Last active
November 3, 2019 03:13
-
-
Save vlj91/ab531171c05dcd0ca1ae4716a183ad4a to your computer and use it in GitHub Desktop.
Update all AWS ECR repositories to use image scanning on push, and run an initial scan
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env ruby | |
| require 'aws-sdk-ecr' | |
| ecr = Aws::ECR::Client.new | |
| ecr.describe_repositories.repositories.map(&:repository_name).each do |repo| | |
| # set to scan on image push, this only affects newly pushed images | |
| ecr.put_image_scanning_configuration( | |
| repository_name: repo, | |
| image_scanning_configuration: { | |
| scan_on_push: true | |
| } | |
| ) | |
| # run an initial scan on the 'latest' tag | |
| ecr.start_image_scan( | |
| repository_name: repo, | |
| image_id: {image_tag: 'latest'} | |
| ) | |
| end |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment