@aws-sdk/client-ecr 3.43.0 → 3.44.0

package/dist-types/models/models_0.d.ts

@@ -322,6 +322,133 @@ export declare namespace BatchGetImageResponse {
      */
     const filterSensitiveLog: (obj: BatchGetImageResponse) => any;
 }
+export interface BatchGetRepositoryScanningConfigurationRequest {
+    /**
+     * <p>One or more repository names to get the scanning configuration for.</p>
+     */
+    repositoryNames: string[] | undefined;
+}
+export declare namespace BatchGetRepositoryScanningConfigurationRequest {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: BatchGetRepositoryScanningConfigurationRequest) => any;
+}
+export declare enum ScanningConfigurationFailureCode {
+    REPOSITORY_NOT_FOUND = "REPOSITORY_NOT_FOUND"
+}
+/**
+ * <p>The details about any failures associated with the scanning configuration of a
+ *             repository.</p>
+ */
+export interface RepositoryScanningConfigurationFailure {
+    /**
+     * <p>The name of the repository.</p>
+     */
+    repositoryName?: string;
+    /**
+     * <p>The failure code.</p>
+     */
+    failureCode?: ScanningConfigurationFailureCode | string;
+    /**
+     * <p>The reason for the failure.</p>
+     */
+    failureReason?: string;
+}
+export declare namespace RepositoryScanningConfigurationFailure {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: RepositoryScanningConfigurationFailure) => any;
+}
+export declare enum ScanningRepositoryFilterType {
+    WILDCARD = "WILDCARD"
+}
+/**
+ * <p>The details of a scanning repository filter.</p>
+ */
+export interface ScanningRepositoryFilter {
+    /**
+     * <p>The filter to use when scanning.</p>
+     */
+    filter: string | undefined;
+    /**
+     * <p>The type associated with the filter.</p>
+     */
+    filterType: ScanningRepositoryFilterType | string | undefined;
+}
+export declare namespace ScanningRepositoryFilter {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: ScanningRepositoryFilter) => any;
+}
+export declare enum ScanFrequency {
+    CONTINUOUS_SCAN = "CONTINUOUS_SCAN",
+    MANUAL = "MANUAL",
+    SCAN_ON_PUSH = "SCAN_ON_PUSH"
+}
+/**
+ * <p>The details of the scanning configuration for a repository.</p>
+ */
+export interface RepositoryScanningConfiguration {
+    /**
+     * <p>The ARN of the repository.</p>
+     */
+    repositoryArn?: string;
+    /**
+     * <p>The name of the repository.</p>
+     */
+    repositoryName?: string;
+    /**
+     * <p>Whether or not scan on push is configured for the repository.</p>
+     */
+    scanOnPush?: boolean;
+    /**
+     * <p>The scan frequency for the repository.</p>
+     */
+    scanFrequency?: ScanFrequency | string;
+    /**
+     * <p>The scan filters applied to the repository.</p>
+     */
+    appliedScanFilters?: ScanningRepositoryFilter[];
+}
+export declare namespace RepositoryScanningConfiguration {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: RepositoryScanningConfiguration) => any;
+}
+export interface BatchGetRepositoryScanningConfigurationResponse {
+    /**
+     * <p>The scanning configuration for the requested repositories.</p>
+     */
+    scanningConfigurations?: RepositoryScanningConfiguration[];
+    /**
+     * <p>Any failures associated with the call.</p>
+     */
+    failures?: RepositoryScanningConfigurationFailure[];
+}
+export declare namespace BatchGetRepositoryScanningConfigurationResponse {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: BatchGetRepositoryScanningConfigurationResponse) => any;
+}
+/**
+ * <p>There was an exception validating this request.</p>
+ */
+export interface ValidationException extends __SmithyException, $MetadataBearer {
+    name: "ValidationException";
+    $fault: "client";
+    message?: string;
+}
+export declare namespace ValidationException {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: ValidationException) => any;
+}
 export interface CompleteLayerUploadRequest {
     /**
      * <p>The Amazon Web Services account ID associated with the registry to which to upload layers.
