本文為英文版的機器翻譯版本,如內容有任何歧義或不一致之處,概以英文版為準。
# Amazon ECR 事件和 EventBridge
Amazon EventBridge 可讓您自動化您的 AWS 服務,並自動回應系統事件,例如應用程式可用性問題或資源變更。 AWS 服務的事件會以接近即時的方式傳送到 EventBridge。您可撰寫簡單的規則,來指示您在意的事件,以及包含當事件符合規則時所要自動執行的動作。可以自動觸發的動作如下:
+ 將事件新增至 CloudWatch Logs 中的日誌群組
+ 叫用 AWS Lambda 函數
+ 調用 Amazon EC2 執行命令
+ 將事件轉傳至 Amazon Kinesis Data Streams
+ 啟用 AWS Step Functions 狀態機器
+ 通知 Amazon SNS 主題或 Amazon SQS 佇列
如需詳細資訊,請參閱《Amazon EventBridge 使用者指南》**中的 [Amazon EventBridge 入門](https://docs.aws.amazon.com/eventbridge/latest/userguide/eventbridge-getting-set-up.html)。
## 來自 Amazon ECR 的範例事件
以下是 Amazon ECR 的範例事件。盡可能發出事件。
**已完成映像推送的事件**
每次完成映像推送時,會傳送下列事件。如需詳細資訊,請參閱[將 Docker 映像推送至 Amazon ECR 私有儲存庫](docker-push-ecr-image.md)。
```
{
"version": "0",
"id": "13cde686-328b-6117-af20-0e5566167482",
"detail-type": "ECR Image Action",
"source": "aws.ecr",
"account": "123456789012",
"time": "2019-11-16T01:54:34Z",
"region": "us-west-2",
"resources": [],
"detail": {
"result": "SUCCESS",
"repository-name": "my-repository-name",
"image-digest": "sha256:7f5b2640fe6fb4f46592dfd3410c4a79dac4f89e4782432e0378abcd1234",
"action-type": "PUSH",
"image-tag": "latest"
}
}
```
**提取快取動作的事件**
嘗試提取快取動作時,會傳送下列事件。如需詳細資訊,請參閱[將上游登錄檔與 Amazon ECR 私有登錄檔同步](pull-through-cache.md)。
```
{
"version": "0",
"id": "85fc3613-e913-7fc4-a80c-a3753e4aa9ae",
"detail-type": "ECR Pull Through Cache Action",
"source": "aws.ecr",
"account": "123456789012",
"time": "2023-02-29T02:36:48Z",
"region": "us-west-2",
"resources": [
"arn:aws:ecr:us-west-2:123456789012:repository/docker-hub/alpine"
],
"detail": {
"rule-version": "1",
"sync-status": "SUCCESS",
"ecr-repository-prefix": "docker-hub",
"repository-name": "docker-hub/alpine",
"upstream-registry-url": "public.ecr.aws",
"image-tag": "3.17.2",
"image-digest": "sha256:4aa08ef415aecc80814cb42fa41b658480779d80c77ab15EXAMPLE",
}
}
```
**已完成映像掃描的事件 (基本型掃描)**
啟用登錄檔的基本型掃描時,當每個映像掃描完成時,就會傳送下列事件。`finding-severity-counts` 參數只會在出現嚴重性等級時才傳回嚴重性等級的值。例如,如果映像在 `CRITICAL` 等級沒有問題清單,則不會傳回任何重要等級數值。如需詳細資訊,請參閱[掃描映像是否有 Amazon ECR 中的作業系統漏洞](image-scanning-basic.md)。
**注意**
如需有關 Amazon Inspector 在啟用增強型掃描時發出之事件的詳細資訊,請參閱 [在 Amazon ECR 中傳送用於增強型掃描的 EventBridge 事件](image-scanning-enhanced-events.md)。
```
{
"version": "0",
"id": "85fc3613-e913-7fc4-a80c-a3753e4aa9ae",
"detail-type": "ECR Image Scan",
"source": "aws.ecr",
"account": "123456789012",
"time": "2019-10-29T02:36:48Z",
"region": "us-east-1",
"resources": [
"arn:aws:ecr:us-east-1:123456789012:repository/my-repository-name"
],
"detail": {
"scan-status": "COMPLETE",
"repository-name": "my-repository-name",
"finding-severity-counts": {
"CRITICAL": 10,
"MEDIUM": 9
},
