Skip to main content

2 posts tagged with "graphql"

View All Tags

Announcing our seed round

· 4 min read

It’s been an amazing journey so far, and we’re just getting started. My name is Tyson Kunovsky, and today I'm pleased to announce that our team at AutoCloud (the makers of CloudGraph) has raised a $4M seed round led by Animo Ventures, with participating checks from Uncorrelated Ventures, B Capital Group, Moxxie Ventures, and others.


You probably know AutoCloud as the GraphQL API and 3D insight platform for AWS, Azure, GCP, and K8s but I wanted to talk briefly about how AutoCloud came to be.

How it started#

Back in 2019 our CTO Chris Koning and myself were staffed as consultants on a challenging cloud migration project for one of the world’s largest companies. In a highly regulated, complex, legacy AWS environment we quickly needed to solve a host of problems including understanding:

  • What existed in each region? Asset Inventory
  • Who created each component of the system and why? Audit/Changelog
  • Who/what had access to what? Identity and Access Management
  • Were there any security & compliance violations based on various custom rulesets? SecOps
  • Where were the major cost centers and could they be optimized? FinOps/Billing
  • How well-architected were the various system components and were there any bottlenecks? Ops/SRE

Even as AWS experts, our options to get this information were extremely limited.

We could either spend countless hours playing detective or pay for several different expensive tools that each provided us with slices of the overall information we needed and then synthesize the data ourselves.

We joked that it would be a great idea to just build a single universal GraphQL API and reporting system for all clouds/SaaS service providers to do this for us so we could take the rest of the year off instead of working around the clock to figure all of this out.

It turned out that we were not alone in experiencing these pain points, nor were not unique to consulting, or even enterprise companies.

As we started talking to more and more engineers working on everything from personal projects to some of the world's largest systems, we realized that we as a cloud community desperately needed a better open-source way to understand our cloud environments. A few months later AutoCloud and CloudGraph were born.

How it’s going#

We have made tremendous progress in the last year when it comes to features and coverage for our open-source and SaaS platforms:

  • CloudGraph - the GraphQL API for AWS was launched and accumulated almost 550 stars in just one month!
  • CloudGraph Providers - We’ve grown our CloudGraph provider coverage to include AWS, Azure, GCP, and are beginning work on K8s soon.
  • CloudGraph Policies: Full CIS benchmark suite for AWS with dozens of additional compliance standards coming soon. You can even write your own!
  • CloudGraph SDK: Write your own provider for any cloud or SaaS provider easily.
  • AutoCloud is now out of closed beta and free to use for any developer. AutoCloud can provide instant up-to-date documentation on infrastructure systems for AWS, Azure, and GCP as well as deep insights on security, compliance, asset inventories, and drift detection. Signup now for free here.

What’s coming in 2022#

We want our community to dictate the direction of the open-source CloudGraph software which is why we are transparente about our feature roadmap

We have big plans for 2022 including additional provider support, compliance frameworks, drift detection, pricing data support, and others. We’re excited to continue making AutoCloud and CloudGraph the world’s most comprehensive GraphQL API and reporting system for cloud and SasS data.

Wrapping up#

Check out our TechCrunch exclusive for more information and drop me a message at if you’re interested in chatting more about open source, security, or anything else. I’m always happy to talk :)

About AutoCloud#

For large organizations running workloads on AWS, Azure, and GCP, AutoCloud creates regular snapshots of your entire multi-environment or multi-cloud footprint so that cloud engineers and their managers can get instant reports on security, compliance, governance, and spend - not just now, but at any point in time - throughout the history of their environment's existence since AutoCloud was connected.

AutoCloud saves teams countless dollars/hours of time that would otherwise be spent on repetitive and laborious tasks so technical individuals can focus on delivering value to the business instead.

Get started in under 5 minutes here

Introducing CloudGraph

· 6 min read

Today I’m excited to announce the open-source software project that the AutoCloud team has been working hard on for the last few months:

Example banner

CloudGraph is a search engine for your public cloud infrastructure, powered by DGraph and GraphQL. Within seconds, query assets, configurations, and more across accounts and providers. CloudGraph also enables you to solve a host of security, compliance, governance, and FinOps challenges in the time it takes to write a single GraphQL query.

We currently support select services on AWS, with more added each day. Support for Azure and Google Cloud coming soon. We’re also looking forward to contributions from the community and have endeavored to make contributing new providers and services as simple as possible.

So what does it look like? Let’s see some examples.

