DevSecOps and Cloud Computing Coaching: 2025

Tuesday, October 14, 2025

Coach AK Master DevSecOps BootCamp FAQs | Master AWS and Azure Cloud computing Program by Coach AK

(More New Topics..New CICD tool included - GitHub Action, Trivy, Checkov Security scanner!)

1. How many weeks is this DevSecOps Coaching program ?

12 weeks program, to know more about the program, click here.

2. It is online or in-person class?

Classes are currently online only (on Zoom)

3. What are the schedules for next batches?

Click here for the schedules

4. Can anyone do this program and become successful?

Yes, Absolutely. Any one can do this program and become successful if the person is willing to put the efforts to learn with open minded-ness and ready to follow coach's direction & mentorship and being committed to this program.

5. Do I need to have any experience & knowledge in IT or computer programming?

Not really, if you have any experience in IT it helps, but it is not mandatory. You can learn basics of Agile or software development life cycle by self learning.

6. Is the Coaching program lab oriented?

Yes, purely lab oriented coaching

7. Do I get any help in preparing my resume?

Yes, the Coach will assist you in preparing your resume.

8. Do I get any help or tips in preparing for the DevOps interview?

Yes, Coach will provide necessary documents, tips or guidance in preparing for DevOps interview.

9. What is the course fee ?

$990/person if you make a single payment. Please talk to coach for current offers/promotions.

for 3 installments you will be paying $330.

If you live in India, please talk to Coach to get the price in Rs.

10. What are the modes of payment?

Zelle, Cash App or PayPal

11. Where will students do the lab exercises?

You will be learning DevOps, Cloud computing on AWS and Azure Cloud platforms.

12. What are the different tools covered in this program?

https://www.coachdevops.com/2024/08/list-of-topics-with-devops-coach-and.html

Linux basics
Git
GitHub
GitHub Actions
BitBucket
Jenkins
Maven
SonarQube
Trivy security scanner
Checkov IAC scanner
Nexus
Artifactory
Slack
Terraform
Ansible
Docker
Kubernetes
EKS
Helm
Prometheus
Grafana
Azure DevOps
AWS Cloud
Azure Cloud

13. Who are the targeted Audience for this Course?

Beginners transitioning into DevOps
IT professionals (SysAdmins, Developers, QA Engineers, Build and release engineers)
Experienced DevOps engineers looking to up skill

Coach AK's Master DevSecOps Bootcamp Program Model Information | Master Multi cloud Program Information | AWS Cloud and Azure Cloud DevOps Coaching Program Model Information

(More New Topics..New tools added such as GitHub Actions, Helm, GitHub Advanced Security and Trivy Scanner, CheckOv IAC security scan tools included)

About Coach Ananth(or known as Coach AK):

🎓 TOGAF-Certified Architect with 24 years of IT experience, including 10+ years in DevOps and Cloud Computing.
🛠 Expertise in DevOps Tools: Git, BitBucket, GitHub, Jenkins, Maven, SonarQube, Nexus, Artifactory, Slack, Terraform, Ansible, Docker, Helm, Prometheus, and Kubernetes on AWS and Azure platforms.
🚀 Proven Success: Coached over 3000 professionals, with many placed in top-tier companies.
📚 Unique Learning Model: Minimal theory, maximum hands-on labs, focusing on job-relevant skills.
🌐 Comprehensive Cloud Training: Master AWS and Azure through a practical, immersive experience.
✍️ Personalized Support: Includes resume preparation and one-on-one interview coaching to help candidates stand out.
🎉 Milestone Achieved: Celebrating 8 years of successful coaching in August 2025.
🤝 Learn from the Best: Led by a Senior DevOps Coach/Architect currently working with a leading IT services company in the U.S.

