Scan a CloudFormation Bundle
info
We recommend using CodeShield for scanning of the entire account or regions. Those scans include scanning of identity-based
resources (like users and groups), which frequently serve as entry points to the attack scenarios and are usually not defined in CloudFormation stacks.
Scan a Bundle of CloudFormation stacks
- Click on
Select CloudFormation stack(s) to scan from My AWS account
on the bottom of the page, to select one or more of your CloudFormation stacks to scan together. - If multiple stacks are selected, you can give the selection a name for later reference.
- Confirm with
Scan selected stacks
. - Wait for the results to be ready. The scan time takes about 5-10 minutes, depending on the number of resources in the stack. You'll be notified via mail once the scan is ready.
- Inspect the results.