Codeguru - Only Security checks/scans

Hi,

In your scenerio, I'd recommend to use the exclude and suppress function as the codeguru reviewer will run as a one feature. I've added reference below which you may have seen already but just in case.

https://docs.aws.amazon.com/codeguru/latest/reviewer-ug/recommendations.html https://docs.aws.amazon.com/codeguru/latest/reviewer-ug/recommendation-suppression.html

Yes, it is possible to use AWS CodeGuru to perform only security scans on your code. AWS CodeGuru provides security-related recommendations based on best practices and best practices from the industry, as well as checks for known security vulnerabilities in your code.

You can use CodeGuru's security review feature to scan your codebase and identify potential security issues, such as SQL injection vulnerabilities, cross-site scripting (XSS) vulnerabilities, and sensitive data exposure. CodeGuru analyzes the code using a combination of static and dynamic analysis and generates a report that includes a detailed description of the issue, the affected code, and the recommended remediation.

Additionally, CodeGuru also integrates with other AWS security services like Amazon Inspector, which allows you to perform security assessments on the running instances.

To use CodeGuru for security scans you will need to enable and configure the security review feature for your repository in CodeGuru. You can also configure the settings to scan only specific parts of your codebase and exclude certain files or directories.

In summary, AWS CodeGuru provides the facility to perform security scans and checks, and you can use it to focus on the security scans specifically.