aws-sdk-ecr 1.49.0 → 1.50.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -60,6 +60,56 @@ module Aws::ECR
60
60
  include Aws::Structure
61
61
  end
62
62
 
63
+ # The image details of the Amazon ECR container image.
64
+ #
65
+ # @!attribute [rw] architecture
66
+ # The architecture of the Amazon ECR container image.
67
+ # @return [String]
68
+ #
69
+ # @!attribute [rw] author
70
+ # The image author of the Amazon ECR container image.
71
+ # @return [String]
72
+ #
73
+ # @!attribute [rw] image_hash
74
+ # The image hash of the Amazon ECR container image.
75
+ # @return [String]
76
+ #
77
+ # @!attribute [rw] image_tags
78
+ # The image tags attached to the Amazon ECR container image.
79
+ # @return [Array<String>]
80
+ #
81
+ # @!attribute [rw] platform
82
+ # The platform of the Amazon ECR container image.
83
+ # @return [String]
84
+ #
85
+ # @!attribute [rw] pushed_at
86
+ # The date and time the Amazon ECR container image was pushed.
87
+ # @return [Time]
88
+ #
89
+ # @!attribute [rw] registry
90
+ # The registry the Amazon ECR container image belongs to.
91
+ # @return [String]
92
+ #
93
+ # @!attribute [rw] repository_name
94
+ # The name of the repository the Amazon ECR container image resides
95
+ # in.
96
+ # @return [String]
97
+ #
98
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/AwsEcrContainerImageDetails AWS API Documentation
99
+ #
100
+ class AwsEcrContainerImageDetails < Struct.new(
101
+ :architecture,
102
+ :author,
103
+ :image_hash,
104
+ :image_tags,
105
+ :platform,
106
+ :pushed_at,
107
+ :registry,
108
+ :repository_name)
109
+ SENSITIVE = []
110
+ include Aws::Structure
111
+ end
112
+
63
113
  # @note When making an API call, you may pass BatchCheckLayerAvailabilityRequest
64
114
  # data as a hash:
65
115
  #
@@ -240,6 +290,42 @@ module Aws::ECR
240
290
  include Aws::Structure
241
291
  end
242
292
 
293
+ # @note When making an API call, you may pass BatchGetRepositoryScanningConfigurationRequest
294
+ # data as a hash:
295
+ #
296
+ # {
297
+ # repository_names: ["RepositoryName"], # required
298
+ # }
299
+ #
300
+ # @!attribute [rw] repository_names
301
+ # One or more repository names to get the scanning configuration for.
302
+ # @return [Array<String>]
303
+ #
304
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/BatchGetRepositoryScanningConfigurationRequest AWS API Documentation
305
+ #
306
+ class BatchGetRepositoryScanningConfigurationRequest < Struct.new(
307
+ :repository_names)
308
+ SENSITIVE = []
309
+ include Aws::Structure
310
+ end
311
+
312
+ # @!attribute [rw] scanning_configurations
313
+ # The scanning configuration for the requested repositories.
314
+ # @return [Array<Types::RepositoryScanningConfiguration>]
315
+ #
316
+ # @!attribute [rw] failures
317
+ # Any failures associated with the call.
318
+ # @return [Array<Types::RepositoryScanningConfigurationFailure>]
319
+ #
320
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/BatchGetRepositoryScanningConfigurationResponse AWS API Documentation
321
+ #
322
+ class BatchGetRepositoryScanningConfigurationResponse < Struct.new(
323
+ :scanning_configurations,
324
+ :failures)
325
+ SENSITIVE = []
326
+ include Aws::Structure
327
+ end
328
+
243
329
  # @note When making an API call, you may pass CompleteLayerUploadRequest
244
330
  # data as a hash:
245
331
  #
@@ -307,6 +393,71 @@ module Aws::ECR
307
393
  include Aws::Structure
308
394
  end
309
395
 
396
+ # @note When making an API call, you may pass CreatePullThroughCacheRuleRequest
397
+ # data as a hash:
398
+ #
399
+ # {
400
+ # ecr_repository_prefix: "PullThroughCacheRuleRepositoryPrefix", # required
401
+ # upstream_registry_url: "Url", # required
402
+ # registry_id: "RegistryId",
403
+ # }
404
+ #
405
+ # @!attribute [rw] ecr_repository_prefix
406
+ # The repository name prefix to use when caching images from the
407
+ # source registry.
408
+ # @return [String]
409
+ #
410
+ # @!attribute [rw] upstream_registry_url
411
+ # The registry URL of the upstream public registry to use as the
412
+ # source for the pull through cache rule.
413
+ # @return [String]
414
+ #
415
+ # @!attribute [rw] registry_id
416
+ # The Amazon Web Services account ID associated with the registry to
417
+ # create the pull through cache rule for. If you do not specify a
418
+ # registry, the default registry is assumed.
419
+ # @return [String]
420
+ #
421
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/CreatePullThroughCacheRuleRequest AWS API Documentation
422
+ #
423
+ class CreatePullThroughCacheRuleRequest < Struct.new(
424
+ :ecr_repository_prefix,
425
+ :upstream_registry_url,
426
+ :registry_id)
427
+ SENSITIVE = []
428
+ include Aws::Structure
429
+ end
430
+
431
+ # @!attribute [rw] ecr_repository_prefix
432
+ # The Amazon ECR repository prefix associated with the pull through
433
+ # cache rule.
434
+ # @return [String]
435
+ #
436
+ # @!attribute [rw] upstream_registry_url
437
+ # The upstream registry URL associated with the pull through cache
438
+ # rule.
439
+ # @return [String]
440
+ #
441
+ # @!attribute [rw] created_at
442
+ # The date and time, in JavaScript date format, when the pull through
443
+ # cache rule was created.
444
+ # @return [Time]
445
+ #
446
+ # @!attribute [rw] registry_id
447
+ # The registry ID associated with the request.
448
+ # @return [String]
449
+ #
450
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/CreatePullThroughCacheRuleResponse AWS API Documentation
451
+ #
452
+ class CreatePullThroughCacheRuleResponse < Struct.new(
453
+ :ecr_repository_prefix,
454
+ :upstream_registry_url,
455
+ :created_at,
456
+ :registry_id)
457
+ SENSITIVE = []
458
+ include Aws::Structure
459
+ end
460
+
310
461
  # @note When making an API call, you may pass CreateRepositoryRequest
311
462
  # data as a hash:
312
463
  #
@@ -330,9 +481,9 @@ module Aws::ECR
330
481
  # }
331
482
  #
332
483
  # @!attribute [rw] registry_id
333
- # The AWS account ID associated with the registry to create the
334
- # repository. If you do not specify a registry, the default registry
335
- # is assumed.
484
+ # The Amazon Web Services account ID associated with the registry to
485
+ # create the repository. If you do not specify a registry, the default
486
+ # registry is assumed.
336
487
  # @return [String]
337
488
  #
338
489
  # @!attribute [rw] repository_name
@@ -394,6 +545,90 @@ module Aws::ECR
394
545
  include Aws::Structure
395
546
  end
396
547
 
