aws
Autonomous AI Agents for Infrastructure. Claude Code for infrastructure. Debug, act, and audit everything Fluid does on your infrastructure.
Fluid is a terminal agent that do work on production infrastructure like VMs/K8s cluster/etc. by making sandbox clones of the infrastructure for AI agents to work on, allowing the agents to run commands, test connections, edit files, and then generate Infra-as-code like an Ansible Playbook to be applied on production.
Vercel for Backend. Deploy backends without the hassle.
A modern platform for deploying, managing, and scaling your Python and Node.js backends.
Identify. Audit. Slash. The Cloud Accountant.
Infrastructure that Heals Itself. Stop bleeding cash. Identifying consumption anomalies and autonomously remediating waste with mathematical certainty.
Local-first AWS forensic engine. Finds waste via dependency graph analysis and enables safe remediation with Terraform state restoration.
AWS Attack Path Scanner. Discover privilege escalation paths across 10+ AWS services.
Heimdall is an AWS security scanner that discovers privilege escalation paths attackers could exploit to gain admin access.
Related contents:
Unofficial CLI and MCP server for Lambda cloud GPU instances.
A fast CLI and MCP server for managing Lambda cloud GPU instances.
A terminal-based AWS resource viewer and manager.
taws provides a terminal UI to interact with your AWS resources. The aim of this project is to make it easier to navigate, observe, and manage your AWS infrastructure in the wild. taws continually watches AWS for changes and offers subsequent commands to interact with your observed resources.
Your AWS, as a filesystem.
sisu mounts AWS resources as a local filesystem. Use the tools you already know - grep, cat, diff, vim - instead of wrestling with JSON and the AWS CLI.
AI-friendly by design: AI tools can't SSH into servers or run interactive AWS CLI sessions. But with sisu, your entire AWS infrastructure becomes simple file paths that any AI can read. Remote EC2 filesystems are accessible at ec2/<instance>/fs/ - letting AI browse /var/log, /etc, and any file on your instances without SSH.
Related contents:
A terminal-based AWS cost and resource dashboard built with Python and the Rich library. It provides an overview of AWS spend by account, service-level breakdowns, budget tracking, and EC2 instance summaries.
π‘οΈ BudgetSentinel: Simple AWS cost protection with Terraform. Get email alerts at 80% budget + auto-stop EC2/RDS at 100%. Free tier friendly, 5-minute setup, potentially saves $100s in surprise bills.
Related contents:
If you are preparing for AWS Cloud Practitioner Exam (CLF-C02), this guide will help you with quick revision before the exam. I share the notes I used to study and pass exam.
Open Source Cloud Security Scanner.
An open source, cloud-native security to protect everything from build to runtime.
cnspec assesses your entire infrastructure's security and compliance. It finds vulnerabilities and misconfigurations across public and private cloud environments, Kubernetes clusters, containers, container registries, servers, endpoints, SaaS products, infrastructure as code, APIs, and more.
A powerful policy as code engine, cnspec is built upon Mondoo's security data fabric. It comes configured with default security policies that run right out of the box. It's both fast and simple to use!
Stop EC2 instances and RDS/Aurora databases overnight by tagging them with cron schedules, to cut AWS costs. Trigger CloudFormation stack updates and AWS Backup, too.
AWS-based automation which scans images stored in an Amazon S3 bucket for inappropriate or unsafe content using Amazon Rekognition.
Related contents:
A simulation tool for AWS IAM written in Go.
yams is a Go library, server, and CLI providing foundational capabilities to simulate access for AWS IAM policies.
A simple CLI tool to retrieve S3 storage costs and storage tiers for buckets in your AWS account.
SSE (Spitzkop Systems Engineering) Landing Zone as a Service - Command Line Interface. A powerful CLI tool for managing AWS Account Factory (AFT) through GitOps Infrastructure as Code principles.
Open-Source Compliance Scanner. Multi-Cloud Compliance Scanner & Evidence Collection.
Scan AWS, Azure, and M365 for SOC2, PCI-DSS, HIPAA, CMMC, and NIST 800-53 compliance. Get audit-ready reports in minutes.
Remote debugging AWS Lambda functions.
Lambda Live Debugger is an indispensable tool for debugging AWS Lambda functions from your computer, even though they are deployed in the cloud. The code runs with the same IAM permissions as in the cloud environment, and there's no need to redeploy when you make code changes. It supports Lambdas written in JavaScript or TypeScript. It requires almost no configuration. It is free and open source.
Open Source Cloud Security Tool.
Prowler is the Open Cloud Security platform for AWS, Azure, GCP, Kubernetes, M365 and more. It helps for continuous monitoring, security assessments & audits, incident response, compliance, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, ENS and more.
Related contents:
Terrascan is a static code analyzer for Infrastructure as Code.
Detect compliance and security violations across Infrastructure as Code (IaC) to mitigate risk before provisioning cloud native infrastructure.
Deploys a Lambda function.
Updates the code and configuration of AWS Lambda functions as part of GitHub Actions workflow steps. Supports both .zip file archives and container images stored in Amazon ECR.
