Amazon Web Services (AWS) provides an efficient way to store container images through the Elastic Container Registry service. Leveraging the power of Aikido in conjunction with AWS's ECR service cont ensures a robust security framework. Let's walk through the process of enabling container analysis for images stored in ECR.
Step 1: Set Up Aikido Integration with AWS
Before you begin, make sure your AWS cloud environment has been linked with Aikido. If you did not do this, you can follow the steps in this article to get set up.
Step 2: Enable the Amazon Inspector
Log in to your AWS console and navigate to the Amazon inspector service in the region(s) where your images are stored. Click on "Get Started" and activate the inspector.
Step 3: Push the latest version of your images to ECR again
Amazon Inspector will only scan newly pushed imags for vulnerabilities. So for the analysis to start on your images, you should push the latest version of your images again to their respective ECR repositories.
Step 4: Start a scan in Aikido to process the results
Once Amazon inspector is enabled for the region, AWS will automatically scan all your latest images for vulnerabilities and make them accessible to acquire via the API.
The initial scan ususally takes a few minutes, after which you can trigger a scan for your cloud environment in Aikido to process the results. Ofcourse we'll have our scoring engine take a look at the results to ensure we only show the relevant issues.