CloudDefense.AI
  • Connect Repositories
    • Scan a Github/Gitlab
    • Scan an Azure DevOps repository
    • Scan a Bitbucket repository
  • Scans
    • Written code Scan (SAST)
    • Open Source Libraries Scan (SCA)
    • Secrets Scan
    • DAST Scans
    • API Scan from CloudDefense UI
  • CI/CD
    • GitHub Enterprise Actions
    • Methods for CI/CD integration with CLI
    • CI/CD Policies
    • Jenkins integration with cdefence
  • Integration
    • IaC on GCR Scan
    • IaC on Amazon ECR Scan
    • IaC on Docker Hub Scan
    • Integration with ServiceNow
    • Integration with Jira
    • SSO Okta App Integration
    • Set up CloudDefense Single Sign-On (SSO)
    • SIEM
      • Azure Sentinel
      • IBM Qradar
      • Micro Focus ArcSight Logger
  • Features
    • Sharing Integration
    • How to Enable Multi-Factor Authentication
    • AUTO PR
    • Remediation using SAST Recommendations
    • Global Allowed List and Local allowed list - Documentation
    • File Exclude
  • CloudDefense CLI
    • Cloud Defense CLI
  • On-Prem Installation
    • Install CloudDefense Helm on a Kubernetes Cluster
    • Install CloudDefense suite on a Kubernetes cluster
  • Others
    • Team Management
    • User Management
    • App Management
    • LogIn/Signup process
Powered by GitBook
On this page
  • Prerequisites
  • Scan Public Images
  • Scan Private Images
  • Step 1: Create an IAM user.
  • Step 2: Add Amazon ECR integration in CloudDefense.
  • Step 3: Scan your private images.
  1. Integration

IaC on Amazon ECR Scan

PreviousIaC on GCR ScanNextIaC on Docker Hub Scan

Last updated 2 years ago

Prerequisites

  • Amazon Root user

  • Private repositories with images in Elastic Container Registry

Scan Public Images

Go to ‘Applications’ -> ‘Scan’ -> ‘Other’ -> ‘Amazon ECR’ and insert the name of the image you want to scan:

After scanning the new application with the name of the image will be created:

Scan Private Images

Step 1: Create an IAM user.

Login as a root user in Amazon Web Services.

Go to ‘Identity and Access Management (IAM)’ -> ‘Users’ -> ‘Add Users’.

Fill ‘User name’ and select ‘Access key’ credential type:

Go to ‘Attach existing policies directly’ and select

‘AmazonEC2ContainerRegistryReadOnly’ permission:

Click ‘Next: Tags’,

then ‘Next: Review’,

then ‘Create user’.

Copy ‘Access key ID’ and ‘Secret access key’.

Step 2: Add Amazon ECR integration in CloudDefense.

Go to ‘Integrations’ -> ‘Container Coverage’ -> ‘Amazon ECR’. Paste your Access key ID and Secret access key, choose default region and click ‘Configure’:

Step 3: Scan your private images.

After successful configuration you can scan your own images.

Go to the ‘Integrations’ -> ‘Container Coverage’ -> ‘Amazon ECR’ or ‘Applications’ -> ‘Scan’ -> ‘Other’ -> ‘Amazon ECR’ -> ‘Your own images’. Choose region, default one always will be selected (you can choose other default region in integration configuration) and choose the image (images) you want to scan: