Azure Container Registry - vulnerability assessment - tooling

Hi all,

I have some questions about vulnerability assessment of ACR and AKS.

In brief:

• in the "Defender for containers" plan details I get the information that it provides e.g.:
  • Vulnerability assessment for images stored in ACR registries
    • Vulnerability assessment for images running in Azure Kubernetes Service

• in detailed setting of the Defender for containers I see only option
  • "Container registries vulnerability assessments (preview)"

        - option only in preview (no production)
    
              - no option to enable VA on AKS
    
                                ![User's image](/api/attachments/4829c6c4-9645-43e2-8147-ead423bbd419?platform=QnA)
    

• in the documentation "Scan your Azure Container Registry images for vulnerabilities" (link) I'm no getting any infomrmation that this option is in preview

and now I stuck a little ... what is true and what is not :-)

Questions:

• VA for Kubernets
  • how can I enabled VA for Azure Kubenetes ? Do I need only enable "Defender for containers plan" on them main page ? (because in the "Settings & monitoring" tab I don't see such of option)
    • where will I see the vulnerabilities ? (Defender for cloud -> Recommendations?)
      • how is it charged (it is included in this pricing $7/VM core/Month or I have to pay extra) ?
• VA for ACR
  • does this option is in preview (according to my above screen) or not (according to the following (link) ?
    • where will I see the potential vulnerabilities (Defender for cloud -> Recommendations?)
      • how is it charged (is it included in this pricing $7/VM core/Month or I have to pay extra) ?

I will be gratefull for your help.

Thank you in advance

Bartek