After integrating Amazon ECR with Lacework, the status of the integration may show Warning instead of Success.

Below are a few diagnostic steps to help identify the possible cause of this Warning message:

Step 1: Check if the correct repository is configured. There is a possibility that the wrong registry has been provided or there might not be any images in the particular registry provided during the integration setup.

Step 2: The Lacework IAM role might not have the needed permissions for the registry integration. Review the Lacework IAM role and confirm it has the following permissions allowed on all images:

"Action": [  "ecr:GetAuthorizationToken",  "ecr:BatchCheckLayerAvailability",  "ecr:GetDownloadUrlForLayer",  "ecr:GetRepositoryPolicy",  "ecr:DescribeRepositories",  "ecr:ListImages",  "ecr:DescribeImages",  "ecr:BatchGetImage",  "ecr:GetLifecyclePolicy",  "ecr:GetLifecyclePolicyPreview",  "ecr:ListTagsForResource",  "ecr:DescribeImageScanFindings"  ],

Step 3: The integrated registry might only have public images. Amazon ECR does not return public repositories in standard API calls. So if all the images in a repository are public, Lacework will not be able to find any repositories to scan causing the status to remain in 'Warning' status. 

If all the above steps are checked and the status of the integration remains in 'Warning', please submit a support ticket for further investigation.