How To Verify Cosigned Container Images In Amazon ECS

In a previous blog post, we demonstrated how to sign container images with sigstore’s Cosign via AWS CodePipeline. Now it’s time to deploy that image, but how do we verify it is signed? In Kubernetes, we would use an admission controller to validate that the image is signed.…