SupportAPI docsProduct updatesSign up for free
Search…
Snyk User Documentation
Introducing Snyk
Getting started
Snyk Web UI
Snyk CLI
Snyk API
Snyk for IDEs
Snyk Apps
Snyk Integrations
SNYK PRODUCTS
Snyk Open Source
Snyk Code
Snyk Container
Snyk Infrastructure as Code
Snyk Cloud
USING SNYK
Snyk Broker
User and group management
Fixing and prioritizing issues
Snyk reports
Snyk Tools
SNYK INFO
Disclosing vulnerabilities
How Snyk handles your data
Snyk Partner workshops
Atlassian Integrations
AWS Integrations
Snyk Integrations
Snyk Account
CircleCI
Scan Terraform with the Snyk Orb
Securing Kubernetes Workloads on AWS
Getting started
Create EKS cluster
CircleCI Configuration
config.yml
Kubernetes manifests
CircleCI Project
Test deployment
Interpret scan results
Exploits
Conclusion
Docker
Dynatrace
GCP
GitHub
Microsoft Azure
Oracle Cloud Infrastructure
Red Hat
SpringOne
Powered By GitBook
CircleCI Configuration
If you do not yet have a fork of the repository associated with this workshop, you should do so now. The contents of this Git repo will contain a .circleci/config.yml file. A comprehensive reference document for the CircleCI 2.x configuration keys that are used in the config.yml file is available from CircleCI. We will reference some of the config keys in our walk-through of our sample config.yml file.

Environment variables

Throughout the examples shown in these exercises you will see references to a few environment variables. These are defined in our CircleCI Project Settings and will be referenced in our config.yml to allow for secure authentication between CircleCI, AWS and Snyk.
The specific variables needed are as follows:
  1. 1.
    AWS Identity & Access Management User key and secret for secure authenticated interactions with the AWS API: ACCESS_KEY_ID_ENV_VAR_NAME & SECRET_ACCESS_KEY_ENV_VAR_NAME
  2. 2.
    ​AWS Elastic Container Registry (ECR) URL for accessing your default registry: (SEE WARNING BELOW) AWS_ECR_ACCOUNT_URL_ENV_VAR_NAME
  3. 3.
    AWS region you will be deploying to: AWS_REGION_ENV_VAR_NAME
  4. 4.
    API token for authenticating with your Snyk account: SNYK_TOKEN
Ensure that you use the general ECR URL in the following format:
https://aws_account_id.dkr.ecr.region.amazonaws.com
It is recommended that you use Snyk Service accounts and AWS IAM best practices when creating accounts.
Previous
Create EKS cluster
Next
config.yml
Last modified 1mo ago
Export as PDF
Copy link
Edit on GitHub