The example shows how you can use AWS CodeBuild to build a Docker image, then scan the image for vulnerabilities using the new Sysdig Scan Engine CLI. The build will fail if the policy evaluation fails. You can specify the SECURE_API_TOKEN and SYSDIG_API_ENDPOINT in the buildspec, however best practice would be to externalize the values in an external store as explained here.
new-scan-engine
Folders and files
| Name | Name | Last commit date | ||
|---|---|---|---|---|
parent directory.. | ||||