Cloud Integrations
Amnify connects to your cloud providers to scan infrastructure for security misconfigurations and deploy resources. Each integration stores credentials securely and can be managed from the Configuration > Integrations page.Supported providers
| Provider | Security Scanning | Deploy (IaC) | Credential Type |
|---|---|---|---|
| AWS | Yes | Yes | Access Key ID + Secret Access Key |
| Azure | Yes | Yes | Service Principal |
| GCP | Yes | Yes | Service Account JSON key |
| Microsoft 365 | Yes | — | Service Principal |
| GitHub | — | Yes | Personal Access Token |
GitHub is used exclusively for the Deploy feature — it provides access to Terraform template repositories, not security scanning.
How integrations work
- Navigate to Configuration > Integrations in the sidebar
- Click “Add Integration” and select a cloud provider
- Fill in credentials via the provider-specific form
- For Azure, GCP, and M365: a second step shows discovered subscriptions/projects — select which to activate for scanning
- Credentials are encrypted at rest (AES-256)
Managing integrations
From the Configuration page you can:- Rename an integration for easier identification
- Toggle active subscriptions/projects to control what gets scanned
- Delete an integration when no longer needed
Security
- All credentials are encrypted before storage
- Amnify validates credentials on creation to ensure they work
- Duplicate cloud environments are automatically detected and prevented
- Deleted integrations are soft-deleted for safety
Provider guides
AWS
Connect your AWS accounts with IAM credentials.
Azure
Connect Azure subscriptions via Service Principal.
GCP
Connect GCP projects with a Service Account.
Microsoft 365
Connect your M365 tenant for configuration scanning.
GitHub
Connect GitHub for Terraform template access (Deploy feature).