{"id":48939414,"url":"https://github.com/tesserix/cloudnav","last_synced_at":"2026-04-25T03:50:27.433Z","repository":{"id":351969860,"uuid":"1213275052","full_name":"tesserix/cloudnav","owner":"tesserix","description":"Fast, keyboard-driven multi-cloud TUI for Azure, GCP, and AWS. Drill through tenants, subscriptions, projects, accounts, resources, costs, and IAM from one terminal.","archived":false,"fork":false,"pushed_at":"2026-04-17T13:33:04.000Z","size":163,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-04-17T13:36:48.456Z","etag":null,"topics":["aws","azure","bubbletea","cli","cost-management","gcp","go","multi-cloud","pim","tui"],"latest_commit_sha":null,"homepage":"https://github.com/tesserix/cloudnav","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/tesserix.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":".github/FUNDING.yml","license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":"ROADMAP.md","authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":"NOTICE","maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null},"funding":{"github":["tesserix"]}},"created_at":"2026-04-17T08:03:36.000Z","updated_at":"2026-04-17T13:33:07.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/tesserix/cloudnav","commit_stats":null,"previous_names":["tesserix/cloudnav"],"tags_count":34,"template":false,"template_full_name":null,"purl":"pkg:github/tesserix/cloudnav","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tesserix%2Fcloudnav","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tesserix%2Fcloudnav/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tesserix%2Fcloudnav/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tesserix%2Fcloudnav/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/tesserix","download_url":"https://codeload.github.com/tesserix/cloudnav/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tesserix%2Fcloudnav/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":32116514,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-22T00:31:26.853Z","status":"ssl_error","status_checked_at":"2026-04-22T00:30:22.894Z","response_time":128,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["aws","azure","bubbletea","cli","cost-management","gcp","go","multi-cloud","pim","tui"],"created_at":"2026-04-17T13:08:07.916Z","updated_at":"2026-04-22T01:01:13.774Z","avatar_url":"https://github.com/tesserix.png","language":"Go","funding_links":["https://github.com/sponsors/tesserix"],"categories":[],"sub_categories":[],"readme":"# cloudnav\n\nA fast, keyboard-driven multi-cloud navigator. One TUI for **Azure**, **GCP**, and **AWS** — drill through tenants, subscriptions, projects, accounts, resource groups, resources, costs, and IAM without leaving the terminal.\n\n[![Release](https://img.shields.io/github/v/release/tesserix/cloudnav?color=7c3aed)](https://github.com/tesserix/cloudnav/releases)\n[![CI](https://github.com/tesserix/cloudnav/actions/workflows/ci.yml/badge.svg)](https://github.com/tesserix/cloudnav/actions/workflows/ci.yml)\n[![Go Reference](https://pkg.go.dev/badge/github.com/tesserix/cloudnav.svg)](https://pkg.go.dev/github.com/tesserix/cloudnav)\n[![Go Report Card](https://goreportcard.com/badge/github.com/tesserix/cloudnav)](https://goreportcard.com/report/github.com/tesserix/cloudnav)\n[![License: Apache-2.0](https://img.shields.io/badge/License-Apache--2.0-blue.svg)](LICENSE)\n\n```\n┌─ cloudnav ────────────────────────────── azure • Platform-Prod ─┐\n│ azure › Platform-Prod › resource groups              47 items   │\n├─────────────────────────────────────────────────────────────────┤\n│  NAME                                LOCATION    STATE   COST   │\n│  Yellowfin-container-testing         uksouth     OK      £2,355 │\n│  nonprod-uksouth-baseline-rg         uksouth     OK      £869   │\n│  ...                                                            │\n├─────────────────────────────────────────────────────────────────┤\n│ ↵ open  / search  c costs  o portal  p PIM  r refresh  ? help  │\n└─────────────────────────────────────────────────────────────────┘\n```\n\n## Read-only by default\n\ncloudnav is a **navigator**, not an orchestrator. Every command is read-only\nunless it's explicitly documented as mutating and requires `--yes`:\n\n- `vm start` / `vm stop` — start/stop VMs (opt-in mutation, `--yes` required).\n- `pim activate` — requests time-bound role elevation via the cloud's own PIM/SSO/JIT surface. This *changes IAM state* but doesn't create resources.\n\nNothing else writes — not `ls`, `cost`, `advisor`, `doctor`, the TUI, or\nanything in the palette.\n\n## Why\n\nJumping between `az`, `gcloud`, `aws`, the three web portals, and half a dozen cost dashboards wastes minutes every time. `cloudnav` puts it all behind one keyboard-first TUI:\n\n- **Unified hierarchy** — Azure tenants/subs/RGs, GCP orgs/projects, AWS orgs/accounts/regions all rendered the same way.\n- **Real auth** — no new credentials. Uses whatever `az`/`gcloud`/`aws` already have logged in (SSO, federated, SP, workload identity).\n- **PIM-first on Azure** — list and activate eligible roles from inside the TUI.\n- **Costs inline** — 30-day spend as a sortable column per resource group / project / account.\n- **Portal handoff** — one keystroke opens the current row in the cloud's web console.\n- **CLI escape hatch** — `x` runs any provider CLI command inside the current context (subscription / project / account already selected).\n\n## Install\n\n### Homebrew\n\n```bash\nbrew tap tesserix/tap\nbrew install cloudnav\n```\n\n### Go\n\n```bash\ngo install github.com/tesserix/cloudnav/cmd/cloudnav@latest\n```\n\n### Binary\n\nGrab the latest from [Releases](https://github.com/tesserix/cloudnav/releases) — `darwin`/`linux`/`windows` on `amd64` and `arm64`.\n\n## Prerequisites\n\n`cloudnav` wraps the cloud providers' own CLIs. Install whichever you need:\n\n| Provider | CLI | Auth |\n|---------|-----|------|\n| Azure | [`az`](https://learn.microsoft.com/cli/azure/install-azure-cli) | `az login` |\n| GCP | [`gcloud`](https://cloud.google.com/sdk/docs/install) | `gcloud auth login` + `gcloud auth application-default login` |\n| AWS | [`aws`](https://docs.aws.amazon.com/cli/latest/userguide/getting-started-install.html) | `aws configure sso` or `aws configure` |\n\nRun `cloudnav doctor` to verify everything is wired up.\n\n## Quickstart — step by step\n\n1. **Install the tool** (pick one of the options above).\n2. **Log in to the cloud you care about** using its own CLI:\n   ```bash\n   az login                           # Azure\n   gcloud auth login                  # GCP\n   aws configure sso                  # AWS (recommended)\n   ```\n3. **Verify everything is wired up:**\n   ```bash\n   cloudnav doctor\n   ```\n   Expected output:\n   ```\n   ✓ azure  you@example.com\n   ✓ gcp    you@example.com\n   ✓ aws    arn:aws:iam::123456789012:user/you\n   ```\n4. **Launch the TUI:**\n   ```bash\n   cloudnav\n   ```\n   Use `↑`/`↓` (or `j`/`k`) to move, `↵` to drill down, `esc` to go back, `?` for help, `q` to quit.\n5. **Open the current selection in the cloud portal** with `o`.\n6. **Run a CLI command in the current scope** with `x` — cloudnav will pre-fill the right `--subscription` / `--project` / `--profile`.\n7. **(Azure only) List and activate PIM roles** with `p`.\n\n### Non-interactive / scripting\n\n```bash\ncloudnav ls azure subs --json | jq '.[].name'\ncloudnav ls azure rgs --subscription \u003cid\u003e\ncloudnav ls azure resources --subscription \u003cid\u003e --resource-group my-rg --json\n```\n\n## Keybindings\n\n| Key | Action |\n|-----|--------|\n| `↵` / `l` | Drill down |\n| `esc` / `h` | Back up one level |\n| `j` `k` / `↑` `↓` | Move selection |\n| `/` | Fuzzy search current view |\n| `:` | Command palette — switch cloud, tenant, subscription |\n| `c` | Toggle cost column |\n| `s` | Cycle sort (name → cost → state) |\n| `o` | Open selected resource in cloud portal |\n| `i` | Show full JSON detail |\n| `p` | PIM — list/activate eligible roles (Azure) |\n| `x` | Exec provider CLI in current context |\n| `r` | Refresh |\n| `f` | Bookmark current view |\n| `?