Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
Show HN: CleanCloud – Cloud cleanup that can't delete anything(getcleancloud.com)
7 points by sureshcsdp 5 days ago | 4 comments
sureshcsdp 5 days ago | parent | next [-]

Author here. Built CleanCloud after seeing AWS Nuke delete a staging database.

CleanCloud is read-only by design - it cannot delete anything, even by accident. Scans AWS/Azure for orphaned resources and gives you evidence-based recommendations.

Key differences from other tools: - No Delete permissions required (read-only IAM policy) - No automated cleanup (you decide what to delete) - Conservative confidence scoring (HIGH: 90%+, MEDIUM: 70-90%) - Open source (MIT), runs locally

1,800+ downloads in 6 weeks. Interesting signal: 21% manually download to audit code (vs 2% typical).

Technical details: - Python CLI, uses standard AWS SDK (boto3) - Finds: Unattached EBS, old snapshots, infinite CloudWatch retention - CI/CD ready: JSON output, exit codes - No external API calls (runs entirely locally)

Would love feedback on what resources to check next!

GitHub: https://github.com/cleancloud-io/cleancloud Website: https://getcleancloud.com

electroly 41 minutes ago | parent [-]

My feedback: it seems like this tool isn't really like aws-nuke, but the copy keeps comparing it to aws-nuke, extending further into this HN post. aws-nuke doesn't need delete permissions (you just can't do the "delete" step, obviously), aws-nuke makes you decide what to delete, aws-nuke doesn't need confidence scoring since it shows you everything in the account, and aws-nuke is open source. From your list of key differences, the only one that aws-nuke doesn't already do is the one that doesn't make sense for aws-nuke. This is, IMO, a problem with your list and not with the app: there are differentiating things CleanCloud does that you can focus on instead.

IMO, don't mention aws-nuke at all. This isn't the same kind of product as aws-nuke, which is explicitly the "One-click cleanup workflows" category in your "Not designed for" box. Your tool is for accounts that I'm not trying to nuke. So why invite the comparison? These tools are not intended for the same use case.

Spitballing here, I'd think you would want to lean into the cost savings aspect of deleting orphaned resources. aws-nuke is about cleaning out disposable AWS accounts. CleanCloud is about cloud cost optimization on real production/staging accounts.

A final note: it seems like the name CleanCloud is already used by a laundry service provider. You still have time to pick a different name for which you can take the top Google spot.

bigstrat2003 2 hours ago | parent | prev | next [-]

This is really cool. Thanks for sharing! I'm definitely going to check this out in the coming weeks at work.

sureshcsdp 5 days ago | parent | prev [-]

PYPI url: https://pypistats.org/packages/cleancloud