Skip to main content
You can do everything InfraAudit offers — connecting providers, triggering scans, reviewing findings, approving remediations — without leaving your terminal. This guide gets you from a fresh install to a completed drift scan in under five minutes. You’ll need your AWS credentials handy.

Install the CLI

brew install pratik-mahalle/tap/infraudit
Verify the install: 
infraudit version

Point the CLI at your server

infraudit config init
# Server URL: https://api.infraaudit.dev

Log in

infraudit auth login
# Email: user@example.com
# Password: ••••••••
The CLI stores your session token in ~/.infraudit/config.yaml. Subsequent commands use it automatically — you won’t need to log in again until the token expires. To confirm who you’re logged in as: 
infraudit auth whoami

Connect a cloud account

infraudit provider connect aws
# AWS Access Key ID: AKIA...
# AWS Secret Access Key: ••••••••
# Default region [us-east-1]: us-east-1
# Display name [AWS]: Production
Wait for the initial sync to complete before running scans. Check the status with: 
infraudit provider list
# ID  NAME        TYPE  STATUS  RESOURCES
# 1   Production  aws   synced  247
The provider is ready when STATUS shows synced.

Run a drift scan

infraudit drift detect
# Drift detection triggered. Job ID: 42
# Waiting for results...
# Found 3 drifts (1 high, 2 medium)
View all findings: 
infraudit drift list
Filter by severity to focus on the most important items first: 
infraudit drift list --severity high
Inspect a specific finding: 
infraudit drift get 1

What to do next

# Run a vulnerability scan
infraudit vuln scan

# Enable the CIS AWS Benchmark and run an assessment
infraudit compliance enable cis-aws
infraudit compliance assess

# Check your cost overview
infraudit cost overview

# Sync billing data immediately
infraudit cost sync

# View AI-powered recommendations
infraudit recommendation list
For the full list of commands and flags, see the CLI command reference or run: 
infraudit --help