Here is the coaching model:

🚀 12-Week Hands-On DevSecOps Coaching: Gain real-world experience with AWS and Azure cloud platforms.
🔧 80% Practical, 20% Theory: Over 50 lab exercises ensure you learn by doing.
💻 Comprehensive Tool Coverage: Master Git, GitHub, Jenkins, Maven, SonarQube, Nexus, Terraform, Ansible, Docker, Kubernetes, Helm, Prometheus, and more.
👨‍🏫 Expert-Led Training: Learn from Coach AK, a TOGAF-certified architect with 24+ years of IT experience.
🤝 Collaborative Learning: Get access to WhatsApp groups for troubleshooting, discussions, and peer support.
📄 Resume & Interview Support: Tailored guidance to make your job applications stand out.
✅ Proven Success: Join over 3,000 professionals who’ve advanced their careers with our program.
🌟 Flexible Learning Options: Designed to fit your schedule and career goals.
💡 Transform Your Career: Believe in yourself—anything is possible!

📈 Why Join This Bootcamp?

✅ Hands-on Training – Work on real-world projects

✅ Learn Top Security Tools – SonarQube, Trivy, Aqua Security, GitHub Advanced Security

✅ Expert-Led Live Sessions – Interactive & practical guidance

✅ Career Support – Resume tips, interview prep & certification guidance

✅ Project-Based Learning – Apply skills in real DevOps environments

Useful Links:

Click here for the coaching schedule
Click here to know more about the program
Click here to know about the facts about the program

Just believe!! Anything is possible!!

Sunday, October 12, 2025

Master DevSecOps and Multi Cloud Computing Course by Coach AK | DevSecOps and Cloud Computing Online Classes | Oct 2025 Schedule

Master DevSecOps and cloud Computing Bootcamp Schedule for Oct 2025

Are you ready to supercharge your career in DevSecOps? Whether you're a beginner or an experienced professional, this hands-on bootcamp will take you from zero to expert with real-world training on the latest DevSecOps tools and practices!

✅ Master Top DevSecOps Tools: Git, GitHub, Bitbucket, Jenkins, SonarQube, Slack, Trivy, Nexus, Terraform, Ansible, Docker, Kubernetes, Helm, Prometheus and more!
✅ Cloud Platforms – AWS & Azure
✅ Live Interactive Sessions – Get personalized guidance from industry experts!
✅ Weekend & Weekday Batches – Flexible schedules to fit your lifestyle!
✅ Weekday Evenings Batch Available! – Perfect for working professionals!
✅ Real-World Projects – Build experience that recruiters love!
✅ 100% Hands-On Training – No boring theory, just practical DevSecOps!
✅ Career Support & Guidance – Resume building, interview prep, and networking!

📅 Weekend Batch Starts: Oct 25th, 2025
🕒 Timings: Saturdays - 11:30 AM - 1:30 PM CST & Sundays - 1:00 PM - 3:00 PM CST

📅 Weekday Evening Batch Starts: Oct 27th, 2025
🕒 Timings: Mondays & Wednesdays (6:00 PM - 8:00 PM CST)

📍 Online – Learn from Anywhere!

🎯 Spots are Limited! Secure your seat now and take the first step toward becoming a DevSecOps pro!

📞 Contact Coach AK Now:
📱 +1 (469) 733-5248 (WhatsApp Available)
📧 devops.coaching@gmail.com

💥 Act Fast! Early Bird Discounts Available! 🚀

👉 Register Today by making payments, contact Coach AK!

📈 Why Join this Bootcamp?

✅ Hands-on Training – Work on real-world projects
✅ Learn Top Security Tools - SonarQube, Aqua Trivy, GitHub Advanced Security, Checkov
✅ Expert-Led Live Sessions – Interactive & practical guidance
✅ Career Support – Resume tips, interview prep & certification guidance
✅ Project-Based Learning – Apply skills in real DevOps environments

Tuesday, August 5, 2025

Master DevSecOps and Multi Cloud Computing Course by Coach AK | DevSecOps and Cloud Computing Online Classes | Oct 2025 Schedule

Master DevSecOps and cloud Computing Bootcamp Schedule for Oct 2025

📅 Weekend Batch Starts: Oct 25th, 2025
🕒 Timings: Saturdays - 11:30 AM - 1:30 PM CST & Sundays - 1:00 PM - 3:00 PM CST

📅 Weekday Evening Batch Starts: Oct 21st, 2025
🕒 Timings: Tuesdays & Thursdays (6:00 PM - 8:00 PM CST)

📍 Online – Learn from Anywhere!

