Launching today
StackSage — AWS Audit in GitHub Actions

StackSage — AWS Audit in GitHub Actions

Privacy-first AWS Audit tool in your own Github Actions

1 follower

Visit website
Run an AWS waste & hygiene audit in your GitHub Actions runner. No SaaS ingestion of AWS credentials. Outputs: Summary file + HTML + JSON/CSV artifacts.
StackSage — AWS Audit in GitHub Actions gallery image
Free Options
Launch tags:AmazonAnalyticsSaaS
Launch Team
Intercom
Intercom
Startups get 90% off Intercom + 1 year of Fin AI Agent free
Promoted

What do you think? …

Amit Dubey
Maker
📌
I got tired of watching teams ignore their AWS cost audit reports. Every company I worked with had the same problem: they'd run Trusted Advisor, get a third-party tool, or hire a consultant, and then... nothing. The reports would sit unread because they were either too noisy (full of false positives) or too invasive (required shipping all their AWS inventory to a SaaS). The ones who did read them couldn't trust them enough to act. "Is this EC2 really idle, or are we about to break prod?" "Why is this unattached EBS being flagged when we just created it yesterday?" "Who approved giving this tool read access to our entire account?" The problem we're solving: AWS waste is real, 30-40% of cloud spend is addressable, but the tooling creates a different kind of waste: trust erosion. Existing tools either: Miss the mark because they guess at usage without real metrics Over-collect data in ways that make security/compliance teams uncomfortable Bury cost wins under risk findings (or vice versa), making prioritisation impossible How our approach evolved: We started narrow: "let's just get EC2 and EBS waste detection right with real CloudWatch metrics, and run it in the customer's GitHub Actions runner so nothing leaves their boundary." But as we talked to early pilot customers, we realised: they don't just want a "cost tool." They want an audit. Something that covers the obvious security posture gaps (root MFA, public S3, CloudTrail basics) alongside the money stuff, because that's how real audits work. So we pivoted from "cost optimizer" to "audit-in-a-box": Added security posture checks (IAM hygiene, exposure, audit logging) Separated financial findings from security findings in the report Made provenance transparent ("this was measured via CloudWatch" vs "this is a heuristic") Generated a one-page summary.md so teams can share wins without opening a 50-page HTML report The biggest learning: in B2B tooling, restraint is the feature. Fewer, more defensible findings > maximum "coverage." Privacy-first architecture > another dashboard. Evidence-grade outputs > "trust us." StackSage runs in your GitHub Actions, uses a customer-controlled read-only IAM role, and produces local artifacts (HTML + JSON/CSV + summary). No SaaS data egress, no billing export required, no credential sharing. If you've ever ignored an AWS audit report because it felt too noisy or too risky to act on, this is for you. Try the sample report: https://stacksageai.com/demo-report