1 Answer
- Newest
- Most votes
- Most comments
0
Have you tried to configure filters in ECR?
Note that enhanced scanning in ECR refers to the (new) inspector continuous scanning.
** This will not directly address your question as they are not available as of now (i.e. filter only findings that either relating images being actually deployed in EKS and/or have patches available), but it will help to reduce # of findings generated and lower cost.
answered 2 years ago
Relevant content
- asked a year ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated a year ago
- How do I use the Microsoft KB number in Patch Manager to install a specific patch or set of patches?AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 2 years ago
I was thinking the same thing. Try putting your actively used images in a different repository from your archived images (ex: active-repository), and then use ECR filters to only scan your active-repository.