All Collections
Setting up cloud scanning
How can I enable container analysis for my AWS cloud environment?
How can I enable container analysis for my AWS cloud environment?

This article explains how you can get insights into vulnerabilities in your containers stored in AWS

Bert Coppens avatar
Written by Bert Coppens
Updated over a week ago

Amazon Web Services (AWS) provides an efficient way to store container images through the Elastic Container Registry service. Leveraging the power of Aikido in conjunction with AWS's ECR service cont ensures a robust security framework. Let's walk through the process of enabling container analysis for images stored in ECR.

Step 1: Set Up Aikido Integration with AWS

Before you begin, make sure your AWS cloud environment has been linked with Aikido. If you did not do this, you can follow the steps in this article to get set up.

Step 2: Enable the Amazon Inspector

Log in to your AWS console and navigate to the Amazon inspector service in the region(s) where your images are stored. Click on "Get Started" and activate the inspector.

Step 3: Push the latest version of your images to ECR again

Amazon Inspector will only scan newly pushed imags for vulnerabilities. So for the analysis to start on your images, you should push the latest version of your images again to their respective ECR repositories.

Step 4: Start a scan in Aikido to process the results

Once Amazon inspector is enabled for the region, AWS will automatically scan all your latest images for vulnerabilities and make them accessible to acquire via the API.

The initial scan ususally takes a few minutes, after which you can trigger a scan for your cloud environment in Aikido to process the results. Ofcourse we'll have our scoring engine take a look at the results to ensure we only show the relevant issues.

Did this answer your question?