Before Aqua Wave can perform Vulnerability Scans and Dynamic Threat Analysis, you will need to connect a container registry. For Amazon Elastic Container Registry (ECR), this is done through the use of a secure, third-party cross-account IAM role. To connect the registry, you must complete steps in both your AWS account, as well as in your Aqua Wave account.


TABLE OF CONTENTS

  1. Navigate to the Cloud Accounts page
  2. Select the Amazon Elastic Container Registry options
  3. Click the Launch Stack button on the left side
  4. Select the registry’s AWS Region
  5. Copy the role ARN from the AWS Console
  6. Connect the registry


Navigate to the Cloud Accounts page

  • Click on Connect Registry on the top right


Select the Amazon Elastic Container Registry options

  • Choose Amazon Elastic Container Registry under "Account Type" and CloudFormation under "Method"

Click the Launch Stack button on the left side

  • Wait for the stack to finish creating in your AWS account

Select the registry’s AWS Region

Copy the role ARN from the AWS Console

  • In the AWS Console, open the outputs tab and copy the ARN value
  • Paste the ARN value back in the Aqua Wave wizard page

Connect the registry

  • Click Test Connection to verify that the connection parameters are correct
  • Click Connect to finish

Keep Reading