Question

What compliance capabilities can be enabled on Amazon ECR?

1) Encryption at rest
2) Image scanning
3) Access control
4) Vulnerability assessment

Answer 1

Amazon ECR offers encryption at rest, image scanning, access control, and vulnerability assessment as compliance capabilities.

Step-by-step explanation:

On Amazon ECR, there are several compliance capabilities that can be enabled:

1. Encryption at rest: This feature allows for data stored in Amazon ECR to be encrypted to protect it from unauthorized access.
2. Image scanning: Amazon ECR offers integrated image scanning, which can help identify known vulnerabilities or malware in container images before they are deployed.
3. Access control: With Amazon ECR, you can control access to your container images by using AWS Identity and Access Management (IAM) policies and resource-based permissions.
4. Vulnerability assessment: Amazon ECR integrates with vulnerability scanning tools like AWS Security Hub and Amazon GuardDuty to provide continuous vulnerability monitoring and assessment of container images.