Scan image using AWS ECR

This templates gives you a continuous deployment (CI) pipeline that builds and pushes a Docker image to AWS ECR for image security scanning.

At a glance:

How it works

This template:

Builds a Docker image Assumes an AWS role using the AWS Assume Role with Web Identity plugin. Pushes a tagged Docker image to an AWS ECR registry. Audits for security vulerabilities using AWS ECR image scanning.

Next steps

After you select Use template, you’ll:

Connect the Git repository with your project. Using an AWS IAM role with the appropriate ECR policies, replace the placeholder ROLE_ARN in the pipeline definition. in the pipeline definition to match your project. Configure the compute—run locally, on-premises, or in the cloud. Run the pipeline.

You can then play around with the pipeline settings. For example, run the pipeline locally while you iterate on the definition or set a schedule to trigger a nightly build.

If you need help, please check our documentation, raise an issue , or reach out to support.