548
+ # The CVSS score for a finding.
549
+ #
550
+ # @!attribute [rw] base_score
551
+ # The base CVSS score used for the finding.
552
+ # @return [Float]
553
+ #
554
+ # @!attribute [rw] scoring_vector
555
+ # The vector string of the CVSS score.
556
+ # @return [String]
557
+ #
558
+ # @!attribute [rw] source
559
+ # The source of the CVSS score.
560
+ # @return [String]
561
+ #
562
+ # @!attribute [rw] version
563
+ # The version of CVSS used for the score.
564
+ # @return [String]
565
+ #
566
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/CvssScore AWS API Documentation
567
+ #
568
+ class CvssScore < Struct.new(
569
+ :base_score,
570
+ :scoring_vector,
571
+ :source,
572
+ :version)
573
+ SENSITIVE = []
574
+ include Aws::Structure
575
+ end
576
+
577
+ # Details on adjustments Amazon Inspector made to the CVSS score for a
578
+ # finding.
579
+ #
580
+ # @!attribute [rw] metric
581
+ # The metric used to adjust the CVSS score.
582
+ # @return [String]
583
+ #
584
+ # @!attribute [rw] reason
585
+ # The reason the CVSS score has been adjustment.
586
+ # @return [String]
587
+ #
588
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/CvssScoreAdjustment AWS API Documentation
589
+ #
590
+ class CvssScoreAdjustment < Struct.new(
591
+ :metric,
592
+ :reason)
593
+ SENSITIVE = []
594
+ include Aws::Structure
595
+ end
596
+
597
+ # Information about the CVSS score.
598
+ #
599
+ # @!attribute [rw] adjustments
600
+ # An object that contains details about adjustment Amazon Inspector
601
+ # made to the CVSS score.
602
+ # @return [Array<Types::CvssScoreAdjustment>]
603
+ #
604
+ # @!attribute [rw] score
605
+ # The CVSS score.
606
+ # @return [Float]
607
+ #
608
+ # @!attribute [rw] score_source
609
+ # The source for the CVSS score.
610
+ # @return [String]
611
+ #
612
+ # @!attribute [rw] scoring_vector
613
+ # The vector for the CVSS score.
614
+ # @return [String]
615
+ #
616
+ # @!attribute [rw] version
617
+ # The CVSS version used in scoring.
618
+ # @return [String]
619
+ #
620
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/CvssScoreDetails AWS API Documentation
621
+ #
622
+ class CvssScoreDetails < Struct.new(
623
+ :adjustments,
624
+ :score,
625
+ :score_source,
626
+ :scoring_vector,
627
+ :version)
628
+ SENSITIVE = []
629
+ include Aws::Structure
630
+ end
631
+
397
632
  # @note When making an API call, you may pass DeleteLifecyclePolicyRequest
398
633
  # data as a hash:
399
634
  #
@@ -448,6 +683,62 @@ module Aws::ECR
448
683
  include Aws::Structure
449
684
  end
450
685
 
