Quick Start
From zero to security insights in under 30 seconds. No signup, no API keys โ just results.
Prerequisites
CDK Project
An existing AWS CDK project with TypeScript or Python
Node.js
Node.js 22+ installed on your system
AWS Credentials
AWS credentials configured for CDK synthesis
30-Second Setup
Navigate to your CDK project
Open your terminal and go to your CDK project directory
cd my-cdk-projectInstall and initialize
Install CDK Insights and add npm scripts to your project
npm install --save-dev cdk-insights && npx cdk-insights initWire integrations (optional but recommended)
Add the Aspect (richer findings with file/line attribution) and the Validations Plugin (synth-time enforcement). The interactive setup writes the boilerplate into your CDK app for you.
npx cdk-insights setupRun your first scan
Use the familiar npm run command to scan your CDK stacks
npm run cdk-insightsReview the results
CDK Insights will display a table of findings with severity levels
The analysis includes security issues, cost optimizations, and best practices
Optional: enable AI analysis
Add your license key to .env to unlock AI-powered recommendations. Static-only scans don't need a key.
echo "CDK_INSIGHTS_LICENSE_KEY=LIC-..." >> .envGet a free license at https://cdkinsights.dev/start.
Example Output
CDK Insights will display a comprehensive table of findings, sorted by severity:
Go Deeper
Once you have a first scan, the two flags that make CDK Insights usable on a real codebase are --writeBaseline (so future scans only flag what's new) and cdk-insights fix --apply (mechanical remediations on demand). Wire both into CI for the full ratchet.