GhostState is a CLI tool built in Go for AWS cloud governance. It scans your infrastructure to identify "drift" or "shadow IT" resources that are missing specific governance tags.
It features a robust, hexagonal architecture and a real-time, terminal-based dashboard (TUI) that categorizes resources as Ghosts (👻) if they fail compliance checks.
- Interactive TUI: Beautiful Bubble Tea interface with granular resource selection.
- Multi-Tag Compliance: Support for complex audit rules. Input comma-separated keys and values (e.g.,
ManagedBy,Env->Terraform,Prod) to enforce multiple tags at once. - Categorized Reporting: Results are intelligent grouped by domain (Computing, Data, Networking/Security).
- Performance Metrics: Tracks and displays exact scan duration.
- Clean Architecture: Built using the Provider pattern with separated Clients and Scanners for high maintainability.
GhostState currently audits the following AWS resources:
- EC2 Instances
- ECS Clusters
- Lambda Functions
- EKS Clusters
- ECR Repositories
- S3 Buckets
- RDS Databases
- DynamoDB Tables
- ElastiCache Clusters
- EBS Volumes
- VPC Stack VPC, Subnets, Internet Gateways
- CloudFront Distributions
- Elastic IPs Addresses
- Load Balancers ELB/ALB
- Security Groups
- ACM Certificates
- IAM Users
- KMS Keys
- Secrets Manager Secrets
- CloudWatch Alarms
Prerequisites
- Go 1.23+
- Configured AWS Credentials (
~/.aws/credentialsor environment variables)
Run from Source
git clone https://github.com/K0NGR3SS/GhostState.git
cd GhostState
go mod tidy
go run cmd/ghoststate/main.go