Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.
Table of Contents


This page provides instructions on describes how to integrate Amazon ECR with the Unified Agent to be able to scan Docker Images.


  • It is assumed that you have an An authorized account to Amazon ECR and can pull images from Amazon ECR.

  • You have Installations of Amazon AWS CLI installed.You have Docker installed.and Docker

  • Unified Agent will scan the images on your local host (after these have been pulled from Amazon ECR).

  • Unified Agent requires to download downloading a JAR file and a configuration file. You can download them manually or by using the steps described below.



Notice on periodically fetching the Unified Agent

It is advised to use the below commands only once a week to download the latest version of the Unified Agent for performance reasons, and not as part of every build. You can do this using a scheduler task, such as cron.


  1. Windows Using CURL

    1. Download CURL, and add it to your PATH environment variable.

    2. Open a new command promptRun , and run the following commands:

      Windows Using CURL

      Code Block
      curl -LJO ""
      curl -LJO ""
  2. Windows Using PowerShell

    • Open a new command prompt

    • , and run the following commands:

      Windows Using PowerShell

      Code Block
      powershell bitsadmin /transfer mydownload /dynamic /download /priority FOREGROUND $pwd\wss-unified-agent.jar 
      powershell bitsadmin /transfer mydownload /dynamic /download /priority FOREGROUND $pwd\wss-unified-agent.config 


    Make sure
    • To use PowerShell on Windows, ensure that Background Intelligent Transfer Service (BITS) is enabled

    if you want to use PowerShell on Windows
    • .

  3. Windows - Manual Download
    Download the following files manually using your web browser or any other download manager:

  4. Linux/Unix
    Run the following commands from the Linux/Unix bash prompt :

    Linux/Unix Using CURL

    Code Block
    curl -LJO ""
    curl -LJO ""

Update Configuration File

  1. Update the configuration file (wss-unified-agent.config) that you previously downloaded


  1. according to your specific requirements.

  2. Enable the relevant lines by removing the '#' symbol at the beginning of the lines. 

Example of values for uncommented lines:


This configuration sets the Unified Agent to scan all the docker repositories named *alpine.* except for the 2 two image tags in the 'exclude ' section.

Alternatively, you can leave the docker.excludes parameter commented if you want to scan all your image containers.