(Deepfence) Understand Container Registry Scanning (feature #3)

[0xisk]

We need to write full documentation for the following points:

Container Registry Scanning:

Check for vulnerabilities in images stored on:

• AWS ECR
• Azure Container Registry
• Google Container Registry
• Docker Hub
• Docker Self-Hosted Private Registry
• Quay
• Harbor
• Gitlab
• JFrog registries.

[0xisk]

Here we have three main dots on our exploration,

• AWS ECR for Amazon AWS exploration

• @mina98 Azure Container Registry for Microsoft Azure exploration

• @kirollosBoles Google Container Registry for Google exploration

From my understanding Containers here will be built by Docker, and maybe we will need to connect with Kubernetes. And those containers could be any type of application.

[mina98]

@iskanderandrew for the Azure Container Registry, I think this link will be good it contains the features and how to start and manage.

The key features

• For security : Azure Container Registry transfers container images over HTTPS, and supports TLS to secure client connections.

• Supported images and artifacts

• Automated image builds

Container Registry is private, hosted in Azure, and allows you to build, store, and manage images for all types of container deployments.

For build and store container images with Azure Container Registry, you can check the docs