@@ -477,6 +604,101 @@ export declare namespace UploadNotFoundException {
      */
     const filterSensitiveLog: (obj: UploadNotFoundException) => any;
 }
+export interface CreatePullThroughCacheRuleRequest {
+    /**
+     * <p>The repository name prefix to use when caching images from the source registry.</p>
+     */
+    ecrRepositoryPrefix: string | undefined;
+    /**
+     * <p>The registry URL of the upstream public registry to use as the source for the pull
+     *             through cache rule.</p>
+     */
+    upstreamRegistryUrl: string | undefined;
+    /**
+     * <p>The Amazon Web Services account ID associated with the registry to create the pull through cache
+     *             rule for. If you do not specify a registry, the default registry is assumed.</p>
+     */
+    registryId?: string;
+}
+export declare namespace CreatePullThroughCacheRuleRequest {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: CreatePullThroughCacheRuleRequest) => any;
+}
+export interface CreatePullThroughCacheRuleResponse {
+    /**
+     * <p>The Amazon ECR repository prefix associated with the pull through cache rule.</p>
+     */
+    ecrRepositoryPrefix?: string;
+    /**
+     * <p>The upstream registry URL associated with the pull through cache rule.</p>
+     */
+    upstreamRegistryUrl?: string;
+    /**
+     * <p>The date and time, in JavaScript date format, when the pull through cache rule was
+     *             created.</p>
+     */
+    createdAt?: Date;
+    /**
+     * <p>The registry ID associated with the request.</p>
+     */
+    registryId?: string;
+}
+export declare namespace CreatePullThroughCacheRuleResponse {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: CreatePullThroughCacheRuleResponse) => any;
+}
+/**
+ * <p>The operation did not succeed because it would have exceeded a service limit for your
+ *             account. For more information, see <a href="https://docs.aws.amazon.com/AmazonECR/latest/userguide/service-quotas.html">Amazon ECR service quotas</a> in
+ *             the Amazon Elastic Container Registry User Guide.</p>
+ */
+export interface LimitExceededException extends __SmithyException, $MetadataBearer {
+    name: "LimitExceededException";
+    $fault: "client";
+    /**
+     * <p>The error message associated with the exception.</p>
+     */
+    message?: string;
+}
+export declare namespace LimitExceededException {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: LimitExceededException) => any;
+}
+/**
+ * <p>A pull through cache rule with these settings already exists for the private
+ *             registry.</p>
+ */
+export interface PullThroughCacheRuleAlreadyExistsException extends __SmithyException, $MetadataBearer {
+    name: "PullThroughCacheRuleAlreadyExistsException";
+    $fault: "client";
+    message?: string;
+}
+export declare namespace PullThroughCacheRuleAlreadyExistsException {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: PullThroughCacheRuleAlreadyExistsException) => any;
+}
+/**
+ * <p>The specified upstream registry isn't supported.</p>
+ */
+export interface UnsupportedUpstreamRegistryException extends __SmithyException, $MetadataBearer {
+    name: "UnsupportedUpstreamRegistryException";
+    $fault: "client";
+    message?: string;
+}
+export declare namespace UnsupportedUpstreamRegistryException {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: UnsupportedUpstreamRegistryException) => any;
+}
 export declare enum EncryptionType {
     AES256 = "AES256",
     KMS = "KMS"
@@ -502,12 +724,12 @@ export interface EncryptionConfiguration {
      *             for Amazon ECR, or specify your own KMS key, which you already created. For more
      *             information, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingKMSEncryption.html">Protecting data using server-side
      *                 encryption with an KMS key stored in Key Management Service (SSE-KMS)</a> in the
-     *                 <i>Amazon Simple Storage Service Console Developer Guide.</i>.</p>
+     *                 <i>Amazon Simple Storage Service Console Developer Guide</i>.</p>
      *         <p>If you use the <code>AES256</code> encryption type, Amazon ECR uses server-side encryption
      *             with Amazon S3-managed encryption keys which encrypts the images in the repository using an
      *             AES-256 encryption algorithm. For more information, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingServerSideEncryption.html">Protecting data using
      *                 server-side encryption with Amazon S3-managed encryption keys (SSE-S3)</a> in the
-     *                 <i>Amazon Simple Storage Service Console Developer Guide.</i>.</p>
+     *                 <i>Amazon Simple Storage Service Console Developer Guide</i>.</p>
      */
     encryptionType: EncryptionType | string | undefined;
     /**
@@ -572,7 +794,7 @@ export declare namespace Tag {
 }
 export interface CreateRepositoryRequest {
     /**
-     * <p>The AWS account ID associated with the registry to create the repository.
+     * <p>The Amazon Web Services account ID associated with the registry to create the repository.
      *             If you do not specify a registry, the default registry is assumed.</p>
      */
     registryId?: string;
@@ -687,25 +909,6 @@ export declare namespace InvalidTagParameterException {
      */
     const filterSensitiveLog: (obj: InvalidTagParameterException) => any;
 }
-/**
- * <p>The operation did not succeed because it would have exceeded a service limit for your
- *             account. For more information, see <a href="https://docs.aws.amazon.com/AmazonECR/latest/userguide/service-quotas.html">Amazon ECR service quotas</a> in
- *             the Amazon Elastic Container Registry User Guide.</p>
- */
-export interface LimitExceededException extends __SmithyException, $MetadataBearer {
-    name: "LimitExceededException";
-    $fault: "client";
-    /**
-     * <p>The error message associated with the exception.</p>
-     */
-    message?: string;
-}
-export declare namespace LimitExceededException {
-    /**
-     * @internal
-     */
-    const filterSensitiveLog: (obj: LimitExceededException) => any;
-}
 /**
  * <p>The specified repository already exists in the specified registry.</p>
  */
@@ -794,6 +997,63 @@ export declare namespace LifecyclePolicyNotFoundException {
      */
     const filterSensitiveLog: (obj: LifecyclePolicyNotFoundException) => any;
 }
+export interface DeletePullThroughCacheRuleRequest {
+    /**
+     * <p>The Amazon ECR repository prefix associated with the pull through cache rule to
+     *             delete.</p>
+     */
+    ecrRepositoryPrefix: string | undefined;
+    /**
+     * <p>The Amazon Web Services account ID associated with the registry that contains the pull through cache
+     *             rule. If you do not specify a registry, the default registry is assumed.</p>
+     */
+    registryId?: string;
+}
+export declare namespace DeletePullThroughCacheRuleRequest {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: DeletePullThroughCacheRuleRequest) => any;
+}
+export interface DeletePullThroughCacheRuleResponse {
+    /**
+     * <p>The Amazon ECR repository prefix associated with the request.</p>
+     */
+    ecrRepositoryPrefix?: string;
+    /**
+     * <p>The upstream registry URL associated with the pull through cache rule.</p>
+     */
+    upstreamRegistryUrl?: string;
+    /**
+     * <p>The timestamp associated with the pull through cache rule.</p>
+     */
+    createdAt?: Date;
+    /**
+     * <p>The registry ID associated with the request.</p>
+     */
+    registryId?: string;
+}
+export declare namespace DeletePullThroughCacheRuleResponse {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: DeletePullThroughCacheRuleResponse) => any;
+}
+/**
+ * <p>The pull through cache rule was not found. Specify a valid pull through cache rule and
+ *             try again.</p>
+ */
+export interface PullThroughCacheRuleNotFoundException extends __SmithyException, $MetadataBearer {
+    name: "PullThroughCacheRuleNotFoundException";
+    $fault: "client";
+    message?: string;
+}
+export declare namespace PullThroughCacheRuleNotFoundException {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: PullThroughCacheRuleNotFoundException) => any;
+}
 export interface DeleteRegistryPolicyRequest {
 }
 export declare namespace DeleteRegistryPolicyRequest {
@@ -832,20 +1092,6 @@ export declare namespace RegistryPolicyNotFoundException {
      */
     const filterSensitiveLog: (obj: RegistryPolicyNotFoundException) => any;
 }
-/**
- * <p>There was an exception validating this request.</p>
- */
-export interface ValidationException extends __SmithyException, $MetadataBearer {
-    name: "ValidationException";
-    $fault: "client";
-    message?: string;
-}
-export declare namespace ValidationException {
-    /**
-     * @internal
-     */
-    const filterSensitiveLog: (obj: ValidationException) => any;
-}
 export interface DeleteRepositoryRequest {
     /**
      * <p>The Amazon Web Services account ID associated with the registry that contains the repository to
@@ -987,7 +1233,7 @@ export interface ImageReplicationStatus {
      */
     region?: string;
     /**
-     * <p>The AWS account ID associated with the registry to which the image belongs.</p>
+     * <p>The Amazon Web Services account ID associated with the registry to which the image belongs.</p>
      */
     registryId?: string;
     /**
@@ -1096,198 +1342,585 @@ export interface DescribeImagesRequest {
      *             100 results and a <code>nextToken</code> value, if applicable. This
      *             option cannot be used when you specify images with <code>imageIds</code>.</p>
      */
-    maxResults?: number;
+    maxResults?: number;
+    /**
+     * <p>The filter key and value with which to filter your <code>DescribeImages</code>
+     *             results.</p>
+     */
+    filter?: DescribeImagesFilter;
+}
+export declare namespace DescribeImagesRequest {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: DescribeImagesRequest) => any;
+}
+export declare enum FindingSeverity {
+    CRITICAL = "CRITICAL",
+    HIGH = "HIGH",
+    INFORMATIONAL = "INFORMATIONAL",
+    LOW = "LOW",
+    MEDIUM = "MEDIUM",
+    UNDEFINED = "UNDEFINED"
+}
+/**
+ * <p>A summary of the last completed image scan.</p>
+ */
+export interface ImageScanFindingsSummary {
+    /**
+     * <p>The time of the last completed image scan.</p>
+     */
+    imageScanCompletedAt?: Date;
+    /**
+     * <p>The time when the vulnerability data was last scanned.</p>
+     */
+    vulnerabilitySourceUpdatedAt?: Date;
+    /**
+     * <p>The image vulnerability counts, sorted by severity.</p>
+     */
+    findingSeverityCounts?: {
+        [key: string]: number;
+    };
+}
+export declare namespace ImageScanFindingsSummary {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: ImageScanFindingsSummary) => any;
+}
+export declare enum ScanStatus {
+    ACTIVE = "ACTIVE",
+    COMPLETE = "COMPLETE",
+    FAILED = "FAILED",
+    FINDINGS_UNAVAILABLE = "FINDINGS_UNAVAILABLE",
+    IN_PROGRESS = "IN_PROGRESS",
+    PENDING = "PENDING",
+    SCAN_ELIGIBILITY_EXPIRED = "SCAN_ELIGIBILITY_EXPIRED",
+    UNSUPPORTED_IMAGE = "UNSUPPORTED_IMAGE"
+}
+/**
+ * <p>The current status of an image scan.</p>
+ */
+export interface ImageScanStatus {
+    /**
+     * <p>The current state of an image scan.</p>
+     */
+    status?: ScanStatus | string;
