ECR / Paginator / DescribeImageScanFindings
DescribeImageScanFindings#
- class ECR.Paginator.DescribeImageScanFindings#
paginator = client.get_paginator('describe_image_scan_findings')
- paginate(**kwargs)#
Creates an iterator that will paginate through responses from
ECR.Client.describe_image_scan_findings()
.See also: AWS API Documentation
Request Syntax
response_iterator = paginator.paginate( registryId='string', repositoryName='string', imageId={ 'imageDigest': 'string', 'imageTag': 'string' }, PaginationConfig={ 'MaxItems': 123, 'PageSize': 123, 'StartingToken': 'string' } )
- Parameters:
registryId (string) – The Amazon Web Services account ID associated with the registry that contains the repository in which to describe the image scan findings for. If you do not specify a registry, the default registry is assumed.
repositoryName (string) –
[REQUIRED]
The repository for the image for which to describe the scan findings.
imageId (dict) –
[REQUIRED]
An object with identifying information for an image in an Amazon ECR repository.
imageDigest (string) –
The
sha256
digest of the image manifest.imageTag (string) –
The tag used for the image.
PaginationConfig (dict) –
A dictionary that provides parameters to control pagination.
MaxItems (integer) –
The total number of items to return. If the total number of items available is more than the value specified in max-items then a
NextToken
will be provided in the output that you can use to resume pagination.PageSize (integer) –
The size of each page.
StartingToken (string) –
A token to specify where to start paginating. This is the
NextToken
from a previous response.
- Return type:
dict
- Returns:
Response Syntax
{ 'registryId': 'string', 'repositoryName': 'string', 'imageId': { 'imageDigest': 'string', 'imageTag': 'string' }, 'imageScanStatus': { 'status': 'IN_PROGRESS'|'COMPLETE'|'FAILED'|'UNSUPPORTED_IMAGE'|'ACTIVE'|'PENDING'|'SCAN_ELIGIBILITY_EXPIRED'|'FINDINGS_UNAVAILABLE', 'description': 'string' }, 'imageScanFindings': { 'imageScanCompletedAt': datetime(2015, 1, 1), 'vulnerabilitySourceUpdatedAt': datetime(2015, 1, 1), 'findingSeverityCounts': { 'string': 123 }, 'findings': [ { 'name': 'string', 'description': 'string', 'uri': 'string', 'severity': 'INFORMATIONAL'|'LOW'|'MEDIUM'|'HIGH'|'CRITICAL'|'UNDEFINED', 'attributes': [ { 'key': 'string', 'value': 'string' }, ] }, ], 'enhancedFindings': [ { 'awsAccountId': 'string', 'description': 'string', 'findingArn': 'string', 'firstObservedAt': datetime(2015, 1, 1), 'lastObservedAt': datetime(2015, 1, 1), 'packageVulnerabilityDetails': { 'cvss': [ { 'baseScore': 123.0, 'scoringVector': 'string', 'source': 'string', 'version': 'string' }, ], 'referenceUrls': [ 'string', ], 'relatedVulnerabilities': [ 'string', ], 'source': 'string', 'sourceUrl': 'string', 'vendorCreatedAt': datetime(2015, 1, 1), 'vendorSeverity': 'string', 'vendorUpdatedAt': datetime(2015, 1, 1), 'vulnerabilityId': 'string', 'vulnerablePackages': [ { 'arch': 'string', 'epoch': 123, 'filePath': 'string', 'name': 'string', 'packageManager': 'string', 'release': 'string', 'sourceLayerHash': 'string', 'version': 'string', 'fixedInVersion': 'string' }, ] }, 'remediation': { 'recommendation': { 'url': 'string', 'text': 'string' } }, 'resources': [ { 'details': { 'awsEcrContainerImage': { 'architecture': 'string', 'author': 'string', 'imageHash': 'string', 'imageTags': [ 'string', ], 'platform': 'string', 'pushedAt': datetime(2015, 1, 1), 'registry': 'string', 'repositoryName': 'string' } }, 'id': 'string', 'tags': { 'string': 'string' }, 'type': 'string' }, ], 'score': 123.0, 'scoreDetails': { 'cvss': { 'adjustments': [ { 'metric': 'string', 'reason': 'string' }, ], 'score': 123.0, 'scoreSource': 'string', 'scoringVector': 'string', 'version': 'string' } }, 'severity': 'string', 'status': 'string', 'title': 'string', 'type': 'string', 'updatedAt': datetime(2015, 1, 1), 'fixAvailable': 'string', 'exploitAvailable': 'string' }, ] }, 'NextToken': 'string' }
Response Structure
(dict) –
registryId (string) –
The registry ID associated with the request.
repositoryName (string) –
The repository name associated with the request.
imageId (dict) –
An object with identifying information for an image in an Amazon ECR repository.
imageDigest (string) –
The
sha256
digest of the image manifest.imageTag (string) –
The tag used for the image.
imageScanStatus (dict) –
The current state of the scan.
status (string) –
The current state of an image scan.
description (string) –
The description of the image scan status.
imageScanFindings (dict) –
The information contained in the image scan findings.
imageScanCompletedAt (datetime) –
The time of the last completed image scan.
vulnerabilitySourceUpdatedAt (datetime) –
The time when the vulnerability data was last scanned.
findingSeverityCounts (dict) –
The image vulnerability counts, sorted by severity.
(string) –
(integer) –
findings (list) –
The findings from the image scan.
(dict) –
Contains information about an image scan finding.
name (string) –
The name associated with the finding, usually a CVE number.
description (string) –
The description of the finding.
uri (string) –
A link containing additional details about the security vulnerability.
severity (string) –
The finding severity.
attributes (list) –
A collection of attributes of the host from which the finding is generated.
(dict) –
This data type is used in the ImageScanFinding data type.
key (string) –
The attribute key.
value (string) –
The value assigned to the attribute key.
enhancedFindings (list) –
Details about the enhanced scan findings from Amazon Inspector.
(dict) –
The details of an enhanced image scan. This is returned when enhanced scanning is enabled for your private registry.
awsAccountId (string) –
The Amazon Web Services account ID associated with the image.
description (string) –
The description of the finding.
findingArn (string) –
The Amazon Resource Number (ARN) of the finding.
firstObservedAt (datetime) –
The date and time that the finding was first observed.
lastObservedAt (datetime) –
The date and time that the finding was last observed.
packageVulnerabilityDetails (dict) –
An object that contains the details of a package vulnerability finding.
cvss (list) –
An object that contains details about the CVSS score of a finding.
(dict) –
The CVSS score for a finding.
baseScore (float) –
The base CVSS score used for the finding.
scoringVector (string) –
The vector string of the CVSS score.
source (string) –
The source of the CVSS score.
version (string) –
The version of CVSS used for the score.
referenceUrls (list) –
One or more URLs that contain details about this vulnerability type.
(string) –
relatedVulnerabilities (list) –
One or more vulnerabilities related to the one identified in this finding.
(string) –
source (string) –
The source of the vulnerability information.
sourceUrl (string) –
A URL to the source of the vulnerability information.
vendorCreatedAt (datetime) –
The date and time that this vulnerability was first added to the vendor’s database.
vendorSeverity (string) –
The severity the vendor has given to this vulnerability type.
vendorUpdatedAt (datetime) –
The date and time the vendor last updated this vulnerability in their database.
vulnerabilityId (string) –
The ID given to this vulnerability.
vulnerablePackages (list) –
The packages impacted by this vulnerability.
(dict) –
Information on the vulnerable package identified by a finding.
arch (string) –
The architecture of the vulnerable package.
epoch (integer) –
The epoch of the vulnerable package.
filePath (string) –
The file path of the vulnerable package.
name (string) –
The name of the vulnerable package.
packageManager (string) –
The package manager of the vulnerable package.
release (string) –
The release of the vulnerable package.
sourceLayerHash (string) –
The source layer hash of the vulnerable package.
version (string) –
The version of the vulnerable package.
fixedInVersion (string) –
The version of the package that contains the vulnerability fix.
remediation (dict) –
An object that contains the details about how to remediate a finding.
recommendation (dict) –
An object that contains information about the recommended course of action to remediate the finding.
url (string) –
The URL address to the CVE remediation recommendations.
text (string) –
The recommended course of action to remediate the finding.
resources (list) –
Contains information on the resources involved in a finding.
(dict) –
Details about the resource involved in a finding.
details (dict) –
An object that contains details about the resource involved in a finding.
awsEcrContainerImage (dict) –
An object that contains details about the Amazon ECR container image involved in the finding.
architecture (string) –
The architecture of the Amazon ECR container image.
author (string) –
The image author of the Amazon ECR container image.
imageHash (string) –
The image hash of the Amazon ECR container image.
imageTags (list) –
The image tags attached to the Amazon ECR container image.
(string) –
platform (string) –
The platform of the Amazon ECR container image.
pushedAt (datetime) –
The date and time the Amazon ECR container image was pushed.
registry (string) –
The registry the Amazon ECR container image belongs to.
repositoryName (string) –
The name of the repository the Amazon ECR container image resides in.
id (string) –
The ID of the resource.
tags (dict) –
The tags attached to the resource.
(string) –
(string) –
type (string) –
The type of resource.
score (float) –
The Amazon Inspector score given to the finding.
scoreDetails (dict) –
An object that contains details of the Amazon Inspector score.
cvss (dict) –
An object that contains details about the CVSS score given to a finding.
adjustments (list) –
An object that contains details about adjustment Amazon Inspector made to the CVSS score.
(dict) –
Details on adjustments Amazon Inspector made to the CVSS score for a finding.
metric (string) –
The metric used to adjust the CVSS score.
reason (string) –
The reason the CVSS score has been adjustment.
score (float) –
The CVSS score.
scoreSource (string) –
The source for the CVSS score.
scoringVector (string) –
The vector for the CVSS score.
version (string) –
The CVSS version used in scoring.
severity (string) –
The severity of the finding.
status (string) –
The status of the finding.
title (string) –
The title of the finding.
type (string) –
The type of the finding.
updatedAt (datetime) –
The date and time the finding was last updated at.
fixAvailable (string) –
Details on whether a fix is available through a version update. This value can be
YES
,NO
, orPARTIAL
. APARTIAL
fix means that some, but not all, of the packages identified in the finding have fixes available through updated versions.exploitAvailable (string) –
If a finding discovered in your environment has an exploit available.
NextToken (string) –
A token to resume pagination.