mirror of
https://github.com/nubenetes/awesome-kubernetes.git
synced 2026-07-14 19:05:53 +00:00
25 KiB
25 KiB
description
| description |
|---|
| Top AWS Tools Scripts resources for 2026, AI-ranked: Metabadger, ec2-spot-converter and more — curated Cloud Native tools, guides and references. |
AWS Tools and Scripts
!!! tip "Nubenetes V2 Elite Portal" You are browsing the AI-Curated V2 Elite Edition. Looking for the exhaustive list of references? Check out the V1 Historical Archive.
!!! info "Architectural Context" Detailed reference for AWS Tools and Scripts in the context of Architectural Foundations.
Cloud Platform
AWS Infrastructure
Automation
- (2025) ==github.com/infrahouse/infrahouse-toolkit== ⭐ 74 [PYTHON CONTENT] 🌟🌟🌟🌟🌟 [DE FACTO STANDARD] — The Infrahouse Toolkit provides operational automation helpers specifically engineered to simplify AWS infrastructure deployment pipelines. It streamlines actions such as dynamic DNS configurations, instance lifecycle hooks, and local environment bootstrapping. Useful for platform teams standardizing custom deployment policies.
- (2024) github.com/Levi-Michael/boto3-ec2-s3-management: A python tools base on' AWS boto3 for manage ec2 and s3 buckets ⭐ 2 [PYTHON CONTENT] [COMMUNITY-TOOL] — A lightweight Python-based tool leveraging Boto3 to programmatically manage EC2 instances and S3 bucket lifecycles. It provides system administrators with an alternative to the heavy AWS Management Console for quick resource termination, tag filtering, and volume audits. Its clean syntax serves as an educational base for custom infrastructure engineering scripts.
CICD Security
- (2025) ==saml-to/assume-aws-role-action== ⭐ 182 [TYPESCRIPT CONTENT] 🌟🌟🌟🌟🌟 [DE FACTO STANDARD] — A dedicated GitHub Action designed to securely assume AWS IAM roles using OpenID Connect (OIDC) federation, eliminating the need to store long-lived static AWS credentials inside GitHub secrets. It dynamically exchanges short-lived JWT tokens to gain secure role access. This standard is strongly recommended in modern dev-sec-ops architectures to enforce the principle of least privilege.
Cost Optimization
- (2024) ==ec2-spot-converter== ⭐ 199 [PYTHON CONTENT] 🌟🌟🌟🌟🌟 [DE FACTO STANDARD] — ec2-spot-converter is an open-source tool built to programmatically convert existing AWS on-demand EC2 instances to spot instances and vice versa without manual reconstruction. It reduces downtime by preserving root volume data and configuration profiles during transitions. Critical for engineers optimizing test workloads and maximizing cost-savings.
Developer Tooling
- (2026) ==github.com/one2nc/cloudlens 🌟== ⭐ 590 [GO CONTENT] 🌟🌟🌟🌟🌟 [DE FACTO STANDARD] — Cloudlens is an open-source, interactive terminal UI built to monitor and navigate various cloud infrastructure components. It acts as an easy-to-use 'k9s' equivalent for AWS resources, allowing administrators to inspect S3, EC2, and VPC metrics directly in their shell. A must-have for terminal-first systems engineers seeking immediate cloud diagnostics.
Identity Management
- (2026) github.com/containerscrew/aws-sso-auth ⭐ 4 [RUST CONTENT] 🌟🌟🌟🌟 [ENTERPRISE-STABLE] — A lightweight Rust-based terminal utility (aws-sso-rs) designed to automate AWS IAM Identity Center login workflows and manage local workstation credential lifecycles. It bypasses slow browser integration loops by managing token renewals and profile switching programmatically. Critical for terminal-first developers using security-hardened AWS structures.
Infrastructure as Code
- (2024) ==github.com/aws-samples/aws-cdk-stack-builder-tool== ⭐ 202 [TYPESCRIPT CONTENT] 🌟🌟🌟🌟🌟 [DE FACTO STANDARD] — An AWS Samples tool configured to dynamically build and modularize AWS CDK stacks based on high-level configuration templates. It streamlines boilerplate IAC setup, allowing platform engineering teams to maintain clean, scalable multi-environment stacks. Ideal for bootstrapping large cloud applications adhering to AWS Well-Architected frameworks.
Local Development
- (2023) github.com/ualter: AwsBe [RUST CONTENT] [COMMUNITY-TOOL] — AwsBe is a dedicated backend development mockup tool aimed at accelerating testing of AWS CLI and API-driven clients. It reduces dependency on direct AWS connections for dev feedback loops, enhancing local workspace efficiency. Highly valuable for staging environments seeking rapid mocking configurations.
Logging and Auditing
- (2025) ==github.com/awslabs/assisted-log-enabler-for-aws: Assisted Log Enabler -' Find resources that are not logging, and turn them on== ⭐ 274 [PYTHON CONTENT] [ADVANCED LEVEL] 🌟🌟🌟🌟🌟 [DE FACTO STANDARD] — An AWS Labs community-focused repository offering automation scripts to identify resource endpoints that lack active logging and programmatically enable auditing (e.g., S3 server access logging, VPC Flow Logs). It addresses serious audit compliance gaps across expansive, multi-account structures. Live Grounding maintains its high utility for enterprises validating governance against SOC2 and CIS benchmarks.
