-
-
ecr-scan-notification-pipe
simple, event driven aws ecr scan notification pipeline to slack channel using terraform
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
AWS Elastic Container Registry has been able to support the scanning of images for vulnerabilities using the open source project Clair for quite some time now. Clair is an open source project used for the static analysis of vulnerabilities in application containers (currently including OCI and Docker). Made available by AWS directly and implemented into ECR, it is a very useful feature to minimize the risk of using endangered software - and stay compliant. The scanning for vulnerabilities should be a good standard in any Dockerized scenario as public images and their heirs can contain many security risks (Top-ten-docker-images) - which might be overlooked while developing applications that are constantly changed and improved - and new versions of images are pushed to your ECR many times a day.
def lambda_handler(event, context): slackWebhook = os.environ.get('SLACK_WEBHOOK') msg = { "text": event['Records'][0]['Sns']['Message'] } encoded_msg = json.dumps(msg).encode('utf-8') resp = http.request('POST',slackWebhook, body=encoded_msg) print( { "message": event['Records'][0]['Sns']['Message'], "status_code": resp.status, "response": resp.data } ) ` The sample code can be found here, please feel free to use.