利用 Amazon ECR 增强容器安全性.pdf

《利用 Amazon ECR 增强容器安全性.pdf》由会员分享，可在线阅读，更多相关《利用 Amazon ECR 增强容器安全性.pdf（17页珍藏版）》请在三个皮匠报告上搜索。

1、 2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.C N S 2 0 8Enhancing container security with Amazon ECRLiz DukePrincipal GTM Specialist SA Containers 2025,Amazon Web Services,Inc.or its affiliates.All rights reser

2、ved.Container Security ChallengesLarge number of containersSpeed of changeExternal components 2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.Container supply chainCodeBuildStoreDeployMonitor 2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.Container Supply Chain

3、+securityAWS CodePipelineSourceBuildStoreDeployGit RepositoryAWS Code BuildAmazon ECRAmazon ECSAmazon EKS 2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.Amazon ECR Fully-managed container artifact registryPush,tag,and manage Docker images,Open Container Initiative(OCI)images,and

4、OCI compatible artifactsAWS managed container image registry service that is secure,and scalable,with Cross-Region and cross-account replicationManage image lifecycle and cleanup with Lifecycle policiesEnforce security posture by identifying software vulnerabilities with image scanningCache upstream

5、 artifacts in your private registry with pull through cache supportAmazon ECR serves billions of image pulls every dayStore 2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.Inbuilt Security Features in Amazon ECRAWS Identity and Access Management(IAM)PermissionsEncrypted dataAWS Ke

6、y Management Service(AWS KMS)Amazon Simple Storage Service(Amazon S3)EndpointsAmazon Virtual Private Cloud(Amazon VPC)Store 2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.Scanning your images-basicAWS CloudCustomers ECR RegistryRegion1123REPEATS every time a new image is pushed2E