Mods

turbot/terraform_aws_compliance

GitHub
Overview
39Dashboards
153Controls
153Queries
0Variables
GitHub
Loading controls...
On This Page
Description
Usage
SQL
Tags
Get Involved
Edit on GitHub
Discuss on Slack

Control: ECR repository tags should be immutable

Description

AWS ECR should have all tags be immutable - once a container is published, another image cannot assume the same tag.

Usage

Run the control in your terminal:

steampipe check terraform_aws_compliance.control.ecr_repository_tags_immutable

Snapshot and share results via Steampipe Cloud:

steampipe login
steampipe check --share terraform_aws_compliance.control.ecr_repository_tags_immutable

SQL

This control uses a named query:

ecr_repository_tags_immutable

Tags

category = Compliance
plugin = terraform
service = AWS/ECR
type = Benchmark