Platform Pricing Customers Resources Sign in Sign Up

Ensure ECR repositories are encrypted

Error: Unencrypted ECR repositories

Bridgecrew Policy ID: BC_AWS_GENERAL_53
Checkov Check ID: CKV_AWS_136
Severity: LOW

Suggest Edits

Unencrypted ECR repositories

Description

TBA

Fix - Buildtime

Terraform

Resource: aws_ecr_repository
Argument: encryption_configuration.encryption_type

resource "aws_ecr_repository" "example" {
  ...
  name                 = "bar"
+ encryption_configuration {
+   encryption_type = "KMS"
+ }
}

CloudFormation

Resource: AWS::ECR::Repository
Argument: Properties.EncryptionConfiguration.EncryptionType

Resources:
  KMSEncryption:
    Type: AWS::ECR::Repository
    Properties: 
      ...
+     EncryptionConfiguration:
+       EncryptionType: "KMS"
        ...

Updated 9 months ago

Did this page help you?