Antigravity Apps
Back to Showcase
AI
Cloud
AWS
DevOps
Open Source

CloudCorrect

CloudCorrect is an open-source engine for continuously validating cloud architecture correctness using executable invariants.

GitHub

Project Highlights

1

Multi-Service Invariants

Out-of-the-box support for EC2, ALB, S3, Route53, IAM, RDS, and ECS. More integrations are in the works.

2

Continuous Auditing

Define resource groups and schedule automated, periodic health audits.

3

Dynamic Assertions

Use aliases to create dependencies between checks (e.g., "DNS record must point to this EC2's Public IP")

About the project

CloudCorrect is an open-source engine for continuously validating cloud architecture correctness using executable invariants. CloudCorrect helps platform and architecture teams maintain the integrity of their AWS environments by monitoring "Invariants"—architectural rules that must always be true. Whether it's ensuring an EC2 instance is running, a critical S3 bucket is NOT public, or an ECS cluster maintains its desired capacity, CloudCorrect provides real-time visibility and historical proofs of your architectural state.

We created CloudCorrect and made it open-source to help others build their own cloud architecture validation tools. The internal structure is simple enough for anyone to understand and modify. Anyone can clone, customize, and host their own version of CloudCorrect for free.

I'm excited to hear your feedback and help make CloudCorrect even better. Let's make cloud architecture validation accessible for everyone!

Customize this for your use case? Please reach out to hello@appgambit.com

Gallery

CloudCorrect - Gallery 1
1
CloudCorrect - Gallery 2
2
CloudCorrect - Gallery 3
3
CloudCorrect - Gallery 4
4
CloudCorrect - Gallery 5
5
CloudCorrect - Gallery 6
6
CloudCorrect - Gallery 7
7
CloudCorrect - Gallery 8
8
CloudCorrect - Gallery 9
9

Key Features

  • Multi-Service Invariants: Out-of-the-box support for EC2, ALB, S3, Route53, IAM, RDS, and ECS. More integrations are in the works.
  • Continuous Auditing: Define resource groups and schedule automated, periodic health audits.
  • Dynamic Assertions: Use aliases to create dependencies between checks (e.g., "DNS record must point to this EC2's Public IP")
  • Pause/Resume Control: Granular monitoring control for individual groups.
  • Evidence-Based History: Every audit run captures observed technical evidence and technical "reasons" for compliance audits.
  • Fail-Fast Notifications: Automated email alerts whenever an evaluation fails, sent to a configurable list of recipients.
  • Multi-Tenant & Cross-Account: Support for managing multiple AWS accounts using secure IAM Cross-Account Roles and External IDs.

Tech Stack

Next.jsReactNodeJSAWSPostgreSQL
Keep Exploring

Want to keep exploring?

Here's another project you can jump into next.

Next project

MyConnectCenter

Self-Service Business Telephony Platform using Amazon Connect.

WebCloudAWSServerless
Read next