Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.codeant.ai/llms.txt

Use this file to discover all available pages before exploring further.

Overview

Cloud Security Posture Management (CSPM) is the process of securing multi-cloud environments through enhanced visibility, risk and misconfiguration identification, posture assessment, and compliance protocols. CodeAnt AI continuously monitor cloud infrastructure—such as Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS)—for gaps in security policy enforcement.

Key Features

  • Multi-Cloud Support: Currently supports AWS, GCP and Azure.
  • Seamless Integration: Connect seamlessly with any cloud provider and continuously monitor for security vulnerabilities, misconfigurations, and compliance issues.

How It Works

  1. Copy your External ID:
    • In CodeAnt AI, go to Settings -> Cloud Security -> AWS.
    • Copy the External ID shown at the top of the form — it’s a per-tenant value used to prevent cross-account confused-deputy attacks. You’ll paste it into your IAM trust policy in step 2.
  2. Create an IAM role in your AWS account:
    • Create an IAM role with the AWS managed ReadOnlyAccess policy attached. That is the only permission CodeAnt AI needs — no write, create, or delete actions are required.
    • Attach the following trust policy, replacing <EXTERNAL_ID> with the value you copied above: 
      {
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Principal": {
        "AWS": "arn:aws:iam::785132296666:role/service-role/codeantcibackend-role-u7zwirub"
      },
      "Action": "sts:AssumeRole",
      "Condition": {
        "StringEquals": { "sts:ExternalId": "<EXTERNAL_ID>" }
      }
    }
  ]
}
    • Copy the Role ARN (e.g. arn:aws:iam::123456789012:role/CodeAntCSPM).
  3. Save in Settings:
    • Back in Settings -> Cloud Security -> AWS, paste the Role ARN and your region, then save.
    • Click Validate Permissions to confirm CodeAnt AI can assume the role and that ReadOnlyAccess is attached.
  4. Start a Scan:
    • Go to Cloud Security -> Infrastructure Scan and click Start New Scan, then pick your AWS connection.
    • The scan typically completes in 5-20 minutes depending on account size, and results appear under Overview, Findings, Services, and Compliance.

Benefits

  • Enhanced Visibility: Gain complete visibility into your cloud infrastructure’s security posture.
  • Risk and Misconfiguration Identification: Continuously identify and address risks and misconfigurations.
  • Compliance Assurance: Ensure your cloud infrastructure complies with industry standards and protocols.

Demo

For a detailed use case and step-by-step guide on how to utilize the cloud security feature, check out our demo. The demo provides a comprehensive walkthrough, showing you how to configure settings, start a scan, and interpret the results effectively.