TOC & Recently Viewed

Recently Viewed Topics

Configure an AWS ECR Connector to Import Images

Required User Role: Administrator

To import and analyze images hosted in an Amazon Web Service (AWS) Elastic Container Registry (ECR), you must configure your AWS ECR connector.

Before you begin:

  • Activate your account and log in to the web portal, as described in Log in to Tenable.io Container Security.
  • Confirm the images you want to import are stored in your organization's container registry.

To configure a connector to an AWS Elastic Container Registry:

  1. In the Connectors section of the Container Security dashboard, click Import.

    The Select a Connector plane appears.

  2. In the Container Security section, click AWS Elastic Container Registry.
  3. In the URL box, type the fully-qualified domain name of your ECR deployment (e.g., 579133718396.dkr.ecr.us-east-2.amazonaws.com).
  4. In the User Name box, type AWS.
  5. In the Password box, type the base 64-encoded password used in the docker login command, which is generated by AWS CLI.

    Note: AWS ECR passwords expire every 12 hours. You must refresh your AWS token if more than 12 hours passes between imports of the same registry.

    Tip: If your ECR is in the us-east-2 region, you can run the aws ecr get-login --region us-east-2 command to get the docker login command.

  6. Do one of the following:

    • To save the connector, click Save.

      Note: If you click Save, Tenable.io saves your configured connector but does not import your assets. To launch a manual import for the connector, see Launch a Connector Import Manually in the Tenable.io Vulnerability Management User Guide.

    • To save the connector and import your assets from the registry, click Save & Import.

      Note: There may be a short delay before your assets appear in Tenable.io.

  7. (Optional) Click Back to configure another connector.

What to do next:

Copyright © 2019 Tenable, Inc. All rights reserved. Tenable, Tenable.io, Tenable Network Security, Nessus, SecurityCenter, SecurityCenter Continuous View and Log Correlation Engine are registered trademarks of Tenable, Inc.. Tenable.sc, Lumin, Assure, and the Cyber Exposure Company are trademarks of Tenable, Inc. All other products or services are trademarks of their respective owners.