Connect any cloud
in 60 seconds
vul.ninja integrates with AWS, Azure, and Google Cloud Platform via native authentication. No agents to install, no credentials to store, no IAM expertise required.
Supported cloud providers
AWS
CloudFormation template
One-click deploy, read-only IAM role via STS
Azure
OAuth via Microsoft Entra
Sign in with your Microsoft account, Reader role scoped to subscriptions
GCP
OAuth (Service Account)
Sign in with Google, roles/viewer scoped to projects — no JSON keys
Multi-cloud security from a single dashboard
Unified findings across all your clouds
One prioritized risk feed from AWS, Azure, and GCP — no switching tabs, no spreadsheet merges.
Cross-cloud compliance reporting
SOC 2, ISO 27001, HIPAA, and PCI-DSS findings mapped across all providers in one report.
Consistent AI-powered investigation
The same AI agents investigate AWS misconfigurations and Azure exposure the same way — provider-agnostic reasoning.
Single team, single workflow
One login, one dashboard, one approval workflow. Your team doesn't need to be experts in every cloud.
How vul.ninja connects to each cloud
Same security standards, same setup experience — regardless of which cloud you connect.
| Feature | AWS | Azure | GCP |
|---|---|---|---|
| Connection method | CloudFormation template | OAuth (Microsoft Entra) | OAuth (Service Account) |
| Setup time | ~60 seconds | ~60 seconds | ~60 seconds |
| Default permissions | ReadOnlyAccess (AWS managed) | Reader role (Azure RBAC) | roles/viewer (GCP IAM) |
| Granular scoping | Accounts + regions | Subscriptions | Projects |
| Audit logging | |||
| Long-lived secrets stored | No — STS short-lived tokens | No — OAuth refresh tokens | No — OAuth, no JSON keys |
| Revoke access | Delete CloudFormation stack | Microsoft account permissions | Google account permissions |
More providers on the roadmap
Frequently asked questions
Yes. You can connect AWS, Azure, and GCP simultaneously to a single vul.ninja account. Findings from all providers appear in one unified dashboard, and you can filter or scope by provider at any time.
vul.ninja is priced per seat, not per cloud provider or per finding. Connecting three clouds costs the same as connecting one. See the pricing page for current plan details.
Yes. Each cloud connection has independent scope controls. You can connect your production AWS account while excluding dev/staging, connect only specific Azure subscriptions, and limit GCP to production projects — all from the same dashboard.
Findings are tagged by cloud provider, account/subscription/project, region, and service. You can view an aggregate risk view across all clouds or drill into a single provider. Cross-cloud compliance reports map findings from all providers to shared frameworks like SOC 2 and ISO 27001.
Each cloud connection is independent. You can disconnect AWS without affecting your Azure or GCP connections. Disconnecting removes all access and stops future scans for that provider, but historical findings are retained in your dashboard.
Yes. For AWS you can connect your entire AWS Organization at once. For Azure, you can select multiple subscriptions across one or more tenants. For GCP, you can include multiple projects from different organizations.
Limits depend on your plan tier. Free accounts can connect one cloud account. Paid plans support multiple accounts, subscriptions, and projects. Check the pricing page for current tier details.
Ready to scan your cloud?
Connect AWS, Azure, or GCP in 60 seconds. One dashboard for all your clouds.
Get started freeFree forever. Connect your first cloud in 60 seconds.