fix(bootstrap): remove image scanning configuration (#21342)

Remove image scanning configuration for the staging ECR repository. - Image Scanning Configuration in the bootstrap template causes problems in regions where image scanning is not available. - Scanning configuration at the repository level has been deprecated in favor of configuration at the registry level, which also allows more configuration (basic vs. enhanced scanning). Because of a bug in the ECR CloudFormation resource, removing the configuration value does not actually turn it off. Therefore, for people who have successfully bootstrapped in the past, the scanning feature will be left as-is. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
aws · Jul 27, 2022 · 2d26916 · 2d26916
1 parent f98edfe
commit 2d26916
Showing 1 changed file with 1 addition and 3 deletions.
diff --git a/packages/aws-cdk/lib/api/bootstrap/bootstrap-template.yaml b/packages/aws-cdk/lib/api/bootstrap/bootstrap-template.yaml
@@ -203,8 +203,6 @@ Resources:
     Type: AWS::ECR::Repository
     Properties:
       ImageTagMutability: IMMUTABLE
-      ImageScanningConfiguration:
-        ScanOnPush: true
       RepositoryName:
         Fn::If:
           - HasCustomContainerAssetsRepositoryName
@@ -510,7 +508,7 @@ Resources:
       Type: String
       Name:
         Fn::Sub: '/cdk-bootstrap/${Qualifier}/version'
-      Value: '13'
+      Value: '14'
 Outputs:
   BucketName:
     Description: The name of the S3 bucket owned by the CDK toolkit stack