+    /**
+     * <p>The description of the image scan status.</p>
+     */
+    description?: string;
+}
+export declare namespace ImageScanStatus {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: ImageScanStatus) => any;
+}
+/**
+ * <p>An object that describes an image returned by a <a>DescribeImages</a>
+ *             operation.</p>
+ */
+export interface ImageDetail {
+    /**
+     * <p>The Amazon Web Services account ID associated with the registry to which this image belongs.</p>
+     */
+    registryId?: string;
+    /**
+     * <p>The name of the repository to which this image belongs.</p>
+     */
+    repositoryName?: string;
+    /**
+     * <p>The <code>sha256</code> digest of the image manifest.</p>
+     */
+    imageDigest?: string;
+    /**
+     * <p>The list of tags associated with this image.</p>
+     */
+    imageTags?: string[];
+    /**
+     * <p>The size, in bytes, of the image in the repository.</p>
+     *         <p>If the image is a manifest list, this will be the max size of all manifests in the
+     *             list.</p>
+     *         <note>
+     *             <p>Beginning with Docker version 1.9, the Docker client compresses image layers
+     *                 before pushing them to a V2 Docker registry. The output of the <code>docker
+     *                     images</code> command shows the uncompressed image size, so it may return a
+     *                 larger image size than the image sizes returned by <a>DescribeImages</a>.</p>
+     *         </note>
+     */
+    imageSizeInBytes?: number;
+    /**
+     * <p>The date and time, expressed in standard JavaScript date format, at which the current
+     *             image was pushed to the repository. </p>
+     */
+    imagePushedAt?: Date;
+    /**
+     * <p>The current state of the scan.</p>
+     */
+    imageScanStatus?: ImageScanStatus;
+    /**
+     * <p>A summary of the last completed image scan.</p>
+     */
+    imageScanFindingsSummary?: ImageScanFindingsSummary;
+    /**
+     * <p>The media type of the image manifest.</p>
+     */
+    imageManifestMediaType?: string;
+    /**
+     * <p>The artifact media type of the image.</p>
+     */
+    artifactMediaType?: string;
+}
+export declare namespace ImageDetail {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: ImageDetail) => any;
+}
+export interface DescribeImagesResponse {
+    /**
+     * <p>A list of <a>ImageDetail</a> objects that contain data about the
+     *             image.</p>
+     */
+    imageDetails?: ImageDetail[];
+    /**
+     * <p>The <code>nextToken</code> value to include in a future <code>DescribeImages</code>
+     *             request. When the results of a <code>DescribeImages</code> request exceed
+     *                 <code>maxResults</code>, this value can be used to retrieve the next page of
+     *             results. This value is <code>null</code> when there are no more results to
+     *             return.</p>
+     */
+    nextToken?: string;
+}
+export declare namespace DescribeImagesResponse {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: DescribeImagesResponse) => any;
+}
+export interface DescribeImageScanFindingsRequest {
+    /**
+     * <p>The Amazon Web Services account ID associated with the registry that contains the repository in
+     *             which to describe the image scan findings for. If you do not specify a registry, the default registry is assumed.</p>
+     */
+    registryId?: string;
+    /**
+     * <p>The repository for the image for which to describe the scan findings.</p>
+     */
+    repositoryName: string | undefined;
+    /**
+     * <p>An object with identifying information for an image in an Amazon ECR repository.</p>
+     */
+    imageId: ImageIdentifier | undefined;
+    /**
+     * <p>The <code>nextToken</code> value returned from a previous paginated
+     *                 <code>DescribeImageScanFindings</code> request where <code>maxResults</code> was
+     *             used and the results exceeded the value of that parameter. Pagination continues from the
+     *             end of the previous results that returned the <code>nextToken</code> value. This value
+     *             is null when there are no more results to return.</p>
+     */
+    nextToken?: string;
+    /**
+     * <p>The maximum number of image scan results returned by
+     *                 <code>DescribeImageScanFindings</code> in paginated output. When this parameter is
+     *             used, <code>DescribeImageScanFindings</code> only returns <code>maxResults</code>
+     *             results in a single page along with a <code>nextToken</code> response element. The
+     *             remaining results of the initial request can be seen by sending another
+     *                 <code>DescribeImageScanFindings</code> request with the returned
+     *                 <code>nextToken</code> value. This value can be between 1 and 1000. If this
+     *             parameter is not used, then <code>DescribeImageScanFindings</code> returns up to 100
+     *             results and a <code>nextToken</code> value, if applicable.</p>
+     */
+    maxResults?: number;
+}
+export declare namespace DescribeImageScanFindingsRequest {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: DescribeImageScanFindingsRequest) => any;
+}
+/**
+ * <p>The CVSS score for a finding.</p>
+ */
+export interface CvssScore {
+    /**
+     * <p>The base CVSS score used for the finding.</p>
+     */
+    baseScore?: number;
+    /**
+     * <p>The vector string of the CVSS score.</p>
+     */
+    scoringVector?: string;
+    /**
+     * <p>The source of the CVSS score.</p>
+     */
+    source?: string;
+    /**
+     * <p>The version of CVSS used for the score.</p>
