πΌ [Inspector.2] Amazon Inspector ECR scanning should be enabled
- Contextual name: πΌ [Inspector.2] Amazon Inspector ECR scanning should be enabled
- ID:
/frameworks/aws-fsbp-v1.0.0/inspector/02
- Located in: πΌ Inspector
Descriptionβ
Amazon Inspector scans container images stored in Amazon Elastic Container
Registry (Amazon ECR) for software vulnerabilities to generate package
vulnerability findings. When you activate Amazon Inspector scans for Amazon
ECR, you set Amazon Inspector as your preferred scanning service for your
private registry. This replaces basic scanning, which is provided at no charge
by Amazon ECR, with enhanced scanning, which is provided and billed through
Amazon Inspector. Enhanced scanning gives you the benefit of vulnerability
scanning for both operating system and programming language packages at the
registry level. You can review findings discovered using enhanced scanning at
the image level, for each layer of the image, on the Amazon ECR console.
Additionally, you can review and work with these findings in other services
not available for basic scanning findings, including AWS Security Hub and
Amazon EventBridge.
Similarβ
Similar Sections (Give Policies To)β
Sub Sectionsβ
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|