686
+ # @note When making an API call, you may pass DeletePullThroughCacheRuleRequest
687
+ # data as a hash:
688
+ #
689
+ # {
690
+ # ecr_repository_prefix: "PullThroughCacheRuleRepositoryPrefix", # required
691
+ # registry_id: "RegistryId",
692
+ # }
693
+ #
694
+ # @!attribute [rw] ecr_repository_prefix
695
+ # The Amazon ECR repository prefix associated with the pull through
696
+ # cache rule to delete.
697
+ # @return [String]
698
+ #
699
+ # @!attribute [rw] registry_id
700
+ # The Amazon Web Services account ID associated with the registry that
701
+ # contains the pull through cache rule. If you do not specify a
702
+ # registry, the default registry is assumed.
703
+ # @return [String]
704
+ #
705
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/DeletePullThroughCacheRuleRequest AWS API Documentation
706
+ #
707
+ class DeletePullThroughCacheRuleRequest < Struct.new(
708
+ :ecr_repository_prefix,
709
+ :registry_id)
710
+ SENSITIVE = []
711
+ include Aws::Structure
712
+ end
713
+
714
+ # @!attribute [rw] ecr_repository_prefix
715
+ # The Amazon ECR repository prefix associated with the request.
716
+ # @return [String]
717
+ #
718
+ # @!attribute [rw] upstream_registry_url
719
+ # The upstream registry URL associated with the pull through cache
720
+ # rule.
721
+ # @return [String]
722
+ #
723
+ # @!attribute [rw] created_at
724
+ # The timestamp associated with the pull through cache rule.
725
+ # @return [Time]
726
+ #
727
+ # @!attribute [rw] registry_id
728
+ # The registry ID associated with the request.
729
+ # @return [String]
730
+ #
731
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/DeletePullThroughCacheRuleResponse AWS API Documentation
732
+ #
733
+ class DeletePullThroughCacheRuleResponse < Struct.new(
734
+ :ecr_repository_prefix,
735
+ :upstream_registry_url,
736
+ :created_at,
737
+ :registry_id)
738
+ SENSITIVE = []
739
+ include Aws::Structure
740
+ end
741
+
451
742
  # @api private
452
743
  #
453
744
  # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/DeleteRegistryPolicyRequest AWS API Documentation
@@ -848,6 +1139,83 @@ module Aws::ECR
848
1139
  include Aws::Structure
849
1140
  end
850
1141
 
1142
+ # @note When making an API call, you may pass DescribePullThroughCacheRulesRequest
1143
+ # data as a hash:
1144
+ #
1145
+ # {
1146
+ # registry_id: "RegistryId",
1147
+ # ecr_repository_prefixes: ["PullThroughCacheRuleRepositoryPrefix"],
1148
+ # next_token: "NextToken",
1149
+ # max_results: 1,
1150
+ # }
1151
+ #
1152
+ # @!attribute [rw] registry_id
1153
+ # The Amazon Web Services account ID associated with the registry to
1154
+ # return the pull through cache rules for. If you do not specify a
1155
+ # registry, the default registry is assumed.
1156
+ # @return [String]
1157
+ #
1158
+ # @!attribute [rw] ecr_repository_prefixes
1159
+ # The Amazon ECR repository prefixes associated with the pull through
1160
+ # cache rules to return. If no repository prefix value is specified,
1161
+ # all pull through cache rules are returned.
1162
+ # @return [Array<String>]
1163
+ #
1164
+ # @!attribute [rw] next_token
1165
+ # The `nextToken` value returned from a previous paginated
1166
+ # `DescribePullThroughCacheRulesRequest` request where `maxResults`
1167
+ # was used and the results exceeded the value of that parameter.
1168
+ # Pagination continues from the end of the previous results that
1169
+ # returned the `nextToken` value. This value is null when there are no
1170
+ # more results to return.
1171
+ # @return [String]
1172
+ #
1173
+ # @!attribute [rw] max_results
1174
+ # The maximum number of pull through cache rules returned by
1175
+ # `DescribePullThroughCacheRulesRequest` in paginated output. When
1176
+ # this parameter is used, `DescribePullThroughCacheRulesRequest` only
1177
+ # returns `maxResults` results in a single page along with a
1178
+ # `nextToken` response element. The remaining results of the initial
1179
+ # request can be seen by sending another
1180
+ # `DescribePullThroughCacheRulesRequest` request with the returned
1181
+ # `nextToken` value. This value can be between 1 and 1000. If this
1182
+ # parameter is not used, then `DescribePullThroughCacheRulesRequest`
1183
+ # returns up to 100 results and a `nextToken` value, if applicable.
1184
+ # @return [Integer]
1185
+ #
1186
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/DescribePullThroughCacheRulesRequest AWS API Documentation
1187
+ #
1188
+ class DescribePullThroughCacheRulesRequest < Struct.new(
1189
+ :registry_id,
1190
+ :ecr_repository_prefixes,
1191
+ :next_token,
1192
+ :max_results)
1193
+ SENSITIVE = []
1194
+ include Aws::Structure
1195
+ end
1196
+
1197
+ # @!attribute [rw] pull_through_cache_rules
1198
+ # The details of the pull through cache rules.
1199
+ # @return [Array<Types::PullThroughCacheRule>]
1200
+ #
1201
+ # @!attribute [rw] next_token
1202
+ # The `nextToken` value to include in a future
1203
+ # `DescribePullThroughCacheRulesRequest` request. When the results of
1204
+ # a `DescribePullThroughCacheRulesRequest` request exceed
1205
+ # `maxResults`, this value can be used to retrieve the next page of
1206
+ # results. This value is null when there are no more results to
1207
+ # return.
1208
+ # @return [String]
1209
+ #
1210
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/DescribePullThroughCacheRulesResponse AWS API Documentation
1211
+ #
1212
+ class DescribePullThroughCacheRulesResponse < Struct.new(
1213
+ :pull_through_cache_rules,
1214
+ :next_token)
1215
+ SENSITIVE = []
1216
+ include Aws::Structure
1217
+ end
1218
+
851
1219
  # @api private
852
1220
  #
853
1221
  # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/DescribeRegistryRequest AWS API Documentation
@@ -1005,14 +1373,14 @@ module Aws::ECR
1005
1373
  # created. For more information, see [Protecting data using
1006
1374
  # server-side encryption with an KMS key stored in Key Management
1007
1375
  # Service (SSE-KMS)][1] in the *Amazon Simple Storage Service Console
1008
- # Developer Guide.*.
1376
+ # Developer Guide*.
1009
1377
  #
1010
1378
  # If you use the `AES256` encryption type, Amazon ECR uses server-side
1011
1379
  # encryption with Amazon S3-managed encryption keys which encrypts the
1012
1380
  # images in the repository using an AES-256 encryption algorithm. For
1013
1381
  # more information, see [Protecting data using server-side encryption
1014
1382
  # with Amazon S3-managed encryption keys (SSE-S3)][2] in the *Amazon
1015
- # Simple Storage Service Console Developer Guide.*.
1383
+ # Simple Storage Service Console Developer Guide*.
1016
1384
  #
1017
1385
  #
1018
1386
  #
@@ -1037,6 +1405,93 @@ module Aws::ECR
1037
1405
  include Aws::Structure
1038
1406
  end
1039
1407
 
