AWS CodePipeline integration by adding a Snyk scan stage

The Snyk integration for AWS CodePipeline will be discontinued.

Action required

To safeguard the security of Snyk services and customers, Snyk has begun the deprecation of its integration with AWS CodePipeline. To minimize disruption, Snyk recommends that you transition to using AWS CodeBuild and the Snyk CLI as an alternative that will support the same use case and functionality.

Migration timeline

Effective October 30, 2024, you will no longer be able to add or modify the Snyk plug-in for new or existing pipelines. Existing pipelines will continue to work as-is for 7 months, though Snyk recommends migrating to the new process as soon as possible. To avoid disrupting your CI/CD workflows, you must transition to the Snyk CLI before May 30, 2025. Refer to the steps in this migration guide to use Snyk CLI with AWS CodeBuild.

Snyk is confident that AWS CodeBuild and the Snyk CLI will meet your requirements.

Snyk integrates seamlessly with AWS CodePipeline to scan your application for open source security vulnerabilities and help you deliver secure applications with continuous delivery service. This integration allows CodePipeline users to make security an automated part of their build, test, and deploy phases.

For setup and use details, see the following pages:

Snyk integration with AWS CodePipeline requires a UI-based authentication step as part of the setup. This is not compatible with automation done by non-interactive setup methods such as CloudFormation or Terraform.

PreviousUser-defined custom images for CLI NextMigrating to AWS CodeBuild

Last updated 6 days ago

Was this helpful?