure as Code tools.
Parallel S3 and local filesystem execution tool.
s5cmd is a very fast S3 and local filesystem execution tool. It comes with support for a multitude of operations including tab completion and wildcard support for files, which can be very handy for your object storage workflow while working with large number of files.
A fully functional local cloud stack. Develop and test your cloud and serverless
LocalStack is an easy-to-use test/mocking framework for developing cloud applications. Using LocalStack, you can spin up a local test environment in seconds, and get the same functionality you would get from a real AWS environment.
LocalStack @ GitHub.
RedCloud OS is a Debian based Cloud Adversary Simulation Operating System for Red Teams to assess the security of leading Cloud Service Providers (CSPs). It includes tools optimized for adversary simulation tasks within Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP).
Preevy is a powerful CLI tool designed to simplify the process of creating ephemeral preview environments. Using Preevy, you can easily provision any Docker-Compose application on AWS using affordable Lightsail, Google Cloud, or Microsoft Azure VMs (support for more cloud providers is on the way).
Preevy @ GitHub
Serverless PHP made simple. Simple and scalable PHP applications with serverless.
Serverless PHP on AWS Lambda
Bref @ GitHub.
React hooks for the AWS UI component library.
use-awsui is a collection of React hooks for the AWS UI components. By instantiating your components' local state with this library, you can save repetitive boilerplate surrounding state instantiation and event handlers. You may also rest comfortably knowing this package maintains 100% test coverage.
DNS and Service Discovery.
CoreDNS is a DNS server. It is written in Go. It can be used in a multitude of environments because of its flexibility.
CoreDNS is a DNS server/forwarder, written in Go, that chains plugins. Each plugin performs a (DNS) function.
CoreDNS can listen for DNS requests coming in over UDP/TCP (go'old DNS), TLS (RFC 7858), also called DoT, DNS over HTTP/2 - DoH - (RFC 8484) and gRPC (not a standard).
CoreDNS @ GitHub.
Production Grade k8s Installation, Upgrades and Management. The easiest way to get a production grade Kubernetes cluster up and running. We like to think of it as
kubectl for clusters.
kops will not only help you create, destroy, upgrade and maintain production-grade, highly available, Kubernetes cluster, but it will also provision the necessary cloud infrastructure.
AWS (Amazon Web Services) and GCE (Google Cloud Platform) are currently officially supported, with DigitalOcean, Hetzner and OpenStack in beta support, and Azure in alpha.
Yet Another Testing & Auditing Solution
A simple tool to audit your AWS infrastructure for misconfiguration or potential security issues with plugins integration.
The goal of YATAS is to help you create a secure AWS environment without too much hassle. It won't check for all best practices but only for the ones that are important for you based on my experience. Please feel free to tell me if you find something that is not covered.
SST makes it easy to build full-stack serverless applications on AWS.
Build modern full-stack applications on AWS:
- Deploy Next.js, Remix, or Astro to AWS.
- Add any backend feature.
- Go from idea to IPO!
sst @ GitHub.
Secure and fast microVMs for serverless computing.
Firecracker is an open source virtualization technology that is purpose-built for creating and managing secure, multi-tenant container and function-based services that provide serverless operational models. Firecracker runs workloads in lightweight virtual machines, called microVMs, which combine the security and isolation properties provided by hardware virtualization technology with the speed and flexibility of containers.
A lightweight, ultra-fast tool for building observability pipelines.
A CLI to create code sandboxes with automatic HTTPS and long running processes in your cloud provider account.
Backup interface for volumes attached to containers.
Bivac allows to backup Container volumes using Restic.
Développez des applications à l'échelle planétaire dans le cloud avec des données géospatiales libres.
5450 links, including 1 private