Cloud SecurityIn Development

CloudGuard — AWS Security Auditor

An agentic AI tool built with LangChain and Boto3 that scans AWS accounts for security misconfigurations — open S3 buckets, overprivileged IAM roles, unencrypted databases — and generates actionable remediation reports.

Year

2025

Timeline

Ongoing

Team

Solo Developer

Type

Personal Project

View Live Demo View Code

CloudGuard — AWS Security Auditor

Cloud Security

Project Overview

CloudGuard is an agentic AI security auditor that autonomously scans AWS cloud environments for misconfigurations and security risks. Built with LangChain and the AWS Boto3 SDK, it reasons over API responses to identify vulnerabilities — open S3 buckets, overprivileged IAM roles, unencrypted RDS instances, public EC2 security groups — and generates human-readable remediation reports. The project was inspired by a real-world problem: most AWS accounts, even in production, have misconfigured resources that expose sensitive data. CloudGuard automates the detection work that would take a security engineer hours to do manually.

The Challenge

Cloud misconfiguration is the number one cause of data breaches in AWS environments. Most small teams and startups don't have dedicated security engineers — they rely on developers who may not know every IAM policy edge case or S3 bucket setting. There's a gap for an automated, intelligent tool that can audit an account and explain the risks in plain language.

The Solution

CloudGuard addresses this through an agentic pipeline: • LangChain agents reason over AWS API responses to identify security risks intelligently • Boto3 scans IAM policies, S3 bucket ACLs, RDS encryption settings, and EC2 security groups • Terraform deploys a secured AWS baseline environment as a reference implementation • Automated remediation reports generated in both technical and plain-language formats • Docker containerises the auditor for portable, credential-safe execution • GitHub Actions automates scheduled audit runs

Results & Impact

Autonomously identifies open S3 buckets before data is exposed
Flags overprivileged IAM roles with specific policy recommendations
Detects unencrypted databases and storage volumes
Generates plain-language remediation reports for non-technical stakeholders
Terraform baseline deploys a secured environment in under 5 minutes

Project Gallery

Security Audit Dashboard

IAM Policy Analyser

Remediation Report Generator

Project Info

Type

Personal Project

Duration

Ongoing

Team Size

Solo Developer

Status

In Development

Technologies Used

AI & Automation

LangChainPythonBoto3

Cloud Security

AWS IAMAWS S3AWS RDSVPC Security Groups

Infrastructure

TerraformDockerGitHub Actions

Project Links

Live Demo Source Code

Interested in Working Together?

I'm actively looking for internship opportunities in cloud security and intelligent systems.

Get in Touch View All Projects