+     */
+    version?: string;
+}
+export declare namespace CvssScore {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: CvssScore) => any;
+}
+/**
+ * <p>Information on the vulnerable package identified by a finding.</p>
+ */
+export interface VulnerablePackage {
+    /**
+     * <p>The architecture of the vulnerable package.</p>
+     */
+    arch?: string;
+    /**
+     * <p>The epoch of the vulnerable package.</p>
+     */
+    epoch?: number;
+    /**
+     * <p>The file path of the vulnerable package.</p>
+     */
+    filePath?: string;
+    /**
+     * <p>The name of the vulnerable package.</p>
+     */
+    name?: string;
+    /**
+     * <p>The package manager of the vulnerable package.</p>
+     */
+    packageManager?: string;
+    /**
+     * <p>The release of the vulnerable package.</p>
+     */
+    release?: string;
+    /**
+     * <p>The source layer hash of the vulnerable package.</p>
+     */
+    sourceLayerHash?: string;
+    /**
+     * <p>The version of the vulnerable package.</p>
+     */
+    version?: string;
+}
+export declare namespace VulnerablePackage {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: VulnerablePackage) => any;
+}
+/**
+ * <p>Information about a package vulnerability finding.</p>
+ */
+export interface PackageVulnerabilityDetails {
+    /**
+     * <p>An object that contains details about the CVSS score of a finding.</p>
+     */
+    cvss?: CvssScore[];
+    /**
+     * <p>One or more URLs that contain details about this vulnerability type.</p>
+     */
+    referenceUrls?: string[];
+    /**
+     * <p>One or more vulnerabilities related to the one identified in this finding.</p>
+     */
+    relatedVulnerabilities?: string[];
+    /**
+     * <p>The source of the vulnerability information.</p>
+     */
+    source?: string;
+    /**
+     * <p>A URL to the source of the vulnerability information.</p>
+     */
+    sourceUrl?: string;
+    /**
+     * <p>The date and time that this vulnerability was first added to the vendor's
+     *             database.</p>
+     */
+    vendorCreatedAt?: Date;
+    /**
+     * <p>The severity the vendor has given to this vulnerability type.</p>
+     */
+    vendorSeverity?: string;
+    /**
+     * <p>The date and time the vendor last updated this vulnerability in their database.</p>
+     */
+    vendorUpdatedAt?: Date;
+    /**
+     * <p>The ID given to this vulnerability.</p>
+     */
+    vulnerabilityId?: string;
+    /**
+     * <p>The packages impacted by this vulnerability.</p>
+     */
+    vulnerablePackages?: VulnerablePackage[];
+}
+export declare namespace PackageVulnerabilityDetails {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: PackageVulnerabilityDetails) => any;
+}
+/**
+ * <p>Details about the recommended course of action to remediate the finding.</p>
+ */
+export interface Recommendation {
+    /**
+     * <p>The URL address to the CVE remediation recommendations.</p>
+     */
+    url?: string;
+    /**
+     * <p>The recommended course of action to remediate the finding.</p>
+     */
+    text?: string;
+}
+export declare namespace Recommendation {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: Recommendation) => any;
+}
+/**
+ * <p>Information on how to remediate a finding.</p>
+ */
+export interface Remediation {
+    /**
+     * <p>An object that contains information about the recommended course of action to
+     *             remediate the finding.</p>
+     */
+    recommendation?: Recommendation;
+}
+export declare namespace Remediation {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: Remediation) => any;
+}
+/**
+ * <p>The image details of the Amazon ECR container image.</p>
+ */
+export interface AwsEcrContainerImageDetails {
+    /**
+     * <p>The architecture of the Amazon ECR container image.</p>
+     */
+    architecture?: string;
+    /**
+     * <p>The image author of the Amazon ECR container image.</p>
+     */
+    author?: string;
+    /**
+     * <p>The image hash of the Amazon ECR container image.</p>
+     */
+    imageHash?: string;
+    /**
+     * <p>The image tags attached to the Amazon ECR container image.</p>
+     */
+    imageTags?: string[];
+    /**
+     * <p>The platform of the Amazon ECR container image.</p>
+     */
+    platform?: string;
+    /**
+     * <p>The date and time the Amazon ECR container image was pushed.</p>
+     */
+    pushedAt?: Date;
+    /**
+     * <p>The registry the Amazon ECR container image belongs to.</p>
+     */
+    registry?: string;
+    /**
+     * <p>The name of the repository the Amazon ECR container image resides in.</p>
+     */
+    repositoryName?: string;
+}
+export declare namespace AwsEcrContainerImageDetails {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: AwsEcrContainerImageDetails) => any;
+}
+/**
+ * <p>Contains details about the resource involved in the finding.</p>
+ */
+export interface ResourceDetails {
     /**
-     * <p>The filter key and value with which to filter your <code>DescribeImages</code>
-     *             results.</p>
+     * <p>An object that contains details about the Amazon ECR container image involved in the
+     *             finding.</p>
      */
-    filter?: DescribeImagesFilter;
+    awsEcrContainerImage?: AwsEcrContainerImageDetails;
 }
-export declare namespace DescribeImagesRequest {
+export declare namespace ResourceDetails {
     /**
      * @internal
      */
-    const filterSensitiveLog: (obj: DescribeImagesRequest) => any;
-}
-export declare enum FindingSeverity {
-    CRITICAL = "CRITICAL",
-    HIGH = "HIGH",
-    INFORMATIONAL = "INFORMATIONAL",
-    LOW = "LOW",
-    MEDIUM = "MEDIUM",
-    UNDEFINED = "UNDEFINED"
+    const filterSensitiveLog: (obj: ResourceDetails) => any;
