Some month ago I found this interesting project on github: https://github.com/kosty-cloud/kosty
Kosty is a cost and security audit written in python and using aws cli to check the current status of your service.
I followed the quickstart guide:
pip3 install kosty
python3 -m venv costy
export AWS_DEFAULT_PROFILE=root
kosty audit –output all
Unfortunately this just output the json file, there is no GUI to check visually the cost and security audit.
To get the GUI:
git clone https://github.com/kosty-cloud/kosty
cd kosty
open dashboard/index.html
The GUI start with an upload button
After upload there is a summary charts
In details
Details of IAM Security issues is something like:
Opening further for details there is this screen:
That is really effective to operate and fix the specific problem.
Conclusion
Kosty is a very effective tool to periodically check the cost and security issue, not just an FinOps tool but also an full audit tool effective that should be integrated into other monitoring report.
A possible use is to run it on server periodically. Then by exposing the .json files to a web server, and also exposing the dashboard is possible to check the status and operate.
There is no alert system, everything must be checked directly, but the .json format can be scanned by any tool, so an alert can be settled up to notify daily what is going on your AWS services.
If interested, check my service and contact me (whatsapp preferred)