1408
+ # The details of an enhanced image scan. This is returned when enhanced
1409
+ # scanning is enabled for your private registry.
1410
+ #
1411
+ # @!attribute [rw] aws_account_id
1412
+ # The Amazon Web Services account ID associated with the image.
1413
+ # @return [String]
1414
+ #
1415
+ # @!attribute [rw] description
1416
+ # The description of the finding.
1417
+ # @return [String]
1418
+ #
1419
+ # @!attribute [rw] finding_arn
1420
+ # The Amazon Resource Number (ARN) of the finding.
1421
+ # @return [String]
1422
+ #
1423
+ # @!attribute [rw] first_observed_at
1424
+ # The date and time that the finding was first observed.
1425
+ # @return [Time]
1426
+ #
1427
+ # @!attribute [rw] last_observed_at
1428
+ # The date and time that the finding was last observed.
1429
+ # @return [Time]
1430
+ #
1431
+ # @!attribute [rw] package_vulnerability_details
1432
+ # An object that contains the details of a package vulnerability
1433
+ # finding.
1434
+ # @return [Types::PackageVulnerabilityDetails]
1435
+ #
1436
+ # @!attribute [rw] remediation
1437
+ # An object that contains the details about how to remediate a
1438
+ # finding.
1439
+ # @return [Types::Remediation]
1440
+ #
1441
+ # @!attribute [rw] resources
1442
+ # Contains information on the resources involved in a finding.
1443
+ # @return [Array<Types::Resource>]
1444
+ #
1445
+ # @!attribute [rw] score
1446
+ # The Amazon Inspector score given to the finding.
1447
+ # @return [Float]
1448
+ #
1449
+ # @!attribute [rw] score_details
1450
+ # An object that contains details of the Amazon Inspector score.
1451
+ # @return [Types::ScoreDetails]
1452
+ #
1453
+ # @!attribute [rw] severity
1454
+ # The severity of the finding.
1455
+ # @return [String]
1456
+ #
1457
+ # @!attribute [rw] status
1458
+ # The status of the finding.
1459
+ # @return [String]
1460
+ #
1461
+ # @!attribute [rw] title
1462
+ # The title of the finding.
1463
+ # @return [String]
1464
+ #
1465
+ # @!attribute [rw] type
1466
+ # The type of the finding.
1467
+ # @return [String]
1468
+ #
1469
+ # @!attribute [rw] updated_at
1470
+ # The date and time the finding was last updated at.
1471
+ # @return [Time]
1472
+ #
1473
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/EnhancedImageScanFinding AWS API Documentation
1474
+ #
1475
+ class EnhancedImageScanFinding < Struct.new(
1476
+ :aws_account_id,
1477
+ :description,
1478
+ :finding_arn,
1479
+ :first_observed_at,
1480
+ :last_observed_at,
1481
+ :package_vulnerability_details,
1482
+ :remediation,
1483
+ :resources,
1484
+ :score,
1485
+ :score_details,
1486
+ :severity,
1487
+ :status,
1488
+ :title,
1489
+ :type,
1490
+ :updated_at)
1491
+ SENSITIVE = []
1492
+ include Aws::Structure
1493
+ end
1494
+
1040
1495
  # @note When making an API call, you may pass GetAuthorizationTokenRequest
1041
1496
  # data as a hash:
1042
1497
  #
@@ -1320,11 +1775,34 @@ module Aws::ECR
1320
1775
  include Aws::Structure
1321
1776
  end
1322
1777
 