 }
 /**
- * <p>A summary of the last completed image scan.</p>
+ * <p>Details about the resource involved in a finding.</p>
  */
-export interface ImageScanFindingsSummary {
+export interface Resource {
     /**
-     * <p>The time of the last completed image scan.</p>
+     * <p>An object that contains details about the resource involved in a finding.</p>
      */
-    imageScanCompletedAt?: Date;
+    details?: ResourceDetails;
     /**
-     * <p>The time when the vulnerability data was last scanned.</p>
+     * <p>The ID of the resource.</p>
      */
-    vulnerabilitySourceUpdatedAt?: Date;
+    id?: string;
     /**
-     * <p>The image vulnerability counts, sorted by severity.</p>
+     * <p>The tags attached to the resource.</p>
      */
-    findingSeverityCounts?: {
-        [key: string]: number;
+    tags?: {
+        [key: string]: string;
     };
+    /**
+     * <p>The type of resource.</p>
+     */
+    type?: string;
 }
-export declare namespace ImageScanFindingsSummary {
+export declare namespace Resource {
     /**
      * @internal
      */
-    const filterSensitiveLog: (obj: ImageScanFindingsSummary) => any;
-}
-export declare enum ScanStatus {
-    COMPLETE = "COMPLETE",
-    FAILED = "FAILED",
-    IN_PROGRESS = "IN_PROGRESS"
+    const filterSensitiveLog: (obj: Resource) => any;
 }
 /**
- * <p>The current status of an image scan.</p>
+ * <p>Details on adjustments Amazon Inspector made to the CVSS score for a finding.</p>
  */
-export interface ImageScanStatus {
+export interface CvssScoreAdjustment {
     /**
-     * <p>The current state of an image scan.</p>
+     * <p>The metric used to adjust the CVSS score.</p>
      */
-    status?: ScanStatus | string;
+    metric?: string;
     /**
-     * <p>The description of the image scan status.</p>
+     * <p>The reason the CVSS score has been adjustment.</p>
      */
-    description?: string;
+    reason?: string;
 }
-export declare namespace ImageScanStatus {
+export declare namespace CvssScoreAdjustment {
     /**
      * @internal
      */
-    const filterSensitiveLog: (obj: ImageScanStatus) => any;
+    const filterSensitiveLog: (obj: CvssScoreAdjustment) => any;
 }
 /**
- * <p>An object that describes an image returned by a <a>DescribeImages</a>
- *             operation.</p>
+ * <p>Information about the CVSS score.</p>
  */
-export interface ImageDetail {
+export interface CvssScoreDetails {
     /**
-     * <p>The Amazon Web Services account ID associated with the registry to which this image belongs.</p>
+     * <p>An object that contains details about adjustment Amazon Inspector made to the CVSS score.</p>
      */
-    registryId?: string;
+    adjustments?: CvssScoreAdjustment[];
     /**
-     * <p>The name of the repository to which this image belongs.</p>
+     * <p>The CVSS score.</p>
      */
-    repositoryName?: string;
+    score?: number;
     /**
-     * <p>The <code>sha256</code> digest of the image manifest.</p>
+     * <p>The source for the CVSS score.</p>
      */
-    imageDigest?: string;
+    scoreSource?: string;
     /**
-     * <p>The list of tags associated with this image.</p>
+     * <p>The vector for the CVSS score.</p>
      */
-    imageTags?: string[];
+    scoringVector?: string;
     /**
-     * <p>The size, in bytes, of the image in the repository.</p>
-     *         <p>If the image is a manifest list, this will be the max size of all manifests in the
-     *             list.</p>
-     *         <note>
-     *             <p>Beginning with Docker version 1.9, the Docker client compresses image layers
-     *                 before pushing them to a V2 Docker registry. The output of the <code>docker
-     *                     images</code> command shows the uncompressed image size, so it may return a
-     *                 larger image size than the image sizes returned by <a>DescribeImages</a>.</p>
-     *         </note>
+     * <p>The CVSS version used in scoring.</p>
      */
-    imageSizeInBytes?: number;
+    version?: string;
+}
+export declare namespace CvssScoreDetails {
     /**
-     * <p>The date and time, expressed in standard JavaScript date format, at which the current
-     *             image was pushed to the repository. </p>
+     * @internal
      */
-    imagePushedAt?: Date;
+    const filterSensitiveLog: (obj: CvssScoreDetails) => any;
+}
+/**
+ * <p>Information about the Amazon Inspector score given to a finding.</p>
+ */
+export interface ScoreDetails {
     /**
-     * <p>The current state of the scan.</p>
+     * <p>An object that contains details about the CVSS score given to a finding.</p>
      */
-    imageScanStatus?: ImageScanStatus;
+    cvss?: CvssScoreDetails;
+}
+export declare namespace ScoreDetails {
     /**
-     * <p>A summary of the last completed image scan.</p>
+     * @internal
      */
-    imageScanFindingsSummary?: ImageScanFindingsSummary;
+    const filterSensitiveLog: (obj: ScoreDetails) => any;
+}
+/**
+ * <p>The details of an enhanced image scan. This is returned when enhanced scanning is
+ *             enabled for your private registry.</p>
+ */
+export interface EnhancedImageScanFinding {
     /**
-     * <p>The media type of the image manifest.</p>
+     * <p>The Amazon Web Services account ID associated with the image.</p>
      */
-    imageManifestMediaType?: string;
+    awsAccountId?: string;
     /**
-     * <p>The artifact media type of the image.</p>
+     * <p>The description of the finding.</p>
      */
-    artifactMediaType?: string;
-}
-export declare namespace ImageDetail {
+    description?: string;
     /**
-     * @internal
+     * <p>The Amazon Resource Number (ARN) of the finding.</p>
      */
-    const filterSensitiveLog: (obj: ImageDetail) => any;
-}
