Author: Marco Morales

When you combine AWS CodeBuild with Snyk to deploy your infrastructure as code project, you gain a repeatable process that’s easy to track and manage that happens to include security results. AWS provides the automation while Snyk provides enhanced security. Learn how to manage an IaC project written with Terraform by HashiCorp and deployed with AWS CodeBuild, and review results before a scan and after when hidden issues are often revealed.

Learn how to build a Java application in a Docker container and push the container image to Amazon ECR orchestrated by AWS CodePipeline. We’ll use Snyk to scan your code, build a container image, and display the results in both Snyk and Amazon ECR. We’ll also show you how Amazon Inspector utilizes Snyk open source to provide insight into your software security vulnerabilities. All of this functionality is available from the AWS Management Console.