-
Notifications
You must be signed in to change notification settings - Fork 4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
(bootstrap): Enable ECR ScanOnPush by default #17581
Comments
I'd love to do this, before before we do it I have an open question to ECR team if there are any downsides to enabling this feature for everyone. I would like to hear back from them before we move on this. |
Seems that this is closed already with #17994 |
Is there some regression on this feature? It doesn't appear to be in the latest version of the bootstrap CloudFormation file? |
Removed in #21342 |
Given the comment on that PR about scanning at the repo level being deprecated, is this still a valid issue? |
From my perspective it felt like an out-of-the-box configuration that should have been enabled. However, given the constraints described about applying this globally in #21342 , I'd agree it doesn't fit here |
Closing as it looks like this issue is no longer needed. If you think this issue was closed in error, please open a new issue! We will not see any further comments on this one. |
|
Description
Hello,
Enable ScanOnPush (no additional charge) for CDK bootstrap default ECR Registry. See related resource definition
Use Case
Building containers using DockerImageAsset, would be important to have visibility into their security vulnerabilities.
Proposed Solution
Other information
No response
Acknowledge
The text was updated successfully, but these errors were encountered: