Using Amazon Inspector with GitHub actions

You can use Amazon Inspector with GitHub actions to add Amazon Inspector vulnerability scans to your GitHub workflows. This leverages the Amazon Inspector SBOM Generator and Amazon Inspector Scan API to produce detailed reports at the end of your build, so you can investigate and remediate risk before deployment. Amazon Inspector vulnerability scans can also be configured to pass or fail workflows based on the number and severity of vulnerabilities detected.

Amazon Inspector is a vulnerability management service offered by AWS that scans operating system and programming language package vulnerabilities based on Common Vulnerabilities and Exposures (CVEs). For information about how to integrate Amazon Inspector Scan into your CI/CD pipeline, see Integrating Amazon Inspector scans into your CI/CD pipeline. For a list of operating systems and programming languages that Amazon Inspector supports, see Supported operating systems and programming languages.

You can view the latest version of the Amazon Inspector action on the GitHub website.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

TeamCity plugin

CodeCatalyst actions