Read-only, multi-region scanning with prioritized findings and board-ready reports.
CIS BenchmarkSOC 2PCI-DSS
π Connect your AWS account
One-time setup. GoNinja scans through a read-only IAM role you create in your
own account β we can never modify anything, and you can delete it anytime to revoke access.
Sign in to the AWS account you want to scan. The role gets created in whichever
account you're logged into β so make sure it's the right one.
Download your personalised setup file β it already has your unique External ID built in,
so there's nothing to fill in.
In the AWS Console, open CloudFormation β Create stack β "Upload a template file",
choose the downloaded file, click Next, tick the box acknowledging it creates an IAM role,
and click Create stack (takes ~1 minute).
Come back here, enter that account's 12-digit AWS Account ID above, and click
Run Security Scan.
Advanced / manual setup
Your unique External ID (binds the role to your account β keep it private):
β
Trust account ID: β
π Two-factor authentication
Add an authenticator app for an extra layer of security on your account.
1. Scan this QR code with your authenticator app (Google Authenticator, Microsoft Authenticator, 1Passwordβ¦), or enter the key manually:
β
2. Enter the 6-digit code from your app:
π³ Subscription
Loadingβ¦
π‘ Continuous Monitoring
Daily automated scans of the account above, with an email alert whenever a new security issue appears.