By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Can I enable AWS inspector to scan public ECR repos?

0

Can I enable the AWS inspector to scan public ECR repos? If yes please describe the steps.

Topics
ContainersSecurity, Identity, & Compliance
Tags
Amazon Elastic Container Registry (ECR)Amazon Inspector
Language
English
rePost-User-5465800
asked a year ago442 views
1 Answer
1

You cannot configure AWS Inspector to point to a public ECR repository. One workaround is to pull the container from public ECR and create a private ECR repository inside your account and push the exact same unchanged container to it, and then do the scan.

Another thing you could try is configuring a pull through cache rule to pull a public image into a private repository and then scan the private repository, which is basically replicating the same functionality you are attempting to do.

profile pictureAWS
Lawrence Aiello
answered a year ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content