CloudLens¶
Visualize and track your cloud exposure over time.
CloudLens is a lightweight web dashboard that ingests CloudShot snapshots and turns them into actionable visuals and trends across AWS, GCP, and Azure. Upload JSON exports, normalize them to a common schema, and explore IAM, storage, and firewall exposure across providers and over time, all locally, no cloud credentials required.
Why¶
CloudShot captures point-in-time cloud configuration. CloudLens makes that data useful over time. A single snapshot tells you what your environment looked like on one day. A series of snapshots tells you whether your exposure is growing, shrinking, or stable, and where to focus.
CloudLens is the dashboard layer for CloudShot. Run them together for a complete collect-and-review workflow.
Features¶
- Upload CloudShot snapshots: drag-in JSON exports from any CloudShot run
- Cross-provider normalization: AWS, GCP, and Azure snapshots collapse into a single comparable schema
- Trend charts: line charts tracking public buckets, open firewall rules, and risky security groups over time
- Provider breakdown: bar chart showing snapshot distribution across AWS, GCP, and Azure
- Snapshot table: browse all ingested snapshots with sortable columns
- Latest snapshot panel: at-a-glance summary of the most recent upload
- Local storage: all data stays in
data/db.json; nothing leaves the machine
Requirements¶
- Node.js 18+
- npm
- CloudShot: not a software dependency, but CloudLens only understands CloudShot JSON output. Without snapshot files to upload, there is nothing to visualize.
Installation¶
Quick Start¶
# Start the development server
npm run dev
# Open http://localhost:3000
# Build for production
npm run build
npm start
Dashboard¶
CloudLens presents four panels on a single page:
| Panel | What it shows |
|---|---|
| Upload | File picker for CloudShot JSON exports (confirms success or error on upload) |
| Latest Snapshot | Provider, timestamp, and all five summary metrics from the most recent ingested snapshot |
| Trends | Line chart plotting public buckets, open firewall rules, and risky security groups across all snapshots over time |
| Provider Breakdown | Bar chart showing count of snapshots per provider (AWS / GCP / Azure) |
| Snapshots Table | Full list of ingested snapshots with ID, provider, timestamp, and all summary metric columns |
Input Format¶
CloudLens accepts CloudShot JSON exports. The normalizer handles flexible field naming, so both flat and nested CloudShot output structures are supported:
{
"provider": "aws",
"accountId": "123456789012",
"timestamp": "2025-08-21T22:15:44Z",
"iam": {
"users": [...],
"adminUsers": [...]
},
"storage": {
"publicBuckets": [...]
},
"network": {
"openFirewallRules": [...],
"riskySecurityGroups": [...]
}
}
Each upload is normalized into five summary metrics:
| Metric | What it counts |
|---|---|
iamUsers |
Total IAM / identity users |
iamAdmins |
Users with administrative permissions |
publicBuckets |
Storage buckets with public access |
openFirewallRules |
Firewall rules permitting broad inbound access |
riskySecurityGroups |
Security groups with overly permissive rules |
Data Storage¶
Normalized snapshots are persisted locally in data/db.json. The file is created automatically on first upload.
{
"snapshots": [
{
"id": "aws_123456789012_2025-08-21T22-15-44Z",
"provider": "aws",
"account": "123456789012",
"timestamp": "2025-08-21T22:15:44Z",
"summary": {
"iamUsers": 3,
"iamAdmins": 1,
"publicBuckets": 2,
"openFirewallRules": 1,
"riskySecurityGroups": 1
}
}
]
}
Tech Stack¶
| Package | Version | Purpose |
|---|---|---|
next |
16.x | App framework and routing |
react / react-dom |
18.x | UI rendering |
recharts |
2.x | Trend and breakdown charts |
papaparse |
5.x | CSV parsing |
formidable |
3.x | Multipart file upload handling |
date-fns |
3.x | Timestamp formatting |
Project Structure¶
cloudlens/
├── app/ # Next.js app directory
├── components/ # React UI components
├── lib/
│ ├── db.ts # Local JSON database read/write
│ └── normalize.ts # CloudShot JSON normalization
├── data/
│ └── db.json # Auto-created snapshot store
├── package.json
└── tsconfig.json
MIT License — Copyright © 2026 Skellman.io