Recently Viewed Topics
Configure an AWS ECR Connector to Import Images
Required User Role: Administrator
To import and analyze images hosted in an Amazon Web Service (AWS) Elastic Container Registry (ECR), you must configure your AWS ECR connector.
Before you begin:
- Activate your account and log in to Tenable.io Container Security, as described in Log in to Tenable.io Container Security.
- Confirm the images you want to import are stored in your organization's container registry.
To configure a connector to an AWS Elastic Container Registry:
In the Connectors section of the Container Security dashboard, click Import.
The Select a Connector plane appears.
- In the Container Security section, click AWS Elastic Container Registry.
- In the URL box, type the fully-qualified domain name of your ECR deployment (e.g.,
- In the User Name box, type AWS.
In the Password box, type the base 64-encoded password used in the
docker logincommand, which is generated by AWS CLI.
Note: AWS ECR passwords expire every 12 hours. You must refresh your AWS token if more than 12 hours passes between imports of the same registry.
Tip: If your ECR is in the us-east-2 region, you can run the
aws ecr get-login --region us-east-2command to get the
Do one of the following:
To save the connector, click Save.
Note: If you click Save, Tenable.io saves your configured connector but does not import your assets. To launch a manual import for the connector, see Launch a Connector Import Manually in the Tenable.io Vulnerability Management User Guide.
To save the connector and import your assets from the registry, click Save & Import.
Note: There may be a short delay before your assets appear in Tenable.io.
- (Optional) Click Back to configure another connector.
What to do next:
- View the results of your scan, as described in View Scan Results for Container Images.