As a Premium Plan user, you can create custom plugins for CloudSploit that will be run against your account along with all of the existing, publicly available plugins. Writing a plugin involves cloning CloudSploit's open source repository from GitHub and adding the scans you wish to have executed. CloudSploit's plugins are written in Node.js and make use of the AWS APIs. If you'd rather have us write custom plugins on your behalf, please contact us regarding our managed services offerings.

You can find our walkthrough guide for writing a plugin here:


Before getting started, make sure you have:

1. Node.js 4.0+ installed

2. An AWS account for testing

3. An AWS access key/secret for testing

4. Git access (to clone our repo)

Once you have followed the steps in our Readme and created your own plugin, you can send it to us in one of several ways:

1. If the plugin is something you wish to contribute back to the community and is not specific to your account (for example, it doesn't rely on specific architecture, IP addresses, users, etc.), you can open a pull request against our repository. Someone will review it and respond with any changes required and then merge it in. Your plugin will then become part of our global scans.

2. If the plugin is sensitive in nature or just uses custom code that will only work for your account, you can ZIP the entire repository and send it to us via email at

If you have any questions, we're happy to help!