- Newest
- Most votes
- Most comments
Hello,
When you activate Amazon Inspector scans for Amazon ECR, you set Amazon Inspector as your preferred scanning service for your private registry. This replaces the default Basic scanning, which is provided at no charge by Amazon ECR, with Enhanced scanning, which is provided and billed through Amazon Inspector [1]
Enhanced scanning gives you a choice between continuous scanning or on-push scanning at the repository level. Continuous scanning includes on-push scans and automated rescans. On-push scanning scans only when you initially push an image. For both options, you can refine the scanning scope through inclusion filters.
Also automated re scans are triggered for container images based on whether you use the continuous or on-push option in your Enhanced scanning settings.
Configuring enhanced scanning for Amazon ECR repositories:
- Open the Amazon ECR console
- Select the Region that contains the repositories that you want to scan.
- In the navigation pane, choose Private registry, then choose Scanning.
- In the Scanning configuration section, choose Edit.
- Under Scan type, choose Enhanced scanning.
By default, the Continuously scan all repositories option is selected which turns on complete Amazon Inspector scan coverage for all repositories. Deselect that option and select Scan on push all repositories to run scans only on initial push of an image. - (Optional) Specify which repositories to include in scans for continuous or on-push scans by entering the repository names in the input box and selecting Add filter.
- Choose Save.
- (Recommended) Repeat these steps in each AWS Region for which you want to activate Amazon Inspector scans for Amazon ECR repositories.
Now to Act upon Inspector findings, kindly find below link [2] which mentions all the bulletins for security or privacy events pertaining to the Amazon Linux AMI.
Thank you,
References : [1] https://docs.aws.amazon.com/inspector/latest/user/scanning-ecr.html [2] https://alas.aws.amazon.com/
Relevant content
- asked 8 months ago
- AWS OFFICIALUpdated 3 years ago
- AWS OFFICIALUpdated 4 months ago
- AWS OFFICIALUpdated 7 months ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 3 months ago
Thanks for this info. The direction I was going in with my question was more relating to business process than the technicalities of how to remediate individual findings. I.e. Inspector has detected hundreds (or thousands) of findings... So now how do we work out within the business what findings are effective duplicates and which findings matter. Of course, this is entirely dependent on everyone's individual circumstances but I was interested to hear some examples.