🎯 Spots are Limited! Secure your seat now and take the first step toward becoming a DevSecOps pro!

📞 Contact Coach AK Now:
📱 +1 (469) 733-5248 (WhatsApp Available)
📧 devops.coaching@gmail.com

💥 Act Fast! Early Bird Discounts Available! 🚀

👉 Register Today by making payments, contact Coach AK!

📈 Why Join this Bootcamp?

Thursday, July 10, 2025

Master DevSecOps and Multi Cloud Computing Course by Coach AK | DevSecOps and Cloud Computing Online Classes

Master DevSecOps and cloud Computing Bootcamp Schedule for Sep 2025

📅 Weekend Batch Starts: Sep 14th, 2025
🕒 Timings: Saturdays - 09:45 AM - 11:30 AM CST & Sundays -10:30 AM - 12:30 PM CST

📅 Weekday Evening Batch Starts: Sep 18th, 2025
🕒 Timings: Tuesdays & Thursdays (6:00 PM - 8:00 PM CST)

📍 Online – Learn from Anywhere!

🎯 Spots are Limited! Secure your seat now and take the first step toward becoming a DevSecOps pro!

📞 Contact Coach AK Now:
📱 +1 (469) 733-5248 (WhatsApp Available)
📧 devops.coaching@gmail.com

💥 Act Fast! Early Bird Discounts Available! 🚀

👉 Register Today by making payments, contact Coach AK!

📈 Why Join this Bootcamp?

Saturday, June 21, 2025

How to create Ubuntu 22.0.4 Virtual Machine (VM) in Azure? | Create Ubuntu 22.0.4 VM in Azure | How to connect to Azure VM from your local machine

How to Create Ubuntu 22.0.4 Virtual Machines(VM) in Azure portal? Creating Virtual Machine is easy and straight forward in Azure Cloud. Let us see how to do that in Azure portal.

Pre-requisites:

Azure account subscription, click here if you dont have one.

Watch Steps in YouTube channel:

Steps to create Ubuntu 22.0.4 Virtual Machine in Azure

1. Login to Azure portal, go to https://portal.azure.com/
2. Click on Virtual Machines.

3. Click on Add virtual machine.

4. Now enter the details as below or give values per your subscription and requirements. Select Ubuntu 22.0.4 VM

5. choose authentication type as SSH public key, enter azureuser as user name, enter key pair name.

This step will eventually create SSH keys and allow you to download in your machine.

6. Under Networking

Go with Allow selected ports - SSH port 22

And also select Delete public IP and NIC when VM is deleted option

7. Click on Review, it may take a few mins to finish the validations. If all good, it should pass the validations. Click on Create.

8. Now download the SSH keys and save it locally.

9. Once created, Click on virtual machines.

10. You should see the new VM is running like below:

How to connect to Azure VM from your local machine?

11. Now select that instance, click on connect

Then choose SSH

12. Copy the value as it shows below in your local terminal(iTerm for Apple laptop) or Git bash for Windows laptop.

13. Make sure your SSH keys is not accessible by others, by executing the below command:

chmod 400 myUbuntuVM_key.pem

14. Now ssh into VM from your local machine using the key

ssh -i myUbuntuVM_key.pem azureuser@your_ip_address

Now it should show you that you are connected to Azure.

Friday, May 23, 2025

How to Automate Security Scan of Terraform Files using Checkov with Jenkins Pipeline? | How to Perform Security scan for Terraform Files using Checkov?

Checkov is a static code analysis tool designed to scan Infrastructure as Code (IaC) files and identify potential security and compliance misconfigurations.

