This topic contains the following sections.
Container Registry Support
Docker Hub integrations support:
- Auto polling - polling occurs every 15 minutes
- On-demand scans via the API
Integrate Docker Hub with Lacework
To integrate Docker Hub with Lacework, follow these steps:
- Log in to the Lacework Console with an account with admin permissions.
- Navigate to Settings > Integrations > Container Registries.
- Click + Create New.
- From the Registry Type drop-down, select the appropriate registry and click Next.
- Complete the required settings and click Next.
- Complete any optional settings and click Save. The integration status displays Integration Successful only after its first assessment completes.
Verify that assessments have started by viewing the table in Vulnerabilities > Containers.
After an image is assessed, Lacework reports its results in the table. Select the Last 24 hours option above the table to view the assessment results.
|Registry Type||Specify the registry type selected from the drop-down, in this case, select Docker Hub.|
|Name||Specify a unique name for the container registry in the Lacework Console.|
|User Name||Specify a Docker user that has at least read-only permissions to the Docker Hub container repositories that you want to assess for vulnerabilities. Docker uses organizations and teams to grant permissions. The following example explains how to grant permissions in Docker: 1) Create a Docker organization called MyCompany and in that organization create a team called MyGroup. 2) Add the user to the MyGroup team. 3) For all the repositories that have container images that you want to assess for vulnerabilities give at least read-only permissions to the MyGroup team. For more information, see the following topics in the Docker documentation: Create and manage organizations, Create and manage users, and Create and manage teams in https://docs.docker.com/.|
|Password||Specify the password for the specified Docker Hub user. Alternatively, you can use personal access tokens to access Hub images from the Docker CLI. For details, see Managing Access Tokens.|
|Registry Domain||This field is prepopulated with this URL of Docker Hub, which is index.docker.io.|
|Limit Number of Images per Repo||Select the maximum number of newest container images to discover/assess per repository.|
|Scan only these repositories||If you do not want to discover/assess all repositories in this registry, specify a comma-separated list of repositories to discover/assess (without spaces recommended). To change which repositories you want to assess, update this field so the change is captured during the next polling period.|
|Scan only these image tags||If you do not want to assess all images in this registry, specify text from an image tag so that only images with matching tag text will be assessed. To change which images you want to assess, update this field so the change is captured during the next polling period. You can input multiple tags. If you specify tag and label limits, they function as an AND.|
|Scan only images with these labels||If you do not want to assess all images in this registry, specify key:value pairs so that only images with matching label key:value pairs will be assessed. To change which images you want to assess, update this field so the change is captured during the next polling period. Supported field input: