# frozen_string_literal: true # WARNING ABOUT GENERATED CODE # # This file is generated. See the contributing guide for more information: # https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md # # WARNING ABOUT GENERATED CODE require 'seahorse/client/plugins/content_length.rb' require 'aws-sdk-core/plugins/credentials_configuration.rb' require 'aws-sdk-core/plugins/logging.rb' require 'aws-sdk-core/plugins/param_converter.rb' require 'aws-sdk-core/plugins/param_validator.rb' require 'aws-sdk-core/plugins/user_agent.rb' require 'aws-sdk-core/plugins/helpful_socket_errors.rb' require 'aws-sdk-core/plugins/retry_errors.rb' require 'aws-sdk-core/plugins/global_configuration.rb' require 'aws-sdk-core/plugins/regional_endpoint.rb' require 'aws-sdk-core/plugins/endpoint_discovery.rb' require 'aws-sdk-core/plugins/endpoint_pattern.rb' require 'aws-sdk-core/plugins/response_paging.rb' require 'aws-sdk-core/plugins/stub_responses.rb' require 'aws-sdk-core/plugins/idempotency_token.rb' require 'aws-sdk-core/plugins/invocation_id.rb' require 'aws-sdk-core/plugins/jsonvalue_converter.rb' require 'aws-sdk-core/plugins/client_metrics_plugin.rb' require 'aws-sdk-core/plugins/client_metrics_send_plugin.rb' require 'aws-sdk-core/plugins/transfer_encoding.rb' require 'aws-sdk-core/plugins/http_checksum.rb' require 'aws-sdk-core/plugins/checksum_algorithm.rb' require 'aws-sdk-core/plugins/request_compression.rb' require 'aws-sdk-core/plugins/defaults_mode.rb' require 'aws-sdk-core/plugins/recursion_detection.rb' require 'aws-sdk-core/plugins/sign.rb' require 'aws-sdk-core/plugins/protocols/json_rpc.rb' Aws::Plugins::GlobalConfiguration.add_identifier(:ecr) module Aws::ECR # An API client for ECR. To construct a client, you need to configure a `:region` and `:credentials`. # # client = Aws::ECR::Client.new( # region: region_name, # credentials: credentials, # # ... # ) # # For details on configuring region and credentials see # the [developer guide](/sdk-for-ruby/v3/developer-guide/setup-config.html). # # See {#initialize} for a full list of supported configuration options. class Client < Seahorse::Client::Base include Aws::ClientStubs @identifier = :ecr set_api(ClientApi::API) add_plugin(Seahorse::Client::Plugins::ContentLength) add_plugin(Aws::Plugins::CredentialsConfiguration) add_plugin(Aws::Plugins::Logging) add_plugin(Aws::Plugins::ParamConverter) add_plugin(Aws::Plugins::ParamValidator) add_plugin(Aws::Plugins::UserAgent) add_plugin(Aws::Plugins::HelpfulSocketErrors) add_plugin(Aws::Plugins::RetryErrors) add_plugin(Aws::Plugins::GlobalConfiguration) add_plugin(Aws::Plugins::RegionalEndpoint) add_plugin(Aws::Plugins::EndpointDiscovery) add_plugin(Aws::Plugins::EndpointPattern) add_plugin(Aws::Plugins::ResponsePaging) add_plugin(Aws::Plugins::StubResponses) add_plugin(Aws::Plugins::IdempotencyToken) add_plugin(Aws::Plugins::InvocationId) add_plugin(Aws::Plugins::JsonvalueConverter) add_plugin(Aws::Plugins::ClientMetricsPlugin) add_plugin(Aws::Plugins::ClientMetricsSendPlugin) add_plugin(Aws::Plugins::TransferEncoding) add_plugin(Aws::Plugins::HttpChecksum) add_plugin(Aws::Plugins::ChecksumAlgorithm) add_plugin(Aws::Plugins::RequestCompression) add_plugin(Aws::Plugins::DefaultsMode) add_plugin(Aws::Plugins::RecursionDetection) add_plugin(Aws::Plugins::Sign) add_plugin(Aws::Plugins::Protocols::JsonRpc) add_plugin(Aws::ECR::Plugins::Endpoints) # @overload initialize(options) # @param [Hash] options # @option options [required, Aws::CredentialProvider] :credentials # Your AWS credentials. This can be an instance of any one of the # following classes: # # * `Aws::Credentials` - Used for configuring static, non-refreshing # credentials. # # * `Aws::SharedCredentials` - Used for loading static credentials from a # shared file, such as `~/.aws/config`. # # * `Aws::AssumeRoleCredentials` - Used when you need to assume a role. # # * `Aws::AssumeRoleWebIdentityCredentials` - Used when you need to # assume a role after providing credentials via the web. # # * `Aws::SSOCredentials` - Used for loading credentials from AWS SSO using an # access token generated from `aws login`. # # * `Aws::ProcessCredentials` - Used for loading credentials from a # process that outputs to stdout. # # * `Aws::InstanceProfileCredentials` - Used for loading credentials # from an EC2 IMDS on an EC2 instance. # # * `Aws::ECSCredentials` - Used for loading credentials from # instances running in ECS. # # * `Aws::CognitoIdentityCredentials` - Used for loading credentials # from the Cognito Identity service. # # When `:credentials` are not configured directly, the following # locations will be searched for credentials: # # * `Aws.config[:credentials]` # * The `:access_key_id`, `:secret_access_key`, and `:session_token` options. # * ENV['AWS_ACCESS_KEY_ID'], ENV['AWS_SECRET_ACCESS_KEY'] # * `~/.aws/credentials` # * `~/.aws/config` # * EC2/ECS IMDS instance profile - When used by default, the timeouts # are very aggressive. Construct and pass an instance of # `Aws::InstanceProfileCredentails` or `Aws::ECSCredentials` to # enable retries and extended timeouts. Instance profile credential # fetching can be disabled by setting ENV['AWS_EC2_METADATA_DISABLED'] # to true. # # @option options [required, String] :region # The AWS region to connect to. The configured `:region` is # used to determine the service `:endpoint`. When not passed, # a default `:region` is searched for in the following locations: # # * `Aws.config[:region]` # * `ENV['AWS_REGION']` # * `ENV['AMAZON_REGION']` # * `ENV['AWS_DEFAULT_REGION']` # * `~/.aws/credentials` # * `~/.aws/config` # # @option options [String] :access_key_id # # @option options [Boolean] :active_endpoint_cache (false) # When set to `true`, a thread polling for endpoints will be running in # the background every 60 secs (default). Defaults to `false`. # # @option options [Boolean] :adaptive_retry_wait_to_fill (true) # Used only in `adaptive` retry mode. When true, the request will sleep # until there is sufficent client side capacity to retry the request. # When false, the request will raise a `RetryCapacityNotAvailableError` and will # not retry instead of sleeping. # # @option options [Boolean] :client_side_monitoring (false) # When `true`, client-side metrics will be collected for all API requests from # this client. # # @option options [String] :client_side_monitoring_client_id ("") # Allows you to provide an identifier for this client which will be attached to # all generated client side metrics. Defaults to an empty string. # # @option options [String] :client_side_monitoring_host ("127.0.0.1") # Allows you to specify the DNS hostname or IPv4 or IPv6 address that the client # side monitoring agent is running on, where client metrics will be published via UDP. # # @option options [Integer] :client_side_monitoring_port (31000) # Required for publishing client metrics. The port that the client side monitoring # agent is running on, where client metrics will be published via UDP. # # @option options [Aws::ClientSideMonitoring::Publisher] :client_side_monitoring_publisher (Aws::ClientSideMonitoring::Publisher) # Allows you to provide a custom client-side monitoring publisher class. By default, # will use the Client Side Monitoring Agent Publisher. # # @option options [Boolean] :convert_params (true) # When `true`, an attempt is made to coerce request parameters into # the required types. # # @option options [Boolean] :correct_clock_skew (true) # Used only in `standard` and adaptive retry modes. Specifies whether to apply # a clock skew correction and retry requests with skewed client clocks. # # @option options [String] :defaults_mode ("legacy") # See {Aws::DefaultsModeConfiguration} for a list of the # accepted modes and the configuration defaults that are included. # # @option options [Boolean] :disable_host_prefix_injection (false) # Set to true to disable SDK automatically adding host prefix # to default service endpoint when available. # # @option options [Boolean] :disable_request_compression (false) # When set to 'true' the request body will not be compressed # for supported operations. # # @option options [String, URI::HTTPS, URI::HTTP] :endpoint # Normally you should not configure the `:endpoint` option # directly. This is normally constructed from the `:region` # option. Configuring `:endpoint` is normally reserved for # connecting to test or custom endpoints. The endpoint should # be a URI formatted like: # # 'http://example.com' # 'https://example.com' # 'http://example.com:123' # # # @option options [Integer] :endpoint_cache_max_entries (1000) # Used for the maximum size limit of the LRU cache storing endpoints data # for endpoint discovery enabled operations. Defaults to 1000. # # @option options [Integer] :endpoint_cache_max_threads (10) # Used for the maximum threads in use for polling endpoints to be cached, defaults to 10. # # @option options [Integer] :endpoint_cache_poll_interval (60) # When :endpoint_discovery and :active_endpoint_cache is enabled, # Use this option to config the time interval in seconds for making # requests fetching endpoints information. Defaults to 60 sec. # # @option options [Boolean] :endpoint_discovery (false) # When set to `true`, endpoint discovery will be enabled for operations when available. # # @option options [Boolean] :ignore_configured_endpoint_urls # Setting to true disables use of endpoint URLs provided via environment # variables and the shared configuration file. # # @option options [Aws::Log::Formatter] :log_formatter (Aws::Log::Formatter.default) # The log formatter. # # @option options [Symbol] :log_level (:info) # The log level to send messages to the `:logger` at. # # @option options [Logger] :logger # The Logger instance to send log messages to. If this option # is not set, logging will be disabled. # # @option options [Integer] :max_attempts (3) # An integer representing the maximum number attempts that will be made for # a single request, including the initial attempt. For example, # setting this value to 5 will result in a request being retried up to # 4 times. Used in `standard` and `adaptive` retry modes. # # @option options [String] :profile ("default") # Used when loading credentials from the shared credentials file # at HOME/.aws/credentials. When not specified, 'default' is used. # # @option options [Integer] :request_min_compression_size_bytes (10240) # The minimum size in bytes that triggers compression for request # bodies. The value must be non-negative integer value between 0 # and 10485780 bytes inclusive. # # @option options [Proc] :retry_backoff # A proc or lambda used for backoff. Defaults to 2**retries * retry_base_delay. # This option is only used in the `legacy` retry mode. # # @option options [Float] :retry_base_delay (0.3) # The base delay in seconds used by the default backoff function. This option # is only used in the `legacy` retry mode. # # @option options [Symbol] :retry_jitter (:none) # A delay randomiser function used by the default backoff function. # Some predefined functions can be referenced by name - :none, :equal, :full, # otherwise a Proc that takes and returns a number. This option is only used # in the `legacy` retry mode. # # @see https://www.awsarchitectureblog.com/2015/03/backoff.html # # @option options [Integer] :retry_limit (3) # The maximum number of times to retry failed requests. Only # ~ 500 level server errors and certain ~ 400 level client errors # are retried. Generally, these are throttling errors, data # checksum errors, networking errors, timeout errors, auth errors, # endpoint discovery, and errors from expired credentials. # This option is only used in the `legacy` retry mode. # # @option options [Integer] :retry_max_delay (0) # The maximum number of seconds to delay between retries (0 for no limit) # used by the default backoff function. This option is only used in the # `legacy` retry mode. # # @option options [String] :retry_mode ("legacy") # Specifies which retry algorithm to use. Values are: # # * `legacy` - The pre-existing retry behavior. This is default value if # no retry mode is provided. # # * `standard` - A standardized set of retry rules across the AWS SDKs. # This includes support for retry quotas, which limit the number of # unsuccessful retries a client can make. # # * `adaptive` - An experimental retry mode that includes all the # functionality of `standard` mode along with automatic client side # throttling. This is a provisional mode that may change behavior # in the future. # # # @option options [String] :sdk_ua_app_id # A unique and opaque application ID that is appended to the # User-Agent header as app/. It should have a # maximum length of 50. # # @option options [String] :secret_access_key # # @option options [String] :session_token # # @option options [Boolean] :simple_json (false) # Disables request parameter conversion, validation, and formatting. # Also disable response data type conversions. This option is useful # when you want to ensure the highest level of performance by # avoiding overhead of walking request parameters and response data # structures. # # When `:simple_json` is enabled, the request parameters hash must # be formatted exactly as the DynamoDB API expects. # # @option options [Boolean] :stub_responses (false) # Causes the client to return stubbed responses. By default # fake responses are generated and returned. You can specify # the response data to return or errors to raise by calling # {ClientStubs#stub_responses}. See {ClientStubs} for more information. # # ** Please note ** When response stubbing is enabled, no HTTP # requests are made, and retries are disabled. # # @option options [Aws::TokenProvider] :token_provider # A Bearer Token Provider. This can be an instance of any one of the # following classes: # # * `Aws::StaticTokenProvider` - Used for configuring static, non-refreshing # tokens. # # * `Aws::SSOTokenProvider` - Used for loading tokens from AWS SSO using an # access token generated from `aws login`. # # When `:token_provider` is not configured directly, the `Aws::TokenProviderChain` # will be used to search for tokens configured for your profile in shared configuration files. # # @option options [Boolean] :use_dualstack_endpoint # When set to `true`, dualstack enabled endpoints (with `.aws` TLD) # will be used if available. # # @option options [Boolean] :use_fips_endpoint # When set to `true`, fips compatible endpoints will be used if available. # When a `fips` region is used, the region is normalized and this config # is set to `true`. # # @option options [Boolean] :validate_params (true) # When `true`, request parameters are validated before # sending the request. # # @option options [Aws::ECR::EndpointProvider] :endpoint_provider # The endpoint provider used to resolve endpoints. Any object that responds to `#resolve_endpoint(parameters)` where `parameters` is a Struct similar to `Aws::ECR::EndpointParameters` # # @option options [Float] :http_continue_timeout (1) # The number of seconds to wait for a 100-continue response before sending the # request body. This option has no effect unless the request has "Expect" # header set to "100-continue". Defaults to `nil` which disables this # behaviour. This value can safely be set per request on the session. # # @option options [Float] :http_idle_timeout (5) # The number of seconds a connection is allowed to sit idle before it # is considered stale. Stale connections are closed and removed from the # pool before making a request. # # @option options [Float] :http_open_timeout (15) # The default number of seconds