AWS App Runner will no longer be open to new customers starting April 30, 2026. If you would like to use App Runner, sign up prior to that date. Existing customers can continue to use the service as normal. For more information, see AWS App Runner availability change.
Configuration and vulnerability analysis in App Runner
AWS and our customers share responsibility for achieving a high level of software component security and compliance. For more information, see the
AWS shared responsibility model
Patch container images
Patching the container image is part of the customer's responsibility in the shared security model. The image owner is responsible for updating and regularly patching the container image. We recommend establishing a routine schedule for checking and applying updates to your container images. For more information on how to scan your images for vulnerabilities, see the AWS App Runner Documentation
For other App Runner security topics, see Security in App Runner.
