Shifting left and scanning for compliance issues and vulnerabilities in the image build process can help eliminate runtime issues when instances are instantiated. Learn how to secure golden images built with HashiCorp Packer. Organizations use a base image from which they create virtual machines or instances. These base images are bundled into a “golden image” artifact and shared as a standard across the organization. But over time, security patches need to be applied or configurations updated as requirements change. Tools exist to help manage the creation of these images, and DevOps teams have been leveraging their skills with automation to ensure a consistent and efficient build process.

Security can’t be an afterthought when creating golden images. It’s a best practice to scan images during the build process. If vulnerabilities or compliance issues are found, the image pipeline should be abandoned before the image is published.