"image-digest": "sha256:7f5b2640fe6fb4f46592dfd3410c4a79dac4f89e4782432e0378abcd1234",
"image-tags": []
}
}
```
**啟用增強型掃描之資源上的變更通知事件 (增強掃描)**
為登錄檔啟用增強型掃描時,Amazon ECR 會在啟用了增強型掃描的資源發生變更時傳送下列事件。這包括正在建立的新儲存庫、正在變更的儲存庫掃描頻率,或是在啟用了增強型掃描的儲存庫中建立或刪除映像時。如需詳細資訊,請參閱[掃描映像是否有 Amazon ECR 中的軟體漏洞](image-scanning.md)。
```
{
"version": "0",
"id": "0c18352a-a4d4-6853-ef53-0ab8638973bf",
"detail-type": "ECR Scan Resource Change",
"source": "aws.ecr",
"account": "123456789012",
"time": "2021-10-14T20:53:46Z",
"region": "us-east-1",
"resources": [],
"detail": {
"action-type": "SCAN_FREQUENCY_CHANGE",
"repositories": [{
"repository-name": "repository-1",
"repository-arn": "arn:aws:ecr:us-east-1:123456789012:repository/repository-1",
"scan-frequency": "SCAN_ON_PUSH",
"previous-scan-frequency": "MANUAL"
},
{
"repository-name": "repository-2",
"repository-arn": "arn:aws:ecr:us-east-1:123456789012:repository/repository-2",
"scan-frequency": "CONTINUOUS_SCAN",
"previous-scan-frequency": "SCAN_ON_PUSH"
},
{
"repository-name": "repository-3",
"repository-arn": "arn:aws:ecr:us-east-1:123456789012:repository/repository-3",
"scan-frequency": "CONTINUOUS_SCAN",
"previous-scan-frequency": "SCAN_ON_PUSH"
}
],
"resource-type": "REPOSITORY",
"scan-type": "ENHANCED"
}
}
```
**映像刪除的事件**
刪除映像時傳送以下事件。如需詳細資訊,請參閱[在 Amazon ECR 中刪除映像](delete_image.md)。
```
{
"version": "0",
"id": "dd3b46cb-2c74-f49e-393b-28286b67279d",
"detail-type": "ECR Image Action",
"source": "aws.ecr",
"account": "123456789012",
"time": "2019-11-16T02:01:05Z",
"region": "us-west-2",
"resources": [],
"detail": {
"result": "SUCCESS",
"repository-name": "my-repository-name",
"image-digest": "sha256:7f5b2640fe6fb4f46592dfd3410c4a79dac4f89e4782432e0378abcd1234",
"action-type": "DELETE",
"image-tag": "latest"
}
}
```
**映像封存動作的事件**
封存映像時,會傳送下列事件。`target-storage-class` 欄位將設定為 `ARCHIVE`。事件包含資訊清單和成品媒體類型,以識別要封存的內容類型。
```
{
"version": "0",
"id": "4f5ec4d5-4de4-7aad-a046-EXAMPLE",
"detail-type": "ECR Image Action",
"source": "aws.ecr",
"account": "123456789012",
"time": "2019-08-06T00:58:09Z",
"region": "us-east-1",
"resources": [],
"detail": {
"action-type": "UPDATE_STORAGE_CLASS",
"target-storage-class": "ARCHIVE",
"image-digest": "sha256:f98d67af8e53a536502bfc600de3266556b06ed635a32d60aa7a5fe6d7e609d7",
"repository-name": "ubuntu",
"result": "SUCCESS",
"manifest-media-type": "application/vnd.oci.image.manifest.v1+json",
"artifact-media-type": "application/vnd.oci.image.config.v1+json"
}
}
```
**映像還原動作的事件**
還原封存映像時,會傳送下列事件。`target-storage-class` 欄位將設定為 `STANDARD`。事件包含顯示影像上次還原時間`last-activated-at`的欄位。
```
{
"version": "0",
"id": "7b8fc5e6-5ef5-8bbe-b157-EXAMPLE",
"detail-type": "ECR Image Action",
