Open Source Cloud Services Software
Sort By:
Cloud Services Software
View 392 business solutionsBrowse free open source Cloud Services software and projects below. Use the toggles on the left to filter open source Cloud Services software by OS, license, language, programming language, and project status.
-
Gen AI apps are built with MongoDB AtlasMongoDB Atlas is the developer-friendly database used to build, scale, and run gen AI and LLM-powered apps—without needing a separate vector database. Atlas offers built-in vector search, global availability across 115+ regions, and flexible document modeling. Start building AI apps faster, all in one place.
-
LinkSquares: All-in-One Contract Management PlatformLinkSquares is the leading Contract Lifecycle Management (CLM) software designed to help legal, procurement, and business operations teams master the entire contract lifecycle, from creation to execution and renewal. The platform transforms how companies manage agreements by centralizing data, automating routine work, and providing actionable insights powered by AI. This single, connected source of truth helps teams eliminate manual processes, streamline workflows, boost visibility, and ensure compliance across thousands of contracts, ultimately reducing risk and administrative burden.
-
1
Service Bus Explorer
Connect to a Service Bus namespace and administer messaging entities
The Service Bus Explorer allows users to connect to a Service Bus namespace and administer messaging entities in an easy manner. The tool provides advanced features like import/export functionality or the ability to test topics, queues, subscriptions, relay services, notification hubs, and events hubs. Microsoft Azure Service Bus is a reliable information delivery service. The purpose of this service is to make communication easier. When two or more parties want to exchange information, they need a communication facilitator. Service Bus is a brokered, or third-party communication mechanism. This is similar to postal service in the physical world. Postal services make it very easy to send different kinds of letters and packages with a variety of delivery guarantees, anywhere in the world. The Service Bus Explorer 2.1.0 can be used with the Service Bus for Windows Server 1.1. The Service Bus Explorer 2.1.0 uses a version of the Microsoft.ServiceBus.dll client library. -
2
Terrascan
Detect compliance and security violations across Infrastructure
Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure. As you embrace Infrastructure as Code (IaC) such as Terraform, Kubernetes, Argo CD, Atlantis and AWS CloudFormation, it is important to ensure that security best practices and compliance requirements are observed. Terracan provides 500+ out-of-the-box policies so that you can scan IaC against common policy standards such as the CIS Benchmark. It leverages the Open Policy Agent (OPA) engine so that you can easily create custom policies using the Rego query language. Monitor provisioned cloud infrastructure for configuration changes that introduce posture drift, and enables reverting to a secure posture. Detect security vulnerabilities and compliance violations. -
3
CloudBrute
Awesome cloud enumerator
A tool to find a company (target) infrastructure, files, and apps on the top cloud providers (Amazon, Google, Microsoft, DigitalOcean, Alibaba, Vultr, Linode). The outcome is useful for bug bounty hunters, red teamers, and penetration testers alike. While working on HunterSuite, and as part of the job, we are always thinking of something we can automate to make black-box security testing easier. We discussed this idea of creating a multiple platform cloud brute-force hunter.mainly to find open buckets, apps, and databases hosted on the clouds and possibly app behind proxy servers. Cloud detection (IPINFO API and Source Code) Supports all major providers. Black-Box (unauthenticated). Fast (concurrent), modular and easily customizable, cross Platform (windows, linux, mac), user-agent randomization, proxy randomization (HTTP, Socks5). -
4
Leapp
Leapp is the DevTool to access your cloud
Let Leapp manage your Cloud credentials locally. Improve your workflow with the only open-source desktop app and CLI you’ll ever need. Your all-in-one solution to assign IAM Cloud access across teams. Cloud credentials are available with a click. Data stored locally encrypted in your System Vault. Work with your Cloud Identities from a single place. Automatic temporary Cloud credentials generation and rotation. Pick your Cloud Provider to add a Leapp Session. Choose from supported access methods or leverage your federated identity with SAML 2.0 compliant identity providers. Automatically provision your sessions from AWS Single Sign-On via Leapp Integration. Start your Session, and Leapp will automatically generate secure short-lived credentials for you. All sensitive data are stored in your local System Vault and used only when needed to provide best-in-class security. -
Effortlessly Manage Product InformationA single source of truth for all of your product information with easy ways to distribute that data to wherever it needs to go, including the most powerful e-commerce connectors in the industry.
-
5
Prowler
An open source security tool to perform AWS security assessment
Prowler is an Open Source security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening, and forensics readiness. It contains more than 200 controls covering CIS, PCI-DSS, ISO27001, GDPR, HIPAA, FFIEC, SOC2, AWS FTR, ENS and custom security frameworks. Prowler is a command-line tool that helps you with AWS security assessment, auditing, hardening, and incident response. It follows guidelines of the CIS Amazon Web Services Foundations Benchmark (49 checks) and has more than 100 additional checks related to GDPR, HIPAA, PCI-DSS, ISO-27001, FFIEC, SOC2, and others. +200 checks covering security best practices across all AWS regions and most AWS services. Get a direct colorful or monochrome report. Get an HTML, CSV, JUNIT, JSON, or JSON ASFF (Security Hub) format report. -
6
Typhoon
Minimal and free Kubernetes distribution with Terraform
Typhoon is a minimal and free Kubernetes distribution. Minimal, stable base Kubernetes distribution. Declarative infrastructure and configuration. Free (freedom and cost) and privacy-respecting. Practical for labs, datacenters, and clouds. Typhoon distributes upstream Kubernetes, architectural conventions, and cluster addons, much like a GNU/Linux distribution provides the Linux kernel and userspace components. Typhoon provides a Terraform Module for each supported operating system and platform. Define a Kubernetes cluster by using the Terraform module for your chosen platform and operating system. Initialize modules, plan the changes to be made, and apply the changes. Typhoon is strict about minimalism, maturity, and scope. Typhoon powers the author's cloud and colocation clusters. The project has evolved through operational experience and Kubernetes changes. Typhoon is shared under a free license to allow others to use the work freely and contribute to its upkeep. -
7
Cloud Custodian
Rules engine for cloud security, cost optimization, and governance
Cloud Custodian enables users to be well managed in the cloud. The simple YAML DSL allows you to easily define rules to enable a well-managed cloud infrastructure, that's both secure and cost-optimized. It consolidates many of the ad-hoc scripts organizations have into a lightweight and flexible tool, with unified metrics and reporting. Custodian supports managing AWS, Azure, and GCP public cloud environments. Besides just providing reports of issues, Custodian can actively enforce the security policies you define. Setup off-hours to save you money, by turning-off resources when they're not being used. Garbage collects unused resources by looking into utilization metrics. Custodian can be run locally, on an instance, or Serverless in AWS Lambda. Cloud Custodian is open source and free for everyone to use. Use Custodian to build complex workflows or simple queries, millions of policies can be constructed using our easy-to-read DSL. -
8
Scout Suite
Multi-cloud security auditing tool
Scout Suite is an open-source multi-cloud security-auditing tool, which enables security posture assessment of cloud environments. Using the APIs exposed by cloud providers, Scout Suite gathers configuration data for manual inspection and highlights risk areas. Rather than going through dozens of pages on the web consoles, Scout Suite presents a clear view of the attack surface automatically. Scout Suite was designed by security consultants/auditors. It is meant to provide a point-in-time security-oriented view of the cloud account it was run in. Once the data has been gathered, all users may be performed offline. Our self-service cloud account monitoring platform, NCC Scout, is a user-friendly SaaS providing you with the ability to constantly monitor your public cloud accounts, allowing you to check they’re configured to comply with industry best practice. -
9
AutoVPN
Create on demand disposable OpenVPN endpoints on AWS
Script that allows the easy creation of OpenVPN endpoints in any AWS region. Creating a VPN endpoint is done with a single command that takes ~3 minutes. It will create the proper security groups. It spins up a tagged ec2 instance and configures OpenVPN software. Once the instance is configured an OpenVPN configuration file is downloaded and ready to use. There is also functionality to see which instances are running in which region and the ability to terminate the instance when done. Additional functionality includes specifying instance type, generating ssh keypairs, specifying custom AMI, changing login user, and more to come. Create on-demand OpenVPN Endpoints in AWS that can easily be destroyed after done only pay for what you use. -
Professional Email Hosting for Small Business | GreatmailDependable cloud based email hosting with spam filtering, antivirus protection, generous storage and webmail. Compatible with Outlook and all other POP3/IMAP clients. High volume SMTP service for responsible senders. Outbound relay service for transactional messages, email marketing campaigns, newsletters and other applications. Dedicated email servers, clustering and multiple IP load balancing for high volume senders. Fixed monthly cost with unlimited sending and reputation monitoring. Greatmail is an email service provider (ESP) specializing in business class email hosting, SMTP hosting and email servers. For ISPs, application programmers and cloud developers, we also provide custom solutions including dedicated IP servers and process specific, load balanced configurations with multiple servers.
-
10
BLESS
An SSH Certificate Authority that runs as an AWS Lambda function
BLESS is an SSH Certificate Authority that runs as an AWS Lambda function and is used to sign SSH public keys. SSH Certificates are an excellent way to authorize users to access a particular SSH host, as they can be restricted for a single-use case, and can be short-lived. Instead of managing the authorized_keys of a host, or controlling who has access to SSH Private Keys, hosts just need to be configured to trust an SSH CA. BLESS should be run as an AWS Lambda in an isolated AWS account. Because BLESS needs access to a private key that is trusted by your hosts, an isolated AWS account helps restrict who can access that private key, or modify the BLESS code you are running. AWS Lambda functions can use an AWS IAM Policy to limit which IAM Roles can invoke the Lambda Function. If properly configured, you can restrict which IAM Roles can request SSH Certificates. -
11
Checkov
Prevent cloud misconfigurations during build-time for Terraform
Checkov scans cloud infrastructure configurations to find misconfigurations before they're deployed. Checkov uses a common command-line interface to manage and analyze infrastructure as code (IaC) scan results across platforms such as Terraform, CloudFormation, Kubernetes, Helm, ARM Templates and Serverless framework. Verify changes to hundreds of supported resource types in all major cloud providers. Checkov supports developers using Terraform, Terraform plan, CloudFormation, Kubernetes, ARM Templates, Serverless, Helm, and AWS CDK. Scan cloud resources in build-time for misconfigured attributes with a simple Python policy-as-code framework. Analyze relationships between cloud resources using Checkov’s graph-based YAML policies. Execute, test, and modify runner parameters in the context of a subject repository CI/CD and version control integrations. -
12
CloudMapper
CloudMapper analyzes your Amazon Web Services (AWS) environments
CloudMapper helps you analyze your Amazon Web Services (AWS) environments. The original purpose was to generate network diagrams and display them in your browser (functionality no longer maintained). It now contains much more functionality, including auditing for security issues. If you want to add your own private commands, you can create a private_commands directory and add them there. You must have AWS credentials configured that can be used by the CLI with reading permissions for the different metadata to collect. Cloudmapper needs to make IAM calls and cannot use session credentials for collection, so you cannot use the AWS-vault server if you want to collect data, and must pass role credentials indirectly or configure AWS credentials manually inside the container. Generate HTML report. Includes a summary of the accounts and audit findings. Generate an HTML report for the IAM information of an account. -
13
ConsoleMe
A central control plane for AWS permissions and access
ConsoleMe is a web service that makes AWS IAM permissions and credential management easier for end-users and cloud administrators. ConsoleMe provides numerous ways to log in to the AWS Console. An IAM Self-Service Wizard lets users request IAM permissions in plain English. Cross-account resource policies will be automatically generated and can be applied with a single click for certain resource types. Weep (ConsoleMe’s CLI) supports 5 different ways of serving AWS credentials locally. Cloud administrators can create/clone IAM roles and natively manage IAM roles, users, inline/managed policies, S3 Buckets, SQS queues, and SNS topics across hundreds of accounts in a single interface. Users can access most of your cloud resources in the AWS Console with a single click. Cloud administrators can configure ConsoleMe to authenticate users through ALB Authentication, OIDC/OAuth2, or SAML. -
14
FilterBadRecruiters
Google Apps Script to send third party recruiter email to spam
FilterBadRecruiters is a Google Apps Script that processes new messages looking for unwanted email from known third party recruiters. When a match is found, a reply is sent informing the sender that the message is being reported as spam and will not be read. The script then logs matches to a spreadsheet and updates a pie chart displaying what percentage of these type of messages were sent from each domain. -
15
Kubernetes External Secrets
Integrate external secret management systems with Kubernetes
Kubernetes External Secrets allows you to use external secret management systems, like AWS Secrets Manager or HashiCorp Vault, to securely add secrets in Kubernetes. Read more about the design and motivation for Kubernetes External Secrets on the GoDaddy Engineering Blog. The community and maintainers of this project and related Kubernetes secret management projects use the #external-secrets channel on the Kubernetes slack for discussion and brainstorming. The project extends the Kubernetes API by adding an ExternalSecrets object using Custom Resource Definition and a controller to implement the behavior of the object itself. An ExternalSecret declares how to fetch the secret data, while the controller converts all ExternalSecrets to Secrets. The conversion is completely transparent to Pods that can access Secrets normally. By default Secrets are not encrypted at rest and are open to attack, either via the etcd server or via backups of etcd data. -
16
Plum Cave Twofish
A version of Plum Cave that uses the ChaCha20 and Twofish ciphers
A version of Plum Cave that employs the "ChaCha20 + Twofish-256 CBC + HMAC-SHA3-512" authenticated encryption scheme for data encryption and ML-KEM-1024 for quantum-resistant key exchange. -
17
Security Monkey
Security Monkey monitors AWS, GCP, OpenStack, and GitHub orgs
Security Monkey monitors AWS, GCP, OpenStack, and GitHub orgs for assets and their changes over time. Security Monkey monitors your AWS and GCP accounts for policy changes and alerts on insecure configurations. Support is available for OpenStack public and private clouds. Security Monkey can also watch and monitor your GitHub organizations, teams, and repositories. It provides a single UI to browse and search through all of your accounts, regions, and cloud services. The monkey remembers previous states and can show you exactly what changed, and when. Security Monkey can be extended with custom account types, custom watchers, custom auditors, and custom alerters. It works on CPython 2.7. It is known to work on Ubuntu Linux and OS X. Security Monkey accesses accounts to scan via credentials it is provided. -
18
StrongKey CryptoCabinet
FIDO-enabled, cloud file encryption with centralized key management.
StrongKey CryptoCabinet (SKCC) 2.0 is a FIDO-enabled (fidoalliance.org) web application built using Regulatory Compliant Cloud Computing (RC3) architecture (http://bit.ly/rc3infoq). It encrypts files/objects of any type or size, and stores the ciphertext either to public/private clouds—AWS, Azure, Eucalyptus—or local/network drives, while keeping cryptographic keys safe and secure OUTSIDE the cloud. CryptoCabinet leverages the StrongKey CryptoEngine (SKCE)—another FOSS on this site—to perform FIDO U2F strong authentication, encryption/decryption, digital signatures, and cloud integration. CryptoCabinet is a powerful example showcasing StrongKey CryptoEngine's innovative capabilities. Until you modify the CryptoEngine configuration, the default download uses a DEMO Tellaro KeyAppliance (KA) instance to store cryptographic keys. As such, use this ONLY FOR DEMO purposes. Contact us for any of your production needs. Thanks for stopping by! -
19
cloudfront-auth
An AWS CloudFront Lambda@Edge function to authenticate requests
Upon successful authentication, a cookie (named TOKEN) with the value of a signed JWT is set and the user redirected back to the originally requested path. Upon each request, Lambda@Edge checks the JWT for validity (signature, expiration date, audience and matching hosted domain) and will redirect the user to configured provider's login when their session has timed out. If your CloudFront distribution is pointed at a S3 bucket, configure origin access identity so S3 objects can be stored with private permissions. (Origin access identity requires the S3 ACL owner be the account owner. Use our s3-object-owner-monitor Lambda function if writing objects across multiple accounts.) Enable SSL/HTTPS on your CloudFront distribution; AWS Certificate Manager can be used to provision a no-cost certificate. Session duration is defined as the number of hours that the JWT is valid for. After session expiration, cloudfront-auth will redirect the user to the configured provider to re-authenticate.
- Previous
- You're on page 1
- Next