Related contents:
The latest DevOps news, tutorials, and guides. Real Guides for Real Engineers.
Practical DevOps tips, tools, and tutorials. No fluff.
Keep your lambdas warm during winter. β¨
WarmUp solves cold starts by creating a scheduled lambda (the warmer) that invokes all the selected service's lambdas in a configured time interval (default: 5 minutes) and forcing your containers to stay warm.
infrastructure made simple with Python.WS for Python devs - made simple.
Build AWS apps in high-level Python with smart defaults. Keep full control when you need it. No YAML, JSON or HSL. No clicking through consoles. No configuration hell.
Stelvio is a Python framework that simplifies AWS cloud infrastructure management and deployment. It lets you define your cloud infrastructure using pure Python, with smart defaults that handle complex configuration automatically.
Effortlessly run tasks and manage your services on AWS ECS (Elastic Container Service).
RunECS is a cross-platform tool available for macOS, Linux, and Windows.
CLI for exploring AWS EC2 Spot inventory. Inspect AWS Spot instance types, saving, price, and interruption frequency. Command-line tool for AWS EC2 Spot Instance exploration with placement score analysis.
spotinfo is a powerful CLI tool and Model Context Protocol (MCP) server that provides comprehensive AWS EC2 Spot Instance information, including real-time placement scores, pricing data, and interruption rates. Perfect for DevOps engineers optimizing cloud infrastructure costs.
Your unified cloud storages interface.
Sourcerer is a CLI-based cloud storage explorer that provides a unified interface for developers and DevOps engineers to view and manage files across multiple cloud providers like GCP Storage, Azure Storage, AWS S3, and S3-compatible services.
A model for event interoperability between event producers and their consumers to favor better developer experience, robust integration, and infrastructural efficiency.
MCP server for understanding AWS spend.
An MCP server for getting AWS spend data via Cost Explorer and Amazon Bedrock usage data via Model invocation logs in Amazon Cloud Watch through Anthropic's MCP (Model Control Protocol).
A terminal-based AWS cost and resource dashboard built with Python and the Rich library. It provides an overview of AWS spend by account, service-level breakdowns, budget tracking, and EC2 instance summaries.
Cloud native secrets management for developers - never leave your command line for secrets.
Never leave your terminal to use secrets while developing, testing, and building your apps.
Instead of custom scripts, tokens in your .zshrc files, visible EXPORTs in your bash history, misplaced .env.production files and more around your workstation -- just use teller and connect it to any vault, key store, or cloud service you like (Teller support Hashicorp Vault, AWS Secrets Manager, Google Secret Manager, and many more).
Fix Inventory is an open-source cloud asset inventory tool for infrastructure and security engineers.
Fix Inventory helps you identify and remove the most critical risks in AWS, GCP, Azure and Kubernetes.
Fix Inventory enables a broad set of exploration and automation scenarios. Its foundation is a graph-based data model, which exposes resource metadata and dependency relationships between your service's assets.
A powerful CLI allows you to search, explore, and manage your cloud resources.
Related contents:
specialized MCP servers that bring AWS best practices directly to your development workflow .
Install the AWS CLI on modern Macs without a package manager.
Related contents:
A Dynamic DNS system built with API Gateway, Lambda & Route 53.
[Node, Python, Java] Repository of sample Custom Rules for AWS Config. AWS Community repository of custom Config rules. Contributions welcome. Instructions for leveraging these rules are below.
Enable generative AI applications to automate multistep tasks by seamlessly connecting with company systems, APIs, and data sources.
Related contents:
Amazon DynamoDB is a fully managed NoSQL database service that provides fast and predictable performance with seamless scalability. You can use Amazon DynamoDB to create a database table that can store and retrieve any amount of data, and serve any level of request traffic. Amazon DynamoDB automatically spreads the data and traffic for the table over a sufficient number of servers to handle the request capacity specified by the customer and the amount of data stored, while maintaining consistent and fast performance.
Related contents:
Zero-Friction Serverless Apps On AWS Lambda & Beyond. Easy Serverless Apps on AWS Lambda.
Deploy APIs, scheduled tasks, workflows and event-driven apps to AWS Lambda easily with the Serverless Framework.
Related contents:
Open source alternative to AWS.
Open source alternative to AWS. Elastic compute, block storage (non replicated), firewall and load balancer, managed Postgres, and IAM services in public beta.
Ubicloud provides IaaS cloud features on bare metal providers, such as Hetzner, Leaseweb, and AWS Bare Metal. You can set it up yourself on these providers or you can use our managed service. We're currently in public beta.
Open Source & Cross-Cloud Compliance & Security. Costs saving & Optimization.
Kexa's simple rules (Open Source) make it easy to monitoring and manage alerting of your entire cloud. With various monitoring and alerting options, instant and detailed alerts, easy-to-deploy and low in infrastructure costs, in turns complexity into simplicity.
Related contents:
Find AWS resources that are not logging, and turn them on.
Assisted Log Enabler for AWS is for customers who do not have logging turned on for various services, and lack knowledge of best practices and/or how to turn them on.
