# Multi-Cloud Cost Optimization API > REST API for FinOps teams analysing and optimising cloud spend across AWS, GCP, and Azure. Ingests billing export data and identifies idle resources, right-sizing opportunities, reserved instance savings, and orphaned storage. Returns a ranked list of cost reduction actions with monthly savings estimates and implementation commands. Supports multi-account analysis, tag-based cost allocation, and budget threshold alerts. Integrates with Slack for weekly cost digest notifications and anomaly alerts when spend exceeds 20 percent week-over-week. ## Features - Full REST API ## Quick Start ```bash # 1. Install dependencies pip install -r requirements.txt # 2. Configure environment cp .env.example .env # Edit .env with your settings # 3. Run locally uvicorn main:app --reload --port 8000 # 4. View interactive docs open http://localhost:8000/docs ``` ## Docker Deployment ```bash # Build and run docker compose up -d # Check health curl http://localhost:8000/health ``` ## Authentication Get a token first: ```bash curl -X POST "http://localhost:8000/auth/token?username=admin&password=admin123" ``` Use the token in subsequent requests: ```bash curl -H "Authorization: Bearer YOUR_TOKEN" http://localhost:8000/items ``` ## API Endpoints | Method | Path | Description | |--------|------|-------------| | GET | `/health` | System health | | POST | `/auth/token` | Get JWT token | | GET | `/items` | List all items | | POST | `/items` | Create item | | GET | `/items/{id}` | Get item | | PATCH | `/items/{id}` | Update item | | DELETE | `/items/{id}` | Delete item | | GET | `/stats` | API statistics | Full interactive docs: `http://localhost:8000/docs` ## Rate Limits | Endpoint | Limit | |----------|-------| | `/auth/token` | 10/minute | | `GET /items` | 60/minute | | `POST /items` | 30/minute | | `DELETE /items` | 20/minute | ## Running Tests ```bash pip install pytest httpx pytest tests/ -v ``` ## Production Notes - Change `SECRET_KEY` in `.env` before deploying - Replace in-memory `_db` with a real database - Add proper user management to `auth.py` - Configure `ALLOWED_ORIGINS` for CORS - Use Nginx/Traefik as reverse proxy ## License MIT