DescribeImageScanFindingsCommand

Suggest an Edit

Returns the scan findings for the specified image.

Example Syntax

Use a bare-bones client and the command you need to make an API call.

import { ECRClient, DescribeImageScanFindingsCommand } from "@aws-sdk/client-ecr"; // ES Modules import
// const { ECRClient, DescribeImageScanFindingsCommand } = require("@aws-sdk/client-ecr"); // CommonJS import
const client = new ECRClient(config);
const input = { // DescribeImageScanFindingsRequest
  registryId: "STRING_VALUE",
  repositoryName: "STRING_VALUE", // required
  imageId: { // ImageIdentifier
    imageDigest: "STRING_VALUE",
    imageTag: "STRING_VALUE",
  },
  nextToken: "STRING_VALUE",
  maxResults: Number("int"),
};
const command = new DescribeImageScanFindingsCommand(input);
const response = await client.send(command);
// { // DescribeImageScanFindingsResponse
//   registryId: "STRING_VALUE",
//   repositoryName: "STRING_VALUE",
//   imageId: { // ImageIdentifier
//     imageDigest: "STRING_VALUE",
//     imageTag: "STRING_VALUE",
//   },
//   imageScanStatus: { // ImageScanStatus
//     status: "IN_PROGRESS" || "COMPLETE" || "FAILED" || "UNSUPPORTED_IMAGE" || "ACTIVE" || "PENDING" || "SCAN_ELIGIBILITY_EXPIRED" || "FINDINGS_UNAVAILABLE" || "LIMIT_EXCEEDED",
//     description: "STRING_VALUE",
//   },
//   imageScanFindings: { // ImageScanFindings
//     imageScanCompletedAt: new Date("TIMESTAMP"),
//     vulnerabilitySourceUpdatedAt: new Date("TIMESTAMP"),
//     findingSeverityCounts: { // FindingSeverityCounts
//       "<keys>": Number("int"),
//     },
//     findings: [ // ImageScanFindingList
//       { // ImageScanFinding
//         name: "STRING_VALUE",
//         description: "STRING_VALUE",
//         uri: "STRING_VALUE",
//         severity: "INFORMATIONAL" || "LOW" || "MEDIUM" || "HIGH" || "CRITICAL" || "UNDEFINED",
//         attributes: [ // AttributeList
//           { // Attribute
//             key: "STRING_VALUE", // required
//             value: "STRING_VALUE",
//           },
//         ],
//       },
//     ],
//     enhancedFindings: [ // EnhancedImageScanFindingList
//       { // EnhancedImageScanFinding
//         awsAccountId: "STRING_VALUE",
//         description: "STRING_VALUE",
//         findingArn: "STRING_VALUE",
//         firstObservedAt: new Date("TIMESTAMP"),
//         lastObservedAt: new Date("TIMESTAMP"),
//         packageVulnerabilityDetails: { // PackageVulnerabilityDetails
//           cvss: [ // CvssScoreList
//             { // CvssScore
//               baseScore: Number("double"),
//               scoringVector: "STRING_VALUE",
//               source: "STRING_VALUE",
//               version: "STRING_VALUE",
//             },
//           ],
//           referenceUrls: [ // ReferenceUrlsList
//             "STRING_VALUE",
//           ],
//           relatedVulnerabilities: [ // RelatedVulnerabilitiesList
//             "STRING_VALUE",
//           ],
//           source: "STRING_VALUE",
//           sourceUrl: "STRING_VALUE",
//           vendorCreatedAt: new Date("TIMESTAMP"),
//           vendorSeverity: "STRING_VALUE",
//           vendorUpdatedAt: new Date("TIMESTAMP"),
//           vulnerabilityId: "STRING_VALUE",
//           vulnerablePackages: [ // VulnerablePackagesList
//             { // VulnerablePackage
//               arch: "STRING_VALUE",
//               epoch: Number("int"),
//               filePath: "STRING_VALUE",
//               name: "STRING_VALUE",
//               packageManager: "STRING_VALUE",
//               release: "STRING_VALUE",
//               sourceLayerHash: "STRING_VALUE",
//               version: "STRING_VALUE",
//               fixedInVersion: "STRING_VALUE",
//             },
//           ],
//         },
//         remediation: { // Remediation
//           recommendation: { // Recommendation
//             url: "STRING_VALUE",
//             text: "STRING_VALUE",
//           },
//         },
//         resources: [ // ResourceList
//           { // Resource
//             details: { // ResourceDetails
//               awsEcrContainerImage: { // AwsEcrContainerImageDetails
//                 architecture: "STRING_VALUE",
//                 author: "STRING_VALUE",
//                 imageHash: "STRING_VALUE",
//                 imageTags: [ // ImageTagsList
//                   "STRING_VALUE",
//                 ],
//                 platform: "STRING_VALUE",
//                 pushedAt: new Date("TIMESTAMP"),
//                 lastInUseAt: new Date("TIMESTAMP"),
//                 inUseCount: Number("long"),
//                 registry: "STRING_VALUE",
//                 repositoryName: "STRING_VALUE",
//               },
//             },
//             id: "STRING_VALUE",
//             tags: { // Tags
//               "<keys>": "STRING_VALUE",
//             },
//             type: "STRING_VALUE",
//           },
//         ],
//         score: Number("double"),
//         scoreDetails: { // ScoreDetails
//           cvss: { // CvssScoreDetails
//             adjustments: [ // CvssScoreAdjustmentList
//               { // CvssScoreAdjustment
//                 metric: "STRING_VALUE",
//                 reason: "STRING_VALUE",
//               },
//             ],
//             score: Number("double"),
//             scoreSource: "STRING_VALUE",
//             scoringVector: "STRING_VALUE",
//             version: "STRING_VALUE",
//           },
//         },
//         severity: "STRING_VALUE",
//         status: "STRING_VALUE",
//         title: "STRING_VALUE",
//         type: "STRING_VALUE",
//         updatedAt: new Date("TIMESTAMP"),
//         fixAvailable: "STRING_VALUE",
//         exploitAvailable: "STRING_VALUE",
//       },
//     ],
//   },
//   nextToken: "STRING_VALUE",
// };

