DEVHIDE
Login Or Sign up

is there any way to filter ECR image scan findings?

1k Views Asked by At

I have a cloudwatch event that scans ECR repository for Vulnerabilities connected to SNS topic that triggers the notification to specified end point. Here my requirement is to filter the scan findings like trigger the SNS topic only when scan finds "Critical".

{ "detail-type": [ "ECR Image Scan" ], "source": [ "aws.ecr" ], "detail": { "severity": [ "CRITICAL" ] } }

amazon-web-services amazon-cloudwatch amazon-sns amazon-ecr aws-ecr
Original Q&A
1

There are 1 best solutions below

0
P Nisanth Reddy On

It works with this pattern:

{
  "source": [
    "aws.ecr"
  ],
  "detail-type": [
    "ECR Image Scan"
  ],
  "detail": {
    "finding-severity-counts": {
      "CRITICAL": [
        {
          "numeric": [
            ">",
            0
          ]
        }
      ]
    }
  }
}

Above is the Cloudwatch event pattern for filtering scan findings only on Critical count.

See https://docs.aws.amazon.com/eventbridge/latest/userguide/eventbridge-and-event-patterns.html for more details.

Related Questions in AMAZON-WEB-SERVICES

Related Questions in AMAZON-CLOUDWATCH

Related Questions in AMAZON-SNS

Related Questions in AMAZON-ECR

Related Questions in AWS-ECR

Trending Questions

Popular # Hahtags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json

Popular Questions

dbora

Copyright © 2021 Jogjafile Inc.