Trivy can scan your AWS ECR images without pulling them down first.
Let’s see it in action. Imagine you’ve got a container image tagged 123456789012.dkr.ecr.us-east-1.amazonaws.com/my-app:latest in your Elastic Container Registry. You want to check for vulnerabilities before you even docker pull it locally or deploy it.
First, ensure you have Trivy installed and configured with AWS credentials that have at least ecr:GetDownloadUrlForLayer, ecr:BatchGetImage, and ecr:BatchCheckLayerAvailability permissions for the target ECR repository.
Here’s the command:
trivy ecr --region us-east-1 123456789012.dkr.ecr.us-east-1.amazonaws.com/my-app:latest
Trivy will then interact directly with ECR, retrieve the image manifest and layer metadata, and scan those layers for known vulnerabilities without ever downloading the full image layers to your local machine. The output will look like a standard Trivy scan, listing vulnerabilities by severity.
This solves a few key problems. For CI/CD pipelines, it means faster feedback loops. You can scan an image immediately after it’s pushed to ECR without the overhead of a full image pull, allowing you to fail builds or deployments earlier if critical vulnerabilities are found. For developers working with large images or on limited bandwidth, it means you can get a security assessment without consuming significant network resources or local disk space.
Internally, when you run trivy ecr, it authenticates with AWS ECR using your configured credentials. It then uses the ECR API to get the image manifest for the specified image tag. From the manifest, it extracts the digest and information about the image layers. Trivy then requests the layer metadata from ECR, which includes checksums. Trivy uses these checksums to identify the unique layers that make up the image. It then fetches vulnerability information from its local database and correlates it with the packages and libraries identified within those ECR layers, all without downloading the layer content itself. The actual scanning logic operates on the metadata and package information derived from the layer digests.
The primary levers you control are the AWS region (--region), the ECR repository URI, and the image tag. You can also specify --severity to filter results or --format to change the output (e.g., to JSON for programmatic consumption).
A common point of confusion is around how Trivy handles image layers. It doesn’t actually download the content of the layers. Instead, it leverages ECR’s APIs to get the digests and metadata associated with each layer. Trivy’s vulnerability database is then used to determine what vulnerabilities are present in the types of packages and libraries typically found in those layers, based on the layer metadata and the image’s OS and package manager information.
The next concept to explore is integrating this ECR scanning directly into your AWS CI/CD services like CodePipeline or CodeBuild.