Distributed SQL Databases
Fastest serverless distributed SQL database for always available applications.
The easiest way to access your cloud A CLI application which provides the worldβs best developer UX for finding and accessing cloud roles to multiple cloud accounts, fast!
Granted is a command line interface (CLI) application which simplifies access to cloud roles and allows multiple cloud accounts to be opened in your web browser simultaneously.
Prometheus exporter for AWS CloudWatch - Discovers services through AWS tags, gets CloudWatch metrics data and provides them as Prometheus metrics with AWS tags as labels.
Seed-Farmer is an orchestration tool that works with AWS CodeSeeder and acts as an orchestration tool modeled after GitOps deployments. It has a CommandLine Interface based in Python, leverages modular code deployments defined by declarative manifests, and includes change detection and deployment optimization.
AIOps modules is a collection of reusable Infrastructure as Code (IaC) modules for Machine Learning (ML), Foundation Models (FM), Large Language Models (LLM) and GenAI development and operations on AWS
OpenNext takes the Next.js build output and converts it into packages that can be deployed across a variety of environments. Natively OpenNext has support for AWS Lambda, and classic Node.js Server.
Related contents:
Cloud Development Framework.
The AWS Cloud Development Kit (AWS CDK) is an open-source software development framework to define cloud infrastructure in code and provision it through AWS CloudFormation.
It offers a high-level object-oriented abstraction to define AWS resources imperatively using the power of modern programming languages. Using the CDKβs library of infrastructure constructs, you can easily encapsulate AWS best practices in your infrastructure definition and share it without worrying about boilerplate logic.
eks-node-viewer is a tool for visualizing dynamic node usage within a cluster. It was originally developed as an internal tool at AWS for demonstrating consolidation with Karpenter. It displays the scheduled pod resource requests vs the allocatable capacity on the node. It does not look at the actual pod resource usage.
IAM Least Privilege Policy Generator.
Policy Sentry is an AWS IAM Least Privilege Policy Generator, auditor, and analysis database. It compiles database tables based on the AWS IAM Documentation on Actions, Resources, and Condition Keys and leverages that data to create least-privilege IAM policies.
A command-line tool to get valuable information out of AWS CloudTrail and a general purpose toolbox for working with IAM policies
Rules engine for cloud security, cost optimization, and governance, DSL in yaml for policies to query, filter, and take actions on resources.
Cloud Custodian enables you to manage your cloud resources by filtering, tagging, and then applying actions to them. The YAML DSL allows defininition of rules to enable well-managed cloud infrastructure that's both secure and cost optimized.
Cloud Custodian, also known as c7n, is a rules engine for managing public cloud accounts and resources. It allows users to define policies to enable a well managed cloud infrastructure, that's both secure and cost optimized. It consolidates many of the adhoc scripts organizations have into a lightweight and flexible tool, with unified metrics and reporting.
Open-source best practices for protecting a secure, sensible cloud platform.
Your Quick Reference to Cloud Best Practices. An open-source collection of cloud infrastructure best practices, for bootstrapping your own cloud platform.
S3oosh allows users to upload multiple files at once to S3 Buckets. It provides a drag-and-drop interface for users to easily upload files to a S3 Bucket. The component supports various file types and allows users to set maximum file count, maximum file size, and accepted file types.
The Open-Source Tool Democratizing Multi-Cloud Security Testing by Arpan Sarkar.
Multi-Cloud Security Testing Tool to execute a comprehensive array of attack techniques across multiple surfaces via a simple web interface.
Halberd is a powerful, multi-cloud security testing tool. Born out of the need for a unified, easy-to-use tool, Halberd enables you to proactively assess your cloud defenses by executing a comprehensive array of attack techniques across Entra ID, M365, Azure, and AWS. With its intuitive web interface, you can simulate real-world attacks, generate valuable telemetry, and validate your security controls with ease & speed.
Quickly and easily design network layouts. Split and join subnets, add notes and color, then collaborate with others by sharing a custom link to your design.
Enter the network you wish to subnet and use the Split/Join buttons on the right to start designing!
Command Line S3 Client and S3 Backup for Windows, Linux: s3cmd, s3express.
S3cmd is a free command line tool and client for uploading, retrieving and managing data in Amazon S3 and other cloud storage service providers that use the S3 protocol, such as Google Cloud Storage or DreamHost DreamObjects. It is best suited for power users who are familiar with command line programs. It is also ideal for batch scripts and automated backup to S3, triggered from cron, etc.
Interactive SQL. Analyze petabyte-scale data where it lives with ease and flexibility.
Amazon Athena is a serverless, interactive analytics service built on open-source frameworks, supporting open-table and file formats. Athena provides a simplified, flexible way to analyze petabytes of data where it lives. Analyze data or build applications from an Amazon Simple Storage Service (S3) data lake and 30 data sources, including on-premises data sources or other cloud systems using SQL or Python. Athena is built on open-source Trino and Presto engines and Apache Spark frameworks, with no provisioning or configuration effort required.