DEV Community

Cover image for I built a local-first AWS cost killer in Go (Open Source)
DrSkyle
DrSkyle

Posted on

I built a local-first AWS cost killer in Go (Open Source)

#devops #aws #cloudcomputing #opensource

The Problem with "FinOps" Tools

We've all been there. You get a surprise $5,000 AWS bill because someone left a massive RDS instance running in a dev account, or forgot to delete gp3 volumes after terminating EC2 instances.

The standard solution? "Connect your AWS account to our SaaS Platform!"

I didn't like that.

  1. Security Risk: I don't want to give 3rd party READ/WRITE access to my production environment.
  2. Cost: Paying money to save money feels wrong for smaller teams.
  3. Lag: SaaS dashboards are often 24 hours behind. So I built CloudSlash.

What is CloudSlash?

CloudSlash is a specialized CLI tool written in Go. It acts as a forensic engine for your AWS infrastructure.

Unlike standard "cost explorers" that just look at billing data, CloudSlash builds a Dependency Graph of your resources to find "Zombie Assets"—resources that exist but are disconnected from any active workload.

Key Features

  • Graph-Based Discovery: It knows that an Elastic IP is "waste" only if it's not attached to a NIC, which isn't effective on an EC2 instance.
  • Local-First: It runs on your laptop/pipeline. No data leaves your machine.
  • Terraform-Ready: It generates terraform import blocks for found waste, so you can bring them under IaC control and destroy them safely.
  • Blazing Fast: Because it's Go.

Under the Hood: The Graph

The core of CloudSlash is a Directed Acyclic Graph (DAG) logic.

// Simplified Logic
func (s *Solver) FindWaste() {
for _, node := range s.Graph.Nodes() {
if node.Type == "EBS_VOLUME" && node.InDegree() == 0 {
// Volume has no attachments -> WASTE
s.MarkAsWaste(node)
}
}
}
It handles complex heuristics like:

"Aged AMIs": Finding AMIs older than X days that aren't used by any active Auto Scaling Group or EC2 instance.
"Shadow Snapshots": EBS Snapshots that don't belong to any existing volume.
"Orphaned Load Balancers": ALBs with no healthy targets.

What's New in v2.1.1?

I just released v2.1.1 today with a critical fix for multi-region setups.

Until recently, scanning an EU bucket from a US client would throw 301 PermanentRedirect errors because AWS S3 is cleaner (and stricter) about regional endpoints than other services.

CloudSlash now implements Dynamic Region Switching:

  1. It lists buckets globally.
  2. It queries GetBucketLocation for each.
  3. It spins up an ephemeral, region-specific client just for that bucket to perform deep analysis (like inspecting Multipart Uploads).

Try it out

It works on Mac, Linux, and Windows. You can run it right now if you have AWS credentials configured.

Install

Mac/Linux
curl -sL https://raw.githubusercontent.com/DrSkyle/CloudSlash/main/scripts/install.sh | bash

Windows (PowerShell)

irm https://raw.githubusercontent.com/DrSkyle/CloudSlash/main/scripts/install.ps1 | iex

Run Scan

cloudslash scan

The project is Open Source (AGPLv3). This ensures that any modifications to the core engine contributed back to the community remain free. I'm actively looking for feedback, especially from teams running complex multi-account setups.

GitHub logo DrSkyle / CloudSlash

Local-first AWS forensic engine. Finds waste via dependency graph analysis and enables safe remediation with Terraform state restoration.

CloudSlash

Version v2.0.0 License AGPLv3 Build Status

"Infrastructure that heals itself."

CloudSlash is an autonomous infrastructure optimization platform designed for high-scale, enterprise cloud environments. Unlike passive observability tools that merely report metrics, CloudSlash leverages advanced mathematical modeling, graph topology analysis, and Abstract Syntax Tree (AST) parsing to actively solve resource inefficiency problems at their source.

It functions as a forensic auditor and autonomous agent, correlating disparate data sources—CloudWatch metrics, network traffic logs, infrastructure-as-code (IaC) definitions, and version control history—to identify, attribute, and remediate waste with mathematical certainty.

CloudSlash TUI

Executive Summary

Modern cloud environments suffer from "Resource Sprawl"—ghost assets that incur significant financial cost but deliver zero business value. Traditional tools (CloudHealth, Vantage, Trusted Advisor) provide visibility but lack actuation. They tell you that you are wasting money, but rarely tell you why, who caused it, or how to fix it safely.

CloudSlash bridges this gap by combining Linear Programming (for fleet optimization) with Code Provenance

View on GitHub

Let me know what you find! (Hopefully not too much waste )

Top comments (0)