View ECR CD mitigation scan history

Note: To view ECR CD mitigation scan history, first configure the feature. See Enable Threat Management on AWS ECR .

The Scan History page provides a scan log of each image pushed into the ECR repositories.

The page has two areas:

  • Summary of scan results

    Column Name

    Description

    Blocked

    Number of high-risk violation images that Prevasio blocked from being pulled by AWS container service from the repository. (cause the repository to be locked)

    Failed

    Number of images whose scan failed.

    Passed

    Number of images whose scan passed

    In progress

    Number of images still being scanned
  • Account details list

    Here's a breakdown of what each column in the list represents:

    Column Name

    Description

    Account ID

    The AWS Account ID

    Blocked

    Number of images with high-risk violations that block container service pull request from the repository Number of high-risk violation images that Prevasio blocked from being pulled by AWS container service from the repository. (cause the repository to be locked)

    Failed

    Number of images whose scan failed

    Passed

    Number of images whose scan passed

    In progress

    Number of images still being scanned

    Legend

    Graphic representation of the status

To view scan history of an account

Do the following:

1. In the Prevasio interface, navigate to DevOps> Cloud CD Security > Scan History and select the AWS tab. The Scan History page appears.

2. In the Account Details area, click the Account ID to see more details for the account including relevant repositories. The ECR CD Mitigation Scan History opens.

At the top of the page, you may find optional informational messages that guide you on how to manually add access and provide instructions for granting access.

Below is the ECR CD Mitigation Scan History list:

Image tag

Identifier of the image

Deployment

Passed or blocked or failed or In progress

Violation

Icons showing which artifact type was in violation.

Attempts on image

How many times an AWS Container Service tried to autopull an the image from the repository

Workloads

Usages of this image in an AWS Container Service.

ECS usages

EKS usages

Lambda usages

  • Green colored icon means that it is passed in the deployment

  • Red colored icon means deployment status is blocked

  • Gray colored icon means there were no attempts made by the specific AWS Container Service

Icons are clickable and open a popup with link to the AWS console to see details of the Container Service workload.

Event date

Date/time that the image was last scanned

Report

Link to the full report (details about the scan results for the image)