to wait for response data. # This value can safely be set per-request on the session. # # @option options [URI::HTTP,String] :http_proxy # A proxy to send requests through. Formatted like 'http://proxy.com:123'. # # @option options [Float] :http_read_timeout (60) # The default number of seconds to wait for response data. # This value can safely be set per-request on the session. # # @option options [Boolean] :http_wire_trace (false) # When `true`, HTTP debug output will be sent to the `:logger`. # # @option options [Proc] :on_chunk_received # When a Proc object is provided, it will be used as callback when each chunk # of the response body is received. It provides three arguments: the chunk, # the number of bytes received, and the total number of # bytes in the response (or nil if the server did not send a `content-length`). # # @option options [Proc] :on_chunk_sent # When a Proc object is provided, it will be used as callback when each chunk # of the request body is sent. It provides three arguments: the chunk, # the number of bytes read from the body, and the total number of # bytes in the body. # # @option options [Boolean] :raise_response_errors (true) # When `true`, response errors are raised. # # @option options [String] :ssl_ca_bundle # Full path to the SSL certificate authority bundle file that should be used when # verifying peer certificates. If you do not pass `:ssl_ca_bundle` or # `:ssl_ca_directory` the the system default will be used if available. # # @option options [String] :ssl_ca_directory # Full path of the directory that contains the unbundled SSL certificate # authority files for verifying peer certificates. If you do # not pass `:ssl_ca_bundle` or `:ssl_ca_directory` the the system # default will be used if available. # # @option options [String] :ssl_ca_store # Sets the X509::Store to verify peer certificate. # # @option options [Float] :ssl_timeout # Sets the SSL timeout in seconds # # @option options [Boolean] :ssl_verify_peer (true) # When `true`, SSL peer certificates are verified when establishing a connection. # def initialize(*args) super end # @!group API Operations # Checks the availability of one or more image layers in a repository. # # When an image is pushed to a repository, each image layer is checked # to verify if it has been uploaded before. If it has been uploaded, # then the image layer is skipped. # # This operation is used by the Amazon ECR proxy and is not generally # used by customers for pulling and pushing images. In most cases, you # should use the `docker` CLI to pull, tag, and push images. # # # # @option params [String] :registry_id # The Amazon Web Services account ID associated with the registry that # contains the image layers to check. If you do not specify a registry, # the default registry is assumed. # # @option params [required, String] :repository_name # The name of the repository that is associated with the image layers to # check. # # @option params [required, Array] :layer_digests # The digests of the image layers to check. # # @return [Types::BatchCheckLayerAvailabilityResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: # # * {Types::BatchCheckLayerAvailabilityResponse#layers #layers} => Array<Types::Layer> # * {Types::BatchCheckLayerAvailabilityResponse#failures #failures} => Array<Types::LayerFailure> # # @example Request syntax with placeholder values # # resp = client.batch_check_layer_availability({ # registry_id: "RegistryId", # repository_name: "RepositoryName", # required # layer_digests: ["BatchedOperationLayerDigest"], # required # }) # # @example Response structure # # resp.layers #=> Array # resp.layers[0].layer_digest #=> String # resp.layers[0].layer_availability #=> String, one of "AVAILABLE", "UNAVAILABLE" # resp.layers[0].layer_size #=> Integer # resp.layers[0].media_type #=> String # resp.failures #=> Array # resp.failures[0].layer_digest #=> String # resp.failures[0].failure_code #=> String, one of "InvalidLayerDigest", "MissingLayerDigest" # resp.failures[0].failure_reason #=> String # # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/BatchCheckLayerAvailability AWS API Documentation # # @overload batch_check_layer_availability(params = {}) # @param [Hash] params ({}) def batch_check_layer_availability(params = {}, options = {}) req = build_request(:batch_check_layer_availability, params) req.send_request(options) end # Deletes a list of specified images within a repository. Images are # specified with either an `imageTag` or `imageDigest`. # # You can remove a tag from an image by specifying the image's tag in # your request. When you remove the last tag from an image, the image is # deleted from your repository. # # You can completely delete an image (and all of its tags) by specifying # the image's digest in your request. # # @option params [String] :registry_id # The Amazon Web Services account ID associated with the registry that # contains the image to delete. If you do not specify a registry, the # default registry is assumed. # # @option params [required, String] :repository_name # The repository that contains the image to delete. # # @option params [required, Array] :image_ids # A list of image ID references that correspond to images to delete. The # format of the `imageIds` reference is `imageTag=tag` or # `imageDigest=digest`. # # @return [Types::BatchDeleteImageResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: # # * {Types::BatchDeleteImageResponse#image_ids #image_ids} => Array<Types::ImageIdentifier> # * {Types::BatchDeleteImageResponse#failures #failures} => Array<Types::ImageFailure> # # # @example Example: To delete multiple images # # # This example deletes images with the tags precise and trusty in a repository called ubuntu in the default registry for # # an account. # # resp = client.batch_delete_image({ # image_ids: [ # { # image_tag: "precise", # }, # ], # repository_name: "ubuntu", # }) # # resp.to_h outputs the following: # { # failures: [ # ], # image_ids: [ # { # image_digest: "sha256:examplee6d1e504117a17000003d3753086354a38375961f2e665416ef4b1b2f", # image_tag: "precise", # }, # ], # } # # @example Request syntax with placeholder values # # resp = client.batch_delete_image({ # registry_id: "RegistryId", # repository_name: "RepositoryName", # required # image_ids: [ # required # { # image_digest: "ImageDigest", # image_tag: "ImageTag", # }, # ], # }) # # @example Response structure # # resp.image_ids #=> Array # resp.image_ids[0].image_digest #=> String # resp.image_ids[0].image_tag #=> String # resp.failures #=> Array # resp.failures[0].image_id.image_digest #=> String # resp.failures[0].image_id.image_tag #=> String # resp.failures[0].failure_code #=> String, one of "InvalidImageDigest", "InvalidImageTag", "ImageTagDoesNotMatchDigest", "ImageNotFound", "MissingDigestAndTag", "ImageReferencedByManifestList", "KmsError", "UpstreamAccessDenied", "UpstreamTooManyRequests", "UpstreamUnavailable" # resp.failures[0].failure_reason #=> String # # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/BatchDeleteImage AWS API Documentation # # @overload batch_delete_image(params = {}) # @param [Hash] params ({}) def batch_delete_image(params = {}, options = {}) req = build_request(:batch_delete_image, params) req.send_request(options) end # Gets detailed information for an image. Images are specified with # either an `imageTag` or `imageDigest`. # # When an image is pulled, the BatchGetImage API is called once to # retrieve the image manifest. # # @option params [String] :registry_id # The Amazon Web Services account ID associated with the registry that # contains the images to describe. If you do not specify a registry, the # default registry is assumed. # # @option params [required, String] :repository_name # The repository that contains the images to describe. # # @option params [required, Array] :image_ids # A list of image ID references that correspond to images to describe. # The format of the `imageIds` reference is `imageTag=tag` or # `imageDigest=digest`. # # @option params [Array] :accepted_media_types # The accepted media types for the request. # # Valid values: `application/vnd.docker.distribution.manifest.v1+json` # \| `application/vnd.docker.distribution.manifest.v2+json` \| # `application/vnd.oci.image.manifest.v1+json` # # @return [Types::BatchGetImageResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: # # * {Types::BatchGetImageResponse#images #images} => Array<Types::Image> # * {Types::BatchGetImageResponse#failures #failures} => Array<Types::ImageFailure> # # # @example Example: To obtain multiple images in a single request # # # This example obtains information for an image with a specified image digest ID from the repository named ubuntu in the # # current account. # # resp = client.batch_get_image({ # image_ids: [ # { # image_tag: "precise", # }, # ], # repository_name: "ubuntu", # }) # # resp.to_h outputs the following: # { # failures: [ # ], # images: [ # { # image_id: { # image_digest: "sha256:example76bdff6d83a09ba2a818f0d00000063724a9ac3ba5019c56f74ebf42a", # image_tag: "precise", # }, # image_manifest: "{\n \"schemaVersion\": 1,\n \"name\": \"ubuntu\",\n \"tag\": \"precise\",\n...", # registry_id: "244698725403", # repository_name: "ubuntu", # }, # ], # } # # @example Request syntax with placeholder values # # resp = client.batch_get_image({ # registry_id: "RegistryId", # repository_name: "RepositoryName", # required # image_ids: [ # required # { # image_digest: "ImageDigest", # image_tag: "ImageTag", # }, # ], # accepted_media_types: ["MediaType"], # }) # # @example Response structure # # resp.images #=> Array # resp.images[0].registry_id #=> String # resp.images[0].repository_name #=> String # resp.images[0].image_id.image_digest #=> String # resp.images[0].image_id.image_tag #=> String # resp.images[0].image_manifest #=> String # resp.images[0].image_manifest_media_type #=> String # resp.failures #=> Array # resp.failures[0].image_id.image_digest #=> String # resp.failures[0].image_id.image_tag #=> String # resp.failures[0].failure_code #=> String, one of "InvalidImageDigest", "InvalidImageTag", "ImageTagDoesNotMatchDigest", "ImageNotFound", "MissingDigestAndTag", "ImageReferencedByManifestList", "KmsError", "UpstreamAccessDenied", "UpstreamTooManyRequests", "UpstreamUnavailable" # resp.failures[0].failure_reason #=> String # # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/BatchGetImage AWS API Documentation # # @overload batch_get_image(params = {}) # @param [Hash] params ({}) def batch_get_image(params = {}, options = {}) req = build_request(:batch_get_image, params) req.send_request(options) end # Gets the scanning configuration for one or more repositories. # # @option params [required, Array] :repository_names # One or more repository names to get the scanning configuration for. # # @return [Types::BatchGetRepositoryScanningConfigurationResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: # # * {Types::BatchGetRepositoryScanningConfigurationResponse#scanning_configurations #scanning_configurations} => Array<Types::RepositoryScanningConfiguration> # * {Types::BatchGetRepositoryScanningConfigurationResponse#failures #failures} => Array<Types::RepositoryScanningConfigurationFailure> # # @example Request syntax with placeholder values # # resp = client.batch_get_repository_scanning_configuration({ # repository_names: ["RepositoryName"], # required # }) # # @example Response structure # # resp.scanning_configurations #=> Array # resp.scanning_configurations[0].repository_arn #=> String # resp.scanning_configurations[0].repository_name #=> String # resp.scanning_configurations[0].scan_on_push #=> Boolean # resp.scanning_configurations[0].scan_frequency #=> String, one of "SCAN_ON_PUSH", "CONTINUOUS_SCAN", "MANUAL" # resp.scanning_configurations[0].applied_scan_filters #=> Array # resp.scanning_configurations[0].applied_scan_filters[0].filter #=> String # resp.scanning_configurations[0].applied_scan_filters[0].filter_type #=> String, one of "WILDCARD" # resp.failures #=> Array # resp.failures[0].repository_name #=> String # resp.failures[0].failure_code #=> String, one of "REPOSITORY_NOT_FOUND" # resp.failures[0].failure_reason #=> String # # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/BatchGetRepositoryScanningConfiguration AWS API Documentation # # @overload batch_get_repository_scanning_configuration(params = {}) # @param [Hash] params ({}) def batch_get_repository_scanning_configuration(params = {}, options = {}) req = build_request(:batch_get_repository_scanning_configuration, params) req.send_request(options) end # Informs Amazon ECR that the image layer upload has completed for a # specified registry, repository name, and upload ID. You can optionally # provide a `sha256` digest of the image layer for data validation # purposes. # # When an image is pushed, the CompleteLayerUpload API is called once # per each new image layer to verify that the upload has completed. # # This operation is used by the Amazon ECR proxy and is not generally # used by customers for pulling and pushing images. In most cases, you # should use the `docker` CLI to pull, tag, and push images. # # # # @option params [String] :registry_id # The Amazon Web Services account ID associated with the registry to # which to upload layers. If you do not specify a registry, the default # registry is assumed. # # @option params [required, String] :repository_name # The name of the repository to associate with the image layer. # # @option params [required, String] :upload_id # The upload ID from a previous InitiateLayerUpload operation to # associate with the image layer. # # @option params [required, Array] :layer_digests # The `sha256` digest of the image layer. # # @return [Types::CompleteLayerUploadResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: # # * {Types::CompleteLayerUploadResponse#registry_id #registry_id} => String # * {Types::CompleteLayerUploadResponse#repository_name #repository_name} => String # * {Types::CompleteLayerUploadResponse#upload_id #upload_id} => String # * {Types::CompleteLayerUploadResponse#layer_digest #layer_digest} => String # # @example Request syntax with placeholder values # # resp = client.complete_layer_upload({ # registry_id: "RegistryId", # repository_name: "RepositoryName", # required # upload_id: "UploadId", # required # layer_digests: ["LayerDigest"], # required # }) # # @example Response structure # # resp.registry_id #=> String # resp.repository_name #=> String # resp.upload_id #=> String # resp.layer_digest #=> String # # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/CompleteLayerUpload AWS API Documentation # # @overload complete_layer_upload(params = {}) # @param [Hash] params ({}) def complete_layer_upload(params = {}, options = {}) req = build_request(:complete_layer_upload, params) req.send_request(options) end # Creates a pull through cache rule. A pull through cache rule provides # a way to cache images from an upstream registry source in your Amazon # ECR private registry. For more information, see [Using pull through # cache rules][1] in the *Amazon Elastic Container Registry User Guide*. # # # # [1]: https://docs.aws.amazon.com/AmazonECR/latest/userguide/pull-through-cache.html # # @option params [required, String] :ecr_repository_prefix # The repository name prefix to use when caching images from the source # registry. # # @option params [required, String] :upstream_registry_url # The registry URL of the upstream public registry to use as the source # for the pull through cache rule. The following is the syntax to use # for each supported upstream registry. # # * Amazon ECR Public (`ecr-public`) - `public.ecr.aws` # # * Docker Hub (`docker-hub`) - `registry-1.docker.io` # # * Quay (`quay`) - `quay.io` # # * Kubernetes (`k8s`) - `registry.k8s.io` # # * GitHub Container Registry (`github-container-registry`) - `ghcr.io` # # * Microsoft Azure Container Registry (`azure-container-registry`) - # `.azurecr.io` # # @option params [String] :registry_id # The Amazon Web Services account ID associated with the registry to # create the pull through cache rule for. If you do not specify a # registry, the default registry is assumed. # # @option params [String] :upstream_registry # The name of the upstream registry. # # @option params [String] :credential_arn # The Amazon Resource Name (ARN) of the Amazon Web Services Secrets # Manager secret that identifies the credentials to authenticate to the # upstream registry. # # @return [Types::CreatePullThroughCacheRuleResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: # # * {Types::CreatePullThroughCacheRuleResponse#ecr_repository_prefix #ecr_repository_prefix} => String # * {Types::CreatePullThroughCacheRuleResponse#upstream_registry_url #upstream_registry_url} => String # * {Types::CreatePullThroughCacheRuleResponse#created_at #created_at} => Time # * {Types::CreatePullThroughCacheRuleResponse#registry_id #registry_id} => String # * {Types::CreatePullThroughCacheRuleResponse#upstream_registry #upstream_registry} => String # * {Types::CreatePullThroughCacheRuleResponse#credential_arn #credential_arn} => String # # @example Request syntax with placeholder values # # resp = client.create_pull_through_cache_rule({ # ecr_repository_prefix: "PullThroughCacheRuleRepositoryPrefix", # required # upstream_registry_url: "Url", # required # registry_id: "RegistryId", # upstream_registry: "ecr-public", # accepts ecr-public, quay, k8s, docker-hub, github-container-registry, azure-container-registry # credential_arn: "CredentialArn", # }) # # @example Response structure # # resp.ecr_repository_prefix #=> String # resp.upstream_registry_url #=> String # resp.created_at #=> Time # resp.registry_id #=> String # resp.upstream_registry #=> String, one of "ecr-public", "quay", "k8s", "docker-hub", "github-container-registry", "azure-container-registry" # resp.credential_arn #=> String # # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/CreatePullThroughCacheRule AWS API Documentation # # @overload create_pull_through_cache_rule(params = {}) # @param [Hash] params ({}) def create_pull_through_cache_rule(params = {}, options = {}) req = build_request(:create_pull_through_cache_rule, params) req.send_request(options) end # Creates a repository. For more information, see [Amazon ECR # repositories][1] in the *Amazon Elastic Container Registry User # Guide*. # # # # [1]: https://docs.aws.amazon.com/AmazonECR/latest/userguide/Repositories.html # # @option params [String] :registry_id # The Amazon Web Services account ID associated with the registry to # create the repository. If you do not specify a registry, the default # registry is assumed. # # @option params [required, String] :repository_name # The name to use for the repository. The repository name may be # specified on its own (such as `nginx-web-app`) or it can be prepended # with a namespace to group the repository into a category (such as # `project-a/nginx-web-app`). # # The repository name must start with a letter and can only contain # lowercase letters, numbers, hyphens, underscores, and forward slashes. # # @option params [Array] :tags # The metadata that you apply to the repository to help you categorize # and organize them. Each tag consists of a key and an optional value, # both of which you define. Tag keys can have a maximum character length # of 128 characters, and tag values can have a maximum length of 256 # characters. # # @option params [String] :image_tag_mutability # The tag mutability setting for the repository. If this parameter is # omitted, the default setting of `MUTABLE` will be used which will # allow image tags to be overwritten. If `IMMUTABLE` is specified, all # image tags within the repository will be immutable which will prevent # them from being overwritten. # # @option params [Types::ImageScanningConfiguration] :image_scanning_configuration # The image scanning configuration for the repository. This determines # whether images are scanned for known vulnerabilities after being # pushed to the repository. # # @option params [Types::EncryptionConfiguration] :encryption_configuration # The encryption configuration for the repository. This determines how # the contents of your repository are encrypted at rest. # # @return [Types::CreateRepositoryResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: # # * {Types::CreateRepositoryResponse#repository #repository} => Types::Repository # # # @example Example: To create a new repository # # # This example creates a repository called nginx-web-app inside the project-a namespace in the default registry for an # # account. # # resp = client.create_repository({ # repository_name: "project-a/nginx-web-app", # }) # # resp.to_h outputs the following: # { # repository: { # registry_id: "012345678901", # repository_arn: "arn:aws:ecr:us-west-2:012345678901:repository/project-a/nginx-web-app", # repository_name: "project-a/nginx-web-app", # }, # } # # @example Request syntax with placeholder values # # resp = client.create_repository({ # registry_id: "RegistryId", # repository_name: "RepositoryName", # required # tags: [ # { # key: "TagKey", # required # value: "TagValue", # required # }, # ], # image_tag_mutability: "MUTABLE", # accepts MUTABLE, IMMUTABLE # image_scanning_configuration: { # scan_on_push: false, # }, # encryption_configuration: { # encryption_type: "AES256", # required, accepts AES256, KMS # kms_key: "KmsKey", # }, # }) # # @example Response structure # # resp.repository.repository_arn #=> String # resp.repository.registry_id #=> String # resp.repository.repository_name #=> String # resp.repository.repository_uri #=> String # resp.repository.created_at #=> Time # resp.repository.image_tag_mutability #=> String, one of "MUTABLE", "IMMUTABLE" # resp.repository.image_scanning_configuration.scan_on_push #=> Boolean # resp.repository.encryption_configuration.encryption_type #=> String, one of "AES256", "KMS" # resp.repository.encryption_configuration.kms_key #=> String # # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/CreateRepository AWS API Documentation # # @overload create_repository(params = {}) # @param [Hash] params ({}) def create_repository(params = {}, options = {}) req = build_request(:create_repository, params) req.send_request(options) end # Deletes the lifecycle policy associated with the specified repository. # # @option params [String] :registry_id # The Amazon Web Services account ID associated with the registry that # contains the repository. If you do not specify a registry, the default # registry is assumed. # # @option params [required, String] :repository_name # The name of the repository. # # @return [Types::DeleteLifecyclePolicyResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: # # * {Types::DeleteLifecyclePolicyResponse#registry_id #registry_id} => String # * {Types::DeleteLifecyclePolicyResponse#repository_name #repository_name} => String # * {Types::DeleteLifecyclePolicyResponse#lifecycle_policy_text #lifecycle_policy_text} => String # * {Types::DeleteLifecyclePolicyResponse#last_evaluated_at #last_evaluated_at} => Time # # @example Request syntax with placeholder values # # resp = client.delete_lifecycle_policy({ # registry_id: "RegistryId", # repository_name: "RepositoryName", # required # }) # # @example Response structure # # resp.registry_id #=> String # resp.repository_name #=> String # resp.lifecycle_policy_text #=> String # resp.last_evaluated_at #=> Time # # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/DeleteLifecyclePolicy AWS API Documentation # # @overload delete_lifecycle_policy(params = {}) # @param [Hash] params ({}) def delete_lifecycle_policy(params = {}, options = {}) req = build_request(:delete_lifecycle_policy, params) req.send_request(options) end # Deletes a pull through cache rule. # # @option params [required, String] :ecr_repository_prefix # The Amazon ECR repository prefix associated with the pull through # cache rule to delete. # # @option params [String] :registry_id # The Amazon Web Services account ID associated with the registry that # contains the pull through cache rule. If you do not specify a # registry, the default registry is assumed. # # @return [Types::DeletePullThroughCacheRuleResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: # # * {Types::DeletePullThroughCacheRuleResponse#ecr_repository_prefix #ecr_repository_prefix} => String # * {Types::DeletePullThroughCacheRuleResponse#upstream_registry_url #upstream_registry_url} => String # * {Types::DeletePullThroughCacheRuleResponse#created_at #created_at} => Time # * {Types::DeletePullThroughCacheRuleResponse#registry_id #registry_id} => String # * {Types::DeletePullThroughCacheRuleResponse#credential_arn #credential_arn} => String # # @example Request syntax with placeholder values # # resp = client.delete_pull_through_cache_rule({ # ecr_repository_prefix: "PullThroughCacheRuleRepositoryPrefix", # required # registry_id: "RegistryId", # }) # # @example Response structure # # resp.ecr_repository_prefix #=> String # resp.upstream_registry_url #=> String # resp.created_at #=> Time # resp.registry_id #=> String # resp.credential_arn #=> String # # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/DeletePullThroughCacheRule AWS API Documentation # # @overload delete_pull_through_cache_rule(params = {}) # @param [Hash] params ({}) def delete_pull_through_cache_rule(params = {}, options = {}) req = build_request(:delete_pull_through_cache_rule, params) req.send_request(options) end # Deletes the registry permissions policy. # # @return [Types::DeleteRegistryPolicyResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: # # * {Types::DeleteRegistryPolicyResponse#registry_id #registry_id} => String # * {Types::DeleteRegistryPolicyResponse#policy_text #policy_text} => String # # @example Response structure # # resp.registry_id #=> String # resp.policy_text #=> String # # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/DeleteRegistryPolicy AWS API Documentation # # @overload delete_registry_policy(params = {}) # @param [Hash] params ({}) def delete_registry_policy(params = {}, options = {}) req = build_request(:delete_registry_policy, params) req.send_request(options) end # Deletes a repository. If the repository isn't empty, you must either # delete the contents of the repository or use the `force` option to # delete the repository and have Amazon ECR delete all of its contents # on your behalf. # # @option params [String] :registry_id # The Amazon Web Services account ID associated with the registry that # contains the repository to delete. If you do not specify a registry, # the default registry is assumed. # # @option params [required, String] :repository_name # The name of the repository to delete. # # @option params [Boolean] :force # If true, deleting the repository force deletes the contents of the # repository. If false, the repository must be empty before attempting # to delete it. # # @return [Types::DeleteRepositoryResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: # # * {Types::DeleteRepositoryResponse#repository #repository} => Types::Repository # # # @example Example: To force delete a repository # # # This example force deletes a repository named ubuntu in the default registry for an account. The force parameter is # # required if the repository contains images. # # resp = client.delete_repository({ # force: true, # repository_name: "ubuntu", # }) # # resp.to_h outputs the following: # { # repository: { # registry_id: "012345678901", # repository_arn: "arn:aws:ecr:us-west-2:012345678901:repository/ubuntu", # repository_name: "ubuntu", # }, # } # # @example Request syntax with placeholder values # # resp = client.delete_repository({ # registry_id: "RegistryId", # repository_name: "RepositoryName", # required # force: false, # }) # # @example Response structure # # resp.repository.repository_arn #=> String # resp.repository.registry_id #=> String # resp.repository.repository_name #=> String # resp.repository.repository_uri #=> String # resp.repository.created_at #=> Time # resp.repository.image_tag_mutability #=> String, one of "MUTABLE", "IMMUTABLE" # resp.repository.image_scanning_configuration.scan_on_push #=> Boolean # resp.repository.encryption_configuration.encryption_type #=> String, one of "AES256", "KMS" # resp.repository.encryption_configuration.kms_key #=> String # # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/DeleteRepository AWS API Documentation # # @overload delete_repository(params = {}) # @param [Hash] params ({}) def delete_repository(params = {}, options = {}) req = build_request(:delete_repository, params) req.send_request(options) end # Deletes the repository policy associated with the specified # repository. # # @option params [String] :registry_id # The Amazon Web Services account ID associated with the registry that # contains the repository policy to delete. If you do not specify a # registry, the default registry is assumed. # # @option params [required, String] :repository_name # The name of the repository that is associated with the repository # policy to delete. # # @return [Types::DeleteRepositoryPolicyResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: # # * {Types::DeleteRepositoryPolicyResponse#registry_id #registry_id} => String # * {Types::DeleteRepositoryPolicyResponse#repository_name #repository_name} => String # * {Types::DeleteRepositoryPolicyResponse#policy_text #policy_text} => String # # # @example Example: To delete the policy associated with a repository # # # This example deletes the policy associated with the repository named ubuntu in the current account. # # resp = client.delete_repository_policy({ # repository_name: "ubuntu", # }) # # resp.to_h outputs the following: # { # policy_text: "{ ... }", # registry_id: "012345678901", # repository_name: "ubuntu", # } # # @example Request syntax with placeholder values # # resp = client.delete_repository_policy({ # registry_id: "RegistryId", # repository_name: "RepositoryName", # required # }) # # @example Response structure # # resp.registry_id #=> String # resp.repository_name #=> String # resp.policy_text #=> String # # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/DeleteRepositoryPolicy AWS API Documentation # # @overload delete_repository_policy(params = {}) # @param [Hash] params ({}) def delete_repository_policy(params = {}, options = {}) req = build_request(:delete_repository_policy, params) req.send_request(options) end # Returns the replication status for a specified image. # # @option params [required, String] :repository_name # The name of the repository that the image is in. # # @option params [required, Types::ImageIdentifier] :image_id # An object with identifying information for an image in an Amazon ECR # repository. # # @option params [String] :registry_id # The Amazon Web Services account ID associated with the registry. If # you do not specify a registry, the default registry is assumed. # # @return [Types::DescribeImageReplicationStatusResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: # # * {Types::DescribeImageReplicationStatusResponse#repository_name #repository_name} => String # * {Types::DescribeImageReplicationStatusResponse#image_id #image_id} => Types::ImageIdentifier # * {Types::DescribeImageReplicationStatusResponse#replication_statuses #replication_statuses} => Array<Types::ImageReplicationStatus> # # @example Request syntax with placeholder values # # resp = client.describe_image_replication_status({ # repository_name: "RepositoryName", # required # image_id: { # required # image_digest: "ImageDigest", # image_tag: "ImageTag", # }, # registry_id: "RegistryId", # }) # # @example Response structure # # resp.repository_name #=> String # resp.image_id.image_digest #=> String # resp.image_id.image_tag #=> String # resp.replication_statuses #=> Array # resp.replication_statuses[0].region #=> String # resp.replication_statuses[0].registry_id #=> String # resp.replication_statuses[0].status #=> String, one of "IN_PROGRESS", "COMPLETE", "FAILED" # resp.replication_statuses[0].failure_code #=> String # # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/DescribeImageReplicationStatus AWS API Documentation # # @overload describe_image_replication_status(params = {}) # @param [Hash] params ({}) def describe_image_replication_status(params = {}, options = {}) req = build_request(:describe_image_replication_status, params) req.send_request(options) end # Returns the scan findings for the specified image. # # @option params [String] :registry_id # The Amazon Web Services account ID associated with the registry that # contains the repository in which to describe the image scan findings # for. If you do not specify a registry, the default registry is # assumed. # # @option params [required, String] :repository_name # The repository for the image for which to describe the scan findings. # # @option params [required, Types::ImageIdentifier] :image_id # An object with identifying information for an image in an Amazon ECR # repository. # # @option params [String] :next_token # The `nextToken` value returned from a previous paginated # `DescribeImageScanFindings` request where `maxResults` was used and # the results exceeded the value of that parameter. Pagination continues # from the end of the previous results that returned the `nextToken` # value. This value is null when there are no more results to return. # # @option params [Integer] :max_results # The maximum number of image scan results returned by # `DescribeImageScanFindings` in paginated output. When this parameter # is used, `DescribeImageScanFindings` only returns `maxResults` results # in a single page along with a `nextToken` response element. The # remaining results of the initial request can be seen by sending # another `DescribeImageScanFindings` request with the returned # `nextToken` value. This value can be between 1 and 1000. If this # parameter is not used, then `DescribeImageScanFindings` returns up to # 100 results and a `nextToken` value, if applicable. # # @return [Types::DescribeImageScanFindingsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: # # * {Types::DescribeImageScanFindingsResponse#registry_id #registry_id} => String # * {Types::DescribeImageScanFindingsResponse#repository_name #repository_name} => String # * {Types::DescribeImageScanFindingsResponse#image_id #image_id} => Types::ImageIdentifier # * {Types::DescribeImageScanFindingsResponse#image_scan_status #image_scan_status} => Types::ImageScanStatus # * {Types::DescribeImageScanFindingsResponse#image_scan_findings #image_scan_findings} => Types::ImageScanFindings # * {Types::DescribeImageScanFindingsResponse#next_token #next_token} => String # # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}. # # @example Request syntax with placeholder values # # resp = client.describe_image_scan_findings({ # registry_id: "RegistryId", # repository_name: "RepositoryName", # required # image_id: { # required # image_digest: "ImageDigest", # image_tag: "ImageTag", # }, # next_token: "NextToken", # max_results: 1, # }) # # @example Response structure # # resp.registry_id #=> String # resp.repository_name #=> String # resp.image_id.image_digest #=> String # resp.image_id.image_tag #=> String # resp.image_scan_status.status #=> String, one of "IN_PROGRESS", "COMPLETE", "FAILED", "UNSUPPORTED_IMAGE", "ACTIVE", "PENDING", "SCAN_ELIGIBILITY_EXPIRED", "FINDINGS_UNAVAILABLE" # resp.image_scan_status.description #=> String # resp.image_scan_findings.image_scan_completed_at #=> Time # resp.image_scan_findings.vulnerability_source_updated_at #=> Time # resp.image_scan_findings.finding_severity_counts #=> Hash # resp.image_scan_findings.finding_severity_counts["FindingSeverity"] #=> Integer # resp.image_scan_findings.findings #=> Array # resp.image_scan_findings.findings[0].name #=> String # resp.image_scan_findings.findings[0].description #=> String # resp.image_scan_findings.findings[0].uri #=> String # resp.image_scan_findings.findings[0].severity #=> String, one of "INFORMATIONAL", "LOW", "MEDIUM", "HIGH", "CRITICAL", "UNDEFINED" # resp.image_scan_findings.findings[0].attributes #=> Array # resp.image_scan_findings.findings[0].attributes[0].key #=> String # resp.image_scan_findings.findings[0].attributes[0].value #=> # resp.image_scan_findings.enhanced_findings #=> Array # resp.image_scan_findings.enhanced_findings[0].aws_account_id #=> String # resp.image_scan_findings.enhanced_findings[0].description #=> String # resp.image_scan_findings.enhanced_findings[0].finding_arn #=> String # resp.image_scan_findings.enhanced_findings[0].first_observed_at #=> Time # resp.image_scan_findings.enhanced_findings[0].last_observed_at #=> Time # resp.image_scan_findings.enhanced_findings[0].package_vulnerability_details.cvss #=> Array # resp.image_scan_findings.enhanced_findings[0].package_vulnerability_details.cvss[0].base_score #=> Float # resp.image_scan_findings.enhanced_findings[0].package_vulnerability_details.cvss[0].scoring_vector #=> String # resp.image_scan_findings.enhanced_findings[0].package_vulnerability_details.cvss[0].source #=> String # resp.image_scan_findings.enhanced_findings[0].package_vulnerability_details.cvss[0].version #=> String # resp.image_scan_findings.enhanced_findings[0].package_vulnerability_details.reference_urls #=> Array # resp.image_scan_findings.enhanced_findings[0].package_vulnerability_details.reference_urls[0] #=> String # resp.image_scan_findings.enhanced_findings[0].package_vulnerability_details.related_vulnerabilities #=> Array # resp.image_scan_findings.enhanced_findings[0].package_vulnerability_details.related_vulnerabilities[0] #=> String # resp.image_scan_findings.enhanced_findings[0].package_vulnerability_details.source #=> String # resp.image_scan_findings.enhanced_findings[0].package_vulnerability_details.source_url #=> String # resp.image_scan_findings.enhanced_findings[0].package_vulnerability_details.vendor_created_at #=> Time # resp.image_scan_findings.enhanced_findings[0].package_vulnerability_details.vendor_severity #=> String # resp.image_scan_findings.enhanced_findings[0].package_vulnerability_details.vendor_updated_at #=> Time # resp.image_scan_findings.enhanced_findings[0].package_vulnerability_details.vulnerability_id #=> String # resp.image_scan_findings.enhanced_findings[0].package_vulnerability_details.vulnerable_packages #=> Array # resp.image_scan_findings.enhanced_findings[0].package_vulnerability_details.vulnerable_packages[0].arch #=> String # resp.image_scan_findings.enhanced_findings[0].package_vulnerability_details.vulnerable_packages[0].epoch #=> Integer # resp.image_scan_findings.enhanced_findings[0].package_vulnerability_details.vulnerable_packages[0].file_path #=> String # resp.image_scan_findings.enhanced_findings[0].package_vulnerability_details.vulnerable_packages[0].name #=> String # resp.image_scan_findings.enhanced_findings[0].package_vulnerability_details.vulnerable_packages[0].package_manager #=> String # resp.image_scan_findings.enhanced_findings[0].package_vulnerability_details.vulnerable_packages[0].release #=> String # resp.image_scan_findings.enhanced_findings[0].package_vulnerability_details.vulnerable_packages[0].source_layer_hash #=> String # resp.image_scan_findings.enhanced_findings[0].package_vulnerability_details.vulnerable_packages[0].version #=> String # resp.image_scan_findings.enhanced_findings[0].remediation.recommendation.url #=> String # resp.image_scan_findings.enhanced_findings[0].remediation.recommendation.text #=> String # resp.image_scan_findings.enhanced_findings[0].resources #=> Array # resp.image_scan_findings.enhanced_findings[0].resources[0].details.aws_ecr_container_image.architecture #=> String # resp.image_scan_findings.enhanced_findings[0].resources[0].details.aws_ecr_container_image.author #=> String # resp.image_scan_findings.enhanced_findings[0].resources[0].details.aws_ecr_container_image.image_hash #=> String # resp.image_scan_findings.enhanced_findings[0].resources[0].details.aws_ecr_container_image.image_tags #=> Array # resp.image_scan_findings.enhanced_findings[0].resources[0].details.aws_ecr_container_image.image_tags[0] #=> String # resp.image_scan_findings.enhanced_findings[0].resources[0].details.aws_ecr_container_image.platform #=> String # resp.image_scan_findings.enhanced_findings[0].resources[0].details.aws_ecr_container_image.pushed_at #=> Time # resp.image_scan_findings.enhanced_findings[0].resources[0].details.aws_ecr_container_image.registry #=> String # resp.image_scan_findings.enhanced_findings[0].resources[0].details.aws_ecr_container_image.repository_name #=> String # resp.image_scan_findings.enhanced_findings[0].resources[0].id #=> String # resp.image_scan_findings.enhanced_findings[0].resources[0].tags #=> Hash # resp.image_scan_findings.enhanced_findings[0].resources[0].tags["TagKey"] #=> String # resp.image_scan_findings.enhanced_findings[0].resources[0].type #=> String # resp.image_scan_findings.enhanced_findings[0].score #=> Float # resp.image_scan_findings.enhanced_findings[0].score_details.cvss.adjustments #=> Array # resp.image_scan_findings.enhanced_findings[0].score_details.cvss.adjustments[0].metric #=> String # resp.image_scan_findings.enhanced_findings[0].score_details.cvss.adjustments[0].reason #=> String # resp.image_scan_findings.enhanced_findings[0].score_details.cvss.score #=> Float # resp.image_scan_findings.enhanced_findings[0].score_details.cvss.score_source #=> String # resp.image_scan_findings.enhanced_findings[0].score_details.cvss.scoring_vector #=> String # resp.image_scan_findings.enhanced_findings[0].score_details.cvss.version #=> String # resp.image_scan_findings.enhanced_findings[0].severity #=> String # resp.image_scan_findings.enhanced_findings[0].status #=> String # resp.image_scan_findings.enhanced_findings[0].title #=> String # resp.image_scan_findings.enhanced_findings[0].type #=> String # resp.image_scan_findings.enhanced_findings[0].updated_at #=> Time # resp.next_token #=> String # # # The following waiters are defined for this operation (see {Client#wait_until} for detailed usage): # # * image_scan_complete # # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/DescribeImageScanFindings AWS API Documentation # # @overload describe_image_scan_findings(params = {}) # @param [Hash] params ({}) def describe_image_scan_findings(params = {}, options = {}) req = build_request(:describe_image_scan_findings, params) req.send_request(options) end # Returns metadata about the images in a repository. # # Beginning with Docker version 1.9, the Docker client compresses image # layers before pushing them to a V2 Docker registry. The output of the # `docker images` command shows the uncompressed image size, so it may # return a larger image size than the image sizes returned by # DescribeImages. # # # # @option params [String] :registry_id # The Amazon Web Services account ID associated with the registry that # contains the repository in which to describe images. If you do not # specify a registry, the default registry is assumed. # # @option params [required, String] :repository_name # The repository that contains the images to describe. # # @option params [Array] :image_ids # The list of image IDs for the requested repository. # # @option params [String] :next_token # The `nextToken` value returned from a previous paginated # `DescribeImages` request where `maxResults` was used and the results # exceeded the value of that parameter. Pagination continues from the # end of the previous results that returned the `nextToken` value. This # value is `null` when there are no more results to return. This option # cannot be used when you specify images with `imageIds`. # # @option params [Integer] :max_results # The maximum number of repository results returned by `DescribeImages` # in paginated output. When this parameter is used, `DescribeImages` # only returns `maxResults` results in a single page along with a # `nextToken` response element. The remaining results of the initial # request can be seen by sending another `DescribeImages` request with # the returned `nextToken` value. This value can be between 1 and 1000. # If this parameter is not used, then `DescribeImages` returns up to 100 # results and a `nextToken` value, if applicable. This option cannot be # used when you specify images with `imageIds`. # # @option params [Types::DescribeImagesFilter] :filter # The filter key and value with which to filter your `DescribeImages` # results. # # @return [Types::DescribeImagesResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: # # * {Types::DescribeImagesResponse#image_details #image_details} => Array<Types::ImageDetail> # * {Types::DescribeImagesResponse#next_token #next_token} => String # # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}. # # @example Request syntax with placeholder values # # resp = client.describe_images({ # registry_id: "RegistryId", # repository_name: "RepositoryName", # required # image_ids: [ # { # image_digest: "ImageDigest", # image_tag: "ImageTag", # }, # ], # next_token: "NextToken", # max_results: 1, # filter: { # tag_status: "TAGGED", # accepts TAGGED, UNTAGGED, ANY # }, # }) # # @example Response structure # # resp.image_details #=> Array # resp.image_details[0].registry_id #=> String # resp.image_details[0].repository_name #=> String # resp.image_details[0].image_digest #=> String # resp.image_details[0].image_tags #=> Array # resp.image_details[0].image_tags[0] #=> String # resp.image_details[0].image_size_in_bytes #=> Integer # resp.image_details[0].image_pushed_at #=> Time # resp.image_details[0].image_scan_status.status #=> String, one of "IN_PROGRESS", "COMPLETE", "FAILED", "UNSUPPORTED_IMAGE", "ACTIVE", "PENDING", "SCAN_ELIGIBILITY_EXPIRED", "FINDINGS_UNAVAILABLE" # resp.image_details[0].image_scan_status.description #=> String # resp.image_details[0].image_scan_findings_summary.image_scan_completed_at #=> Time # resp.image_details[0].image_scan_findings_summary.vulnerability_source_updated_at #=> Time # resp.image_details[0].image_scan_findings_summary.finding_severity_counts #=> Hash # resp.image_details[0].image_scan_findings_summary.finding_severity_counts["FindingSeverity"] #=> Integer # resp.image_details[0].image_manifest_media_type #=> String # resp.image_details[0].artifact_media_type #=> String # resp.image_details[0].last_recorded_pull_time #=> Time # resp.next_token #=> String # # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/DescribeImages AWS API Documentation # # @overload describe_images(params = {}) # @param [Hash] params ({}) def describe_images(params = {}, options = {}) req = build_request(:describe_images, params) req.send_request(options) end # Returns the pull