Container Scanning

Scanning Private Container Registry Images

2min

SOOS can scan private registry images by mounting the Docker socket from the host machine, thus allowing the SOOS container to communicate with the host's Docker daemon. The SOOS container (which is running the container scan) can then access the private container being scanned.

Configure Docker to Use Your AWS Credentials

If you are using private AWS container registry you've most likely already completed this setup, however if you haven't, you'll need to use the AWS CLI to authenticate and then allow docker to use your AWS credentials.

> aws configure # TODO: provide your credentials when prompted > aws ecr get-login-password --region <your_region> | docker login --username AWS --password-stdin <your_account>.dkr.ecr.<your_region>.amazonaws.com

Other private container registries have similar methods of authentication which can be used.

Run the Scan

Follow the technical readme directions to mount the Docker socket and run the SOOS container.