...
You can use Synopsys's scanning technology in a variety of Amazon continuous integration environments by using Synopsys Detect.
- Synopsys Detect can be invoked from Amazon CodeBuild and CodePipeline to invoke either a Black Duck or Coverity on Polaris scan.
- Synopsys Detect can also be used to perform Black Duck scans of containers in Amazon's Elastic Container Registry (ECR).
...
- Black Duck scan results are sent to your dedicated Black Duck instance, providing vulnerability, license, and operational risk results on the open source software components that are identified in the scans.
- Black Duck events can be displayed in the AWS CodeStar console using the Black Duck Jira Plugin.
- Coverity on Polaris scan results are available in Polaris.
Refer to the following
...
References
...
to learn about deploying Black Duck AMI in AWS.
Deploying Black Duck AMI on AWS
Refer to the following topics for information about triggering Synopsys scans in AWS by leveraging Synopsys Detect.