CloudClaim checks dangling cloud hostnames and can create minimal proof resources for supported services.
Azure:
app_servicepublic_ip_dns_labeltraffic_managerapi_managementblob_storagestatic_website_storagefile_storagequeue_storagetable_storage
AWS:
elastic_beanstalk
- Python 3.11+
- Azure CLI (
az) for Azure - AWS CLI (
aws) for AWS uvoptional
CloudClaim reads your environment and loads .env when present. Use
--env-file <path> for another file. Do not commit credential files.
Credential files are optional if az or aws already has usable CLI
credentials.
Azure service principal:
AZURE_CLIENT_ID=<app-id>
AZURE_CLIENT_SECRET=<client-secret>
AZURE_TENANT_ID=<tenant-id>
AZURE_SUBSCRIPTION_ID=<subscription-id>
AWS:
AWS_PROFILE=cloudclaim-check
# or
AWS_ACCESS_KEY_ID=<access-key-id>
AWS_SECRET_ACCESS_KEY=<secret-access-key>
AWS_SESSION_TOKEN=<session-token-if-used>
See Usage for brief credential creation steps.
Input files must be .txt, one hostname per line.
uv run cloudclaim azure precheck
uv run cloudclaim azure check targets.txt
uv run cloudclaim azure claim targets.txt
uv run cloudclaim aws precheck
uv run cloudclaim aws check targets.txt
uv run cloudclaim aws claim targets.txtUse --json for JSON lines. Use --out result.json to write full results.
Resources are kept unless --cleanup is passed.