Where is the event for ECR scan on push for container image with vulnerabilities
Security hub is enabled in one of the region, us-east-1 and all the resources are in the region. I am attempting to write a Lambda function which takes an event which occurs when an image is uploaded to ecr repo and scan on push is enabled. I have granted Lambda role over permissive actions for the sake of simplicity.
My first question is, where or how can I find an event that shows the vulnerabilities in an uploaded image? I tried uploading an intentional vulnerable php image, in the console I can see that the image has vulnerabilities, but I don't see an event in cloudtrail under ecr.amazonaws.com which shows the detected vulnerabilities.
- 新しい順
- 投票が多い順
- コメントが多い順
Have you checked this Document?
https://docs.aws.amazon.com/AmazonECR/latest/userguide/ecr-eventbridge.html
I think you can catch the event by selecting AWS as the service provider, ECR as the service name, and ECR Image Scan as the event type in the Event Bridge rules.
The following questions may also be helpful.
https://repost.aws/ja/questions/QU0nS7C0mSQymHWTMd9OgoQw/ecr-enhanced-scanning-eventbridge
