Automated Image Scanning with AWS CodePipeline & ECR

In this post, I am going to explain how we can scan docker images for vulnerabilities from a CI/CD pipeline. I use AWS CodePipeline to scan Docker images stored in AWS ECR.

Note that I use AWS CDK for creating all the resources and you can clone the complete project from this link.

Steps

• Setup the code repository