Skip to main content

Connect AWS Account

  1. Register an account on and sign-in to the platform.

  2. Within the CodeShield app, click on the Connect Account tab.

  3. Enter an Account Name of your choice and your 12-digit AWS Account ID. The Account Name can be any arbitrary identifier to label your account within CodeShield. The AWS Account ID is the unique account identifier AWS provides.

  4. Click on Connect Account. This will redirect you to the AWS console.

  5. Ensure you are signed-in with the account you want CodeShield to connect. Follow the instructions within AWS to deploy the provided CloudFormation template. The template has been implemented carefully following the least-privilege principle. Connecting the account only gives read access to meta-data within the account. I.e., CodeShield cannot access sensitive data inside data stores like databases or S3 buckets.

  6. Wait for the completion of the CloudFormation deployment within AWS.

  7. Switch back to CodeShield and perform your first scan by scanning the whole account or a region bundle.


Need a sensible account to scan? We recommend testing CodeShield on the open-source application DVSA, a deliberately vulnerable application aiming to aid security professionals to test their cloud security skills. You can deploy the application to a sandbox account and perform a CloudFormation stack scan to get results. A walkthrough of the results is detailed here.