Integrations Overview
Before Amnify can scan your cloud environment or provision infrastructure, you need to connect your cloud providers. The Integrations page is where you add, manage, and configure these connections.
How Integrations Work
An integration connects Amnify to a cloud provider using read-only credentials. Once connected, Amnify can:
- Discover your subscriptions, accounts, or projects
- Scan resources for security misconfigurations
- Provision infrastructure through the Deploy module
Supported Providers
| Provider | Credential Type | What Gets Discovered |
|---|---|---|
| Azure | Service Principal (Tenant ID, App ID, Client Secret) | Subscriptions |
| AWS | IAM Access Key (Access Key ID, Secret Access Key) | Accounts |
| GCP | Service Account (JSON key or credentials) | Projects |
| Microsoft 365 | Service Principal (Tenant ID, App ID, Client Secret) | Tenants |
| GitHub | Personal Access Token (fine-grained or classic) | Repositories (not scanned — used for template sync in Deploy) |
GitHub integrations are used only by the Deploy module for template synchronization. They do not participate in security scanning.
The Integrations Page
The Integrations page shows a table of all connected providers with:
| Column | Description |
|---|---|
| Provider | Cloud provider icon and name |
| Display Name | User-defined friendly name or auto-generated from the tenant/account |
| Cloud Identity | The cloud account identifier (Tenant ID, Account ID, etc.) |
| Scope | Number of active subscriptions/accounts out of total discovered (e.g., "3 / 5 active") |
| Created by | Who set up the integration |
| Created / Updated | Timestamps |
Adding an Integration
Click Create integration to start a two-step process:
- Provider Setup — select a cloud provider and enter credentials
- Scope Selection — choose which subscriptions, accounts, or projects Amnify should monitor
After setup, Amnify immediately discovers available resources and you can begin scanning.
Editing an Integration
Click on any row in the table to open the edit view, where you can:
- Change the display name — update the friendly label
- Manage scope — toggle subscriptions/accounts/projects on or off (at least one must remain active)
Credential fields (Tenant ID, App ID, etc.) are read-only after creation. To change credentials, delete the integration and create a new one.
Deleting an Integration
Click the delete icon on any row. A confirmation dialog will appear. Deleting an integration removes the cloud provider connection — existing scan results are preserved, but no new scans can run against that provider.
Where to Go Next
- Azure Setup — connect an Azure tenant
- AWS Setup — connect an AWS account
- GCP Setup — connect a GCP project
- GitHub Setup — connect a GitHub repository for template sync
- Security Scanning — start scanning after connecting a provider