Pre-requisites:

Jenkins pipeline code:

Below Jenkins Pipeline code scan Terraform files and write the output to a file which can be viewed in Jenkins.

pipeline {

agent any
stages {
stage('Checkout') {
steps {
git 'https://github.com/akannan1087/myInfra2021Repo'
}
}

stage('Run Checkov Scan') {
steps {
sh 'checkov -d . -o junitxml > checkov-report.xml || true'
}
}

stage('Publish Report') {
steps {
junit 'checkov-report.xml'
}
}
}

post {
always {
archiveArtifacts artifacts: 'checkov-report.xml', fingerprint: true
}
}
}

Watch steps in YouTube channel:

Master DevSecOps Bootcamp July 2025 Schedule | DevOps & AWS Azure Cloud Coaching by Coach AK | DevSecOps and Cloud Computing Online Classes

Master DevSecOps and cloud Computing Bootcamp Schedule for Sep 2025

📅 Weekend Batch Starts: Sep 14th, 2025
🕒 Timings: Saturdays - 09:45 AM - 11:30 AM CST & Sundays -10:30 AM - 12:30 PM CST

📅 Weekday Evening Batch Starts: Sep 18th, 2025
🕒 Timings: Tuesdays & Thursdays (6:00 PM - 8:00 PM CST)

📍 Online – Learn from Anywhere!

🎯 Spots are Limited! Secure your seat now and take the first step toward becoming a DevSecOps pro!

📞 Contact Coach AK Now:
📱 +1 (469) 733-5248 (WhatsApp Available)
📧 devops.coaching@gmail.com

💥 Act Fast! Early Bird Discounts Available! 🚀

👉 Register Today by making payments, contact Coach AK!

📈 Why Join this Bootcamp?

Thursday, April 17, 2025

How to install Checkov | How to Scan Terraform Code for finding security issues using Checkov | How to Perform Security scan for Terraform Files?

Checkov is a static code analysis tool designed to scan Infrastructure as Code (IaC) files and identify potential security and compliance misconfigurations.

How to install Checkov on Linux Ubuntu?

There are several ways to install Checkov on Ubuntu 22.04, but we will be using PIP.

1. Using pip (Recommended):

This is the most common and generally recommended method as it installs the latest stable version and manages dependencies easily.

Prerequisites: Ensure you have Python and pip installed. If not, open your terminal and run:
sudo apt update sudo apt install python3-pip -y
Install Checkov: Once pip is installed, run the following command to install Checkov:

sudo pip3 install checkov

Verify Installation: After the installation is complete, you can verify it by checking the Checkov version:
checkov --version
This should print the installed Checkov version.

How to Scan Terraform files using Checkov?

Make sure Terraform is installed in your machine where you will be performing scanning.

Navigate to Terraform directory where you created Terraform files and execute the below command:

For e.g., if you have created terraform files under project-terraform directory, navigate to that dir.

cd project-terraform

Run the below command to scan terraform files:

checkov -d .

Now you will see the issues(if there are any) with TF files like below:

Based on the errors, you can resolve the issues one by one.

Watch Steps on YouTube channel:

Wednesday, April 16, 2025

What is Checkov? | How to install Checkov on Linux Ubuntu to scan Terraform Code for finding security issues?

Checkov is an open source, static code analysis tool designed to scan Infrastructure as Code (IaC) files and identify potential security and compliance misconfigurations.

Supported IaC types:

Checkov scans following IaC file types:

Terraform (for AWS, GCP, Azure and OCI)
CloudFormation (including AWS SAM)
Azure Resource Manager (ARM)
Serverless framework
Helm charts
Kubernetes
Docker

Here's a breakdown of Checkov tutorials

Getting Started and Basic Usage:

Installation: Checkov can be installed using pip, brew, or Docker. For example, using pip:

sudo apt install python3-pip -y

sudo pip3 install checkov

Basic Scanning: To scan a single file or a directory, use the -f (file) or -d (directory) flags:
checkov -f main.tf
checkov -d /path/to/your/iac/code
Output: Checkov provides a detailed output of passed and failed checks, including the check ID, description, the resource and file location, and a link to more information about the policy
Specifying Frameworks: You can specify the IaC framework to scan using the --framework flag:

checkov -d /path/to/kubernetes/manifests --framework kubernetes

checkov -f eks-deploy-k8s.yaml

Output Formats: Checkov supports various output formats using the --output flag, such as cli (default), json, junitxml, and sarif. For e.g, for JSON output format, use below command:

checkov -d . --output json

Monday, April 7, 2025

DevSecOps Bootcamp June 2025 Schedule | DevOps & AWS Azure Cloud Coaching by Coach AK | DevSecOps and Cloud Computing Online Classes

🚀 DevSecOps Bootcamp - Master Security in DevOps | June 2025

📅 Weekend Batch Starts: June 1st, 2025
🕒 Batch Timings:

Weekend Batch: Saturdays (11:35 AM - 01:30 PM CST) & Sundays (1:00 PM - 3:00 PM CST)

📅 Weekday Evening Batch Starts: June 10th, 2025
🕒 Batch Timings:

Weekday Evenings Batch: Tuesdays & Thursdays (6:00 PM - 8:00 PM CST)

📍 Online – Learn from Anywhere!

🎯 Spots are Limited! Secure your seat now and take the first step toward becoming a DevSecOps pro!

📞 Contact Coach AK Now:
📱 +1 (469) 733-5248 (WhatsApp Available)
📧 devops.coaching@gmail.com

💥 Act Fast! Early Bird Discounts Available! 🚀

👉 Register Today by making payments, contact Coach AK!

📈 Why Join This Bootcamp?

✅ Hands-on Training – Work on real-world projects
✅ Learn Top Security Tools – SonarQube, Trivy, Aqua Security, GitHub Advanced Security
✅ Expert-Led Live Sessions – Interactive & practical guidance
✅ Career Support – Resume tips, interview prep & certification guidance
✅ Project-Based Learning – Apply skills in real DevOps environments

Friday, April 4, 2025

DevSecOps Tutorials | How to setup Prowler in AWS cloud to evaluate AWS Security

Prowler is a open source security auditing tool designed to assess security best practices, misconfigurations, and compliance in AWS environments.

Key Features of Prowler:

Customizable, and lightweight
AWS Security Best Practices – Checks for security misconfigurations in AWS services.
Compliance auditing
Multi-Account Scanning – Can scan multiple AWS accounts.
Multiple Output Formats – Generates JSON, CSV, HTML, and JUnit reports.
Works with CI/CD, AWS Organizations, and automated security workflows

Pre-requisites:

AWS cli installed

Install Required Dependencies:

sudo apt update && sudo apt install -y unzip awscli jq python3-pip git

How to setup in Prowler in AWS cloud?

git clone https://github.com/prowler-cloud/prowler.git

cd prowler

chmod +x prowler

./prowler

Run Prowler Scans

To Run a Full AWS Security Scan.

./prowler -M json,csv -o prowler-report

Wednesday, March 19, 2025

DevSecOps Bootcamp May 2025 Schedule | DevOps & AWS Azure Cloud Coaching by Coach AK | DevSecOps and Cloud Computing Online Classes

✔️ "🚀 DevSecOps Bootcamp - Master Security in DevOps | May 2025"

📅 Weekend Batch Starts: May 24th, 2025
🕒 Batch Timings:

Weekend Batch: Saturdays (09:45 AM - 11:30 AM CST) & Sundays (10:30 PM - 12:30 PM CST)

📅 Weekday Evening Batch Starts: May 27th, 2025
🕒 Batch Timings:

Weekday Evenings Batch: Tuesdays & Thursdays (6:00 PM - 8:00 PM CST)

📍 Online – Learn from Anywhere!

🎯 Spots are Limited! Secure your seat now and take the first step toward becoming a DevSecOps pro!