-export interface DescribeImagesResponse {
+    findingArn?: string;
     /**
-     * <p>A list of <a>ImageDetail</a> objects that contain data about the
-     *             image.</p>
+     * <p>The date and time that the finding was first observed.</p>
      */
-    imageDetails?: ImageDetail[];
+    firstObservedAt?: Date;
     /**
-     * <p>The <code>nextToken</code> value to include in a future <code>DescribeImages</code>
-     *             request. When the results of a <code>DescribeImages</code> request exceed
-     *                 <code>maxResults</code>, this value can be used to retrieve the next page of
-     *             results. This value is <code>null</code> when there are no more results to
-     *             return.</p>
+     * <p>The date and time that the finding was last observed.</p>
      */
-    nextToken?: string;
-}
-export declare namespace DescribeImagesResponse {
+    lastObservedAt?: Date;
     /**
-     * @internal
+     * <p>An object that contains the details of a package vulnerability finding.</p>
      */
-    const filterSensitiveLog: (obj: DescribeImagesResponse) => any;
-}
-export interface DescribeImageScanFindingsRequest {
+    packageVulnerabilityDetails?: PackageVulnerabilityDetails;
     /**
-     * <p>The Amazon Web Services account ID associated with the registry that contains the repository in
-     *             which to describe the image scan findings for. If you do not specify a registry, the default registry is assumed.</p>
+     * <p>An object that contains the details about how to remediate a finding.</p>
      */
-    registryId?: string;
+    remediation?: Remediation;
     /**
-     * <p>The repository for the image for which to describe the scan findings.</p>
+     * <p>Contains information on the resources involved in a finding.</p>
      */
-    repositoryName: string | undefined;
+    resources?: Resource[];
     /**
-     * <p>An object with identifying information for an image in an Amazon ECR repository.</p>
+     * <p>The Amazon Inspector score given to the finding.</p>
      */
-    imageId: ImageIdentifier | undefined;
+    score?: number;
     /**
-     * <p>The <code>nextToken</code> value returned from a previous paginated
-     *                 <code>DescribeImageScanFindings</code> request where <code>maxResults</code> was
-     *             used and the results exceeded the value of that parameter. Pagination continues from the
-     *             end of the previous results that returned the <code>nextToken</code> value. This value
-     *             is null when there are no more results to return.</p>
+     * <p>An object that contains details of the Amazon Inspector score.</p>
      */
-    nextToken?: string;
+    scoreDetails?: ScoreDetails;
     /**
-     * <p>The maximum number of image scan results returned by
-     *                 <code>DescribeImageScanFindings</code> in paginated output. When this parameter is
-     *             used, <code>DescribeImageScanFindings</code> only returns <code>maxResults</code>
-     *             results in a single page along with a <code>nextToken</code> response element. The
-     *             remaining results of the initial request can be seen by sending another
-     *                 <code>DescribeImageScanFindings</code> request with the returned
-     *                 <code>nextToken</code> value. This value can be between 1 and 1000. If this
-     *             parameter is not used, then <code>DescribeImageScanFindings</code> returns up to 100
-     *             results and a <code>nextToken</code> value, if applicable.</p>
+     * <p>The severity of the finding.</p>
      */
-    maxResults?: number;
+    severity?: string;
+    /**
+     * <p>The status of the finding.</p>
+     */
+    status?: string;
+    /**
+     * <p>The title of the finding.</p>
+     */
+    title?: string;
+    /**
+     * <p>The type of the finding.</p>
+     */
+    type?: string;
+    /**
+     * <p>The date and time the finding was last updated at.</p>
+     */
+    updatedAt?: Date;
 }
-export declare namespace DescribeImageScanFindingsRequest {
+export declare namespace EnhancedImageScanFinding {
     /**
      * @internal
      */
-    const filterSensitiveLog: (obj: DescribeImageScanFindingsRequest) => any;
+    const filterSensitiveLog: (obj: EnhancedImageScanFinding) => any;
 }
 /**
  * <p>This data type is used in the <a>ImageScanFinding</a> data type.</p>
@@ -1351,16 +1984,20 @@ export interface ImageScanFindings {
      * <p>The time when the vulnerability data was last scanned.</p>
      */
     vulnerabilitySourceUpdatedAt?: Date;
-    /**
-     * <p>The findings from the image scan.</p>
-     */
-    findings?: ImageScanFinding[];
     /**
      * <p>The image vulnerability counts, sorted by severity.</p>
      */
     findingSeverityCounts?: {
         [key: string]: number;
     };
+    /**
+     * <p>The findings from the image scan.</p>
+     */
+    findings?: ImageScanFinding[];
+    /**
+     * <p>Details about the enhanced scan findings from Amazon Inspector.</p>
+     */
+    enhancedFindings?: EnhancedImageScanFinding[];
 }
 export declare namespace ImageScanFindings {
     /**
@@ -1419,6 +2056,94 @@ export declare namespace ScanNotFoundException {
      */
     const filterSensitiveLog: (obj: ScanNotFoundException) => any;
 }
+export interface DescribePullThroughCacheRulesRequest {
+    /**
+     * <p>The Amazon Web Services account ID associated with the registry to return the pull through cache
+     *             rules for. If you do not specify a registry, the default registry is assumed.</p>
+     */
+    registryId?: string;
+    /**
+     * <p>The Amazon ECR repository prefixes associated with the pull through cache rules to return.
