Sep 03 2022 02:20 PM
What is Microsoft doing to eliminate vulnerabilities from the container registries in AKS? It would seem to me that if the container images were created without any known vulnerabilities then everyone's security posture would be instantly better.
To be clear, I know very little about AKS and containers, so my question may be totally naive. If this is the case, I would love to be pointed to some educational materials.
Mar 10 2023 02:25 PM
You might get your answers in the time being, but since you didn't get any answers yet I will do it
If you attach the Azure container registry to an AKS cluster, you can leverage
vulnerability assessment and management tools for images stored in Azure Container Registry In a multi-cloud scenario, you can even protect Elastic Container Registry from AWS
Ref: Container security with Microsoft Defender for Cloud | Microsoft Learn
You can also check : Azure security baseline for Container Registry | Microsoft Learn
Depending on the SKU you might leverage many features in ACR such as the ability to sign your images ..
Hope that help