kosty-cloud / kosty

💰 Kosty - AWS Cost Optimization & Security Audit CLI Tool > 💡 Need expert help optimizing your AWS infrastructure? Professional consulting services available → **🚀 Identify AWS cost waste and security vulnerabilities across 16 core services with a single command** *Save thousands of dollars monthly and improve security posture by finding unused resources, oversized instances, misconfigurations, and compliance issues* 🎯 Quick Start • 📖 Documentation • 🔧 Installation • 💡 Examples 📊 Visual Dashboard **Not just CLI!** Kosty includes a beautiful, modern web dashboard to visualize your optimization results: ✨ **Premium Features**: Interactive charts, responsive design, real-time data visualization, and professional reporting. --- 🌟 Built by a Cloud Consultant, for Cloud Engineers After years of AWS consulting , I kept finding the same costly patterns: • Load Balancers with no targets **10K$-30K$/year wasted** • Orphaned EBS volumes: **$1,000-2,500/year** • Unused NAT Gateways, oversized instances, old snapshots,... **Every. Single. Time.** So I built Kosty - the tool I wish existed when I started consulting. What Kosty Does • 🔍 Scans **16 core AWS services** in one command • 💰 **Quantifies cost savings** with real dollar amounts (11 services) • 📊 Finds **oversized instances** (EC2, RDS, Lambda) • 🔐 Detects **security vulnerabilities** (public DBs, unencrypted storage, open ports) • 🛡️ Identifies **compliance issues** (old access keys, public snapshots, weak configurations) **One command. Full audit. Real savings. Free forever.** AWS costs and security risks can spiral out of control quickly. Kosty helps you: • 🔍 **Discover** unused resources and security vulnerabilities across 16 core AWS services • 💰 **Quantify** cost savings with real dollar amounts ($X/month calculations) • 🔐 **Detect** security misconfigurations and compliance issues • ⚡ **Optimize** with prioritized recommendations by financial impact • 🏢 **Scale** across entire AWS Organizations with parallel processing • 📊 Track ROI with detailed cost reporting 🎯 Quick Start 🔧 Installation Prerequisites • Python 3.7+ • AWS CLI configured with appropriate credentials Quick Install (Recommended) Install from Source Development Install 💡 Examples 🏆 High-Impact Optimizations with Cost Savings 🔍 Resource Discovery & Security Audits 🏢 Comprehensive Scanning 🚀 Command Types Kosty offers **3 types of commands** for maximum flexibility: • 🎯 **Complete Audits** - Full service analysis • 💰 **Targeted Audits** - Cost or security focus • 🔍 **Individual Checks** - Specific issue detection • 🌍 **Multi-Region & Organization** - Comprehensive scanning • 🔄 **Multi-Profile Audits** - Run across all profiles in parallel **What happens:** • Reads all profiles from your config file • Runs audits in parallel (default: 3 at a time) • Generates separate reports per profile: • Creates summary report: • Continues on errors (failed profiles don't stop others) • Shows aggregated totals across all profiles --- 💰 Cost Quantification Engine 💵 Services with Cost Calculations (11 Services) Kosty provides **real monthly and annual savings estimates** for these services: | Service | Cost Calculation | Example Savings | |---------|------------------|----------------| | **EBS** | Orphaned volumes by size & type | $10.00/month (100GB gp2) | | **EC2** | Stopped instances by type | $280.32/month (m5.2xlarge) | | **EIP** | Unattached Elastic IPs | $3.60/month (fixed rate) | | **NAT Gateway** | Unused gateways | $32.85/month (per gateway) | | **Load Balancer** | ALBs with no targets | $16.43/month (per ALB) | | **S3** | Lifecycle optimization candidates | $2.30/month (100GB) | | **Snapshots** | Old EBS snapshots | $5.00/month (100GB) | | **Backup** | Empty AWS Backup vaults | $0.00/month (no storage) | | **RDS** | Oversized instances ( 512MB) | $0.68/month (optimization) | | **DynamoDB** | Idle tables (low RCU/WCU) | Variable (on-demand savings) | 📈 Services with Audit Only (5 Services) These services provide security and compliance audits without cost quantification: • **IAM**: Security policies, unused roles, compliance • **CloudWatch**: Log retention, unused alarms • **Route53**: Unused hosted zones, DNS configuration • **API Gateway**: Unused APIs, security configuration • **Security Groups**: Unused groups, overly permissive rules ⚠️ Cost Calculation Disclaimer **Important**: Cost estimates are based on AWS Pricing API and standard on-demand rates. **Actual costs may vary** due to: • 💰 **Reserved Instance discounts** (up to 75% off) • 💰 **Savings Plans** (up to 72% off) • 💰 **Volume discounts** for high usage • 🌍 **Regional pricing variations** • 🏢 **Enterprise agreements** and custom pricing • 📈 **Spot instance pricing** (up to 90% off) • 🔄 **Free tier limits** and credits **Use estimates for**: Relative comparison between issues, optimization prioritization, business case development, and ROI trend analysis. **Verify actual costs** in your AWS billing dashboard before making decisions. --- 📊 Complete Service Coverage (16 Services) 🎯 Service Overview | Category | Services | Key Checks | |----------|----------|------------| | **💻 Compute** | EC2, Lambda | Oversized instances, unused functions | | **🗄️ Storage** | S3, EBS, Snapshots | Empty buckets, orphaned volumes, old snapshots | | **🗃️ Database** | RDS, DynamoDB | Idle databases, over-provisioned tables | | **🌐 Network** | EIP, LB, NAT, SG, Route53 | Unused resources, no healthy targets | | **🔐 Security** | IAM | Unused roles, old access keys, inactive users | | **📊 Management** | CloudWatch, Backup | Unused alarms, expensive logs, empty vaults | | **🌐 Application** | API Gateway | Unused APIs, expensive configurations | 📋 Service Commands Summary | Service | Total Commands | Audit Types | Individual Checks | |---------|----------------|-------------|-------------------| | **EC2** | 16 | 3 | 13 checks | | **RDS** | 17 | 3 | 14…