Snyk has built an integration inside the AWS CodePipeline console. This new integration allows AWS CodePipeline users to build automated security controls into their deployment pipeline without having to leave the AWS console, bringing the Snyk experience directly to AWS users, and empowering them to more efficiently find and fix vulnerabilities in open source code when building cloud-native applications on AWS.
Using Snyk’s feature-rich CLI, developers can also secure various elements of their workflow such as AWS CodeBuild and AWS CodeCommit.
AWS users can then leverage Snyk’s integrations with Amazon Elastic Container Registry (Amazon ECR) and Amazon Elastic Kubernetes Service (Amazon EKS) to scan container images and Kubernetes clusters for vulnerabilities and misconfigurations, even mapping new vulnerabilities to any container images already deployed in a Kubernetes cluster.
The latest integration inside the AWS CodePipeline console expands upon Snyk’s ongoing collaboration with AWS to ensure that both development and security teams are able to leverage automated tooling to mitigate their open source risk as part of the development process, positively affecting the way they work and interact with one another.
As an AWS Partner within the AWS Partner Network (APN), Snyk has been technically validated to work seamlessly with several AWS services, and has achieved AWS DevOps Competency as well as the AWS Lambda Ready and Amazon Linux 2 Ready designations.