Overview
Toranj integrates seamlessly with AWS services including CodeBuild, CodePipeline, and other DevOps tools to provide continuous security scanning and monitoring for your applications.
Automated Scanning
Continuous security scans on every build
Secure Integration
IAM roles and secure credential management
Detailed Reports
Comprehensive security reports and insights
Prerequisites
Requirements before setting up the AWS integration
AWS Account
Active AWS account with appropriate permissions
Toranj API Key
API key from your Toranj dashboard
IAM Permissions
CodeBuild and CodePipeline permissions
Source Repository
GitHub, CodeCommit, or other supported repo
IAM Policy Setup
Create the necessary IAM policy for Toranj integration
Ensure you have administrative privileges to create IAM policies and roles.
toranj-aws-policy.json
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"codebuild:BatchGetProjects",
"codebuild:CreateProject",
"codebuild:StartBuild",
"codebuild:BatchGetBuilds",
"codepipeline:CreatePipeline",
"codepipeline:GetPipeline",
"codepipeline:StartPipelineExecution",
"s3:GetObject",
"s3:PutObject",
"logs:CreateLogGroup",
"logs:CreateLogStream",
"logs:PutLogEvents"
],
"Resource": "*"
}
]
}Setup Steps:
- Navigate to AWS IAM Console
- Create a new policy using the JSON above
- Name the policy "ToranjIntegrationPolicy"
- Create a new role for CodeBuild
- Attach the policy to the role