Integrate cfn-lint with Vulnetix. Validate AWS CloudFormation templates for correctness, best practices, and security issues. Export findings in SARIF format and upload to Vulnetix.
CloudFormation (YAML/JSON)CLI toolSARIFJSONJUnit
Install & scan
$ # Recommended — run without global install uv run --with cfn-lint cfn-lint --version # Install globally with pip pip install "cfn-lint" # Or via Homebrew brew install cfn-lint $ uv run --with cfn-lint cfn-lint -f sarif -t template.yaml > cfn-lint.sarif
Run cfn-lint in CI
Scan on every push and upload the results to Vulnetix:
- name: Scan CloudFormation with cfn-lint
run: |
pip install cfn-lint
cfn-lint -f sarif -t "**/*.yaml" > cfn-lint.sarif
- name: Upload to Vulnetix
run: vulnetix upload --file cfn-lint.sarif
Centralise cfn-lint results in Vulnetix
Upload cfn-lint SARIF, JSON, JUnit output to the Vulnetix platform to deduplicate findings, prioritise them with EPSS, CISA KEV and Coalition ESS exploit intelligence, and track remediation across every scanner in a single queue.