1323
- # @note When making an API call, you may pass GetRepositoryPolicyRequest
1324
- # data as a hash:
1778
+ # @api private
1325
1779
  #
1326
- # {
1327
- # registry_id: "RegistryId",
1780
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/GetRegistryScanningConfigurationRequest AWS API Documentation
1781
+ #
1782
+ class GetRegistryScanningConfigurationRequest < Aws::EmptyStructure; end
1783
+
1784
+ # @!attribute [rw] registry_id
1785
+ # The ID of the registry.
1786
+ # @return [String]
1787
+ #
1788
+ # @!attribute [rw] scanning_configuration
1789
+ # The scanning configuration for the registry.
1790
+ # @return [Types::RegistryScanningConfiguration]
1791
+ #
1792
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/GetRegistryScanningConfigurationResponse AWS API Documentation
1793
+ #
1794
+ class GetRegistryScanningConfigurationResponse < Struct.new(
1795
+ :registry_id,
1796
+ :scanning_configuration)
1797
+ SENSITIVE = []
1798
+ include Aws::Structure
1799
+ end
1800
+
1801
+ # @note When making an API call, you may pass GetRepositoryPolicyRequest
1802
+ # data as a hash:
1803
+ #
1804
+ # {
1805
+ # registry_id: "RegistryId",
1328
1806
  # repository_name: "RepositoryName", # required
1329
1807
  # }
1330
1808
  #
@@ -1579,8 +2057,8 @@ module Aws::ECR
1579
2057
  # @return [String]
1580
2058
  #
1581
2059
  # @!attribute [rw] registry_id
1582
- # The AWS account ID associated with the registry to which the image
1583
- # belongs.
2060
+ # The Amazon Web Services account ID associated with the registry to
2061
+ # which the image belongs.
1584
2062
  # @return [String]
1585
2063
  #
1586
2064
  # @!attribute [rw] status
@@ -1648,21 +2126,26 @@ module Aws::ECR
1648
2126
  # The time when the vulnerability data was last scanned.
1649
2127
  # @return [Time]
1650
2128
  #
2129
+ # @!attribute [rw] finding_severity_counts
2130
+ # The image vulnerability counts, sorted by severity.
2131
+ # @return [Hash<String,Integer>]
2132
+ #
1651
2133
  # @!attribute [rw] findings
1652
2134
  # The findings from the image scan.
1653
2135
  # @return [Array<Types::ImageScanFinding>]
1654
2136
  #
1655
- # @!attribute [rw] finding_severity_counts
1656
- # The image vulnerability counts, sorted by severity.
1657
- # @return [Hash<String,Integer>]
2137
+ # @!attribute [rw] enhanced_findings
2138
+ # Details about the enhanced scan findings from Amazon Inspector.
2139
+ # @return [Array<Types::EnhancedImageScanFinding>]
1658
2140
  #
1659
2141
  # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/ImageScanFindings AWS API Documentation
1660
2142
  #
1661
2143
  class ImageScanFindings < Struct.new(
1662
2144
  :image_scan_completed_at,
1663
2145
  :vulnerability_source_updated_at,
2146
+ :finding_severity_counts,
1664
2147
  :findings,
1665
- :finding_severity_counts)
2148
+ :enhanced_findings)
1666
2149
  SENSITIVE = []
1667
2150
  include Aws::Structure
1668
2151
  end
@@ -2296,6 +2779,128 @@ module Aws::ECR
2296
2779
  include Aws::Structure
2297
2780
  end
2298
2781
 
2782
+ # Information about a package vulnerability finding.
2783
+ #
2784
+ # @!attribute [rw] cvss
2785
+ # An object that contains details about the CVSS score of a finding.
2786
+ # @return [Array<Types::CvssScore>]
2787
+ #
2788
+ # @!attribute [rw] reference_urls
2789
+ # One or more URLs that contain details about this vulnerability type.
2790
+ # @return [Array<String>]
2791
+ #
2792
+ # @!attribute [rw] related_vulnerabilities
2793
+ # One or more vulnerabilities related to the one identified in this
2794
+ # finding.
2795
+ # @return [Array<String>]
2796
+ #
2797
+ # @!attribute [rw] source
2798
+ # The source of the vulnerability information.
2799
+ # @return [String]
2800
+ #
2801
+ # @!attribute [rw] source_url
2802
+ # A URL to the source of the vulnerability information.
2803
+ # @return [String]
2804
+ #
2805
+ # @!attribute [rw] vendor_created_at
2806
+ # The date and time that this vulnerability was first added to the
2807
+ # vendor's database.
2808
+ # @return [Time]
2809
+ #
2810
+ # @!attribute [rw] vendor_severity
2811
+ # The severity the vendor has given to this vulnerability type.
2812
+ # @return [String]
2813
+ #
2814
+ # @!attribute [rw] vendor_updated_at
2815
+ # The date and time the vendor last updated this vulnerability in
2816
+ # their database.
2817
+ # @return [Time]
2818
+ #
2819
+ # @!attribute [rw] vulnerability_id
2820
+ # The ID given to this vulnerability.
2821
+ # @return [String]
2822
+ #
2823
+ # @!attribute [rw] vulnerable_packages
2824
+ # The packages impacted by this vulnerability.
2825
+ # @return [Array<Types::VulnerablePackage>]
2826
+ #
2827
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/PackageVulnerabilityDetails AWS API Documentation
2828
+ #
2829
+ class PackageVulnerabilityDetails < Struct.new(
2830
+ :cvss,
2831
+ :reference_urls,
2832
+ :related_vulnerabilities,
2833
+ :source,
2834
+ :source_url,
2835
+ :vendor_created_at,
2836
+ :vendor_severity,
2837
+ :vendor_updated_at,
2838
+ :vulnerability_id,
2839
+ :vulnerable_packages)
2840
+ SENSITIVE = []
2841
+ include Aws::Structure
2842
+ end
2843
+
2844
+ # The details of a pull through cache rule.
2845
+ #
2846
+ # @!attribute [rw] ecr_repository_prefix
2847
+ # The Amazon ECR repository prefix associated with the pull through
2848
+ # cache rule.
2849
+ # @return [String]
2850
+ #
2851
+ # @!attribute [rw] upstream_registry_url
2852
+ # The upstream registry URL associated with the pull through cache
2853
+ # rule.
2854
+ # @return [String]
2855
+ #
2856
+ # @!attribute [rw] created_at
2857
+ # The date and time the pull through cache was created.
2858
+ # @return [Time]
2859
+ #
2860
+ # @!attribute [rw] registry_id
2861
+ # The Amazon Web Services account ID associated with the registry the
2862
+ # pull through cache rule is associated with.
2863
+ # @return [String]
2864
+ #
2865
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/PullThroughCacheRule AWS API Documentation
2866
+ #
2867
+ class PullThroughCacheRule < Struct.new(
2868
+ :ecr_repository_prefix,
2869
+ :upstream_registry_url,
2870
+ :created_at,
2871
+ :registry_id)
2872
+ SENSITIVE = []
2873
+ include Aws::Structure
2874
+ end
2875
+
2876
+ # A pull through cache rule with these settings already exists for the
2877
+ # private registry.
2878
+ #
2879
+ # @!attribute [rw] message
2880
+ # @return [String]
2881
+ #
2882
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/PullThroughCacheRuleAlreadyExistsException AWS API Documentation
2883
+ #
2884
+ class PullThroughCacheRuleAlreadyExistsException < Struct.new(
2885
+ :message)
2886
+ SENSITIVE = []
2887
+ include Aws::Structure
2888
+ end
2889
+
2890
+ # The pull through cache rule was not found. Specify a valid pull
2891
+ # through cache rule and try again.
2892
+ #
2893
+ # @!attribute [rw] message
2894
+ # @return [String]
2895
+ #
2896
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/PullThroughCacheRuleNotFoundException AWS API Documentation
2897
+ #
2898
+ class PullThroughCacheRuleNotFoundException < Struct.new(
2899
+ :message)
2900
+ SENSITIVE = []
2901
+ include Aws::Structure
2902
+ end
2903
+
2299
2904
  # @note When making an API call, you may pass PutImageRequest
2300
2905
  # data as a hash:
2301
2906
  #
@@ -2582,6 +3187,64 @@ module Aws::ECR
2582
3187
  include Aws::Structure
2583
3188
  end
2584
3189
 
3190
+ # @note When making an API call, you may pass PutRegistryScanningConfigurationRequest
3191
+ # data as a hash:
3192
+ #
3193
+ # {
3194
+ # scan_type: "BASIC", # accepts BASIC, ENHANCED
3195
+ # rules: [
3196
+ # {
3197
+ # scan_frequency: "SCAN_ON_PUSH", # required, accepts SCAN_ON_PUSH, CONTINUOUS_SCAN, MANUAL
3198
+ # repository_filters: [ # required
3199
+ # {
3200
+ # filter: "ScanningRepositoryFilterValue", # required
3201
+ # filter_type: "WILDCARD", # required, accepts WILDCARD
3202
+ # },
3203
+ # ],
3204
+ # },
3205
+ # ],
3206
+ # }
3207
+ #
3208
+ # @!attribute [rw] scan_type
3209
+ # The scanning type to set for the registry.
3210
+ #
3211
+ # By default, the `BASIC` scan type is used. When basic scanning is
3212
+ # set, you may specify filters to determine which individual
3213
+ # repositories, or all repositories, are scanned when new images are
3214
+ # pushed. Alternatively, you can do manual scans of images with basic
3215
+ # scanning.
3216
+ #
3217
+ # When the `ENHANCED` scan type is set, Amazon Inspector provides
3218
+ # automated, continuous scanning of all repositories in your registry.
3219
+ # @return [String]
3220
+ #
3221
+ # @!attribute [rw] rules
3222
+ # The scanning rules to use for the registry. A scanning rule is used
3223
+ # to determine which repository filters are used and at what frequency
3224
+ # scanning will occur.
3225
+ # @return [Array<Types::RegistryScanningRule>]
3226
+ #
3227
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/PutRegistryScanningConfigurationRequest AWS API Documentation
3228
+ #
3229
+ class PutRegistryScanningConfigurationRequest < Struct.new(
3230
+ :scan_type,
3231
+ :rules)
3232
+ SENSITIVE = []
3233
+ include Aws::Structure
3234
+ end
3235
+
3236
+ # @!attribute [rw] registry_scanning_configuration
3237
+ # The scanning configuration for your registry.
3238
+ # @return [Types::RegistryScanningConfiguration]
3239
+ #
3240
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/PutRegistryScanningConfigurationResponse AWS API Documentation
3241
+ #
3242
+ class PutRegistryScanningConfigurationResponse < Struct.new(
3243
+ :registry_scanning_configuration)
3244
+ SENSITIVE = []
3245
+ include Aws::Structure
3246
+ end
3247
+
2585
3248
  # @note When making an API call, you may pass PutReplicationConfigurationRequest
2586
3249
  # data as a hash:
2587
3250
  #
@@ -2630,6 +3293,26 @@ module Aws::ECR
2630
3293
  include Aws::Structure
2631
3294
  end
2632
3295
 
3296
+ # Details about the recommended course of action to remediate the
3297
+ # finding.
3298
+ #
3299
+ # @!attribute [rw] url
3300
+ # The URL address to the CVE remediation recommendations.
3301
+ # @return [String]
3302
+ #
3303
+ # @!attribute [rw] text
3304
+ # The recommended course of action to remediate the finding.
3305
+ # @return [String]
3306
+ #
3307
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/Recommendation AWS API Documentation
3308
+ #
3309
+ class Recommendation < Struct.new(
3310
+ :url,
3311
+ :text)
3312
+ SENSITIVE = []
3313
+ include Aws::Structure
3314
+ end
3315
+
2633
3316
  # The manifest list is referencing an image that does not exist.
2634
3317
  #
2635
3318
  # @!attribute [rw] message
@@ -2656,6 +3339,73 @@ module Aws::ECR
2656
3339
  include Aws::Structure
2657
3340
  end
2658
3341
 
