Skip to main content

What You'll Accomplish

  • Create your Cloudgeni account
  • Connect a GitHub repository with Infrastructure as Code
  • Run your first security scan
  • Review and understand security findings
  • Total time: ~5 minutes

Step 1: Create Your Account

  1. Go to app.cloudgeni.ai/sign-up
  2. Sign up using your Google, GitHub, GitLab account (recommended) or email
  3. Depending on the method you choose you will be presented with specific choices.
GitHub, GitLab OAuth signups are fastest and make onboarding simpler.

Step 2: Connect Your First Repository

GitHub
Connect GitHub Repository
  1. In the Cloudgeni dashboard, navigate to Settings -> IaC Repositories from the top navigation bar
  2. Select Connect GitHub from the integration options
  3. Click Connect GitHub to authorize Cloudgeni. You will be routed to GitHub’s OAuth flow.
  4. Choose which repositories to give Cloudgeni access to:
    • Select All repositories for full coverage, or
    • Select specific repositories with Infrastructure as Code files
  5. Click Install & Authorize
Look for repositories containing .tf (Terraform), .bicep (Azure Bicep), or Pulumi files for the best initial experience.

Step 3: Connect Your First Cloud Account

  1. In the Cloudgeni dashboard, navigate to Settings -> Cloud Accounts from the top navigation bar
  2. Click on the Cloud tab
  3. Select Connect AWS from the integration options
  4. Click Connect AWS to authorize Cloudgeni. You will be asked for authentication information.
  5. Provide authentication information:
    • AWS Account ID: Your AWS Account ID
    • Credentials Name: For easy identification
    • Access Key ID
    • Secret Access Key
  6. Click Connect AWS
We highly recommend that you provide credentials with read-only access. Cloudgeni does not require any write access to any cloud resource.

Step 4: Run Your First Scan

Cloudgeni scans your IaC repositories on-demand. You can scan any repository again when you merge IaC changes:
  1. In the Cloudgeni dashboard, navigate to Compliance -> Static Analysis from the top navigation bar
  2. Select your IaC repository from the repository selector.
  3. Click Scan
  4. The scan typically completes in 10-30 seconds for most repositories
What Cloudgeni scans for:
  • Infrastructure as Code security misconfigurations
  • Security Issues
  • Resource exposure risks
  • Encryption and access control issues

Step 5: Review Your Security Findings

Once the scan completes:
  1. Review the list of findings. You can optionally filter using the filter option.
  2. Review the Findings showing:
    • Critical/High/Medium/Low severity findings
    • Check Status indicating if the performed check failed or passed
    • Location of the finding
  3. Click on individual findings to see:
    • Detailed description of the security issue
    • Resource context within your infrastructure
    • Impacted Code block
    • Further Details about the finding

Sample Finding

Ensure a retention policy is set to cleanup untagged manifests.
  • Severity: Low
  • File: /azure-production/main.tf[78-84]
  • Resource: azurerm_container_registry.acrproduction
  • Detected: 7/29/2025
  • Status: Open

Step 6: Generate Your First Fix

Cloudgeni generates fix suggestions for security issues on-demand:
  1. Click on a Critical or High severity finding
  2. Select a Cloud Integration where the suggested fix will be validated in read-only mode. Cloudgeni will never attempt to apply any changes.
  3. In the finding details, click Suggest Fix. It may take 2 to 10 minutes depending on the issue.
Cloudgeni validates fixes against your actual cloud infrastructure to prevent breaking changes. We will never attempt to apply any changes ourselves. You must review each suggestion carefully before considering creating a pull request.

Step 7: Review Suggested Fix

Once you review the generated suggestions, you can create a Pull Request against your IaC repository:
  1. Click on a suggestion from the displayed list of suggestions.
  2. In the suggestions details, review the AI-generated suggestion:
    • Summary of changes included in generated files
    • Files generated for the suggestion
    • Impact analysis on your infrastructure
    • Validation against your target environment
  3. Click Create PR to generate a pull request against your IaC repository.
  4. It takes a few seconds to generate the PR. Once it’s generated, click on View PR.
  5. You can review and merge the PR in your repository after you ensure that it meets your requirements.
Cloudgeni validates fixes against your actual cloud infrastructure to prevent breaking changes. We will never attempt to apply any changes ourselves. You must review each suggestion carefully before considering creating a pull request.

Verification: Confirm Your Setup

Account created and email verified
GitHub integration connected and authorized
AWS integration connected and authorized
First repository scanned successfully
Security findings reviewed and understood
First remediation applied (optional but recommended)

What’s Next?

Now that you have Cloudgeni running, explore these next steps:

Connect Cloud Accounts

Enable live infrastructure scanning with AWS Security Hub or Azure Defender

Set Up PR Reviews

Automatically review all infrastructure changes before deployment

Configure CI/CD

Integrate security scanning into your deployment pipeline

Custom Policies

Create organization-specific security and compliance rules

Need Help?

Having Issues?

Pro Tip: The more repositories you connect, the better Cloudgeni’s AI becomes at understanding your infrastructure patterns and providing relevant security recommendations.
I