Docs
HomeGitHubSign Up

Elastic Container Registry

Suggest Edits

Overview

ARMO platform allows you to scan container images from your Elastic Container Registry (ECR) for vulnerabilities. This guide provides step-by-step instructions to connect your ECR with the ARMO platform.

Prerequisites

  • Access to your AWS Management Console.
  • Permissions to create IAM users and assign theAmazonEC2ContainerRegistryReadOnly policy.
  • An active ARMO platform account.

Quick Guide: Create an AWS User with Required Permissions

Step 1: Create a User

  1. Navigate to IAM > Users and click Add users.
  2. Enter a User name (e.g., armo-ecr-scanning) and select Programmatic access.
  3. Under Set permissions, choose Attach policies directly and attach the AmazonEC2ContainerRegistryReadOnly policy.
  4. Click Create user to finalize.

Step 2: Create Access Keys

  1. In IAM > Users, select the newly created user.
  2. Go to Security credentials > Access keys > Create access key.
  3. Choose Third-party service and confirm.
  4. Save the Access key ID and Secret access key securely. Note that you won't be able to view the secret key again later.

You're now ready to connect your AWS ECR with the ARMO platform.

Step-by-Step Guide

Step 1: Navigate to the Integrations Page

Log into the ARMO platform and navigate to the Integrations section from the settings menu.
From the Container Registries section, click Connect under the Elastic Container Registry option.

Step 2: Add a New Registry

Click Add Registry to start configuring your ECR.

Step 3: Provide Registry Details

  • Cluster: Select the cluster from which the registry scanning will be initiated.
  • Connection Method: Choose Credentials.

Click Next to proceed

  • AWS Access Key ID: Enter the Access Key ID for the AWS user.
  • AWS Secret Access Key: Enter the Secret Access Key for the AWS user.
  • Registry URI: Enter the URI of your Elastic Container Registry.

Click Next to proceed.

Step 4: Schedule Scans (Optional)

You can configure a schedule for periodic scans of your ECR. Define the frequency and time for automated scans.

Step 5: Finalize the Connection

Review the configuration and click Save to activate the integration. Your Elastic Container Registry is now connected to the ARMO platform.

Conclusion

By connecting your Elastic Container Registry to the ARMO platform, you can ensure continuous security and compliance for your container images. This integration allows you to streamline your container image scanning workflows and receive actionable insights.

Updated 9 days ago