through cache rules for a registry. # # @option params [String] :registry_id # The Amazon Web Services account ID associated with the registry to # return the pull through cache rules for. If you do not specify a # registry, the default registry is assumed. # # @option params [Array] :ecr_repository_prefixes # The Amazon ECR repository prefixes associated with the pull through # cache rules to return. If no repository prefix value is specified, all # pull through cache rules are returned. # # @option params [String] :next_token # The `nextToken` value returned from a previous paginated # `DescribePullThroughCacheRulesRequest` request where `maxResults` was # used and the results exceeded the value of that parameter. Pagination # continues from the end of the previous results that returned the # `nextToken` value. This value is null when there are no more results # to return. # # @option params [Integer] :max_results # The maximum number of pull through cache rules returned by # `DescribePullThroughCacheRulesRequest` in paginated output. When this # parameter is used, `DescribePullThroughCacheRulesRequest` only returns # `maxResults` results in a single page along with a `nextToken` # response element. The remaining results of the initial request can be # seen by sending another `DescribePullThroughCacheRulesRequest` request # with the returned `nextToken` value. This value can be between 1 and # 1000. If this parameter is not used, then # `DescribePullThroughCacheRulesRequest` returns up to 100 results and a # `nextToken` value, if applicable. # # @return [Types::DescribePullThroughCacheRulesResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: # # * {Types::DescribePullThroughCacheRulesResponse#pull_through_cache_rules #pull_through_cache_rules} => Array<Types::PullThroughCacheRule> # * {Types::DescribePullThroughCacheRulesResponse#next_token #next_token} => String # # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}. # # @example Request syntax with placeholder values # # resp = client.describe_pull_through_cache_rules({ # registry_id: "RegistryId", # ecr_repository_prefixes: ["PullThroughCacheRuleRepositoryPrefix"], # next_token: "NextToken", # max_results: 1, # }) # # @example Response structure # # resp.pull_through_cache_rules #=> Array # resp.pull_through_cache_rules[0].ecr_repository_prefix #=> String # resp.pull_through_cache_rules[0].upstream_registry_url #=> String # resp.pull_through_cache_rules[0].created_at #=> Time # resp.pull_through_cache_rules[0].registry_id #=> String # resp.pull_through_cache_rules[0].credential_arn #=> String # resp.pull_through_cache_rules[0].upstream_registry #=> String, one of "ecr-public", "quay", "k8s", "docker-hub", "github-container-registry", "azure-container-registry" # resp.pull_through_cache_rules[0].updated_at #=> Time # resp.next_token #=> String # # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/DescribePullThroughCacheRules AWS API Documentation # # @overload describe_pull_through_cache_rules(params = {}) # @param [Hash] params ({}) def describe_pull_through_cache_rules(params = {}, options = {}) req = build_request(:describe_pull_through_cache_rules, params) req.send_request(options) end # Describes the settings for a registry. The replication configuration # for a repository can be created or updated with the # PutReplicationConfiguration API action. # # @return [Types::DescribeRegistryResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: # # * {Types::DescribeRegistryResponse#registry_id #registry_id} => String # * {Types::DescribeRegistryResponse#replication_configuration #replication_configuration} => Types::ReplicationConfiguration # # @example Response structure # # resp.registry_id #=> String # resp.replication_configuration.rules #=> Array # resp.replication_configuration.rules[0].destinations #=> Array # resp.replication_configuration.rules[0].destinations[0].region #=> String # resp.replication_configuration.rules[0].destinations[0].registry_id #=> String # resp.replication_configuration.rules[0].repository_filters #=> Array # resp.replication_configuration.rules[0].repository_filters[0].filter #=> String # resp.replication_configuration.rules[0].repository_filters[0].filter_type #=> String, one of "PREFIX_MATCH" # # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/DescribeRegistry AWS API Documentation # # @overload describe_registry(params = {}) # @param [Hash] params ({}) def describe_registry(params = {}, options = {}) req = build_request(:describe_registry, params) req.send_request(options) end # Describes image repositories in a registry. # # @option params [String] :registry_id # The Amazon Web Services account ID associated with the registry that # contains the repositories to be described. If you do not specify a # registry, the default registry is assumed. # # @option params [Array] :repository_names # A list of repositories to describe. If this parameter is omitted, then # all repositories in a registry are described. # # @option params [String] :next_token # The `nextToken` value returned from a previous paginated # `DescribeRepositories` request where `maxResults` was used and the # results exceeded the value of that parameter. Pagination continues # from the end of the previous results that returned the `nextToken` # value. This value is `null` when there are no more results to return. # This option cannot be used when you specify repositories with # `repositoryNames`. # # This token should be treated as an opaque identifier that is only used # to retrieve the next items in a list and not for other programmatic # purposes. # # # # @option params [Integer] :max_results # The maximum number of repository results returned by # `DescribeRepositories` in paginated output. When this parameter is # used, `DescribeRepositories` only returns `maxResults` results in a # single page along with a `nextToken` response element. The remaining # results of the initial request can be seen by sending another # `DescribeRepositories` request with the returned `nextToken` value. # This value can be between 1 and 1000. If this parameter is not used, # then `DescribeRepositories` returns up to 100 results and a # `nextToken` value, if applicable. This option cannot be used when you # specify repositories with `repositoryNames`. # # @return [Types::DescribeRepositoriesResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: # # * {Types::DescribeRepositoriesResponse#repositories #repositories} => Array<Types::Repository> # * {Types::DescribeRepositoriesResponse#next_token #next_token} => String # # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}. # # # @example Example: To describe all repositories in the current account # # # The following example obtains a list and description of all repositories in the default registry to which the current # # user has access. # # resp = client.describe_repositories({ # }) # # resp.to_h outputs the following: # { # repositories: [ # { # registry_id: "012345678910", # repository_arn: "arn:aws:ecr:us-west-2:012345678910:repository/ubuntu", # repository_name: "ubuntu", # }, # { # registry_id: "012345678910", # repository_arn: "arn:aws:ecr:us-west-2:012345678910:repository/test", # repository_name: "test", # }, # ], # } # # @example Request syntax with placeholder values # # resp = client.describe_repositories({ # registry_id: "RegistryId", # repository_names: ["RepositoryName"], # next_token: "NextToken", # max_results: 1, # }) # # @example Response structure # # resp.repositories #=> Array # resp.repositories[0].repository_arn #=> String # resp.repositories[0].registry_id #=> String # resp.repositories[0].repository_name #=> String # resp.repositories[0].repository_uri #=> String # resp.repositories[0].created_at #=> Time # resp.repositories[0].image_tag_mutability #=> String, one of "MUTABLE", "IMMUTABLE" # resp.repositories[0].image_scanning_configuration.scan_on_push #=> Boolean # resp.repositories[0].encryption_configuration.encryption_type #=> String, one of "AES256", "KMS" # resp.repositories[0].encryption_configuration.kms_key #=> String # resp.next_token #=> String # # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/DescribeRepositories AWS API Documentation # # @overload describe_repositories(params = {}) # @param [Hash] params ({}) def describe_repositories(params = {}, options = {}) req = build_request(:describe_repositories, params) req.send_request(options) end # Retrieves an authorization token. An authorization token represents # your IAM authentication credentials and can be used to access any # Amazon ECR registry that your IAM principal has access to. The # authorization token is valid for 12 hours. # # The `authorizationToken` returned is a base64 encoded string that can # be decoded and used in a `docker login` command to authenticate to a # registry. The CLI offers an `get-login-password` command that # simplifies the login process. For more information, see [Registry # authentication][1] in the *Amazon Elastic Container Registry User # Guide*. # # # # [1]: https://docs.aws.amazon.com/AmazonECR/latest/userguide/Registries.html#registry_auth # # @option params [Array] :registry_ids # A list of Amazon Web Services account IDs that are associated with the # registries for which to get AuthorizationData objects. If you do not # specify a registry, the default registry is assumed. # # @return [Types::GetAuthorizationTokenResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: # # * {Types::GetAuthorizationTokenResponse#authorization_data #authorization_data} => Array<Types::AuthorizationData> # # # @example Example: To obtain an authorization token # # # This example gets an authorization token for your default registry. # # resp = client.get_authorization_token({ # }) # # resp.to_h outputs the following: # { # authorization_data: [ # { # authorization_token: "QVdTOkNEXAMPLE", # expires_at: Time.parse("2022-05-17T06:56:13.652000+00:00"), # proxy_endpoint: "https://012345678901.dkr.ecr.us-west-2.amazonaws.com", # }, # ], # } # # @example Request syntax with placeholder values # # resp = client.get_authorization_token({ # registry_ids: ["RegistryId"], # }) # # @example Response structure # # resp.authorization_data #=> Array # resp.authorization_data[0].authorization_token #=> String # resp.authorization_data[0].expires_at #=> Time # resp.authorization_data[0].proxy_endpoint #=> String # # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/GetAuthorizationToken AWS API Documentation # # @overload get_authorization_token(params = {}) # @param [Hash] params ({}) def get_authorization_token(params = {}, options = {}) req = build_request(:get_authorization_token, params) req.send_request(options) end # Retrieves the pre-signed Amazon S3 download URL corresponding to an # image layer. You can only get URLs for image layers that are # referenced in an image. # # When an image is pulled, the GetDownloadUrlForLayer API is called once # per image layer that is not already cached. # # This operation is used by the Amazon ECR proxy and is not generally # used by customers for pulling and pushing images. In most cases, you # should use the `docker` CLI to pull, tag, and push images. # # # # @option params [String] :registry_id # The Amazon Web Services account ID associated with the registry that # contains the image layer to download. If you do not specify a # registry, the default registry is assumed. # # @option params [required, String] :repository_name # The name of the repository that is associated with the image layer to # download. # # @option params [required, String] :layer_digest # The digest of the image layer to download. # # @return [Types::GetDownloadUrlForLayerResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: # # * {Types::GetDownloadUrlForLayerResponse#download_url #download_url} => String # * {Types::GetDownloadUrlForLayerResponse#layer_digest #layer_digest} => String # # @example Request syntax with placeholder values # # resp = client.get_download_url_for_layer({ # registry_id: "RegistryId", # repository_name: "RepositoryName", # required # layer_digest: "LayerDigest", # required # }) # # @example Response structure # # resp.download_url #=> String # resp.layer_digest #=> String # # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/GetDownloadUrlForLayer AWS API Documentation # # @overload get_download_url_for_layer(params = {}) # @param [Hash] params ({}) def get_download_url_for_layer(params = {}, options = {}) req = build_request(:get_download_url_for_layer, params) req.send_request(options) end # Retrieves the lifecycle policy for the specified repository. # # @option params [String] :registry_id # The Amazon Web Services account ID associated with the registry that # contains the repository. If you do not specify a registry, the default # registry is assumed. # # @option params [required, String] :repository_name # The name of the repository. # # @return [Types::GetLifecyclePolicyResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: # # * {Types::GetLifecyclePolicyResponse#registry_id #registry_id} => String # * {Types::GetLifecyclePolicyResponse#repository_name #repository_name} => String # * {Types::GetLifecyclePolicyResponse#lifecycle_policy_text #lifecycle_policy_text} => String # * {Types::GetLifecyclePolicyResponse#last_evaluated_at #last_evaluated_at} => Time # # @example Request syntax with placeholder values # # resp = client.get_lifecycle_policy({ # registry_id: "RegistryId", # repository_name: "RepositoryName", # required # }) # # @example Response structure # # resp.registry_id #=> String # resp.repository_name #=> String # resp.lifecycle_policy_text #=> String # resp.last_evaluated_at #=> Time # # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/GetLifecyclePolicy AWS API Documentation # # @overload get_lifecycle_policy(params = {}) # @param [Hash] params ({}) def get_lifecycle_policy(params = {}, options = {}) req = build_request(:get_lifecycle_policy, params) req.send_request(options) end # Retrieves the results of the lifecycle policy preview request for the # specified repository. # # @option params [String] :registry_id # The Amazon Web Services account ID associated with the registry that # contains the repository. If you do not specify a registry, the default # registry is assumed. # # @option params [required, String] :repository_name # The name of the repository. # # @option params [Array] :image_ids # The list of imageIDs to be included. # # @option params [String] :next_token # The `nextToken` value returned from a previous paginated
 # `GetLifecyclePolicyPreviewRequest` request where `maxResults` was used # and the
 results exceeded the value of that parameter. Pagination # continues from the end of the
 previous results that returned the # `nextToken` value. This value is
 `null` when there are no more # results to return. This option cannot be used when you specify images # with `imageIds`. # # @option params [Integer] :max_results # The maximum number of repository results returned by # `GetLifecyclePolicyPreviewRequest` in
 paginated output. When this # parameter is used, `GetLifecyclePolicyPreviewRequest` only returns
 # `maxResults` results in a single page along with a `nextToken`
 # response element. The remaining results of the initial request can be # seen by sending
 another `GetLifecyclePolicyPreviewRequest` request # with the returned `nextToken`
 value. This value can be between 1 and # 1000. If this
 parameter is not used, then # `GetLifecyclePolicyPreviewRequest` returns up to
 100 results and a # `nextToken` value, if
