ECR Integration

Scan container images stored in Amazon Elastic Container Registry (ECR) directly from Rorix.

This integration is available on the Business plan only.

Setup

1. Add AWS Credentials

In your Rorix dashboard, go to Integrations then ECR:

1. Enter your AWS Access Key ID
2. Enter your AWS Secret Access Key
3. Select your AWS Region
4. Click Save

2. Test the Connection

Click Test Connection to verify Rorix can access your ECR registry. Rorix requires the following IAM permissions:

• ecr:DescribeRepositories
• ecr:ListImages
• ecr:BatchGetImage
• ecr:GetDownloadUrlForLayer

3. Select Repositories

After connecting, select which ECR repositories to monitor. Rorix will scan new images as they are pushed.

Scanning Images

Once configured, Rorix automatically scans images when:

• A new image is pushed to a monitored repository
• A scheduled scan runs (configurable: daily or weekly)
• You manually trigger a scan from the dashboard

API Usage

List Repositories

curl https://rorix.io/api/ecr/repositories \
  -H "Authorization: Bearer rxk_your_api_key"

Scan an Image

curl -X POST https://rorix.io/api/ecr/scan \
  -H "Authorization: Bearer rxk_your_api_key" \
  -H "Content-Type: application/json" \
  -d '{
    "repositoryName": "my-dotnet-app",
    "imageTag": "v1.2.3"
  }'

Response

The scan response includes:

• Base image vulnerabilities
• .NET dependency vulnerabilities (if detected in the image)
• Security configuration findings
• Overall risk score