IT operations are at the heart of every organization.
These days, it is no longer a matter of moving or not to the Cloud, but how fast you can run, secure, oversee, and control something into the Cloud.
How can you transform your organization with agility, speed, and automation WHILE MAINTAINING security, compliance, and spending management?
Cloud Operations provides a secure and efficient way to operate in the Cloud through models and tools.
What are the most used ones to daily manage IT Operations in the Cloud?
This repo is maintained by Noovolari, and the TOPS community
| Name | Repository | Cloud Providers | Category | Description |
|---|---|---|---|---|
| Access Undenied AWS |    |
 |
Cloudtrail, Security, Remediation | Parses AWS AccessDenied CloudTrail events, explains the reasons for them, and offers actionable remediation steps |
| Atmos |    |
|
IaC, kubernetes | Universal Tool for DevOps and Cloud Automation. |
| Amazon ECR Docker Credential Helper |    |
|
AWS, ECR, Docker, AWS Credentials | Credential helper for the Docker daemon that makes it easier to use Amazon Elastic Container Registry. |
| AIWS |    |
|
AWS, CLI | AI driven AWS CLI to help you to generate and use AWS commands to manage your resources in AWS. |
| Autometrics |    |
Monitoring tool for code | Easily add metrics to your code that actually help you spot and debug issues in production. Built on Prometheus and OpenTelemetry | |
| AWS Console Recorder |    |
|
AWS, Tools, QoL, Automation, CloudFormation | Records actions made in the AWS Management Console and outputs the equivalent CLI/SDK commands and CloudFormation/Terraform templates |
| AWS Cloud Development Kit |    |
|
IaC, AWS, AWS CloudFormation | An Infrastructure as Code framework that allows DevOps to define a Cloud infrastructure in code, by applying programming practices like unit tests and code reviews. It allows to use both low and git level constructs that can be re-used in other projects. |
| AWS Deployment Framework |    |
|
governance, cloud-environment, cloud-provider-tool | An extensive and flexible framework by AWS to manage and deploy resources across multiple AWS accounts and regions within an AWS Organization. |
| AWS IAM Authenticator for Kubernetes |    |
 |
AWS, Kubernetes, AWS IAM, AWS Security Token Service | A tool that enables the kubectl CLI to authenticate to an Amazon Elastic Kubernetes Service cluster using AWS IAM credentials associated with identities such as users and roles. |
| AWS Permission Cloud |    |
|
AWS IAM policy | A crowdsourced AWS IAM permissions reference. |
| AWS Resilience Hub | |
AWS Disaster Recovery | A central place to define, validate, and track the resilience of your applications on AWS. | |
| Cartography |    |
  |
AWS, Azure, GCP, Cloud Discovery | a Python tool that consolidates infrastructure assets and the relationships between them in an intuitive graph view powered by a Neo4j database. |
| Casbin |    |
|
an authorization library that supports access control models like ACL, RBAC, ABAC in Golang. | an authorization library that supports access control models like ACL, RBAC, ABAC in Golang. |
| CFN Diagrams |    |
|
Diagrams, AWS, CloudFormation, CDK | CLI tool to visualise CloudFormation/SAM/CDK stacks as visjs networks, draw.io or ascii-art diagrams. |
| Checkov |    |
Active monitoring | revent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew. | |
| Civit.ai |    |
IA, Repository, Stable Diffusion, Models, Embeddings, LoRA | A repository of models, textual inversions, and more | |
| Cloud Custodian |    |
|
AWS, Azure, GCP, Security Assessment | Rules engine for cloud security, cost optimization, and governance. |
| Cloudsaga |    |
|
Security, Alerts, AWS, CIRT | AWS CloudSaga - Simulate security events in AWS. |
| CloudWhisperer for CLI | |
Command line, AWS, tool, AI | Auto completion for command-line. | |
| Configure AWS Credentials |    |
|
GitHub Action, AWS, AWS Credentials | Configure AWS credential environment variables for use in other GitHub Actions. |
| DefectDojo |    |
Security, App Security, Monitoring, Audit | DefectDojo is a DevSecOps and vulnerability management tool. | |
| Driver.js |    |
App tour | A light-weight, no-dependency, vanilla JavaScript engine to drive the user’s focus across the page. | |
| Electric Eye |    |
|
Security Posture, Management | ElectricEye is a multi-cloud, multi-SaaS Python CLI tool for Asset Management, Security Posture Management & Attack Surface |
| Flock | |
Cron concurrency | Cron concurrency management tool | |
| Geodesic |    |
|
IaC, AWS, SweetOps | Geodesic is the fastest way to get up and running with a rock solid, production grade cloud platform built entirely from Open Source technologies. It allows creating and building consistent platforms to be shared across a team environment. |
| Github readme stat |    |
Repo github | Dynamically generated stats for your github readmes. | |
| Git Remote CodeCommit |    |
AWS, CodeCommit, AWS Credentials | An implementation of Git Remote Helper that makes it easier to interact with AWS CodeCommit. | |
| GitLeaks |    |
Cyber-security | Protect and discover secrets using Gitleaks 🔑 | |
| Harden Runner |    |
Harden-Runner provides runtime security for GitHub-hosted and self-hosted environments | Harden-Runner provides runtime security for GitHub-hosted and self-hosted environments | |
