Scan a CloudFormation Bundle
We recommend using CodeShield for scanning of the entire account or regions. Those scans include scanning of
identity-based resources (like users and groups), which frequently serve as entry points to the attack scenarios and are usually not defined in CloudFormation stacks.
Scan a Bundle of CloudFormation stacks
- Click on
Select CloudFormation stack(s) to scan from My AWS accounton the bottom of the page, to select one or more of your CloudFormation stacks to scan together.
- If multiple stacks are selected, you can give the selection a name for later reference.
- Confirm with
Scan selected stacks.
- Wait for the results to be ready. The scan time takes about 5-10 minutes, depending on the number of resources in the stack. You’ll be notified via mail once the scan is ready.
- Inspect the results.