📞 Contact Coach AK Now:
📱 +1 (469) 733-5248 (WhatsApp Available)
📧 devops.coaching@gmail.com

💥 Act Fast! Early Bird Discounts Available! 🚀

👉 Register Today by making payments, contact Coach AK!

📈 Why Join This Bootcamp?

✅ Hands-on Training – Work on real-world projects
✅ Learn Top Security Tools – SonarQube, Snyk, Trivy, Aqua Security
✅ Expert-Led Live Sessions – Interactive & practical guidance
✅ Career Support – Resume tips, interview prep & certification guidance
✅ Project-Based Learning – Apply skills in real DevOps environments

Saturday, March 8, 2025

How to Implement CICD Pipeline using GitHub Actions | GitHub Actions Tutorials | GitHub Actions CICD Pipeline | How to Deploy Java WAR file using GitHub Actions and Maven to Tomcat Server

Please find steps for Deploying Java WAR file to Tomcat using GitHub Actions:

Watch Actions in YouTube:

Pre-requisites:

Make sure Tomcat is up and running
Tomcat Credentials configured with right permissions.
Make sure Java Project is setup in GitHub

Implementation steps:

We need to setup secrets to store tomcat user name, password and Tomcat url.

Add Tomcat user name, password and Tomcat Host url as Secret in GitHub Actions

Go to your GitHub Repo --> Settings -->

Click on Secrets and Variables under Security in left nav

Click new Repository Secret

Create TOMCAT_HOST secret and add tomcat url

Create TOMCAT_USER secret and add user name

Create TOMCAT_PASSWORD secret and Tomcat password

GitHub Actions Workflow YAML for Deploying a WAR file to Tomcat

You will create this file .github/workflows/cicd.yaml inside GitHub Repo where your Java code is.

name: Build a WAR file using Maven and Deploy Java App to Tomcat running in AWS EC2

on:

push:

branches: [ "main" ]

jobs:

build:

runs-on: ubuntu-latest

steps:

- uses: actions/checkout@v3

- name: Set up JDK 11

uses: actions/setup-java@v2

with:

distribution: 'adopt'

java-version: '11'

- name: Build with Maven

run: mvn clean install -f MyWebApp/pom.xml

- name: Deploy to Tomcat

run: |

curl -v -u ${{ secrets.TOMCAT_USER }}:${{ secrets.TOMCAT_PASSWORD }} \

-T MyWebApp/target/MyWebApp.war \

"http://${{ secrets.TOMCAT_HOST }}/manager/text/deploy?path=/MyWebApp&update=true"

Commit the file.

As soon as you commit, build will run immediately in GitHub Actions.

Now you can see the output of build in Actions tab.

Check the output in Tomcat

Saturday, March 1, 2025

DevSecOps Bootcamp Aug 2025 Schedule | DevOps & AWS Azure Cloud Coaching by Coach AK | DevSecOps and Cloud Computing Online Classes

🚀 Join the Ultimate DevSecOps Bootcamp – Aug 2025! 🔥

📅 Weekend Batch Starts: Aug 10th, 2025
🕒 Timings: Saturdays - 09:45 AM - 11:30 AM CST & Sundays -10:30 AM - 12:30 PM CST

📅 Weekday Evening Batch Starts: Aug 5th, 2025
🕒 Timings: Tuesdays & Thursdays (6:00 PM - 8:00 PM CST)

📍 Online – Learn from Anywhere!

🎯 Spots are Limited! Secure your seat now and take the first step toward becoming a DevSecOps pro!

📞 Contact Coach AK Now:
📱 +1 (469) 733-5248 (WhatsApp Available)
📧 devops.coaching@gmail.com

💥 Act Fast! Early Bird Discounts Available! 🚀

👉 Register Today by making payments, contact Coach AK!