3342
+ # The scanning configuration for a private registry.
3343
+ #
3344
+ # @!attribute [rw] scan_type
3345
+ # The type of scanning configured for the registry.
3346
+ # @return [String]
3347
+ #
3348
+ # @!attribute [rw] rules
3349
+ # The scanning rules associated with the registry.
3350
+ # @return [Array<Types::RegistryScanningRule>]
3351
+ #
3352
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/RegistryScanningConfiguration AWS API Documentation
3353
+ #
3354
+ class RegistryScanningConfiguration < Struct.new(
3355
+ :scan_type,
3356
+ :rules)
3357
+ SENSITIVE = []
3358
+ include Aws::Structure
3359
+ end
3360
+
3361
+ # The details of a scanning rule for a private registry.
3362
+ #
3363
+ # @note When making an API call, you may pass RegistryScanningRule
3364
+ # data as a hash:
3365
+ #
3366
+ # {
3367
+ # scan_frequency: "SCAN_ON_PUSH", # required, accepts SCAN_ON_PUSH, CONTINUOUS_SCAN, MANUAL
3368
+ # repository_filters: [ # required
3369
+ # {
3370
+ # filter: "ScanningRepositoryFilterValue", # required
3371
+ # filter_type: "WILDCARD", # required, accepts WILDCARD
3372
+ # },
3373
+ # ],
3374
+ # }
3375
+ #
3376
+ # @!attribute [rw] scan_frequency
3377
+ # The frequency that scans are performed at for a private registry.
3378
+ # @return [String]
3379
+ #
3380
+ # @!attribute [rw] repository_filters
3381
+ # The repository filters associated with the scanning configuration
3382
+ # for a private registry.
3383
+ # @return [Array<Types::ScanningRepositoryFilter>]
3384
+ #
3385
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/RegistryScanningRule AWS API Documentation
3386
+ #
3387
+ class RegistryScanningRule < Struct.new(
3388
+ :scan_frequency,
3389
+ :repository_filters)
3390
+ SENSITIVE = []
3391
+ include Aws::Structure
3392
+ end
3393
+
3394
+ # Information on how to remediate a finding.
3395
+ #
3396
+ # @!attribute [rw] recommendation
3397
+ # An object that contains information about the recommended course of
3398
+ # action to remediate the finding.
3399
+ # @return [Types::Recommendation]
3400
+ #
3401
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/Remediation AWS API Documentation
3402
+ #
3403
+ class Remediation < Struct.new(
3404
+ :recommendation)
3405
+ SENSITIVE = []
3406
+ include Aws::Structure
3407
+ end
3408
+
2659
3409
  # The replication configuration for a registry.
2660
3410
  #
2661
3411
  # @note When making an API call, you may pass ReplicationConfiguration
@@ -2918,6 +3668,110 @@ module Aws::ECR
2918
3668
  include Aws::Structure
2919
3669
  end
2920
3670
 
3671
+ # The details of the scanning configuration for a repository.
3672
+ #
3673
+ # @!attribute [rw] repository_arn
3674
+ # The ARN of the repository.
3675
+ # @return [String]
3676
+ #
3677
+ # @!attribute [rw] repository_name
3678
+ # The name of the repository.
3679
+ # @return [String]
3680
+ #
3681
+ # @!attribute [rw] scan_on_push
3682
+ # Whether or not scan on push is configured for the repository.
3683
+ # @return [Boolean]
3684
+ #
3685
+ # @!attribute [rw] scan_frequency
3686
+ # The scan frequency for the repository.
3687
+ # @return [String]
3688
+ #
3689
+ # @!attribute [rw] applied_scan_filters
3690
+ # The scan filters applied to the repository.
3691
+ # @return [Array<Types::ScanningRepositoryFilter>]
3692
+ #
3693
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/RepositoryScanningConfiguration AWS API Documentation
3694
+ #
3695
+ class RepositoryScanningConfiguration < Struct.new(
3696
+ :repository_arn,
3697
+ :repository_name,
3698
+ :scan_on_push,
3699
+ :scan_frequency,
3700
+ :applied_scan_filters)
3701
+ SENSITIVE = []
3702
+ include Aws::Structure
3703
+ end
3704
+
3705
+ # The details about any failures associated with the scanning
3706
+ # configuration of a repository.
3707
+ #
3708
+ # @!attribute [rw] repository_name
3709
+ # The name of the repository.
3710
+ # @return [String]
3711
+ #
3712
+ # @!attribute [rw] failure_code
3713
+ # The failure code.
3714
+ # @return [String]
3715
+ #
3716
+ # @!attribute [rw] failure_reason
3717
+ # The reason for the failure.
3718
+ # @return [String]
3719
+ #
3720
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/RepositoryScanningConfigurationFailure AWS API Documentation
3721
+ #
3722
+ class RepositoryScanningConfigurationFailure < Struct.new(
3723
+ :repository_name,
3724
+ :failure_code,
3725
+ :failure_reason)
3726
+ SENSITIVE = []
3727
+ include Aws::Structure
3728
+ end
3729
+
3730
+ # Details about the resource involved in a finding.
3731
+ #
3732
+ # @!attribute [rw] details
3733
+ # An object that contains details about the resource involved in a
3734
+ # finding.
3735
+ # @return [Types::ResourceDetails]
3736
+ #
3737
+ # @!attribute [rw] id
3738
+ # The ID of the resource.
3739
+ # @return [String]
3740
+ #
3741
+ # @!attribute [rw] tags
3742
+ # The tags attached to the resource.
3743
+ # @return [Hash<String,String>]
3744
+ #
3745
+ # @!attribute [rw] type
3746
+ # The type of resource.
3747
+ # @return [String]
3748
+ #
3749
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/Resource AWS API Documentation
3750
+ #
3751
+ class Resource < Struct.new(
3752
+ :details,
3753
+ :id,
3754
+ :tags,
3755
+ :type)
3756
+ SENSITIVE = []
3757
+ include Aws::Structure
3758
+ end
3759
+
3760
+ # Contains details about the resource involved in the finding.
3761
+ #
3762
+ # @!attribute [rw] aws_ecr_container_image
3763
+ # An object that contains details about the Amazon ECR container image
3764
+ # involved in the finding.
3765
+ # @return [Types::AwsEcrContainerImageDetails]
3766
+ #
3767
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/ResourceDetails AWS API Documentation
3768
+ #
3769
+ class ResourceDetails < Struct.new(
3770
+ :aws_ecr_container_image)
3771
+ SENSITIVE = []
3772
+ include Aws::Structure
3773
+ end
3774
+
2921
3775
  # The specified image scan could not be found. Ensure that image
2922
3776
  # scanning is enabled on the repository and try again.
2923
3777
  #
@@ -2932,6 +3786,48 @@ module Aws::ECR
2932
3786
  include Aws::Structure
2933
3787
  end
2934
3788
 
