Configuring Registry Scan Scope

Use wildcard patterns to control which container images Aikido scans in your connected registries. This helps you focus on relevant containers and avoid clutter when working with registries containing hundreds of images across multiple projects.

How Scan Scope Works

You can configure scan scope in two ways:

• Include containers matching: Aikido will exclusively scan containers that match your specified patterns. All other containers will be ignored.

• Exclude containers matching: Aikido will scan all containers except those matching your patterns.

Setting Up Scan Scope

1. Navigate to Settings > Containers

2. Click the triple dots on the registry you want to configure, and click 'Edit Registry Configuration'

   
3. In the Registry Settings modal, scroll to the Registry Scan Scope section

   
4. Select your scan mode:

   • Include containers matching to create an allowlist

   • Exclude containers matching to create a blocklist

5. Enter your wildcard pattern (e.g., backend-*)

6. Click Add Pattern to add additional patterns

7. Click Save

After saving, Aikido applies your scan scope rules during the next scheduled scan. Only containers matching your criteria will be added to your Aikido workspace and scanned.

Wildcard Pattern Examples

Wildcard patterns use the * character to match multiple container names:

• frontend-* - Matches all containers starting with "frontend-" (e.g., frontend-web, frontend-api)

• *-prod - Matches all containers ending with "-prod"

• production/* - Matches all containers in the production project or namespace

• *test* - Matches any container with "test" in the name