Mods

turbot/aws_compliance

GitHub
Overview
25Dashboards
993Controls
487Queries
2Variables
GitHub
Loading controls...
On This Page
Description
Usage
SQL
Tags
Get Involved
Edit on GitHub
Discuss on Slack

Control: ECR private repositories should have tag immutability configured

Description

This control checks whether a private ECR repository has tag immutability enabled. This control fails if a private ECR repository has tag immutability disabled. This rule passes if tag immutability is enabled and has the value IMMUTABLE.

Usage

Run the control in your terminal:

steampipe check aws_compliance.control.ecr_repository_tag_immutability_enabled

Snapshot and share results via Steampipe Cloud:

steampipe login
steampipe check --share aws_compliance.control.ecr_repository_tag_immutability_enabled

SQL

This control uses a named query:

ecr_repository_tag_immutability_enabled

Tags

category = Compliance
nist_csf = true
plugin = aws
service = AWS/ECR