AWS Community Hub

Simplify Snyk and AWS integration with our latest AWS Quick Start

One of the great benefits of using AWS is the ability to automate almost everything you do, which is not limited to just AWS’ own services, but ecosystem partners like Snyk as well. We’re happy to announce our second AWS Quick Start, to help you get Snyk working with Amazon Elastic Container Registry (ECR) and AWS Lambda with just the click of a button.

Skip the manual steps and get straight to the good stuff

Integrating Snyk with ECR and Lambda requires setting up roles that work for both the AWS service and for the Snyk service. While it’s not terribly hard to do, clicking back and forth between both interfaces and copying values from one console to another is nobody’s idea of a good time. The Snyk: Developer-first Security on the AWS Cloud Quick Start gives you three options:

  1. Full Snyk integration with both ECR and Lambda
  2. Integration with ECR only
  3. Integration with Lambda only

Once deployed you can quickly obtain the remaining values for your ARN and AWS Region from the CloudFormation console outputs as shown below:

Snyk Container and AWS ECR integration

For the ECR integration, we create an IAM role that enables Snyk Container to access container images stored in ECR to scan for vulnerabilities. We create a read-only role with all the permissions outlined in our documentation and set up the necessary service integration between the Snyk service and your AWS region. From there, you can start scanning container images stored in your ECR registries and Snyk will help you select secure base images and clean up vulnerabilities in the image and code dependencies.

Snyk Container and AWS Lambda integration

Integrating Snyk Open Source with Lambda is similar to how the Snyk Container and ECR integration is handled. We create an appropriate read-only IAM role, following our documented configuration, and then set up the Snyk Open Source and Lambda services to talk to each other. From there, you can scan and monitor your Lambda code for vulnerable dependencies, alerting you to problems and helping you fix them so that your functions stay secure.

Send us feedback

To post feedback, submit feature ideas, or report bugs, use the Issues section of the GitHub repository for this Quick Start. If you’d like to submit code, please review the Quick Start Contributor’s Guide.

You can get Snyk by signing up for a free account. For our paid tiers, both Snyk Open Source and Snyk Container are available to buy on the AWS Marketplace, as well as through private offers and custom contracts.

Additional resources

Snyk resources

AWS resources

AWS services

This complimentary resource is offered by Snyk, an AWS Community Partner. This content first appeared here.
Tags: Snyk

Recent Posts

Learning from Loris Degioanni: Cloud-Native Days with Kubernetes Virtual Summit

Keeping up with information can be challenging. With all these changes, you’re probably left wondering, “who can guide me through…

5 hours ago

DevOps Unbound: Unburdening Developers

Every app development need seems to ultimately fall to developers to fulfill. Build in security. Shift testing left. Provide users…

7 hours ago

5 Ways to Reduce DevOps Toil

Over the last several years, DevOps has become a bit of a buzzword. It has become simultaneously a practice, a…

7 hours ago

12 Ways to Bake Security Into a DevOps Transformation

Security has become an integral part of any DevOps transformation. According to the Upskilling 2021: Enterprise DevOps Skills Report, DevSecOps…

8 hours ago

DevOps Unbound: Observability and Continuous Improvement

Observability at enterprise scale brings with it additional application life cycle management requirements. Success requires knowing which changes result in…

15 hours ago