Tuesday, February 18, 2025

DevSecOps Bootcamp March 2025 Schedule | DevOps & AWS Azure Cloud Coaching by Coach AK | DevSecOps and Cloud Computing Online Classes

🚀 Join the Ultimate DevSecOps Bootcamp – March 2025! 🔥

📅 Weekend Batch Starts: February 22, 2025
🕒 Batch Timings:

Weekend Batch: Saturdays (11:35 AM - 01:30 PM CST) & Sundays (12:45 PM - 2:30 PM CST)

📅 Weekday Evening Batch Starts: March 3rd, 2025
🕒 Batch Timings:

Weekday Evenings Batch: Mondays & Wednesdays (6:00 PM - 8:00 PM CST)

📍 Online – Learn from Anywhere!

🎯 Spots are Limited! Secure your seat now and take the first step toward becoming a DevSecOps pro!

📞 Contact Coach AK Now:
📱 +1 (469) 733-5248 (WhatsApp Available)
📧 devops.coaching@gmail.com

💥 Act Fast! Early Bird Discounts Available! 🚀

👉 Register Today by making payments, contact Coach AK!

Sunday, February 2, 2025

DevSecOps Bootcamp Feb 2025 Schedule | DevOps & AWS Azure Cloud Coaching by Coach AK | DevSecOps and Cloud Computing Online Classes

🚀 Join the Ultimate DevSecOps Bootcamp – February 2025! 🔥

📅 Weekend Batch Starts: February 22, 2025
🕒 Batch Timings:

Weekend Batch: Saturdays (11:35 AM - 01:30 PM CST) & Sundays (12:45 PM - 2:30 PM CST)

📅 Weekday Evening Batch Starts: February 24, 2025
🕒 Batch Timings:

Weekday Evenings Batch: Mondays & Wednesdays (6:00 PM - 8:00 PM CST)

📍 Online – Learn from Anywhere!

🎯 Spots are Limited! Secure your seat now and take the first step toward becoming a DevSecOps pro!

📞 Contact Coach AK Now:
📱 +1 (469) 733-5248 (WhatsApp Available)
📧 devops.coaching@gmail.com

💥 Act Fast! Early Bird Discounts Available! 🚀

👉 Register Today! Click Here

Thursday, January 30, 2025

How to Setup AquaSec Trivy for Vulnerability scanning | How to scan Springboot Docker image using Trivy Scanner | Create Jenkins Pipeline for scanning Docker image for Springboot Microservices App

Watch steps in YouTube channel:

Pre-requisites:

Springboot microservices app configured.
Jenkins up and running
Install Trivy scanner in Jenkins instance
Docker installed in Jenkins instance
Maven also configured in Jenkins under Manage Jenkins--> Tool
Click here to for integrating Docker and Jenkins
Pipeline stage view, Docker and Docker pipelines plug-in are installed
Install AWS CLI
Repo created in ECR for storing docker images, Click here to know how to do that.
Create an IAM role with AmazonEC2ContainerRegistryFullAccess policy, attach role to Jenkins EC2 instance.

Jenkins Pipeline for scanning docker image using Trivy scanner:

pipeline {

agent any

environment {

registry = "acct_id.dkr.ecr.us-east-1.amazonaws.com/coachak/springboot-app"

}

stages {

stage('Checkout') {

steps {

git 'https://github.com/akannan1087/docker-spring-boot'

}

stage ("Build JAR") {

steps {

sh "mvn clean install"

}

stage ("Build image") {

steps {

script {

dockerImage = docker.build registry

dockerImage.tag("$BUILD_NUMBER")

}

// Scanning Docker images using Trivy scanner

stage('Trivy Security scan') {

steps{

script {

sh "trivy image --severity HIGH,CRITICAL,MEDIUM acct_id.dkr.ecr.us-east-1.amazonaws.com/coachak/springboot-app:$BUILD_NUMBER"

}

// Uploading Docker images into AWS ECR

stage('Pushing to ECR') {

steps{

script {

sh 'aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin acct_id.dkr.ecr.us-east-1.amazonaws.com'

sh 'docker push acct_id.dkr.ecr.us-east-1.amazonaws.com/coachak/springboot-app:$BUILD_NUMBER'

}

Pipeline Output:

Scan report can be viewed in Jenkins