tencent cloud

PrevNext

Feedback

search by keyword

Recent Pages

Documentation
Tencent Container Security Service
    Documentation
    Download PDF

    Accessing the AWS Image Repository

    Last updated: 2024-08-13 17:05:18
    Download PDF
      When you need to access repository images from your AWS account to the TCSS console for security scanning, you can see this document to access the AWS image repository.

      Accessing Repository

      1. Log in to the TCSS console. In the left sidebar, click Image Risk Control > Repository Images.
      2. On the image repository page, click Access Repository.
      
      3. In the add image repository popup, configure the relevant parameters, and click Next .
      
      Parameter Name
      Description
      Instance Name
      Fill in the image repository instance name. The instance name must be unique and not empty.
      Repository Type
      Select the third-party image repository type. Currently supported options include Harbor, Quay, JFrog, and AWS. When users access AWS repositories, select AWS.
      Network Type
      Select the network access type for the third-party image repository. AWS repositories only support the public network.
      Region
      Select the region where the third-party image repository is located. The AWS type defaults to Default Region.
      Address
      Enter the access address of the third-party image repository. You can see the log-in address used in the docker log-in command on the command line. For example: If your command is docker log-in example.com:8080, your repository address should be http://example.com:8080 and the input content should be example.com:8080.
      Username
      Enter the username to access the third-party image repository. For details, see how to create an AWS account.
      Password
      Enter the password to access the third-party image repository. For details, see how to create an AWS account.
      Rate Limit
      Select the number of images that can be synchronously pulled per hour. The default is unlimited. Optional values are 5, 10, 20, 50, 100, 500, 1,000, and unlimited.
      Certificate Verification Skipping
      Confirm whether to verify the certificate of the remote image repository instance for image synchronization. If the remote instance uses a self-signed or untrusted certificate, do not check this option. It is checked by default.
      Image Authorizing & Scanning
      Automatically authorize and scan the latest version of the image in this repository, and issue a security scan. The image synchronization speed is about 20 per second, and it is expected to take 20-30 minutes to synchronize. A scan will be initiated after synchronization.
      4. Under the Verify Connection Status, select Connection method, and click Confirm to add.
      Note:
      Verify connection status: You can select Self-owned Host Node Connection or Product Backend Connection.
      Self-owned host node connection: Select your own host node for repository image pulling and scanning. It is recommended to select self-owned host node connection for better image scanning rate.
      Product backend connection: Use TCSS product-side backend services for repository image pulling and scanning. The scanning rate is slower and it takes longer time.
      

      Creating an AWS Account

      Step 1: Creating an IAM User

      1. Log in to the AWS console, and select IAM service.
      
      2. In the IAM dashboard, click Number of Users to enter the user list.
      
      3. In the user list, click Create user.
      
      4. On the create user page, enter the user name as prompted, and click Next.
      Note:
      The optional enabling console access can be configured as needed. This guide does not require checking.
      
      5. On the permissions setting page, select Attach policies directly.
      
      6. When users select permission policies, select the following two policies: AmazonEC2ContainerRegistryReadOnly, and AmazonElasticContainerRegistryPublicReadOnly.
      
      7. After the above configuration is completed, click Next to enter the view and create page, and click Create user to finish creating an IAM user.
      

      Step 2: Creating AK/SK

      1. In the user list, click User name to enter the user summary page.
      
      2. On the user summary page, click Create access key under access keys.
      
      3. In the best practices and alternatives of the access key, select Application Running Outside AWS.
      
      4. In the set description tag, enter the tag value, and click Create access key to complete the creation of the AK/SK access key.
      
      5. On the retrieve and access keys page, the access key is the username required to access the AWS repository, and the secret access key is the password required to access the AWS repository.
      
      
      Contact Us

      Contact our sales team or business advisors to help your business.

      Contact Us
      Technical Support

      Open a ticket if you're looking for further assistance. Our Ticket is 7x24 avaliable.

      Submit a Ticket
      7x24 Phone Support
      Copyright © 2013-2024 Tencent Cloud. All Rights Reserved.
      Privacy PolicyLegalCookie Policy