| Hubot |    |
Chatbot hub manager | Hubot is a framework to build chat bots | |
| ICE |    |
|
AWS Usage Tool | provides a birds-eye view of our large and complex cloud landscape from a usage and cost perspective. |
| Infracost |    |
 |
IaC, multicloud, billing | Cloud cost estimates for Terraform in pull requests. |
| Inshellisense |    |
|
provides IDE style autocomplete for shells. It’s a terminal native runtime for autocomplete which has support for 600+ command line tools. inshellisense supports Windows, Linux, & MacOS. | provides IDE style autocomplete for shells. It’s a terminal native runtime for autocomplete which has support for 600+ command line tools. inshellisense supports Windows, Linux, & MacOS. |
| IAMLive |    |
|
IAM | AboutGenerate an IAM policy from AWS calls using client-side monitoring (CSM) or embedded proxy |
| K6 |    |
APIs, Load-testing | Load testing tool for developers and testers | |
| Leapp |    |
|
IAM, Security | Desktop App for developers to manage, secure, and access the Cloud. |
| Lens |    |
|
Container, DesktopApp, Kubernetes | Desktop App to run Kubernetes locally |
| LocalStack |    |
|
testing | LocalStack provides an easy-to-use test/mocking framework for developing Cloud applications. |
| LocalSurf |    |
|
a browser plugin to redirect AWS service calls to LocalStack! | When developing and testing AWS cloud Web applications locally with LocalStack, we need to make the browser connect to the local endpoint (http://localhost:4566) instead of the AWS production servers (*.amazonaws.com). This can be achieved by explicitly setting the endpoint attribute in the AWS JavaScript SDK. |
| Locust |    |
Write scalable load tests in plain Python 🚗💨 | Write scalable load tests in plain Python 🚗💨 | |
| Matomo |    |
- | Analytics | open alternative to Google Analytics that gives you full control over your data. |
| Mercury |    |
- | Notebook, Jupiter, WebApp | Add interactive widgets in Python notebooks, so you can share notebooks as web applications. |
| Neon |    |
- | Serverless open-source alternative to AWS Aurora Postgres | Serverless open-source alternative to AWS Aurora Postgres |
| Nikto |    |
- | Web Server stress and security testing | Web server scanner which performs comprehensive tests for multiple items. |
| Packer |    |
|
Packer is a tool for building identical machine images for multiple platforms from a single source configuration. | Packer is a tool for creating identical machine images for multiple platforms from a single source configuration. |
| Pagefind |    |
|
Pagefind is a fully static search library that aims to perform well on large sites, while using as little of your users’ bandwidth as possible, and without hosting any infrastructure. The full documentation on using Pagefind can be found at https://pagefind.app/. | Pagefind is a fully static search library that aims to perform well on large sites, while using as little of your users’ bandwidth as possible, and without hosting any infrastructure. The full documentation on using Pagefind can be found at https://pagefind.app/. |
| Pacu |    |
|
open-source AWS exploitation framework | an open-source AWS exploitation framework, designed for offensive security testing against cloud environments. Created and maintained by Rhino Security Labs, Pacu allows penetration testers to exploit configuration flaws within an AWS account, using modules to easily expand its functionality. |
| Plane |    |
|
Ticket, Issue manager | Open-source Alternative to JIRA |
| PMapper |    |
|
A tool for quickly evaluating IAM permissions in AWS. | Principal Mapper (PMapper) is a script and library for identifying risks in the configuration of AWS Identity and Access Management (IAM) for an AWS account or an AWS organization |
| Policy Sentry |    |
|
Policy Generator | Policy Sentry allows users to create least-privilege IAM policies in a matter of seconds, rather than tediously writing IAM policies by hand. These policies are scoped down according to access levels and resources. In the case of a breach, this helps to limit the blast radius of compromised credentials by only giving IAM principals access to what they need. |
| PolicyUniverse |    |
|
This package provides classes to parse AWS IAM and Resource Policies. | This package provides classes to parse AWS IAM and Resource Policies. |
| Pulumi |    |
|
IaC, cloud-environment, cloud-provider-tool | A universal Infrastructure as Code SDK that enables you to create, deploy, and manage infrastructure on any cloud, using your favorite languages. |
| Prometheus |    |
monitoring time-series metrics alerting graphing | The Prometheus monitoring system and time series database. | |
| Prowler |    |
|
Security, Cyber-security | Prowler is an Open Source Security tool for AWS, Azure and GCP to perform Cloud Security best practices |
| Projen |    |
project-structure | Project structure as a code. Projen is one of the core project behind CDK | |
| Raycast |    |
|
developer-experience, productivity | Totally extensible launcher, it's a Spotlight with superPower, it has a dedicated AWS extension |
| Regex.ai | developer-experience, productivity | AI-Powered Regular Expression Solver | ||
| Resoto |    |
|
