Source: aws.amazon.com
Securing Amazon EKS workloads with Atlassian Bitbucket and SnykCategory: Software, Kubernetes, yaml, bitbucket
This post was contributed by James Bland, Sr. Partner Solutions Architect, AWS, Jay Yeras, Head of Cloud and Cloud Native Solution Architecture, Snyk, and Venkat Subramanian, Group Product Manager, Bitbucket Atlassian Bitbucket Cloud is a Git-based code hosting and collaboration tool, built for professional teams.
Because we use Snyk’s integration to Amazon ECR and Snyk’s Bitbucket Cloud integration to scan and monitor repositories, we can dive deeper into these results by linking our Dockerfile stored in our Bitbucket repository to the results of our last container image scan.
The final step in securing our workflow involves integrating Snyk with Kubernetes and deploying to Amazon EKS and Bitbucket Pipelines.
The difference in this template is that we have included the following lines to the manifest, which address the three failed findings in our report: After a subsequent scan, we can validate our changes propagated successfully and our Kubernetes configuration is secure (see the following screenshot).
Because we use Snyk’s integration to Amazon ECR and Snyk’s Bitbucket Cloud integration to scan and monitor repositories, we can dive deeper into these results by linking our Dockerfile stored in our Bitbucket repository to the results of our last container image scan.
The final step in securing our workflow involves integrating Snyk with Kubernetes and deploying to Amazon EKS and Bitbucket Pipelines.
The difference in this template is that we have included the following lines to the manifest, which address the three failed findings in our report: After a subsequent scan, we can validate our changes propagated successfully and our Kubernetes configuration is secure (see the following screenshot).
Related Articles
Community Partners
DevOps Careers