IBM Cloud Container Registry Is Ending Exemption Synchronization Across Regions

1 min read

Beginning January 31, 2022, Vulnerability Advisor for IBM Cloud Container Registry will no longer replicate exemptions between IBM Cloud regions.

What are exemptions?

Exemptions are policies that exclude any matching vulnerabilities or configuration issues from Vulnerability Advisor reports. Exemptions are typically used when the issues are checked and found to be irrelevant to the account. The exemption status is displayed in the vulnerability report for any images that are within the policy's scope.

For more information, see Setting organizational exemption policies.

What is the current behavior?

In some IBM Cloud Container Registry regions, exemptions are replicated for consistency. You can manage exemptions in one of these regions, and the settings for that region apply to all the regions that allow replication of exemptions. In all other regions, exemptions must be managed separately in each region and apply only in the region where the exemption is set.

Which regions currently replicate exemptions?

Exemptions are currently replicated in the following IBM Cloud regions:

  • au-syd (ap-south)
  • eu-de (eu-central)
  • eu-gb (uk-south)
  • jp-tok (ap-north)
  • us-south
  • Global

All other regions require separate exemption management.

Do I have any exemptions?

To find out whether you have any exemptions in a particular region, set the region by running ibmcloud cr region-set and then run the ibmcloud cr exemption-list command.

How does this change affect me?

Beginning January 31, 2022, all regions will require separate exemption management. Any existing exemptions created before this date in the replicated regions are still present after this date. However, any changes from this date must be performed in each region where you want the change to take effect.

Learn more about IBM Cloud Container Registry.

Be the first to hear about news, product updates, and innovation from IBM Cloud