Skip to main content
This guide takes you from a fresh InfraAudit account to a completed drift scan with findings you can act on. The only thing you need is an AWS account and IAM credentials with read-only access.

Sign up

1

Create your account

Go to infraaudit.dev and click Get started. Sign up with Google, GitHub, or an email address and password.
2

Land on the dashboard

After signing up you land on the dashboard. It’s empty — no cloud accounts are connected yet. That’s what the next step fixes.

Connect your AWS account

Cloud accounts are called providers in InfraAudit. You connect one from the Cloud Providers page.
1

Open Cloud Providers

In the sidebar, click Cloud Providers, then Connect AWS.
2

Enter your credentials

Fill in the form:
FieldWhat to enter
Access Key IDFrom an IAM user or assumed role
Secret Access KeyThe corresponding secret
RegionYour primary region (e.g. us-east-1)
Display nameAny label you like, e.g. “Production”
3

Connect

Click Connect. InfraAudit validates the credentials and starts an initial resource sync. This typically finishes in under a minute for accounts with fewer than a few hundred resources.

Required AWS permissions

Read-only access is enough to get started. Attach this IAM policy to the user or role whose credentials you’re providing: 
{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "ec2:Describe*",
        "s3:List*",
        "s3:GetBucketLocation",
        "rds:Describe*",
        "lambda:List*",
        "cloudfront:List*",
        "ce:GetCostAndUsage",
        "ce:GetCostForecast"
      ],
      "Resource": "*"
    }
  ]
}
Vulnerability scanning and IaC drift detection run entirely against data already ingested into InfraAudit. No additional AWS permissions are needed for those features.

Connecting GCP or Azure

The connection flow is the same. See Connecting cloud accounts for the GCP service account and Azure service principal setup instructions.

Run your first drift scan

Once the initial sync finishes, the resource count on the Cloud Providers card updates. Now you can run a drift scan.
1

Open Drift Detection

In the sidebar, click Drift Detection.
2

Trigger the scan

Click Run scan. InfraAudit compares the current state of your resources against the baseline captured during the initial sync.
3

Review findings

On a fresh account, the first scan usually returns no drift — the baseline was just captured, so nothing has changed yet. To see drift in action, make a change in your AWS account (add a tag, modify a security group rule), then click Run scan again.
Drift findings are sorted by severity. Filter by Critical and High first to focus on the most impactful changes.

What to do next

Browse your resources

Click Resources in the sidebar to see everything InfraAudit discovered, filterable by type, region, and status.

Enable a compliance framework

Go to Compliance and enable the CIS AWS Benchmark to get a scored assessment with control-level findings.

Set up alerts

Go to Settings → Notifications and connect a Slack channel or email address to receive alerts.

Review cost data

Billing data syncs daily. The Cost section shows historical spend, trends, and savings recommendations.

Further reading