top of page

ECR.2

ECR private repositories should have tag immutability configured

Severity

Cloud Platforms

Resources

Related Standards

Automated

MEDIUM

AWS

Amazon Elastic Container Registry

AWS Foundational Best Practice, NIST.800-53.r5,

This control checks whether a private ECR repository has tag immutability configured. This control fails if a private ECR repository has tag immutability disabled. This rule passes if tag immutability is configured and has the value IMMUTABLE

bottom of page