Amazon ECR 事件和 EventBridge - Amazon ECR
Amazon Web Services 文档中描述的 Amazon Web Services 服务或功能可能因区域而异。要查看适用于中国区域的差异,请参阅中国的 Amazon Web Services 服务入门

Amazon ECR 事件和 EventBridge

您可以使用 Amazon EventBridge 自动执行您的 Amazon 服务并自动响应系统事件,例如应用程序可用性问题或资源更改。Amazon 服务中的事件将近乎实时传输到 EventBridge。您可以编写简单规则来指示您关注的事件,并包括要在事件匹配规则时执行的自动化操作。可自动触发的操作包括:

  • 将事件添加到 CloudWatch Logs 中的日志组

  • 调用 Amazon Lambda 函数

  • 调用 Amazon EC2 Run Command

  • 将事件中继到 Amazon Kinesis Data Streams

  • 激活 Amazon Step Functions 状态机

  • 通知 Amazon SNS 主题或 Amazon SQS 队列

有关更多信息,请参阅 Amazon EventBridge 用户指南中的 Amazon EventBridge 入门

来自 Amazon ECR 的示例事件

以下是来自 Amazon ECR 的示例事件。尽最大努力发出事件。

已完成镜像推送的事件

每个镜像推送完成后,将发送以下事件。有关更多信息,请参阅 推送 Docker 镜像

{ "version": "0", "id": "13cde686-328b-6117-af20-0e5566167482", "detail-type": "ECR Image Action", "source": "aws.ecr", "account": "123456789012", "time": "2019-11-16T01:54:34Z", "region": "us-west-2", "resources": [], "detail": { "result": "SUCCESS", "repository-name": "my-repository-name", "image-digest": "sha256:7f5b2640fe6fb4f46592dfd3410c4a79dac4f89e4782432e0378abcd1234", "action-type": "PUSH", "image-tag": "latest" } }

已完成镜像扫描的事件(基本扫描)

为注册表启用基本扫描后,当每个镜像扫描完成时,会发送以下事件。finding-severity-counts 参数仅返回严重性级别的值 (如果存在)。例如,如果镜像不包含任何 CRITICAL 级别的结果,则不会返回任何关键计数。有关更多信息,请参阅 基本扫描

注意

有关启用增强扫描后 Amazon Inspector 发出的事件的详细信息,请参阅 EventBridge 事件

{ "version": "0", "id": "85fc3613-e913-7fc4-a80c-a3753e4aa9ae", "detail-type": "ECR Image Scan", "source": "aws.ecr", "account": "123456789012", "time": "2019-10-29T02:36:48Z", "region": "us-east-1", "resources": [ "arn:aws:ecr:us-east-1:123456789012:repository/my-repository-name" ], "detail": { "scan-status": "COMPLETE", "repository-name": "my-repository-name", "finding-severity-counts": { "CRITICAL": 10, "MEDIUM": 9 }, "image-digest": "sha256:7f5b2640fe6fb4f46592dfd3410c4a79dac4f89e4782432e0378abcd1234", "image-tags": [] } }

启用了增强扫描的资源的变更通知事件(增强扫描)

为注册表启用增强扫描后,当启用了增强扫描的资源发生更改时,Amazon ECR 将发送以下事件。这包括正在创建的新存储库、正在更改的存储库的扫描频率,或者在启用了增强扫描功能的存储库中创建或删除镜像的时间。有关更多信息,请参阅 镜像扫描。有关更多信息,请参阅 镜像扫描

{ "version": "0", "id": "0c18352a-a4d4-6853-ef53-0ab8638973bf", "detail-type": "ECR Scan Resource Change", "source": "aws.ecr", "account": "123456789012", "time": "2021-10-14T20:53:46Z", "region": "us-east-1", "resources": [], "detail": { "action-type": "SCAN_FREQUENCY_CHANGE", "repositories": [{ "repository-name": "repository-1", "repository-arn": "arn:aws:ecr:us-east-1:123456789012:repository/repository-1", "scan-frequency": "SCAN_ON_PUSH", "previous-scan-frequency": "MANUAL" }, { "repository-name": "repository-2", "repository-arn": "arn:aws:ecr:us-east-1:123456789012:repository/repository-2", "scan-frequency": "CONTINUOUS_SCAN", "previous-scan-frequency": "SCAN_ON_PUSH" }, { "repository-name": "repository-3", "repository-arn": "arn:aws:ecr:us-east-1:123456789012:repository/repository-3", "scan-frequency": "CONTINUOUS_SCAN", "previous-scan-frequency": "SCAN_ON_PUSH" } ], "resource-type": "REPOSITORY", "scan-type": "ENHANCED" } }

镜像删除的事件

删除镜像时将发送以下事件。有关更多信息,请参阅 删除镜像

{ "version": "0", "id": "dd3b46cb-2c74-f49e-393b-28286b67279d", "detail-type": "ECR Image Action", "source": "aws.ecr", "account": "123456789012", "time": "2019-11-16T02:01:05Z", "region": "us-west-2", "resources": [], "detail": { "result": "SUCCESS", "repository-name": "my-repository-name", "image-digest": "sha256:7f5b2640fe6fb4f46592dfd3410c4a79dac4f89e4782432e0378abcd1234", "action-type": "DELETE", "image-tag": "latest" } }