Best practice rules for Amazon Elastic Container Registry
- ECR Repository Exposed
Ensure that AWS Elastic Container Registry (ECR) repositories are not exposed to everyone.
- Enable Automated Scanning for Amazon ECR Container Images
Ensure that each Amazon ECR container image is automatically scanned for vulnerabilities.
- Enable Cross-Region Replication
Ensure that Cross-Region Replication feature is enabled for your Amazon ECR container images.
- Lifecycle Policy in Use
Ensure that Amazon ECR image repositories are using lifecycle policies for cost optimization.
- Repository Cross Account Access
Ensure that Amazon ECR repositories do not allow unknown cross account access.