Here’s how you’d get a list of publicly accessible S3 buckets in an account:

query {  queryawsS3(filter: { access: { eq: "Public" } }) {    id    arn    access  }}

To get the daily cost of all your M Series EC2 instances in us-east-1:

query {  queryawsEc2(    filter: { region: { eq: "us-east-1" }, instanceType: { regexp: "/^m5a*/" } }  ) {    id    arn    dailyCost  }}

Traverse nested resources to find the unencrypted EBS boot disks in production:

query {  queryawsTag(    filter: { key: { eq: "Environment" }, value: { eq: "Production" } }  ) {    key    value    vpc {      id      arn      alb {        id        arn        ec2Instance {          id          arn          ebs(filter: { isBootDisk: true, encrypted: false }) {            id            arn          }        }      }    }  }}

Why CloudGraph?#

Whether you're a cloud architect with 15 years of experience or someone who is just getting started on their cloud journey, there is no denying that staying on top of security, compliance, governance, FinOps, and operations, is challenging, time-consuming work.

Even answering basic questions like, "What all is running in the us-east-1 region?", "Are my RDS clusters properly secured and compliant?", or "How much am I paying for my AWS account?" requires time, expertise, and expensive 3rd party software.

Not Anymore

Ask any question about your AWS environments, and get back answers instantly in a single place with a standardized API. If you can dream it you can query it with CloudGraph! Head over to our GitHub page to start exploring your AWS environments.

What’s next?#

The Cloudraph team is just getting started. In addition to adding support for additional cloud providers like Azure/GCP/K8s, we are working hard to bring you free compliance policy packs (CIS, HIPPA, SOC2), enhanced billing data, IAM data, operations data, and more. Follow us on LinkedIn and Twitter for updates!

A big shout out to our team, all of our beta testers, customers, investors, and other people who helped us make CloudGraph a reality 🙏. We could not have done it without you ❤️.


Q: Why did you build CloudGraph?
A: Being a cloud professional is hard work. Every day you are likely doing a lot of repetitive tasks to access data for multiple clouds, environments, and sources in order to perform your job. To compound this annoyance, cloud providers have very different paradigms for operating basic services like networking, compute, and storage. We built CloudGraph to make it easy for anyone who works with the cloud to quickly search their environments, using a single standardized API in order to uncover previously difficult-to-understand insights 10x faster than is currently possible.

Q: How does CloudGraph work?
A: Under the hood, CloudGraph reaches out to a cloud provider (e.g. AWS), sucks up all of the configuration data, processes it, and stores a copy of this data for you using Dgraph. Then, a local endpoint is exposed that allows you to write GraphQL queries against your stored data. You can do anything you normally would with the AWS SDK/CLI, but you can also run more powerful queries with additional metadata that CloudGraph layers in (compliance, security, cost, etc.). CloudGraph ships with pre-packaged GraphQL query tools including GraphQL Playground and Altair but you can also feel free to use your own. It also includes a schema visualization tool called Voyager so you can understand relationships between entities.

Q: Who is CloudGraph for?
A: CloudGraph was created for cloud architects, developers, engineers, and other software professionals who need easy, quick, and intuitive access to security, compliance, governance, or FinOps data about their clouds.

Q: What permissions does CloudGraph require?
A: To keep things simple we recommended that you supply CloudGraph with an IAM User or Role that has the AWS-managed, “ReadOnlyAccess” policy. If you don’t feel comfortable giving that level of access, feel free to create your own policy scoped to the actions and services you would like CloudGraph to be able to reach. For more information on authentication with AWS please view our AWS Provider Repository.

Q: Is my data secure with CloudGraph, does CloudGraph ever share my information in any way with anyone?
A: No. CloudGraph only stores your data locally and WILL NEVER share your data with any 3rd party including CloudGraph or AutoCloud.

Q: Can CloudGraph change or mutate my cloud environments in any way?
A: No. CloudGraph is read-only and as such, it can NEVER MUTATE your existing environment. It creates a local copy of your data to query against.

Q: How much does CloudGraph cost?
A: CloudGraph is 100% open source and free to use.

Q: Why use GraphQL to query your cloud environments?
A: GraphQL is a modern, powerful, easy, and efficient way to query your cloud configuration and asset data compared to other languages. Using GraphQL you can declaratively fetch just the data you need, and effortlessly understand the relationships between entities like VPCs, subnets, and EC2 instances. No SQL joins. GraphQL also enables type safety, auto-completion, and great scalability.

Q: What AWS services does CloudGraph support?
A: To view the current list of supported AWS services please view our AWS Provider Repository. New services are added on a weekly basis.

Q: What about other cloud providers?
A: Azure support is coming in October 2021, followed quickly by Google Cloud Platform and K8s. After that, we plan on letting the community decide what providers they would like built next.

Q: I need a service or provider that you don’t currently support, what are my options?
A: We have tried to make it as easy as possible to add both community-driven providers and to enhance existing CloudGraph supported providers with services we might currently be missing. If you’re interested in contributing or extending CloudGraph in this way please view our contribution guidelines.