 applicable. This option cannot be used when you # specify images with `imageIds`. # # @option params [Types::LifecyclePolicyPreviewFilter] :filter # An optional parameter that filters results based on image tag status # and all tags, if tagged. # # @return [Types::GetLifecyclePolicyPreviewResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: # # * {Types::GetLifecyclePolicyPreviewResponse#registry_id #registry_id} => String # * {Types::GetLifecyclePolicyPreviewResponse#repository_name #repository_name} => String # * {Types::GetLifecyclePolicyPreviewResponse#lifecycle_policy_text #lifecycle_policy_text} => String # * {Types::GetLifecyclePolicyPreviewResponse#status #status} => String # * {Types::GetLifecyclePolicyPreviewResponse#next_token #next_token} => String # * {Types::GetLifecyclePolicyPreviewResponse#preview_results #preview_results} => Array<Types::LifecyclePolicyPreviewResult> # * {Types::GetLifecyclePolicyPreviewResponse#summary #summary} => Types::LifecyclePolicyPreviewSummary # # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}. # # @example Request syntax with placeholder values # # resp = client.get_lifecycle_policy_preview({ # registry_id: "RegistryId", # repository_name: "RepositoryName", # required # image_ids: [ # { # image_digest: "ImageDigest", # image_tag: "ImageTag", # }, # ], # next_token: "NextToken", # max_results: 1, # filter: { # tag_status: "TAGGED", # accepts TAGGED, UNTAGGED, ANY # }, # }) # # @example Response structure # # resp.registry_id #=> String # resp.repository_name #=> String # resp.lifecycle_policy_text #=> String # resp.status #=> String, one of "IN_PROGRESS", "COMPLETE", "EXPIRED", "FAILED" # resp.next_token #=> String # resp.preview_results #=> Array # resp.preview_results[0].image_tags #=> Array # resp.preview_results[0].image_tags[0] #=> String # resp.preview_results[0].image_digest #=> String # resp.preview_results[0].image_pushed_at #=> Time # resp.preview_results[0].action.type #=> String, one of "EXPIRE" # resp.preview_results[0].applied_rule_priority #=> Integer # resp.summary.expiring_image_total_count #=> Integer # # # The following waiters are defined for this operation (see {Client#wait_until} for detailed usage): # # * lifecycle_policy_preview_complete # # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/GetLifecyclePolicyPreview AWS API Documentation # # @overload get_lifecycle_policy_preview(params = {}) # @param [Hash] params ({}) def get_lifecycle_policy_preview(params = {}, options = {}) req = build_request(:get_lifecycle_policy_preview, params) req.send_request(options) end # Retrieves the permissions policy for a registry. # # @return [Types::GetRegistryPolicyResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: # # * {Types::GetRegistryPolicyResponse#registry_id #registry_id} => String # * {Types::GetRegistryPolicyResponse#policy_text #policy_text} => String # # @example Response structure # # resp.registry_id #=> String # resp.policy_text #=> String # # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/GetRegistryPolicy AWS API Documentation # # @overload get_registry_policy(params = {}) # @param [Hash] params ({}) def get_registry_policy(params = {}, options = {}) req = build_request(:get_registry_policy, params) req.send_request(options) end # Retrieves the scanning configuration for a registry. # # @return [Types::GetRegistryScanningConfigurationResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: # # * {Types::GetRegistryScanningConfigurationResponse#registry_id #registry_id} => String # * {Types::GetRegistryScanningConfigurationResponse#scanning_configuration #scanning_configuration} => Types::RegistryScanningConfiguration # # @example Response structure # # resp.registry_id #=> String # resp.scanning_configuration.scan_type #=> String, one of "BASIC", "ENHANCED" # resp.scanning_configuration.rules #=> Array # resp.scanning_configuration.rules[0].scan_frequency #=> String, one of "SCAN_ON_PUSH", "CONTINUOUS_SCAN", "MANUAL" # resp.scanning_configuration.rules[0].repository_filters #=> Array # resp.scanning_configuration.rules[0].repository_filters[0].filter #=> String # resp.scanning_configuration.rules[0].repository_filters[0].filter_type #=> String, one of "WILDCARD" # # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/GetRegistryScanningConfiguration AWS API Documentation # # @overload get_registry_scanning_configuration(params = {}) # @param [Hash] params ({}) def get_registry_scanning_configuration(params = {}, options = {}) req = build_request(:get_registry_scanning_configuration, params) req.send_request(options) end # Retrieves the repository policy for the specified repository. # # @option params [String] :registry_id # The Amazon Web Services account ID associated with the registry that # contains the repository. If you do not specify a registry, the default # registry is assumed. # # @option params [required, String] :repository_name # The name of the repository with the policy to retrieve. # # @return [Types::GetRepositoryPolicyResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: # # * {Types::GetRepositoryPolicyResponse#registry_id #registry_id} => String # * {Types::GetRepositoryPolicyResponse#repository_name #repository_name} => String # * {Types::GetRepositoryPolicyResponse#policy_text #policy_text} => String # # # @example Example: To get the current policy for a repository # # # This example obtains the repository policy for the repository named ubuntu. # # resp = client.get_repository_policy({ # repository_name: "ubuntu", # }) # # resp.to_h outputs the following: # { # policy_text: "{\n \"Version\" : \"2008-10-17\",\n \"Statement\" : [ {\n \"Sid\" : \"new statement\",\n \"Effect\" : \"Allow\",\n \"Principal\" : {\n \"AWS\" : \"arn:aws:iam::012345678901:role/CodeDeployDemo\"\n },\n\"Action\" : [ \"ecr:GetDownloadUrlForLayer\", \"ecr:BatchGetImage\", \"ecr:BatchCheckLayerAvailability\" ]\n } ]\n}", # registry_id: "012345678901", # repository_name: "ubuntu", # } # # @example Request syntax with placeholder values # # resp = client.get_repository_policy({ # registry_id: "RegistryId", # repository_name: "RepositoryName", # required # }) # # @example Response structure # # resp.registry_id #=> String # resp.repository_name #=> String # resp.policy_text #=> String # # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/GetRepositoryPolicy AWS API Documentation # # @overload get_repository_policy(params = {}) # @param [Hash] params ({}) def get_repository_policy(params = {}, options = {}) req = build_request(:get_repository_policy, params) req.send_request(options) end # Notifies Amazon ECR that you intend to upload an image layer. # # When an image is pushed, the InitiateLayerUpload API is called once # per image layer that has not already been uploaded. Whether or not an # image layer has been uploaded is determined by the # BatchCheckLayerAvailability API action. # # This operation is used by the Amazon ECR proxy and is not generally # used by customers for pulling and pushing images. In most cases, you # should use the `docker` CLI to pull, tag, and push images. # # # # @option params [String] :registry_id # The Amazon Web Services account ID associated with the registry to # which you intend to upload layers. If you do not specify a registry, # the default registry is assumed. # # @option params [required, String] :repository_name # The name of the repository to which you intend to upload layers. # # @return [Types::InitiateLayerUploadResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: # # * {Types::InitiateLayerUploadResponse#upload_id #upload_id} => String # * {Types::InitiateLayerUploadResponse#part_size #part_size} => Integer # # @example Request syntax with placeholder values # # resp = client.initiate_layer_upload({ # registry_id: "RegistryId", # repository_name: "RepositoryName", # required # }) # # @example Response structure # # resp.upload_id #=> String # resp.part_size #=> Integer # # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/InitiateLayerUpload AWS API Documentation # # @overload initiate_layer_upload(params = {}) # @param [Hash] params ({}) def initiate_layer_upload(params = {}, options = {}) req = build_request(:initiate_layer_upload, params) req.send_request(options) end # Lists all the image IDs for the specified repository. # # You can filter images based on whether or not they are tagged by using # the `tagStatus` filter and specifying either `TAGGED`, `UNTAGGED` or # `ANY`. For example, you can filter your results to return only # `UNTAGGED` images and then pipe that result to a BatchDeleteImage # operation to delete them. Or, you can filter your results to return # only `TAGGED` images to list all of the tags in your repository. # # @option params [String] :registry_id # The Amazon Web Services account ID associated with the registry that # contains the repository in which to list images. If you do not specify # a registry, the default registry is assumed. # # @option params [required, String] :repository_name # The repository with image IDs to be listed. # # @option params [String] :next_token # The `nextToken` value returned from a previous paginated `ListImages` # request where `maxResults` was used and the results exceeded the value # of that parameter. Pagination continues from the end of the previous # results that returned the `nextToken` value. This value is `null` when # there are no more results to return. # # This token should be treated as an opaque identifier that is only used # to retrieve the next items in a list and not for other programmatic # purposes. # # # # @option params [Integer] :max_results # The maximum number of image results returned by `ListImages` in # paginated output. When this parameter is used, `ListImages` only # returns `maxResults` results in a single page along with a `nextToken` # response element. The remaining results of the initial request can be # seen by sending another `ListImages` request with the returned # `nextToken` value. This value can be between 1 and 1000. If this # parameter is not used, then `ListImages` returns up to 100 results and # a `nextToken` value, if applicable. # # @option params [Types::ListImagesFilter] :filter # The filter key and value with which to filter your `ListImages` # results. # # @return [Types::ListImagesResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: # # * {Types::ListImagesResponse#image_ids #image_ids} => Array<Types::ImageIdentifier> # * {Types::ListImagesResponse#next_token #next_token} => String # # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}. # # # @example Example: To list all images in a repository # # # This example lists all of the images in the repository named ubuntu in the default registry in the current account. # # resp = client.list_images({ # repository_name: "ubuntu", # }) # # resp.to_h outputs the following: # { # image_ids: [ # { # image_digest: "sha256:764f63476bdff6d83a09ba2a818f0d35757063724a9ac3ba5019c56f74ebf42a", # image_tag: "precise", # }, # ], # } # # @example Request syntax with placeholder values # # resp = client.list_images({ # registry_id: "RegistryId", # repository_name: "RepositoryName", # required # next_token: "NextToken", # max_results: 1, # filter: { # tag_status: "TAGGED", # accepts TAGGED, UNTAGGED, ANY # }, # }) # # @example Response structure # # resp.image_ids #=> Array # resp.image_ids[0].image_digest #=> String # resp.image_ids[0].image_tag #=> String # resp.next_token #=> String # # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/ListImages AWS API Documentation # # @overload list_images(params = {}) # @param [Hash] params ({}) def list_images(params = {}, options = {}) req = build_request(:list_images, params) req.send_request(options) end # List the tags for an Amazon ECR resource. # # @option params [required, String] :resource_arn # The Amazon Resource Name (ARN) that identifies the resource for which # to list the tags. Currently, the only supported resource is an Amazon # ECR repository. # # @return [Types::ListTagsForResourceResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: # # * {Types::ListTagsForResourceResponse#tags #tags} => Array<Types::Tag> # # @example Request syntax with placeholder values # # resp = client.list_tags_for_resource({ # resource_arn: "Arn", # required # }) # # @example Response structure # # resp.tags #=> Array # resp.tags[0].key #=> String # resp.tags[0].value #=> String # # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/ListTagsForResource AWS API Documentation # # @overload list_tags_for_resource(params = {}) # @param [Hash] params ({}) def list_tags_for_resource(params = {}, options = {}) req = build_request(:list_tags_for_resource, params) req.send_request(options) end # Creates or updates the image manifest and tags associated with an # image. # # When an image is pushed and all new image layers have been uploaded, # the PutImage API is called once to create or update the image manifest # and the tags associated with the image. # # This operation is used by the Amazon ECR proxy and is not generally # used by customers for pulling and pushing images. In most cases, you # should use the `docker` CLI to pull, tag, and push images. # # # # @option params [String] :registry_id # The Amazon Web Services account ID associated with the registry that # contains the repository in which to put the image. If you do not # specify a registry, the default registry is assumed. # # @option params [required, String] :repository_name # The name of the repository in which to put the image. # # @option params [required, String] :image_manifest # The image manifest corresponding to the image to be uploaded. # # @option params [String] :image_manifest_media_type # The media type of the image manifest. If you push an image manifest # that does not contain the `mediaType` field, you must specify the # `imageManifestMediaType` in the request. # # @option params [String] :image_tag # The tag to associate with the image. This parameter is required for # images that use the Docker Image Manifest V2 Schema 2 or Open # Container Initiative (OCI) formats. # # @option params [String] :image_digest # The image digest of the image manifest corresponding to the image. # # @return [Types::PutImageResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: # # * {Types::PutImageResponse#image #image} => Types::Image # # @example Request syntax with placeholder values # # resp = client.put_image({ # registry_id: "RegistryId", # repository_name: "RepositoryName", # required # image_manifest: "ImageManifest", # required # image_manifest_media_type: "MediaType", # image_tag: "ImageTag", # image_digest: "ImageDigest", # }) # # @example Response structure # # resp.image.registry_id #=> String # resp.image.repository_name #=> String # resp.image.image_id.image_digest #=> String # resp.image.image_id.image_tag #=> String # resp.image.image_manifest #=> String # resp.image.image_manifest_media_type #=> String # # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/PutImage AWS API Documentation # # @overload put_image(params = {}) # @param [Hash] params ({}) def put_image(params = {}, options = {}) req = build_request(:put_image, params) req.send_request(options) end # The `PutImageScanningConfiguration` API is being deprecated, in favor # of specifying the image scanning configuration at the registry level. # For more information, see PutRegistryScanningConfiguration. # # Updates the image scanning configuration for the specified repository. # # @option params [String] :registry_id # The Amazon Web Services account ID associated with the registry that # contains the repository in which to update the image scanning # configuration setting. If you do not specify a registry, the default # registry is assumed. # # @option params [required, String] :repository_name # The name of the repository in which to update the image scanning # configuration setting. # # @option params [required, Types::ImageScanningConfiguration] :image_scanning_configuration # The image scanning configuration for the repository. This setting # determines whether images are scanned for known vulnerabilities after # being pushed to the repository. # # @return [Types::PutImageScanningConfigurationResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: # # * {Types::PutImageScanningConfigurationResponse#registry_id #registry_id} => String # * {Types::PutImageScanningConfigurationResponse#repository_name #repository_name} => String # * {Types::PutImageScanningConfigurationResponse#image_scanning_configuration #image_scanning_configuration} => Types::ImageScanningConfiguration # # @example Request syntax with placeholder values # # resp = client.put_image_scanning_configuration({ # registry_id: "RegistryId", # repository_name: "RepositoryName", # required # image_scanning_configuration: { # required # scan_on_push: false, # }, # }) # # @example Response structure # # resp.registry_id #=> String # resp.repository_name #=> String # resp.image_scanning_configuration.scan_on_push #=> Boolean # # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/PutImageScanningConfiguration AWS API Documentation # # @overload put_image_scanning_configuration(params = {}) # @param [Hash] params ({}) def put_image_scanning_configuration(params = {}, options = {}) req = build_request(:put_image_scanning_configuration, params) req.send_request(options) end # Updates the image tag mutability settings for the specified # repository. For more information, see [Image tag mutability][1] in the # *Amazon Elastic Container Registry User Guide*. # # # # [1]: https://docs.aws.amazon.com/AmazonECR/latest/userguide/image-tag-mutability.html # # @option params [String] :registry_id # The Amazon Web Services account ID associated with the registry that # contains the repository in which to update the image tag mutability # settings. If you do not specify a registry, the default registry is # assumed. # # @option params [required, String] :repository_name # The name of the repository in which to update the image tag mutability # settings. # # @option params [required, String] :image_tag_mutability # The tag mutability setting for the repository. If `MUTABLE` is # specified, image tags can be overwritten. If `IMMUTABLE` is specified, # all image tags within the repository will be immutable which will # prevent them from being overwritten. # # @return [Types::PutImageTagMutabilityResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: # # * {Types::PutImageTagMutabilityResponse#registry_id #registry_id} => String # * {Types::PutImageTagMutabilityResponse#repository_name #repository_name} => String # * {Types::PutImageTagMutabilityResponse#image_tag_mutability #image_tag_mutability} => String # # @example Request syntax with placeholder values # # resp = client.put_image_tag_mutability({ # registry_id: "RegistryId", # repository_name: "RepositoryName", # required # image_tag_mutability: "MUTABLE", # required, accepts MUTABLE, IMMUTABLE # }) # # @example Response structure # # resp.registry_id #=> String # resp.repository_name #=> String # resp.image_tag_mutability #=> String, one of "MUTABLE", "IMMUTABLE" # # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/PutImageTagMutability AWS API Documentation # # @overload put_image_tag_mutability(params = {}) # @param [Hash] params ({}) def put_image_tag_mutability(params = {}, options = {}) req = build_request(:put_image_tag_mutability, params) req.send_request(options) end # Creates or updates the lifecycle policy for the specified repository. # For more information, see [Lifecycle policy template][1]. # # # # [1]: https://docs.aws.amazon.com/AmazonECR/latest/userguide/LifecyclePolicies.html # # @option params [String] :registry_id # The Amazon Web Services account ID associated with the registry that # contains the repository. If you do
 not specify a registry, the # default registry is assumed. # # @option params [required, String] :repository_name # The name of the repository to receive the policy. # # @option params [required, String] :lifecycle_policy_text # The JSON repository policy text to apply to the repository. # # @return [Types::PutLifecyclePolicyResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: # # * {Types::PutLifecyclePolicyResponse#registry_id #registry_id} => String # * {Types::PutLifecyclePolicyResponse#repository_name #repository_name} => String # * {Types::PutLifecyclePolicyResponse#lifecycle_policy_text #lifecycle_policy_text} => String # # @example Request syntax with placeholder values # # resp = client.put_lifecycle_policy({ # registry_id: "RegistryId", # repository_name: "RepositoryName", # required # lifecycle_policy_text: "LifecyclePolicyText", # required # }) # # @example Response structure # # resp.registry_id #=> String # resp.repository_name #=> String # resp.lifecycle_policy_text #=> String # # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/PutLifecyclePolicy AWS API Documentation # # @overload put_lifecycle_policy(params = {}) # @param [Hash] params ({}) def put_lifecycle_policy(params = {}, options = {}) req = build_request(:put_lifecycle_policy, params) req.send_request(options) end # Creates or updates the permissions policy for your registry. # # A registry policy is used to specify permissions for another Amazon # Web Services account and is used when configuring cross-account # replication. For more information, see [Registry permissions][1] in # the *Amazon Elastic Container Registry User Guide*. # # # # [1]: https://docs.aws.amazon.com/AmazonECR/latest/userguide/registry-permissions.html # # @option params [required, String] :policy_text # The JSON policy text to apply to your registry. The policy text # follows the same format as IAM policy text. For more information, see # [Registry permissions][1] in the *Amazon Elastic Container Registry # User Guide*. # # # # [1]: https://docs.aws.amazon.com/AmazonECR/latest/userguide/registry-permissions.html # # @return [Types::PutRegistryPolicyResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: # # * {Types::PutRegistryPolicyResponse#registry_id #registry_id} => String # * {Types::PutRegistryPolicyResponse#policy_text #policy_text} => String # # @example Request syntax with placeholder values # # resp = client.put_registry_policy({ # policy_text: "RegistryPolicyText", # required # }) # # @example Response structure # # resp.registry_id #=> String # resp.policy_text #=> String # # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/PutRegistryPolicy AWS API Documentation # # @overload put_registry_policy(params = {}) # @param [Hash] params ({}) def put_registry_policy(params = {}, options = {}) req = build_request(:put_registry_policy, params) req.send_request(options) end # Creates or updates the scanning configuration for your private # registry. # # @option params [String] :scan_type # The scanning type to set for the registry. # # When a registry scanning configuration is not defined, by default the # `BASIC` scan type is used. When basic scanning is used, you may # specify filters to determine which individual repositories, or all # repositories, are scanned when new images are pushed to those # repositories. Alternatively, you can do manual scans of images with # basic scanning. # # When the `ENHANCED` scan type is set, Amazon Inspector provides # automated vulnerability scanning. You may choose between continuous # scanning or scan on push and you may specify filters to determine # which individual repositories, or all repositories, are scanned. # # @option params [Array] :rules # The scanning rules to use for the registry. A scanning rule is used to # determine which repository filters are used and at what frequency # scanning will occur. # # @return [Types::PutRegistryScanningConfigurationResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: # # * {Types::PutRegistryScanningConfigurationResponse#registry_scanning_configuration #registry_scanning_configuration} => Types::RegistryScanningConfiguration # # @example Request syntax with placeholder values # # resp = client.put_registry_scanning_configuration({ # scan_type: "BASIC", # accepts BASIC, ENHANCED # rules: [ # { # scan_frequency: "SCAN_ON_PUSH", # required, accepts SCAN_ON_PUSH, CONTINUOUS_SCAN, MANUAL # repository_filters: [ # required # { # filter: "ScanningRepositoryFilterValue", # required # filter_type: "WILDCARD", # required, accepts WILDCARD # }, # ], # }, # ], # }) # # @example Response structure # # resp.registry_scanning_configuration.scan_type #=> String, one of "BASIC", "ENHANCED" # resp.registry_scanning_configuration.rules #=> Array # resp.registry_scanning_configuration.rules[0].scan_frequency #=> String, one of "SCAN_ON_PUSH", "CONTINUOUS_SCAN", "MANUAL" # resp.registry_scanning_configuration.rules[0].repository_filters #=> Array # resp.registry_scanning_configuration.rules[0].repository_filters[0].filter #=> String # resp.registry_scanning_configuration.rules[0].repository_filters[0].filter_type #=> String, one of "WILDCARD" # # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/PutRegistryScanningConfiguration AWS API Documentation # # @overload put_registry_scanning_configuration(params = {}) # @param [Hash] params ({}) def put_registry_scanning_configuration(params = {}, options = {}) req = build_request(:put_registry_scanning_configuration, params) req.send_request(options) end # Creates or updates the replication configuration for a registry. The # existing replication configuration for a repository can be retrieved # with the DescribeRegistry API action. The first time the # PutReplicationConfiguration API is called, a service-linked IAM role # is created in your account for the replication process. For more # information, see [Using service-linked roles for Amazon ECR][1] in the # *Amazon Elastic Container Registry User Guide*. # # When configuring cross-account replication, the destination account # must grant the source account permission to replicate. This permission # is controlled using a registry permissions policy. For more # information, see PutRegistryPolicy. # # # # # # [1]: https://docs.aws.amazon.com/AmazonECR/latest/userguide/using-service-linked-roles.html # # @option params [required, Types::ReplicationConfiguration] :replication_configuration # An object representing the replication configuration for a registry. # # @return [Types::PutReplicationConfigurationResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: # # * {Types::PutReplicationConfigurationResponse#replication_configuration #replication_configuration} => Types::ReplicationConfiguration # # @example Request syntax with placeholder values # # resp = client.put_replication_configuration({ # replication_configuration: { # required # rules: [ # required # { # destinations: [ # required # { # region: "Region", # required # registry_id: "RegistryId", # required # }, # ], # repository_filters: [ # { # filter: "RepositoryFilterValue", # required # filter_type: "PREFIX_MATCH", # required, accepts PREFIX_MATCH # }, # ], # }, # ], # }, # }) # # @example Response structure # # resp.replication_configuration.rules #=> Array # resp.replication_configuration.rules[0].destinations #=> Array # resp.replication_configuration.rules[0].destinations[0].region #=> String # resp.replication_configuration.rules[0].destinations[0].registry_id #=> String # resp.replication_configuration.rules[0].repository_filters #=> Array # resp.replication_configuration.rules[0].repository_filters[0].filter #=> String # resp.replication_configuration.rules[0].repository_filters[0].filter_type #=> String, one of "PREFIX_MATCH" # # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/PutReplicationConfiguration AWS API Documentation # # @overload put_replication_configuration(params = {}) # @param [Hash] params ({}) def put_replication_configuration(params = {}, options = {}) req = build_request(:put_replication_configuration, params) req.send_request(options) end # Applies a repository policy to the specified repository to control # access permissions. For more information, see [Amazon ECR Repository # policies][1] in the *Amazon Elastic Container Registry User Guide*. # # # # [1]: https://docs.aws.amazon.com/AmazonECR/latest/userguide/repository-policies.html # # @option params [String] :registry_id # The Amazon Web Services account ID associated with the registry that # contains the repository. If you do not specify a registry, the default # registry is assumed. # # @option params [required, String] :repository_name # The name of the repository to receive the policy. # # @option params [required, String] :policy_text # The JSON repository policy text to apply to the repository. For more # information, see [Amazon ECR repository policies][1] in the *Amazon # Elastic Container Registry User Guide*. # # # # [1]: https://docs.aws.amazon.com/AmazonECR/latest/userguide/repository-policy-examples.html # # @option params [Boolean] :force # If the policy you are attempting to set on a repository policy would # prevent you from setting another policy in the future, you must force # the SetRepositoryPolicy operation. This is intended to prevent # accidental repository lock outs. # # @return [Types::SetRepositoryPolicyResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: # # * {Types::SetRepositoryPolicyResponse#registry_id #registry_id} => String # * {Types::SetRepositoryPolicyResponse#repository_name #repository_name} => String # * {Types::SetRepositoryPolicyResponse#policy_text #policy_text} => String # # @example Request syntax with placeholder values # # resp = client.set_repository_policy({ # registry_id: "RegistryId", # repository_name: "RepositoryName", # required # policy_text: "RepositoryPolicyText", # required # force: false, # }) # # @example Response structure # # resp.registry_id #=> String # resp.repository_name #=> String # resp.policy_text #=> String # # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/SetRepositoryPolicy AWS API Documentation # # @overload set_repository_policy(params = {}) # @param [Hash] params ({}) def set_repository_policy(params = {}, options = {}) req = build_request(:set_repository_policy, params) req.send_request(options) end # Starts an image vulnerability scan. An image scan can only be started # once per 24 hours on an individual image. This limit includes if an # image was scanned on initial push. For more information, see [Image # scanning][1] in the *Amazon Elastic Container Registry User Guide*. # # # # [1]: https://docs.aws.amazon.com/AmazonECR/latest/userguide/image-scanning.html # # @option params [String] :registry_id # The Amazon Web Services account ID associated with the registry that # contains the repository in which to start an image scan request. If # you do not specify a registry, the default registry is assumed. # # @option params [required, String] :repository_name # The name of the repository that contains the images to scan. # # @option params [required, Types::ImageIdentifier] :image_id # An object with identifying information for an image in an Amazon ECR # repository. # # @return [Types::StartImageScanResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: # # * {Types::StartImageScanResponse#registry_id #registry_id} => String # * {Types::StartImageScanResponse#repository_name #repository_name} => String # * {Types::StartImageScanResponse#image_id #image_id} => Types::ImageIdentifier # * {Types::StartImageScanResponse#image_scan_status #image_scan_status} => Types::ImageScanStatus # # @example Request syntax with placeholder values # # resp = client.start_image_scan({ # registry_id: "RegistryId", # repository_name: "RepositoryName", # required # image_id: { # required # image_digest: "ImageDigest", # image_tag: "ImageTag", # }, # }) # # @example Response structure # # resp.registry_id #=> String # resp.repository_name #=> String # resp.image_id.image_digest #=> String # resp.image_id.image_tag #=> String # resp.image_scan_status.status #=> String, one of "IN_PROGRESS", "COMPLETE", "FAILED", "UNSUPPORTED_IMAGE", "ACTIVE", "PENDING", "SCAN_ELIGIBILITY_EXPIRED", "FINDINGS_UNAVAILABLE" # resp.image_scan_status.description #=> String # # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/StartImageScan AWS API Documentation # # @overload start_image_scan(params = {}) # @param [Hash] params ({}) def start_image_scan(params = {}, options = {}) req = build_request(:start_image_scan, params) req.send_request(options) end # Starts a preview of a lifecycle policy for the specified repository. # This allows you to see the results before associating the lifecycle # policy with the repository. # # @option params [String] :registry_id # The Amazon Web Services account ID associated with the registry that # contains the repository. If you do not specify a registry, the default # registry is assumed. # # @option params [required, String] :repository_name # The name of the repository to be evaluated. # # @option params [String] :lifecycle_policy_text # The policy to be evaluated against. If you do not specify a policy, # the current policy for the repository is used. # # @return [Types::StartLifecyclePolicyPreviewResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: # # * {Types::StartLifecyclePolicyPreviewResponse#registry_id #registry_id} => String # * {Types::StartLifecyclePolicyPreviewResponse#repository_name #repository_name} => String # * {Types::StartLifecyclePolicyPreviewResponse#lifecycle_policy_text #lifecycle_policy_text} => String # * {Types::StartLifecyclePolicyPreviewResponse#status #status} => String # # @example Request syntax with placeholder values # # resp = client.start_lifecycle_policy_preview({ # registry_id: "RegistryId", # repository_name: "RepositoryName", # required # lifecycle_policy_text: "LifecyclePolicyText", # }) # # @example Response structure # # resp.registry_id #=> String # resp.repository_name #=> String # resp.lifecycle_policy_text #=> String # resp.status #=> String, one of "IN_PROGRESS", "COMPLETE", "EXPIRED", "FAILED" # # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/StartLifecyclePolicyPreview AWS API Documentation # # @overload start_lifecycle_policy_preview(params = {}) # @param [Hash] params ({}) def start_lifecycle_policy_preview(params = {}, options = {}) req = build_request(:start_lifecycle_policy_preview, params) req.send_request(options) end # Adds specified tags to a resource with the specified ARN. Existing # tags on a resource are not changed if they are not specified in the # request parameters. # # @option params [required, String] :resource_arn # The Amazon Resource Name (ARN) of the the resource to which to add # tags. Currently, the only supported resource is an Amazon ECR # repository. # # @option params [required, Array] :tags # The tags to add to the resource. A tag is an array of key-value pairs. # Tag keys can have a maximum character length of 128 characters, and # tag values can have a maximum length of 256 characters. # # @return [Struct] Returns an empty {Seahorse::Client::Response response}. # # @example Request syntax with placeholder values # # resp = client.tag_resource({ # resource_arn: "Arn", # required # tags: [ # required # { # key: "TagKey", # required # value: "TagValue", # required # }, # ], # }) # # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/TagResource AWS API Documentation # # @overload tag_resource(params = {}) # @param [Hash] params ({}) def tag_resource(params = {}, options = {}) req = build_request(:tag_resource, params) req.send_request(options) end # Deletes specified tags from a resource. # # @option params [required, String] :resource_arn # The Amazon Resource Name (ARN) of the resource from which to remove # tags. Currently, the only supported resource is an Amazon ECR # repository. # # @option params [required, Array] :tag_keys # The keys of the tags to be removed. # # @return [Struct] Returns an empty {Seahorse::Client::Response response}. # # @example Request syntax with placeholder values # # resp = client.untag_resource({ # resource_arn: "Arn", # required # tag_keys: ["TagKey"], # required # }) # # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/UntagResource AWS API Documentation # # @overload untag_resource(params = {}) # @param [Hash] params ({}) def untag_resource(params = {}, options = {}) req = build_request(:untag_resource, params) req.send_request(options) end # Updates an existing pull through cache rule. # # @option params [String] :registry_id # The Amazon Web Services account ID associated with the registry # associated with the pull through cache rule. If you do not specify a # registry, the default registry is assumed. # # @option params [required, String] :ecr_repository_prefix # The repository name prefix to use when caching images from the source # registry. # # @option params [required, String] :credential_arn # The Amazon Resource Name (ARN) of the Amazon Web Services Secrets # Manager secret that identifies the credentials to authenticate to the # upstream registry. # # @return [Types::UpdatePullThroughCacheRuleResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: # # * {Types::UpdatePullThroughCacheRuleResponse#ecr_repository_prefix #ecr_repository_prefix} => String # * {Types::UpdatePullThroughCacheRuleResponse#registry_id #registry_id} => String # * {Types::UpdatePullThroughCacheRuleResponse#updated_at #updated_at} => Time # * {Types::UpdatePullThroughCacheRuleResponse#credential_arn #credential_arn} => String # # @example Request syntax with placeholder values # # resp = client.update_pull_through_cache_rule({ # registry_id: "RegistryId", # ecr_repository_prefix: "PullThroughCacheRuleRepositoryPrefix", # required # credential_arn: "CredentialArn", # required # }) # # @example Response structure # # resp.ecr_repository_prefix #=> String # resp.registry_id #=> String # resp.updated_at #=> Time # resp.credential_arn #=> String # # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/UpdatePullThroughCacheRule AWS API Documentation # # @overload update_pull_through_cache_rule(params = {}) # @param [Hash] params ({}) def update_pull_through_cache_rule(params = {}, options = {}) req = build_request(:update_pull_through_cache_rule, params) req.send_request(options) end # Uploads an image layer part to Amazon ECR. # # When an image is pushed, each new image layer is uploaded in parts. # The maximum size of each image layer part can be 20971520 bytes (or # about 20MB). The UploadLayerPart API is called once per each new image # layer part. # # This operation is used by the Amazon ECR proxy and is not generally # used by customers for pulling and pushing images. In most cases, you # should use the `docker` CLI to pull, tag, and push images. # # # # @option params [String] :registry_id # The Amazon Web Services account ID associated with the registry to # which you are uploading layer parts. If you do not specify a registry, # the default registry is assumed. # # @option params [required, String] :repository_name # The name of the repository to which you are uploading layer parts. # # @option params [required, String] :upload_id # The upload ID from a previous InitiateLayerUpload operation to # associate with the layer part upload. # # @option params [required, Integer] :part_first_byte # The position of the first byte of the layer part witin the overall # image layer. # # @option params [required, Integer] :part_last_byte # The position of the last byte of the layer part within the overall # image layer. # # @option params [required, String, StringIO, File] :layer_part_blob # The base64-encoded layer part payload. # # @return [Types::UploadLayerPartResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: # # * {Types::UploadLayerPartResponse#registry_id #registry_id} => String # * {Types::UploadLayerPartResponse#repository_name #repository_name} => String # * {Types::UploadLayerPartResponse#upload_id #upload_id} => String # * {Types::UploadLayerPartResponse#last_byte_received #last_byte_received} => Integer # # @example Request syntax with placeholder values # # resp = client.upload_layer_part({ # registry_id: "RegistryId", # repository_name: "RepositoryName", # required # upload_id: "UploadId", # required # part_first_byte: 1, # required # part_last_byte: 1, # required # layer_part_blob: "data", # required # }) # # @example Response structure # # resp.registry_id #=> String # resp.repository_name #=> String # resp.upload_id #=> String # resp.last_byte_received #=> Integer # # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/UploadLayerPart AWS API Documentation # # @overload upload_layer_part(params = {}) # @param [Hash] params ({}) def upload_layer_part(params = {}, options = {}) req = build_request(:upload_layer_part, params) req.send_request(options) end # Validates an existing pull through cache rule for an upstream registry # that requires authentication. This will retrieve the contents of the # Amazon Web Services Secrets Manager secret, verify the syntax, and # then validate that authentication to the upstream registry is # successful. # # @option params [required, String] :ecr_repository_prefix # The repository name prefix associated with the pull through cache # rule. # # @option params [String] :registry_id # The registry ID associated with the pull through cache rule. If you do # not specify a registry, the default registry is assumed. # # @return [Types::ValidatePullThroughCacheRuleResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: # # * {Types::ValidatePullThroughCacheRuleResponse#ecr_repository_prefix #ecr_repository_prefix} => String # * {Types::ValidatePullThroughCacheRuleResponse#registry_id #registry_id} => String # * {Types::ValidatePullThroughCacheRuleResponse#upstream_registry_url #upstream_registry_url} => String # * {Types::ValidatePullThroughCacheRuleResponse#credential_arn #credential_arn} => String # * {Types::ValidatePullThroughCacheRuleResponse#is_valid #is_valid} => Boolean # * {Types::ValidatePullThroughCacheRuleResponse#failure #failure} => String # # @example Request syntax with placeholder values # # resp = client.validate_pull_through_cache_rule({ # ecr_repository_prefix: "PullThroughCacheRuleRepositoryPrefix", # required # registry_id: "RegistryId", # }) # # @example Response structure # # resp.ecr_repository_prefix #=> String # resp.registry_id #=> String # resp.upstream_registry_url #=> String # resp.credential_arn #=> String # resp.is_valid #=> Boolean # resp.failure #=> String # # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/ValidatePullThroughCacheRule AWS API Documentation # # @overload validate_pull_through_cache_rule(params = {}) # @param [Hash] params ({}) def validate_pull_through_cache_rule(params = {}, options = {}) req = build_request(:validate_pull_through_cache_rule, params) req.send_request(options) end # @!endgroup # @param params ({}) # @api private def build_request(operation_name, params = {}) handlers = @handlers.for(operation_name) context = Seahorse::Client::RequestContext.new( operation_name: operation_name, operation: config.api.operation(operation_name), client: self, params: params, config: config) context[:gem_name] = 'aws-sdk-ecr' context[:gem_version] = '1.70.0' Seahorse::Client::Request.new(handlers, context) end # Polls an API operation until a resource enters a desired state. # # ## Basic Usage # # A waiter will call an API operation until: # # * It is successful # * It enters a terminal state # * It makes the maximum number of attempts # # In between attempts, the waiter will sleep. # # # polls in a loop, sleeping between attempts # client.wait_until(waiter_name, params) # # ## Configuration # # You can configure the maximum number of polling attempts, and the # delay (in seconds) between each polling attempt. You can pass # configuration as the final arguments hash. # # # poll for ~25 seconds # client.wait_until(waiter_name, params, { # max_attempts: 5, # delay: 5, # }) # # ## Callbacks # # You can be notified before each polling attempt and before each # delay. If you throw `:success` or `:failure` from these callbacks, # it will terminate the waiter. # # started_at = Time.now # client.wait_until(waiter_name, params, { # # # disable max attempts # max_attempts: nil, # # # poll for 1 hour, instead of a number of attempts # before_wait: -> (attempts, response) do # throw :failure if Time.now - started_at > 3600 # end # }) # # ## Handling Errors # # When a waiter is unsuccessful, it will raise an error. # All of the failure errors extend from # {Aws::Waiters::Errors::WaiterFailed}. # # begin # client.wait_until(...) # rescue Aws::Waiters::Errors::WaiterFailed # # resource did not enter the desired state in time # end # # ## Valid Waiters # # The following table lists the valid waiter names, the operations they call, # and the default `:delay` and `:max_attempts` values. # # | waiter_name | params | :delay | :max_attempts | # | --------------------------------- | ------------------------------------- | -------- | ------------- | # | image_scan_complete | {Client#describe_image_scan_findings} | 5 | 60 | # | lifecycle_policy_preview_complete | {Client#get_lifecycle_policy_preview} | 5 | 20 | # # @raise [Errors::FailureStateError] Raised when the waiter terminates # because the waiter has entered a state that it will not transition # out of, preventing success. # # @raise [Errors::TooManyAttemptsError] Raised when the configured # maximum number of attempts have been made, and the waiter is not # yet successful. # # @raise [Errors::UnexpectedError] Raised when an error is encounted # while polling for a resource that is not expected. # # @raise [Errors::NoSuchWaiterError] Raised when you request to wait # for an unknown state. # # @return [Boolean] Returns `true` if the waiter was successful. # @param [Symbol] waiter_name # @param [Hash] params ({}) # @param [Hash] options ({}) # @option options [Integer] :max_attempts # @option options [Integer] :delay # @option options [Proc] :before_attempt # @option options [Proc] :before_wait def wait_until(waiter_name, params = {}, options = {}) w = waiter(waiter_name, options) yield(w.waiter) if block_given? # deprecated w.wait(params) end # @api private # @deprecated def waiter_names waiters.keys end private # @param [Symbol] waiter_name # @param [Hash] options ({}) def waiter(waiter_name, options = {}) waiter_class = waiters[waiter_name] if waiter_class waiter_class.new(options.merge(client: self)) else raise Aws::Waiters::Errors::NoSuchWaiterError.new(waiter_name, waiters.keys) end end def waiters { image_scan_complete: Waiters::ImageScanComplete, lifecycle_policy_preview_complete: Waiters::LifecyclePolicyPreviewComplete } end class << self # @api private attr_reader :identifier # @api private def errors_module Errors end end end end