DPDP Cloud Auditor
A multi-cloud security auditing and compliance awareness platform built using Django. The system helps users identify cloud misconfigurations, security risks, and compliance-oriented observations across AWS, Microsoft Azure, and Google Cloud Platform (GCP).
Overview
DPDP Cloud Auditor is a web-based cloud security auditing system developed as a major academic project. The platform is designed to simplify cloud security analysis by providing automated scanning, dashboard-based monitoring, severity classification, and downloadable reports.
The system focuses on helping users:
Identify cloud security misconfigurations Detect public exposure and weak access configurations Analyze cloud storage regions and data location awareness Generate structured PDF and Excel reports Monitor multiple cloud platforms through a single interface Improve visibility into cloud security and compliance-related concerns Features Multi-Cloud Support AWS integration Microsoft Azure integration Google Cloud Platform (GCP) integration Security Auditing Public storage exposure detection IAM permission analysis Misconfiguration identification Rule-based vulnerability analysis Severity-based classification Compliance Awareness Region-based storage analysis Sensitive data indicator detection Basic DPDP Act 2023 awareness checks Dashboard & Reporting Interactive dashboard interface Vulnerability summaries Risk visualization PDF report generation Excel report export Scan activity logs Authentication & Security JWT-based authentication Secure cloud credential validation Protection against brute-force attacks using Django Axes Technology Stack Component Technology Backend Django (Python) API Framework Django REST Framework Authentication Simple JWT Security Django Axes, Cryptography Database SQLite, PostgreSQL Frontend HTML, CSS, JavaScript AWS SDK Boto3 Azure SDK azure-identity, azure-mgmt-resource GCP SDK google-cloud-storage, google-auth Report Generation ReportLab, OpenPyXL Deployment Vercel + Render System Architecture
The project is divided into three major modules:
- Account Module
Handles:
User registration and login JWT authentication Cloud account management Credential validation Access control 2. Scanner Module
Handles:
Cloud scanning operations API communication with cloud providers Rule-based vulnerability analysis Security and compliance checks Scan result processing 3. Report Module
Handles:
Dashboard visualization Severity summaries PDF report generation Excel report export Historical scan data Project Screenshots
Add your dashboard screenshots here.
Dashboard Overview
Vulnerability Analysis
PDF Report
Installation & Setup Clone the Repository git clone https://github.com/CodageWithRahul/dpdp-cloud-auditor.git cd dpdp-cloud-auditor Create Virtual Environment python -m venv venv Activate Virtual Environment Windows venv\Scripts\activate Linux / macOS source venv/bin/activate Install Dependencies pip install -r requirements.txt Configure Environment Variables
Create a .env file and add required configuration values.
Example:
SECRET_KEY=your_secret_key DEBUG=True DATABASE_URL=your_database_url Run Database Migrations python manage.py migrate Start Development Server python manage.py runserver Live Deployment Live Website
https://dpdp-cloud-auditor.vercel.app
Deployment Platforms Frontend: Vercel Backend: Render
Note: Since the backend is hosted on Render free-tier infrastructure, the first request may take a short time to initialize the server.
Demo Credentials Username: rahulguptaa650@gmail.com Password: 12345 Research & Academic Context
This project was developed as a major academic project focused on cloud security auditing and compliance awareness.
The system explores:
Cloud security misconfiguration detection Multi-cloud auditing Automated vulnerability analysis Compliance-oriented cloud monitoring Data residency awareness Security reporting and visualization Future Improvements
Possible future enhancements include:
Real-time monitoring Continuous cloud scanning AI/ML-based threat detection Automated remediation suggestions Advanced compliance mapping Container and Kubernetes security analysis Email and alert integrations Disclaimer
This project is developed for educational and academic purposes. The compliance-related observations generated by the system are intended for awareness and analysis only and should not be considered as legal compliance certification.
Author
Rahul Gupta
GitHub: https://github.com/CodageWithRahul
License
This project is intended for academic and educational use.