` | Help |\n| `q` / `ctrl+c` | Quit |\n\n## Configuration\n\n`cloudnav` reads `~/.config/cloudnav/config.yml` (macOS/Linux) or `%APPDATA%\\cloudnav\\config.yml` (Windows). Everything is optional; sensible defaults apply.\n\n```yaml\ndefault_provider: azure\nshow_cost: true\ntheme: dark            # dark | light | auto\nbookmarks:\n  - provider: azure\n    path: subs/\u003csubscription-id\u003e/rgs\ncache_ttl: 10m\n```\n\nOverride per-invocation with env vars — `CLOUDNAV_THEME`, `CLOUDNAV_NO_COLOR`, `CLOUDNAV_LOG_LEVEL`.\n\n### cloudnav never stores your credentials\n\n- cloudnav does **not** read, write, or cache tokens, keys, passwords, or refresh tokens.\n- All authentication is delegated to the wrapped CLIs (`az`, `gcloud`, `aws`). When you run `cloudnav`, it inherits their logged-in session for the duration of the subprocess call.\n- The optional config file holds preferences only (theme, bookmarks, sort order). You can delete it at any time with no loss of access.\n- Logs go to `~/.local/state/cloudnav/cloudnav.log` (Linux) / `~/Library/Logs/cloudnav/cloudnav.log` (macOS) and contain only the CLI commands we executed plus any stderr — never tokens.\n\n## Non-interactive / headless use\n\ncloudnav is a TUI by default, but every navigation step is also exposed as a scriptable command:\n\n```bash\ncloudnav ls azure subs --json | jq '.[].name'\ncloudnav ls azure rgs --subscription \u003cid\u003e --json\ncloudnav ls azure resources --subscription \u003cid\u003e --resource-group my-rg --json\n```\n\nWhen stdout is not a terminal (pipe, CI, Docker without `-t`), `cloudnav ls` will emit plain output by default and `--json` switches to machine-readable. The TUI binary itself requires a terminal; on headless machines use `cloudnav ls`, `cloudnav doctor`, and `cloudnav version` only.\n\n## Architecture\n\n```\n┌──────────────────┐   ┌───────────────┐   ┌────────────────────────┐\n│   Bubbletea TUI  │◀─▶│ provider API  │◀─▶│  exec az / gcloud / aws │\n│  (pages + keys)  │   │  (normalized) │   │   (JSON → structs)      │\n└──────────────────┘   └───────────────┘   └────────────────────────┘\n```\n\n- `cmd/cloudnav` — entrypoint.\n- `internal/cmd` — Cobra commands (`tui`, `doctor`, `version`, `ls`, `completion`).\n- `internal/provider` — `Provider` interface + Azure/GCP/AWS implementations. Each provider owns its CLI adapter and JSON unmarshaling.\n- `internal/cli` — generic subprocess runner with timeout + context.\n- `internal/nav` — navigation stack (breadcrumbs, back, context).\n- `internal/tui` — Bubbletea model, pages (home/list/detail), keymap, styles.\n- `internal/iam` — provisioning of scoped SP / SA / IAM Role with least-privilege presets.\n\nSee [`docs/architecture.md`](docs/architecture.md) for the full design.\n\n## Roadmap\n\nSee [`ROADMAP.md`](ROADMAP.md). Current phase: **1 — Azure navigation + PIM**.\n\n## Development\n\n```bash\ngit clone https://github.com/tesserix/cloudnav.git\ncd cloudnav\nmake dev          # runs against your currently-logged-in az session\nmake test\nmake lint\nmake build\n```\n\nContributions welcome — read [`CONTRIBUTING.md`](CONTRIBUTING.md) first.\n\n## Security\n\nFound a vulnerability? Please follow the process in [`SECURITY.md`](SECURITY.md) — do not open a public issue.\n\n## License\n\nApache License 2.0 — see [`LICENSE`](LICENSE).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftesserix%2Fcloudnav","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ftesserix%2Fcloudnav","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftesserix%2Fcloudnav/lists"}