You can use Amazon Inspector with GitHub actions to add Amazon Inspector vulnerability scans to your GitHub workflows.
This leverages the Amazon Inspector SBOM Generator and Amazon Inspector Scan API to produce detailed reports at the end of your build, so you can investigate and remediate risk before deployment.
Amazon Inspector vulnerability scans can be configured to pass or fail workflows based on the number and severity of vulnerabilities detected.
You can view the latest version of the Amazon Inspector action on the GitHub website.
For information about how to integrate Amazon Inspector Scan into your CI/CD pipeline, see Integrating Amazon Inspector scans into your CI/CD pipeline.
For a list of operating systems and programming languages that Amazon Inspector supports, see Supported operating systems and programming languages.
Did this page help you? - Yes
Thanks for letting us know we're doing a good job!
If you've got a moment, please tell us what we did right so we can do more of it.
Did this page help you? - No
Thanks for letting us know this page needs work. We're sorry we let you down.
If you've got a moment, please tell us how we can make the documentation better.