Skip to main content
For all of the flags and options available for cloudlist be sure to check out the Usage page. On this page you can find some examples with output, details of what ‘cloudlist’ supports, and details on configuration.
If you have questions, reach out to us through Help.

Basic Examples

cloudlist
This will list all the assets from configured providers in the configuration file. Specific providers and asset type can also be specified using provider and id filter. 
cloudlist -provider aws,gcp   ________ _____ __   / ____/ /___ __ ______/ / (_)____/ /_  / / / / __ \/ / / / __ / / / ___/ __/ / /___/ / /_/ / /_/ / /_/ / / (__ ) /_  \____/_/\____/\__,_/\__,_/_/_/____/\__/ v0.0.1    projectdiscovery.io  [WRN] Use with caution. You are responsible for your actions [WRN] Developers assume no liability and are not responsible for any misuse or damage. [INF] Listing assets from AWS (prod) provider. example.com example2.com example3.com 1.1.1.1 2.2.2.2 3.3.3.3 4.4.4.4 5.5.5.5 6.6.6.6 [INF] Found 2 hosts and 6 IPs from AWS service (prod)

GCP Asset API Examples

List all assets from a specific GCP organization using the Asset API: 
cloudlist -provider gcp -id organization
List assets from specific GCP projects only: 
cloudlist -provider gcp -id organization -json | jq '.[] | select(.provider == "gcp")'

Running cloudlist with Nuclei

Scanning assets from various cloud providers with nuclei for security assessments:- 
cloudlist -silent | httpx -silent | nuclei -t cves/

Supported providers

For a full list of supported cloud providers, see Cloud Providers.

Configuration file

The default provider config file should be located at $HOME/.config/cloudlist/provider-config.yaml and has the following contents as an example. In order to run this tool, the keys need to updated in the config file for the desired providers.

Example Provider Config

- provider: do # provider is the name of the provider  # id is the name defined by user for filtering (optional)  id: xxxx  # digitalocean_token is the API key for digitalocean cloud platform  digitalocean_token: $DIGITALOCEAN_TOKEN  - provider: scw # provider is the name of the provider  # scaleway_access_key is the access key for scaleway API  scaleway_access_key: $SCALEWAY_ACCESS_KEY  # scaleway_access_token is the access token for scaleway API  scaleway_access_token: $SCALEWAY_ACCESS_TOKEN  - provider: aws # provider is the name of the provider  # id is the name defined by user for filtering (optional)  id: staging  # aws_access_key is the access key for AWS account  aws_access_key: $AWS_ACCESS_KEY  # aws_secret_key is the secret key for AWS account  aws_secret_key: $AWS_SECRET_KEY  # aws_session_token session token for temporary security credentials retrieved via STS (optional)  aws_session_token: $AWS_SESSION_TOKEN  - provider: gcp # provider is the name of the provider  # profile is the name of the provider profile  id: logs  # gcp_service_account_key is the minified json of a google cloud service account with list permissions  gcp_service_account_key: '{xxxxxxxxxxxxx}'  # GCP with Asset API (organization-level discovery) - provider: gcp # provider is the name of the provider  id: organization  # gcp_service_account_key is the minified json of a google cloud service account with asset inventory permissions  gcp_service_account_key: '{xxxxxxxxxxxxx}'  # use_asset_inventory enables the Cloud Asset Inventory API  use_asset_inventory: true  # organization_id is the organization ID (e.g., "123456789012")  organization_id: $GCP_ORGANIZATION_ID  # project_ids is a list of project IDs to scan (optional)  project_ids:  - $GCP_PROJECT_ID_1  - $GCP_PROJECT_ID_2  - provider: azure # provider is the name of the provider  # id is the name defined by user for filtering (optional)  id: staging  # subscription_id is the azure subscription id (required)  subscription_id: $AZURE_SUBSCRIPTION_ID  # client_id is the client ID of registered application (optional - for service principal auth)  client_id: $AZURE_CLIENT_ID  # client_secret is the secret of registered application (optional - for service principal auth)  client_secret: $AZURE_CLIENT_SECRET  # tenant_id is the tenant ID (optional - for service principal auth)  tenant_id: $AZURE_TENANT_ID  # use_cli_auth: true enables Azure CLI authentication (optional)  use_cli_auth: true  # Other supported auth methods:  # use_managed_identity: true # For Azure VMs, App Services, AKS  # use_workload_identity: true # For Kubernetes, GitHub Actions OIDC  # certificate_path: /path/cert # For certificate-based authentication  - provider: cloudflare # provider is the name of the provider  # email is the email for cloudflare  email: $CF_EMAIL  # api_key is the api_key for cloudflare  api_key: $CF_API_KEY  # api_token is the scoped_api_token for cloudflare (optional)  api_token: $CF_API_TOKEN  - provider: heroku # provider is the name of the provider  # id is the name defined by user for filtering (optional)  id: staging  # heroku_api_token is the api key for Heroku account  heroku_api_token: $HEROKU_API_TOKEN  - provider: linode # provider is the name of the provider  # id is the name defined by user for filtering (optional)  id: staging  # linode_personal_access_token is the personal access token for linode account  linode_personal_access_token: $LINODE_PERSONAL_ACCESS_TOKEN  - provider: fastly # provider is the name of the provider  # id is the name defined by user for filtering (optional)  id: staging  # fastly_api_key is the personal API token for fastly account  fastly_api_key: $FASTLY_API_KEY  - provider: alibaba # provider is the name of the provider  # id is the name defined by user for filtering (optional)  id: staging  # alibaba_region_id is the region id of the resources  alibaba_region_id: $ALIBABA_REGION_ID  # alibaba_access_key is the access key ID for alibaba cloud account  alibaba_access_key: $ALIBABA_ACCESS_KEY  # alibaba_access_key_secret is the secret access key for alibaba cloud account  alibaba_access_key_secret: $ALIBABA_ACCESS_KEY_SECRET  - provider: namecheap # provider is the name of the provider  # id is the name defined by user for filtering (optional)  id: staging  # namecheap_api_key is the api key for namecheap account  namecheap_api_key: $NAMECHEAP_API_KEY  # namecheap_user_name is the username of the namecheap account  namecheap_user_name: $NAMECHEAP_USER_NAME  - provider: terraform # provider is the name of the provider  # id is the name defined by user for filtering (optional)  id: staging  #tf_state_file is the location of terraform state file (terraform.tfsate)   tf_state_file: path/to/terraform.tfstate  - provider: hetzner # provider is the name of the provider  # id is the name defined by user for filtering (optional)  id: staging  # auth_token is the is the hetzner authentication token  auth_token: $HETZNER_AUTH_TOKEN  - provider: nomad # provider is the name of the provider  # nomad_url is the url for nomad server  nomad_url: http:/127.0.0.1:4646/  # nomad_ca_file is the path to nomad CA file  # nomad_ca_file: <path-to-ca-file>.pem  # nomad_cert_file is the path to nomad Certificate file  # nomad_cert_file: <path-to-cert-file>.pem  # nomad_key_file is the path to nomad Certificate Key file  # nomad_key_file: <path-to-key-file>.pem  # nomad_token is the nomad authentication token  # nomad_token: <nomad-token>  # nomad_http_auth is the nomad http auth value  # nomad_http_auth: <nomad-http-auth-value>  - provider: consul # provider is the name of the provider  # consul_url is the url for consul server  consul_url: http://localhost:8500/  # consul_ca_file is the path to consul CA file  # consul_ca_file: <path-to-ca-file>.pem  # consul_cert_file is the path to consul Certificate file  # consul_cert_file: <path-to-cert-file>.pem  # consul_key_file is the path to consul Certificate Key file  # consul_key_file: <path-to-key-file>.pem  # consul_http_token is the consul authentication token  # consul_http_token: <consul-token>  # consul_http_auth is the consul http auth value  # consul_http_auth: <consul-http-auth-value>  - provider: openstack # provider is the name of the provider  # id is the name of the provider id  id: staging  # identity_endpoint is OpenStack identity endpoint used to authenticate  identity_endpoint: $OS_IDENTITY_ENDPOINT  # domain_name is OpenStack domain name used to authenticate  domain_name: $OS_DOMAIN_NAME  # tenant_name is OpenStack project name  tenant_name: $OS_TENANT_NAME  # username is OpenStack username used to authenticate  username: $OS_USERNAME  # password is OpenStack password used to authenticate  password: $OS_PASSWORD  - provider: kubernetes # provider is the name of the provider  # id is the name of the provider id  id: staging  # kubeconfig_file is the path of kubeconfig file  kubeconfig: path/to/kubeconfig  # context is the context to be used from kubeconfig file  context: <context-name>

Cloudlist as a library

It’s possible to use the library directly in your go programs. The following code snippets outline how to list assets from all or given cloud provider. 
package main  import (  "context"  "log"   "github.com/projectdiscovery/cloudlist/pkg/inventory"  "github.com/projectdiscovery/cloudlist/pkg/schema" )  func main() {  inventory, err := inventory.New(schema.Options{  schema.OptionBlock{"provider": "digitalocean", "digitalocean_token": "ec405badb974fd3d891c9223245f9ab5871c127fce9e632c8dc421edd46d7242"},  })  if err != nil {  log.Fatalf("%s\n", err)  }   for _, provider := range inventory.Providers {  resources, err := provider.Resources(context.Background())  if err != nil {  log.Fatalf("%s\n", err)  }  for _, resource := range resources.Items {  _ = resource // Do something with the resource  }  } }