AWS Elastic Container Registry (ECR) Scanning Tips

Document created by Alex Mandernack Employee on Jan 20, 2020Last modified by Alex Mandernack Employee on Jan 27, 2020
Version 3Show Document
  • View in full screen mode

Introduction

This document will provide tips for completing a successful registry scan of an AWS Elastic Container Registry (ECR).

 

AWS Registry Scanning Tips

The repository name is the name that is shown in AWS, not the full URI, see below for an example.

 

Repo config and name in AWS

In this example, circled in red, "dev/app" is the repo name that you will enter in the Qualys registry scan job.

aws1

Image tag info in the AWS ECR repo

The tag name is circled in blue.

Note: The Pushed at date (green square), does NOT reflect the image "Created" date.

aws2

 

Repo config and name in Qualys

Enter the repo name and tag from the AWS console (red and blue examples are circled here as well)

qualys1

 

For tips on image scanning, see the Tips for Achieving a Successful Container/Image Scan document.

1 person found this helpful

Attachments

    Outcomes