By default, all images in a registry will be scanned. A Scan Policy is an optional configuration, allowing you to better control which images will be scanned by specifying rules based on images name, cloud provider tags, and creation dates.
TABLE OF CONTENTS
Enabling the Scan Policy
- Go to Registries
- Click on the name of the registry you wish to change
- In the Edit Registry page, expand the Scan Policy by clicking on the expand arrow
- Once the Scan Policy is expended you should see additional options to define Include/Exclude images based on image name, cloud provider tags (such as AWS tags), and date when the image was created
- Define the rules and click Save
- The new definitions will take effect on the next daily scan. Only images (and repositories) meeting these conditions will be scanned.