+     *             If no repository prefix value is specified, all pull through cache rules are
+     *             returned.</p>
+     */
+    ecrRepositoryPrefixes?: string[];
+    /**
+     * <p>The <code>nextToken</code> value returned from a previous paginated
+     *                 <code>DescribePullThroughCacheRulesRequest</code> request where
+     *                 <code>maxResults</code> was used and the results exceeded the value of that
+     *             parameter. Pagination continues from the end of the previous results that returned the
+     *                 <code>nextToken</code> value. This value is null when there are no more results to
+     *             return.</p>
+     */
+    nextToken?: string;
+    /**
+     * <p>The maximum number of pull through cache rules returned by
+     *                 <code>DescribePullThroughCacheRulesRequest</code> in paginated output. When this
+     *             parameter is used, <code>DescribePullThroughCacheRulesRequest</code> only returns
+     *                 <code>maxResults</code> results in a single page along with a <code>nextToken</code>
+     *             response element. The remaining results of the initial request can be seen by sending
+     *             another <code>DescribePullThroughCacheRulesRequest</code> request with the returned
+     *                 <code>nextToken</code> value. This value can be between 1 and 1000. If this
+     *             parameter is not used, then <code>DescribePullThroughCacheRulesRequest</code> returns up
+     *             to 100 results and a <code>nextToken</code> value, if applicable.</p>
+     */
+    maxResults?: number;
+}
+export declare namespace DescribePullThroughCacheRulesRequest {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: DescribePullThroughCacheRulesRequest) => any;
+}
+/**
+ * <p>The details of a pull through cache rule.</p>
+ */
+export interface PullThroughCacheRule {
+    /**
+     * <p>The Amazon ECR repository prefix associated with the pull through cache rule.</p>
+     */
+    ecrRepositoryPrefix?: string;
+    /**
+     * <p>The upstream registry URL associated with the pull through cache rule.</p>
+     */
+    upstreamRegistryUrl?: string;
+    /**
+     * <p>The date and time the pull through cache was created.</p>
+     */
+    createdAt?: Date;
+    /**
+     * <p>The Amazon Web Services account ID associated with the registry the pull through cache rule is
+     *             associated with.</p>
+     */
+    registryId?: string;
+}
+export declare namespace PullThroughCacheRule {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: PullThroughCacheRule) => any;
+}
+export interface DescribePullThroughCacheRulesResponse {
+    /**
+     * <p>The details of the pull through cache rules.</p>
+     */
+    pullThroughCacheRules?: PullThroughCacheRule[];
+    /**
+     * <p>The <code>nextToken</code> value to include in a future
+     *                 <code>DescribePullThroughCacheRulesRequest</code> request. When the results of a
+     *                 <code>DescribePullThroughCacheRulesRequest</code> request exceed
+     *                 <code>maxResults</code>, this value can be used to retrieve the next page of
+     *             results. This value is null when there are no more results to return.</p>
+     */
+    nextToken?: string;
+}
+export declare namespace DescribePullThroughCacheRulesResponse {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: DescribePullThroughCacheRulesResponse) => any;
+}
 export interface DescribeRegistryRequest {
 }
 export declare namespace DescribeRegistryRequest {
@@ -1989,6 +2714,73 @@ export declare namespace GetRegistryPolicyResponse {
      */
     const filterSensitiveLog: (obj: GetRegistryPolicyResponse) => any;
 }
+export interface GetRegistryScanningConfigurationRequest {
+}
+export declare namespace GetRegistryScanningConfigurationRequest {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: GetRegistryScanningConfigurationRequest) => any;
+}
+/**
+ * <p>The details of a scanning rule for a private registry.</p>
+ */
+export interface RegistryScanningRule {
+    /**
+     * <p>The frequency that scans are performed at for a private registry.</p>
+     */
+    scanFrequency: ScanFrequency | string | undefined;
+    /**
+     * <p>The repository filters associated with the scanning configuration for a private
+     *             registry.</p>
+     */
+    repositoryFilters: ScanningRepositoryFilter[] | undefined;
+}
+export declare namespace RegistryScanningRule {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: RegistryScanningRule) => any;
+}
+export declare enum ScanType {
+    BASIC = "BASIC",
+    ENHANCED = "ENHANCED"
+}
+/**
+ * <p>The scanning configuration for a private registry.</p>
+ */
+export interface RegistryScanningConfiguration {
+    /**
+     * <p>The type of scanning configured for the registry.</p>
+     */
+    scanType?: ScanType | string;
+    /**
+     * <p>The scanning rules associated with the registry.</p>
+     */
+    rules?: RegistryScanningRule[];
+}
+export declare namespace RegistryScanningConfiguration {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: RegistryScanningConfiguration) => any;
+}
+export interface GetRegistryScanningConfigurationResponse {
+    /**
+     * <p>The ID of the registry.</p>
+     */
+    registryId?: string;
+    /**
+     * <p>The scanning configuration for the registry.</p>
+     */
+    scanningConfiguration?: RegistryScanningConfiguration;
+}
+export declare namespace GetRegistryScanningConfigurationResponse {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: GetRegistryScanningConfigurationResponse) => any;
+}
 export interface GetRepositoryPolicyRequest {
     /**
      * <p>The Amazon Web Services account ID associated with the registry that contains the repository.
@@ -2439,6 +3231,41 @@ export declare namespace PutRegistryPolicyResponse {
      */
     const filterSensitiveLog: (obj: PutRegistryPolicyResponse) => any;
 }
+export interface PutRegistryScanningConfigurationRequest {
+    /**
+     * <p>The scanning type to set for the registry.</p>
+     *         <p>By default, the <code>BASIC</code> scan type is used. When basic scanning is set, you
+     *             may specify filters to determine which individual repositories, or all repositories, are
+     *             scanned when new images are pushed. Alternatively, you can do manual scans of images
+     *             with basic scanning.</p>
+     *         <p>When the <code>ENHANCED</code> scan type is set, Amazon Inspector provides automated, continuous
+     *             scanning of all repositories in your registry.</p>
+     */
+    scanType?: ScanType | string;
+    /**
+     * <p>The scanning rules to use for the registry. A scanning rule is used to determine which
+     *             repository filters are used and at what frequency scanning will occur.</p>
+     */
+    rules?: RegistryScanningRule[];
+}
+export declare namespace PutRegistryScanningConfigurationRequest {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: PutRegistryScanningConfigurationRequest) => any;
+}
+export interface PutRegistryScanningConfigurationResponse {
+    /**
+     * <p>The scanning configuration for your registry.</p>
+     */
+    registryScanningConfiguration?: RegistryScanningConfiguration;
+}
+export declare namespace PutRegistryScanningConfigurationResponse {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: PutRegistryScanningConfigurationResponse) => any;
+}
 export interface PutReplicationConfigurationRequest {
     /**
      * <p>An object representing the replication configuration for a registry.</p>