Connect AWS Account

Create a CodeShield account and connect your AWS account to the platform.
  1. Register an account on dashboard.codeshield.io and sign-in to the platform.

  2. Within the CodeShield app, click on the Connect Account tab.

  3. Enter an Account Name of your choice and your 12-digit AWS Account ID. The Account Name can be any arbitrary identifier to label your account within CodeShield. The AWS Account ID is the unique account identifier provided by AWS.

  4. Click on Connect Account. This will redirect you to the AWS console.

  5. Ensure you are signed-in with the account you want CodeShield to connect to. Follow the instructions within AWS to deploy the provided CloudFormation template.

    The template has been implemented carefully following least privilege. Connecting the account does only provide read access to meta-data within the account. I.e., CodeShield cannot access sensitive data inside data stores like databases or S3 buckets.

  6. Wait for the completion of the CloudFormation deployment within AWS.

  7. Switch back to CodeShield and perform your first scan by scanning the whole account or a region bundle.

Don’t have a sensible account to scan? We recommend to test CodeShield on the open-source application DVSA, a deliberately vulnerable application aiming to aid security professionals to test their cloud security skills. You can deploy the application to a sandbox account and perform a CloudFormation stack scan to get results. A walkthrough of the results is detailed here.


Last modified September 23, 2022