Installation
pip (recommended)
bash
pip install cloud-audit
pipx (isolated environment)
bash
pipx install cloud-audit
Docker
bash
docker run ghcr.io/gebalamariusz/cloud-audit scan
Mount your AWS credentials:
bash
docker run -v ~/.aws:/home/cloudaudit/.aws:ro ghcr.io/gebalamariusz/cloud-audit scan
From source
bash
git clone https://github.com/gebalamariusz/cloud-audit.git
cd cloud-audit
pip install -e .
MCP Server (for AI agents)
bash
claude mcp add cloud-audit -- uvx --from cloud-audit cloud-audit-mcp
See MCP Server for details.
Requirements
- Python 3.10+
- AWS credentials (any method: environment variables,
~/.aws/credentials, IAM role, SSO) - Read-only AWS access (
SecurityAuditmanaged policy)
cloud-audit never modifies your infrastructure. It only makes read API calls.