CloudGate is a high-performance, cloud-native secure gateway designed to protect sensitive infrastructure credentials. Built with a "Security-First" philosophy, it implements a multi-layer defense protocol to neutralize injection attacks and ensure cryptographic integrity for stored capabilities.
In modern cloud environments, credential leakage is a critical failure point. CloudGate acts as a hardened intermediary, transforming raw sensitive data into encrypted, authenticated "Capability Codes" before storage.
Leveraging FastAPI for low-latency orchestration and React for a premium administrative interface, CloudGate provides real-time visibility into your security posture.
CloudGate employs a specialized two-stage defense mechanism for every transaction:
Before any data reaches the processing engine, it is scanned by the L1 Interceptor. This layer uses high-performance regex analysis to detect and block common attack vectors:
- SQL Injection (SQLi): Union-based selection, OR-logic bypasses, and drop-table commands.
- Command Injection: Intercepts terminal-specific characters and dangerous sequences.
- Response: Immediate
403 Forbiddenblockade with automated threat logging.
Data that clears the L1 shield is immediately processed by the L2 Encryption Engine:
- Algorithm: AES-256 in Galois/Counter Mode (GCM).
- Key Derivation: Uses PBKDF2 with a unique 16-byte salt for every payload.
- Integrity: GCM provides both confidentiality and Authenticity Tags, ensuring data cannot be tampered with while at rest.
| Component | Technology |
|---|---|
| Backend | Python 3.11 / FastAPI |
| Frontend | React 19 / Vite / Tailwind CSS |
| Database | Google Cloud Firestore (NoSQL) |
| Encryption | PyCryptodome (AES-256-GCM) |
| Deployment | Google Cloud Run / Docker |
| UI/UX | Framer Motion (Micro-animations) / Lucide Icons |
- Python 3.11+
- Node.js 20+
- Google Cloud Project with Firestore enabled
-
Clone & Install Dependencies:
# Install Python backend requirements pip install -r requirements.txt # Install Frontend dependencies npm install
-
Environment Configuration: Create a
.envfile in the root directory:SECRET_KEY="your-32-character-secret-key-here" FIREBASE_SERVICE_ACCOUNT="serviceAccountKey.json"
-
Launch Services:
# Start Backend (FastAPI) uvicorn app.main:app --port 8080 # Start Frontend (Vite) - In a new terminal npm run dev
The project is pre-configured for Google Cloud Run.
-
Build Frontend:
npm run build
-
Deploy to Cloud Run:
gcloud run deploy cloudgate --source . --region us-central1 --allow-unauthenticated
Visualizing the real-time audit feed and the L1 Interceptor in action.
├── app/
│ ├── core/ # Encryption & Security Logic
│ ├── db/ # Firestore Connection Management
│ ├── routes/ # API Endpoints (Auth, Security)
│ └── main.py # FastAPI Entry Point
├── frontend/
│ └── src/ # React Application Source
├── dist/ # Production Build (Served by FastAPI)
├── Dockerfile # Container Configuration
└── requirements.txt # Python Dependencies
Distributed under the MIT License. See LICENSE for more information.
Developed with ❤️ for CodeAlpha