Can I enable AWS inspector to scan public ECR repos?


Can I enable the AWS inspector to scan public ECR repos? If yes please describe the steps.

1 Answer

You cannot configure AWS Inspector to point to a public ECR repository. One workaround is to pull the container from public ECR and create a private ECR repository inside your account and push the exact same unchanged container to it, and then do the scan.

Another thing you could try is configuring a pull through cache rule to pull a public image into a private repository and then scan the private repository, which is basically replicating the same functionality you are attempting to do.

profile pictureAWS
answered a year ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions