top of page
AWS Foundational Security Best Practice
ECR.2
ECR private repositories should have tag immutability configured
Severity
Cloud Platforms
Resources
MEDIUM
AWS
Amazon Elastic Container Registry
This control checks whether a private ECR repository has tag immutability configured. This control fails if a private ECR repository has tag immutability disabled. This rule passes if tag immutability is configured and has the value IMMUTABLE
bottom of page