Networking
- (2024) ==github.com/cavaliercoder/vpc-free== ⭐ 59 [GO CONTENT] 🌟🌟🌟🌟🌟 [DE FACTO STANDARD] — A specialized tool designed to scan AWS VPC configurations and identify unused IP subnets and available address spaces. It simplifies subnet planning and CIDR allocation by visually exposing gaps in current IP management matrices. Essential for large enterprises implementing zero-trust network segmentations or multi-region Transit Gateway routing.
- (2025) AWS IP inventory [GO CONTENT] [COMMUNITY-TOOL] — An open-source utility designed to scan and build a complete inventory of IP address allocations across multiple AWS Virtual Private Clouds (VPCs). It offers automated visibility into subnet depletion, Elastic IP overheads, and overall IP utilization patterns. This tool is vital for cloud platform engineers tasked with managing network range exhaustion in hybrid cloud environments.
Reference Architectures
- (2026) AWS Labs GitHub [N/A CONTENT] [ADVANCED LEVEL] [EMERGING] — The central AWS Labs GitHub organization housing hundreds of active experimental projects, tooling integrations, and reference CDK blueprints. Live Grounding highlights this hub as a critical launchpad for emerging patterns in infrastructure-as-code and cloud automation. It provides platform engineering teams with robust, peer-reviewed building blocks for accelerated architecture design.
Resource Querying
- (2025) ==github.com/welldone-cloud/aws-list-resources== ⭐ 184 [PYTHON CONTENT] 🌟🌟🌟🌟🌟 [DE FACTO STANDARD] — A targeted utility designed to list all active resources inside an AWS account, bypassing the visibility gaps of typical inventory tools. It scans all supported services and regions, returning clean, actionable reports. Extremely useful for platform engineers cleaning up stale testing environments and auditing cloud billing leakages.
Security Simulation
- (2025) ==awslabs/aws-cloudsaga: AWS CloudSaga - Simulate security events in AWS== ⭐ 477 [GO CONTENT] [ADVANCED LEVEL] 🌟🌟🌟🌟🌟 [DE FACTO STANDARD] — AWS CloudSaga is an open-source tool developed by AWS to simulate security events and malicious activity directly inside your AWS environment. It enables security operations teams to validate detection mechanisms, alert pipelines, and incident response procedures. Essential for continuous red-teaming exercises and maintaining robust cloud posture management.
Security and Compliance
- (2026) ==ermetic/access-undenied-aws 🌟== ⭐ 272 [PYTHON CONTENT] [ADVANCED LEVEL] 🌟🌟🌟🌟🌟 [DE FACTO STANDARD] — Access Undenied on AWS is a highly sophisticated CLI tool that parses AWS 'Access Denied' errors and CloudTrail events, pointing specifically to the policy boundary or SCP causing the block. Live Grounding confirms its acquisition and active hosting under the Tenable GitHub organization. This remains a cornerstone tool for platform engineers troubleshooting complex IAM evaluation logic.
- (2025) ==Metabadger== ⭐ 143 [PYTHON CONTENT] [ADVANCED LEVEL] 🌟🌟🌟🌟🌟 [DE FACTO STANDARD] — Metabadger is an open-source CLI tool built by Salesforce to automate the hardening of EC2 Instance Metadata Service (IMDS) endpoints by enforcing IMDSv2. It reduces the risk of SSRF (Server-Side Request Forgery) attacks by auditing and updating running instances to reject token-free metadata requests. It is a highly practical compliance tool for security engineering teams.
- (2024) ==willdady/aws-resource-based-policy-collector: AWS resource-based policy' collector== ⭐ 24 [GO CONTENT] 🌟🌟🌟🌟🌟 [DE FACTO STANDARD] — A dedicated security utility that scans and aggregates resource-based policies (e.g., S3 Bucket Policies, KMS Key Policies, SQS Policies) across AWS accounts. It aims to surface overly permissive access matrices that violate least privilege models. The script serves as an important compliance utility for scanning public and cross-account configuration leakage.
Storage Management
- (2025) ==github.com/awslabs/amazon-s3-tar-tool: Amazon S3 Tar Tool== ⭐ 233 [JAVA CONTENT] [ADVANCED LEVEL] 🌟🌟🌟🌟🌟 [DE FACTO STANDARD] — An AWS Labs utility designed to parallelize the creation of TAR archives directly from S3 bucket structures. It prevents the network egress bottle-necks associated with downloading S3 objects locally before compression. Extremely valuable for big data analytics architectures and data lifecycle archival procedures.
- (2024) github.com/Reaimua/AWS-CLI-Uploader-Project ⭐ 1 [SHELL CONTENT] [COMMUNITY-TOOL] — An educational repository containing custom scripts to automate file uploads to AWS S3 using raw AWS CLI calls. It is highly useful for junior developers learning API interactions, basic credential handling, and bucket policy permissions. Ideal as a simple reference base for shell scripting tutorials.
Containers
Developer Tooling (1)
Cloud Emulation
- (2024) ==Floci - An AWS Local Emulator Alternative== ⭐ 14064 [GO CONTENT] 🌟🌟🌟🌟🌟 [DE FACTO STANDARD] — An active and highly performant local alternative to localstack. Emulates AWS cloud service behavior locally using specialized lightweight container footprints.
💡 Explore Related: Other Awesome Lists | About | AWS Architecture
🔗 See Also: Kubernetes Backup Migrations | OCP 4