cloud inventory | Resoto creates an inventory of your cloud :nuvola:, provides deep visibility :occhi:, and reacts to changes in your infrastructure :globo_con_meridiani:! |
| S3P |    |
|
data-transfer | list/copy/sync/compare S3 buckets 5x-50x faster than aws-cli ⏩ |
| Sentry |    |
|
Crashlytics, Monitoring | Universal Tool for Monitoring. |
| Skyplane |    |
|
data-transfer | bulk data transfers between any cloud 🔥 |
| Smokescreen |    |
|
Http Proxy, Security | A simple HTTP proxy that fogs over naughty URLs |
| SonarQube |    |
|
Continuous Inspection, Code Quality, Code smell inspection | SonarQube provides the capability to not only show health of an application but also to highlight issues newly introduced |
| Steampipe |   |
|
query, mySQL, cloud-finder | Use SQL to query cloud infrastructure, SaaS, code, logs, and more. |
| Strapi |    |
|
CMS | open-source headless CMS. It’s 100% JavaScript, fully customizable and developer-first. |
| Tailspin |    |
A lightweight log highlighter. | A lightweight log highlighter. | Safely and predictably create, change, and improve infrastructure codifying APIs into declarative configuration files. |
| Terraform |   |
|
IaC, multicloud | Safely and predictably create, change, and improve infrastructure codifying APIs into declarative configuration files. |
| Terraform cleaner |    |
|
IaC, multicloud | Tiny utility which detects unused variables in your terraform modules |
| Terragrunt |    |
|
IaC, multiple Terraform modules | A thin wrapper that provides extra tools for keeping your configurations DRY, working with multiple Terraform modules, and managing remote state. |
| Thanos |    |
|
Highly available Prometheus setup with long term storage capabilities. | Highly available Prometheus setup with long term storage capabilities. |
| TrailBlazer |    |
|
CloudTrail, Monitoring, Attack Simulation, Security Posture, Less Privilege | A tool written to determine what AWS API calls are logged by CloudTrail and what they are logged as. |
| Threat Mapper |    |
|
Open source cloud native security observability platform. Linux, K8s, AWS Fargate and more. | Deepfence ThreatMapper hunts for threats in your production platforms, and ranks these threats based on their risk-of-exploit. It uncovers vulnerable software components, exposed secrets and deviations from good security practice. |
| Warp |    |
|
Modern Rust-based terminal with AI features | Modern Rust-based terminal with AI features |
| WarriorJS |    |
|
Javascript, Node, Typescript | In WarriorJS, you are a warrior climbing a tall tower to reach The JavaScript Sword at the top level. Legend has it that the sword bearer becomes enlightened in the JavaScript language, but be warned: the journey will not be easy. |
| Winglang.io |    |
|
Javascript, Node, Typescript | Wing elevates the developer experience by combining infrastructure and runtime code, minimizing the complexity of the cloud |
| Yara |    |
|
Malware analysis, security template rules | YARA is a tool aimed at (but not limited to) helping malware researchers to identify and classify malware samples. |
| Yalc |    |
work with yarn/npm packages locally like a boss. | work with yarn/npm packages locally like a boss. |
- DevOps exercises divided into different arguments
- DevOps interactive roadmap
- DevOps tools and tech
- RE:Invent news tracker
- CDK Construct for PartyRock
- Guide of security and hacking in AWS
- Map of the Cloud Security vulnerabilities
- Security and IAM Open Guide for AWS
| Name | Host | Platform | Description |
|---|---|---|---|
| AWS Developers | Dave Isbitsky |  |
Dave Isbitski and friends chat with the people behind Amazon Web Services (AWS) and the developers who are building on it. / |
| AWS Morning Brief | Corey Quinn | Corey is the Chief Cloud Economist at The Duckbill Group. Corey’s unique brand of snark combines with a deep understanding of AWS’s offerings, unlocking a level of insight that’s both penetrating and hilarious. | |
| Azure DevOps Podcast | Jeffrey Palermo |    |
Discover new ways to improve your AWS infrastructure by automating everything. |
| Cloud Automation Weekly | Thorsten Hoeger |   |
Discover new ways to improve your AWS infrastructure by automating everything. |
| Cloud Security Podcast | Anton Chuvakin Timothy Peacock |
If you like having threat models questioned and a few bad puns, please tune in! | |
| CloudSec List | Marco Lancini | CloudSecList is the best way to stay on top of the cloud security landscape without having to be overwhelmed by all the noise. | |
| Data Knightmare | Walter Vannini | a voice outside the chorus, but Walter Vannini is surely to bring out all the untold secrets about data, and the podcast is available both in Italian for native speakers and in English. Enjoy! | |
| DevOps Bulletin | Mohamed Labouardy | |
DevOps bulletin is a good way to stay infomed about all things DevOps. |
| Online Life is Real Life | Bridget Todd | |
sponsored by Firefox, it shares real stories of life online and real talk about the future of the web. |
| tldr | Clint Gilber | |
Applying Academic Rigor to Curating the Best Security Research |
| The Balancing Act | Security Compass | |
Applying Academic Rigor to Curating the Best Security Research |
Contributions welcome! Read the contribution guidelines first.