AWS Elastic Container Registry (ECR) Scanning Tips

Document created by Alex Mandernack Employee on Jan 20, 2020Last modified by Alex Mandernack Employee on Jan 27, 2020
Version 3Show Document
  • View in full screen mode


This document will provide tips for completing a successful registry scan of an AWS Elastic Container Registry (ECR).


AWS Registry Scanning Tips

The repository name is the name that is shown in AWS, not the full URI, see below for an example.


Repo config and name in AWS

In this example, circled in red, "dev/app" is the repo name that you will enter in the Qualys registry scan job.


Image tag info in the AWS ECR repo

The tag name is circled in blue.

Note: The Pushed at date (green square), does NOT reflect the image "Created" date.



Repo config and name in Qualys

Enter the repo name and tag from the AWS console (red and blue examples are circled here as well)



For tips on image scanning, see the Tips for Achieving a Successful Container/Image Scan document.

1 person found this helpful