3789
+ # The details of a scanning repository filter.
3790
+ #
3791
+ # @note When making an API call, you may pass ScanningRepositoryFilter
3792
+ # data as a hash:
3793
+ #
3794
+ # {
3795
+ # filter: "ScanningRepositoryFilterValue", # required
3796
+ # filter_type: "WILDCARD", # required, accepts WILDCARD
3797
+ # }
3798
+ #
3799
+ # @!attribute [rw] filter
3800
+ # The filter to use when scanning.
3801
+ # @return [String]
3802
+ #
3803
+ # @!attribute [rw] filter_type
3804
+ # The type associated with the filter.
3805
+ # @return [String]
3806
+ #
3807
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/ScanningRepositoryFilter AWS API Documentation
3808
+ #
3809
+ class ScanningRepositoryFilter < Struct.new(
3810
+ :filter,
3811
+ :filter_type)
3812
+ SENSITIVE = []
3813
+ include Aws::Structure
3814
+ end
3815
+
3816
+ # Information about the Amazon Inspector score given to a finding.
3817
+ #
3818
+ # @!attribute [rw] cvss
3819
+ # An object that contains details about the CVSS score given to a
3820
+ # finding.
3821
+ # @return [Types::CvssScoreDetails]
3822
+ #
3823
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/ScoreDetails AWS API Documentation
3824
+ #
3825
+ class ScoreDetails < Struct.new(
3826
+ :cvss)
3827
+ SENSITIVE = []
3828
+ include Aws::Structure
3829
+ end
3830
+
2935
3831
  # These errors are usually caused by a server-side issue.
2936
3832
  #
2937
3833
  # @!attribute [rw] message
@@ -3242,6 +4138,19 @@ module Aws::ECR
3242
4138
  include Aws::Structure
3243
4139
  end
3244
4140
 
4141
+ # The specified upstream registry isn't supported.
4142
+ #
4143
+ # @!attribute [rw] message
4144
+ # @return [String]
4145
+ #
4146
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/UnsupportedUpstreamRegistryException AWS API Documentation
4147
+ #
4148
+ class UnsupportedUpstreamRegistryException < Struct.new(
4149
+ :message)
4150
+ SENSITIVE = []
4151
+ include Aws::Structure
4152
+ end
4153
+
3245
4154
  # @note When making an API call, you may pass UntagResourceRequest
3246
4155
  # data as a hash:
3247
4156
  #
@@ -3382,5 +4291,54 @@ module Aws::ECR
3382
4291
  include Aws::Structure
3383
4292
  end
3384
4293
 
4294
+ # Information on the vulnerable package identified by a finding.
4295
+ #
4296
+ # @!attribute [rw] arch
4297
+ # The architecture of the vulnerable package.
4298
+ # @return [String]
4299
+ #
4300
+ # @!attribute [rw] epoch
4301
+ # The epoch of the vulnerable package.
4302
+ # @return [Integer]
4303
+ #
4304
+ # @!attribute [rw] file_path
4305
+ # The file path of the vulnerable package.
4306
+ # @return [String]
4307
+ #
4308
+ # @!attribute [rw] name
4309
+ # The name of the vulnerable package.
4310
+ # @return [String]
4311
+ #
4312
+ # @!attribute [rw] package_manager
4313
+ # The package manager of the vulnerable package.
4314
+ # @return [String]
4315
+ #
4316
+ # @!attribute [rw] release
4317
+ # The release of the vulnerable package.
4318
+ # @return [String]
4319
+ #
4320
+ # @!attribute [rw] source_layer_hash
4321
+ # The source layer hash of the vulnerable package.
4322
+ # @return [String]
4323
+ #
4324
+ # @!attribute [rw] version
4325
+ # The version of the vulnerable package.
4326
+ # @return [String]
4327
+ #
4328
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/VulnerablePackage AWS API Documentation
4329
+ #
4330
+ class VulnerablePackage < Struct.new(
4331
+ :arch,
4332
+ :epoch,
4333
+ :file_path,
4334
+ :name,
4335
+ :package_manager,
4336
+ :release,
4337
+ :source_layer_hash,
4338
+ :version)
4339
+ SENSITIVE = []
4340
+ include Aws::Structure
4341
+ end
4342
+
3385
4343
  end
3386
4344
  end