DescribeImageScanFindingsCommand Input

See DescribeImageScanFindingsCommandInput for more details

Parameter
Type
Description
imageId
Required
ImageIdentifier | undefined

An object with identifying information for an image in an Amazon ECR repository.

repositoryName
Required
string | undefined

The repository for the image for which to describe the scan findings.

maxResults
number | undefined

The maximum number of image scan results returned by DescribeImageScanFindings in paginated output. When this parameter is used, DescribeImageScanFindings only returns maxResults results in a single page along with a nextToken response element. The remaining results of the initial request can be seen by sending another DescribeImageScanFindings request with the returned nextToken value. This value can be between 1 and 1000. If this parameter is not used, then DescribeImageScanFindings returns up to 100 results and a nextToken value, if applicable.

nextToken
string | undefined

The nextToken value returned from a previous paginated DescribeImageScanFindings request where maxResults was used and the results exceeded the value of that parameter. Pagination continues from the end of the previous results that returned the nextToken value. This value is null when there are no more results to return.

registryId
string | undefined

The Amazon Web Services account ID associated with the registry that contains the repository in which to describe the image scan findings for. If you do not specify a registry, the default registry is assumed.

DescribeImageScanFindingsCommand Output

See DescribeImageScanFindingsCommandOutput for details

Parameter
Type
Description
$metadata
Required
ResponseMetadata
Metadata pertaining to this request.
imageId
ImageIdentifier | undefined

An object with identifying information for an image in an Amazon ECR repository.

imageScanFindings
ImageScanFindings | undefined

The information contained in the image scan findings.

imageScanStatus
ImageScanStatus | undefined

The current state of the scan.

nextToken
string | undefined

The nextToken value to include in a future DescribeImageScanFindings request. When the results of a DescribeImageScanFindings request exceed maxResults, this value can be used to retrieve the next page of results. This value is null when there are no more results to return.

registryId
string | undefined

The registry ID associated with the request.

repositoryName
string | undefined

The repository name associated with the request.

Throws

Name
Fault
Details
ImageNotFoundException
client

The image requested does not exist in the specified repository.

InvalidParameterException
client

The specified parameter is invalid. Review the available parameters for the API request.

RepositoryNotFoundException
client

The specified repository could not be found. Check the spelling of the specified repository and ensure that you are performing operations on the correct registry.

ScanNotFoundException
client

The specified image scan could not be found. Ensure that image scanning is enabled on the repository and try again.

ServerException
server

These errors are usually caused by a server-side issue.

ValidationException
client

There was an exception validating this request.

ECRServiceException
Base exception class for all service exceptions from ECR service.