Skip to content
/ cloud-storage-lens Public

Multi-cloud audit tool to detect public storage exposure and estimate cost across AWS, Azure, and GCP with CLI, IaC, and container support.

License

MIT license
1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

vooradis/cloud-storage-lens

BranchesTags

Repository files navigation

☁️ Cloud Storage Lens

Multi-cloud audit toolkit to scan AWS, Azure, and GCP storage services for public exposure and cost visibility.
Supports secure scanning, mockfill lifecycle, containerized CLI, and cross-cloud infrastructure provisioning.

Multi-cloud badge CI

🔍 Overview

Cloud Storage Lens analyzes cloud buckets, containers, and blobs for:

  • Public access flags
  • Mock data visibility
  • Cost estimation based on volume
  • CI lifecycle automation
  • Secure infrastructure provisioning

🚀 Quickstart

git clone https://github.com/vooradis/cloud-storage-lens.git
cd cloud-storage-lens

# Install dependencies
pip install -r requirements.txt

# Fill buckets with mock data
make mockfill

# Run audit
make scan

# Clean up objects
make cleanup

🧰 CLI Commands

Powered by click for modular subcommands:

python main.py audit --config config/config.dev.yaml
python main.py fill
python main.py clean

Supports AWS profile and Azure connection override:

python main.py fill --profile auditor --connection_string UseDevelopmentStorage=true

🐳 Container Support

# Local dev container
docker-compose up --build

# Full audit lifecycle
docker-compose run lens bash audit-entrypoint.sh

Includes Dockerfile.dev, audit-entrypoint.sh, and mounted report.csv, audit.log.

☁️ Infrastructure Provisioning

Audit-ready resources defined in multi-cloud IaC:

Cloud Tool Folder Resources
AWS CDK infra/aws-cdk S3 bucket + audit IAM
Azure Bicep infra/azure-bicep Blob container (public)
GCP Terraform infra/gcp-terraform GCS bucket + lifecycle rules

🧪 Testing & CI

make test       # Run unit tests
flake8 .        # Lint audit + tools

GitHub Actions runs:

  • pytest tests
  • flake8 lint
  • Docker builds
  • Full audit lifecycle
  • Uploads report.csv as artifact

📂 Project Structure

auditor/       → access check, cost, report logic
clients/       → SDK wrappers for AWS, Azure, GCP
tools/         → mockfill + cleanup scripts
infra/         → CDK, Bicep, Terraform templates
scripts/       → shell wrappers for scan lifecycle
tests/         → pytest mocks for all providers
config/        → YAML audit config presets

📸 Screenshots

Cloud Preview
AWS
Azure
GCP

(Insert screenshots in docs/images/ or embed links)

📜 License

MIT — built for learning, enterprise demos, and open-source contributions.

About

Multi-cloud audit tool to detect public storage exposure and estimate cost across AWS, Azure, and GCP with CLI, IaC, and container support.

Topics

docker aws cloudformation azure terraform s3 gcp cloud-storage bucket blob-storage devsecops cli-tool cloud-security cost-estimation multicloud aws-cdk bicep gcp-terraform azure-bicep audit-tool

Resources

Readme

License

MIT license
Activity

Stars

1 star

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages