ECR / Client / start_image_scan

start_image_scan#

ECR.Client.start_image_scan(**kwargs)#

Starts a basic image vulnerability scan.

A basic image scan can only be started once per 24 hours on an individual image. This limit includes if an image was scanned on initial push. You can start up to 100,000 basic scans per 24 hours. This limit includes both scans on initial push and scans initiated by the StartImageScan API. For more information, see Basic scanning in the Amazon Elastic Container Registry User Guide.

See also: AWS API Documentation

Request Syntax

response = client.start_image_scan(
    registryId='string',
    repositoryName='string',
    imageId={
        'imageDigest': 'string',
        'imageTag': 'string'
    }
)
Parameters:

  • registryId (string) – The Amazon Web Services account ID associated with the registry that contains the repository in which to start an image scan request. If you do not specify a registry, the default registry is assumed.

  • repositoryName (string) –

    [REQUIRED]

    The name of the repository that contains the images to scan.

  • imageId (dict) –

    [REQUIRED]

    An object with identifying information for an image in an Amazon ECR repository.

    • imageDigest (string) –

      The sha256 digest of the image manifest.

    • imageTag (string) –

      The tag used for the image.

Return type:

dict

Returns:

Response Syntax

{
    'registryId': 'string',
    'repositoryName': 'string',
    'imageId': {
        'imageDigest': 'string',
        'imageTag': 'string'
    },
    'imageScanStatus': {
        'status': 'IN_PROGRESS'|'COMPLETE'|'FAILED'|'UNSUPPORTED_IMAGE'|'ACTIVE'|'PENDING'|'SCAN_ELIGIBILITY_EXPIRED'|'FINDINGS_UNAVAILABLE'|'LIMIT_EXCEEDED',
        'description': 'string'
    }
}

Response Structure

  • (dict) –

    • registryId (string) –

      The registry ID associated with the request.

    • repositoryName (string) –

      The repository name associated with the request.

    • imageId (dict) –

      An object with identifying information for an image in an Amazon ECR repository.

      • imageDigest (string) –

        The sha256 digest of the image manifest.

      • imageTag (string) –

        The tag used for the image.

    • imageScanStatus (dict) –

      The current state of the scan.

      • status (string) –

        The current state of an image scan.

      • description (string) –

        The description of the image scan status.

Exceptions

  • ECR.Client.exceptions.ServerException

  • ECR.Client.exceptions.InvalidParameterException

  • ECR.Client.exceptions.UnsupportedImageTypeException

  • ECR.Client.exceptions.LimitExceededException

  • ECR.Client.exceptions.RepositoryNotFoundException

  • ECR.Client.exceptions.ImageNotFoundException

  • ECR.Client.exceptions.ValidationException