Skip to main content
Source

This page is generated from skills/eks-security/references/image-supply-chain.md. Edit the source, not this page.

Layer 4 — Image Supply Chain Security

The end-state is a complete chain: scan → sign → verify-at-admission. Each stage is independently valuable; together they ensure only scanned, signed images run.

ECR Enhanced Scanning (powered by Amazon Inspector)

  • CVE detection across OS packages AND programming-language packages (Python, Node.js, Java, Ruby, Go, …).
  • CVSS severity scoring; continuous re-scan on new CVE disclosure.
  • Findings flow to AWS Security Hub for unified posture.
  • References: Amazon ECR features · Amazon Inspector.

ECR image signing

ECR stores image signatures as OCI artifacts via:

  • Cosign (Sigstore project, CNCF) — keyless or keyed signatures.
  • Notation (CNCF, OCI standard) — ECR is Notation-compatible.

Image admission control — Kyverno verifyImages

Kyverno's verifyImages rule blocks unsigned or high-severity images at admission time. Combined with ECR Enhanced Scanning + signing, this closes the loop: an image that isn't scanned-clean and signed never schedules. (See Layer 3 — this is policy-engine sub-rule 3c.)

Third-party scanners (alternatives or complements to ECR Enhanced Scanning)

ScannerStrengthsAvailable via
SnykDeveloper-focused, strong language scanningAWS Marketplace
AquaFull container security platformAWS Marketplace
WizCNAPP, agentlessAWS Marketplace
Prisma Cloud (Palo Alto)Comprehensive CSPM + workload protectionAWS Marketplace
TrivyOpen-source, fast, broad CVE coverageSelf-hosted (CI/CD)

Position AWS-native (ECR Enhanced Scanning + Inspector + Security Hub) as the default; third-party CNAPP suits customers with an existing enterprise contract or multi-cloud posture. When a customer already runs a CNAPP, the conversation is coexistence-vs-displacement — escalate to Security guidance rather than reflexively recommending replacement.

Hardening the images themselves

  • Prefer distroless / minimal base images to shrink the CVE surface.
  • Generate an SBOM and enforce build provenance where the regime requires it.
  • DLC and ML images carry large dependency trees (PyTorch, CUDA) — the CVE surface is far larger than typical microservices; scan on push and on a schedule for base-image drift.

Shared responsibility (Layer 4)

AWS managesCustomer manages
ECR registry; Inspector scanning engine + CVE feed; signature storageEnabling Enhanced Scanning per repo; signing keys + signing pipeline; admission policies (verifyImages); base-image hygiene; SBOM/provenance

Sources