"source": "aws.ecr",
"account": "123456789012",
"time": "2019-08-06T01:15:22Z",
"region": "us-east-1",
"resources": [],
"detail": {
"action-type": "UPDATE_STORAGE_CLASS",
"target-storage-class": "STANDARD",
"image-digest": "sha256:f98d67af8e53a536502bfc600de3266556b06ed635a32d60aa7a5fe6d7e609d7",
"repository-name": "ubuntu",
"result": "SUCCESS",
"manifest-media-type": "application/vnd.oci.image.manifest.v1+json",
"artifact-media-type": "application/vnd.oci.image.config.v1+json",
"last-activated-at": "2025-10-10T19:13:02.74Z"
}
}
```
**推薦者還原動作的事件**
還原封存的推薦者 (參考成品,例如 SBOM、簽章或證明) 時,會傳送下列事件。請注意, `detail-type``ECR Referrer Action`是將其與一般映像動作區分開來。`manifest-media-type` 和 `artifact-media-type` 欄位可識別要還原的特定參考者類型。在此範例中,正在還原 SBOM 成品。
```
{
"version": "0",
"id": "8c9gd6f7-6fg6-9ccf-c268-EXAMPLE",
"detail-type": "ECR Referrer Action",
"source": "aws.ecr",
"account": "123456789012",
"time": "2019-08-06T01:20:45Z",
"region": "us-east-1",
"resources": [],
"detail": {
"action-type": "UPDATE_STORAGE_CLASS",
"target-storage-class": "STANDARD",
"image-digest": "sha256:f98d67af8e53a536502bfc600de3266556b06ed635a32d60aa7a5fe6d7e609d7",
"repository-name": "sbom",
"result": "SUCCESS",
"manifest-media-type": "application/vnd.cncf.oras.artifact.manifest.v1+json",
"artifact-media-type": "text/sbom+json",
"last-activated-at": "2025-10-10T19:13:02.74Z"
}
}
```
**已完成映像複寫的事件**
下列事件會在每個映像複寫完成時傳送。如需詳細資訊,請參閱[Amazon ECR 中的私有映像複寫](replication.md)。
```
{
"version": "0",
"id": "c8b133b1-6029-ee73-e2a1-4f466b8ba999",
"detail-type": "ECR Replication Action",
"source": "aws.ecr",
"account": "123456789012",
"time": "2024-05-08T20:44:54Z",
"region": "us-east-1",
"resources": [
"arn:aws:ecr:us-east-1:123456789012:repository/docker-hub/alpine"
],
"detail": {
"result": "SUCCESS",
"repository-name": "docker-hub/alpine",
"image-digest": "sha256:7f5b2640fe6fb4f46592dfd3410c4a79dac4f89e4782432e0378abcd1234",
"source-account": "123456789012",
"action-type": "REPLICATE",
"source-region": "us-west-2",
"image-tag": "3.17.2"
}
}
```
**失敗映像複寫的事件**
當映像複寫失敗時,會傳送下列事件。`result` 欄位將包含 `FAILED`,而額外的錯誤資訊可能會包含在事件詳細資訊中。
```
{
"version": "0",
"id": "d9c244c2-7130-ff84-f3b2-5g577c9cb000",
"detail-type": "ECR Replication Action",
"source": "aws.ecr",
"account": "123456789012",
"time": "2024-05-08T20:45:12Z",
"region": "us-east-1",
"resources": [
"arn:aws:ecr:us-east-1:123456789012:repository/my-app"
],
"detail": {
"result": "FAILED",
"repository-name": "my-app",
"image-digest": "sha256:8g6c3751gf7gc5g47603ege4511d5a80ead5g90f5893543f1489bde2345",
"source-account": "123456789012",
"action-type": "REPLICATE",
"source-region": "us-west-2",
"image-tag": "latest"
}
}
```