本文為英文版的機器翻譯版本,如內容有任何歧義或不一致之處,概以英文版為準。
使用 記錄 Amazon ECR 動作 AWS CloudTrail
Amazon ECR 已與 服務整合 AWS CloudTrail,此服務可提供使用者、角色或 AWS 服務在 Amazon ECR 中採取之動作的記錄。CloudTrail 會將下列 Amazon ECR 動作擷取為事件:
-
所有 API 呼叫,包括來自 Amazon ECR 主控台的呼叫
-
由於儲存庫上的加密設定而採取的所有動作
-
根據生命週期政策規則採取的所有動作,包括成功和失敗的動作
重要
由於個別 CloudTrail 事件的大小限制,對於有 10 個或更多映像過期的生命週期政策動作,Amazon ECR 會向 CloudTrail 發送多個事件。此外,Amazon ECR 每個映像最多包含 100 個標籤。
建立追蹤後,便可將 CloudTrail 事件持續交付至 Amazon S3 儲存貯體,包括 Amazon ECR 的事件。即使您未設定追蹤,依然可以透過 CloudTrail 主控台中的事件歷史記錄檢視最新事件。使用此資訊,您就可以判斷傳送至 Amazon ECR 的請求、提出請求的 IP 地址、提出請求的對象、提出請求的時間,以及其他詳細資訊。
如需詳細資訊,請參閱《AWS CloudTrail 使用者指南》https://docs.aws.amazon.com/awscloudtrail/latest/userguide/。
CloudTrail 中的 Amazon ECR 資訊
當您建立 AWS 帳戶時,會在您的帳戶上啟用 CloudTrail。在 Amazon ECR 中發生活動時,該活動將與 Event history (事件歷史紀錄) 中的其他 AWS 服務事件一起記錄在 CloudTrail 事件中。您可以在 AWS 帳戶中檢視、搜尋和下載最近的事件。如需詳細資訊,請參閱《使用 CloudTrail 事件歷史記錄檢視事件》https://docs.aws.amazon.com/awscloudtrail/latest/userguide/view-cloudtrail-events.html。
若要持續記錄您 AWS 帳戶中的事件,包括 Amazon ECR 的事件,請建立追蹤。線索能讓 CloudTrail 將日誌檔案交付至 Amazon S3 儲存貯體。當您在主控台建立追蹤記錄時,可以將追蹤記錄套用至單一區域或所有區域。線索會記錄 AWS 分割區中的事件,並將日誌檔案交付至您指定的 Amazon S3 儲存貯體。此外,您可以設定其他 AWS 服務,以分析和處理 CloudTrail 日誌中所收集的事件資料。如需詳細資訊,請參閱:
CloudTrail 會記錄所有 Amazon ECR API 動作,並記錄在 Amazon Elastic Container Registry API 參考中。執行常見任務時,CloudTrail 日誌檔案中會為屬於該任務的每個 API 動作產生不同區段。例如,建立儲存庫時,會在 CloudTrail 日誌檔案中產生 GetAuthorizationToken、CreateRepository 及 SetRepositoryPolicy 區段。將映像推送至儲存庫時,會產生 InitiateLayerUpload、UploadLayerPart、CompleteLayerUpload 和 PutImage 區段。提取映像時,會產生 GetDownloadUrlForLayer 和 BatchGetImage 區段。當支援 OCI 1.1規格的OCI用戶端使用 Referrers API 擷取映像的參考者清單或參考成品時,會發出 ListImageReferrers CloudTrail 事件。如需這些常見任務的範例,請參閱CloudTrail 日誌項目範例。
每一筆事件或日誌專案都會包含產生請求者的資訊。身分資訊可協助您判斷下列事項:
-
該請求是否使用根或 使用者登入資料提出
-
提出該請求時,是否使用了特定角色或聯合身分使用者的臨時安全憑證
-
該請求是否由其他 AWS 服務提出
如需詳細資訊,請參閱 CloudTrail userIdentity 元素。
了解 Amazon ECR 日誌檔案項目
追蹤是一種組態,能讓事件以日誌檔案的形式交付到您指定的 Amazon S3 儲存貯體。CloudTrail 日誌檔案包含一或多個日誌專案。一個事件為任何來源提出的單一請求,並包含請求動作、請求的日期和時間、請求參數等其他資訊。CloudTrail 日誌檔案並非依公有 API 呼叫追蹤記錄的堆疊排序,因此不會以任何特定順序出現。
CloudTrail 日誌項目範例
以下是一些常見 Amazon ECR 任務的 CloudTrail 日誌項目範例。
這些範例已格式化,以提升可讀性。在 CloudTrail 日誌檔案中,所有項目和事件會合併為單一列。此外,這個範例中受限於單一 Amazon ECR 項目。在真正的 CloudTrail 日誌檔案中,您會看到來自多個 AWS 服務的項目和事件。
重要
sourceIPAddress 是提出請求的 IP 地址。對於源自服務主控台的動作,報告的地址是用於基礎資源,而不是主控台 Web 伺服器。對於 中的服務 AWS,只會顯示 DNS 名稱。即使已修訂為 AWS 服務 DNS 名稱,我們仍會使用用戶端來源 IP 來評估身分驗證。
主題
範例:建立儲存庫動作
以下範例顯示的是展示 CreateRepository 動作的 CloudTrail 日誌項目。
{
"eventVersion": "1.04",
"userIdentity": {
"type": "AssumedRole",
"principalId": "AIDACKCEVSQ6C2EXAMPLE:account_name",
"arn": "arn:aws:sts::123456789012:user/Mary_Major",
"accountId": "123456789012",
"accessKeyId": "AKIAIOSFODNN7EXAMPLE",
"sessionContext": {
"attributes": {
"mfaAuthenticated": "false",
"creationDate": "2018-07-11T21:54:07Z"
},
"sessionIssuer": {
"type": "Role",
"principalId": "AIDACKCEVSQ6C2EXAMPLE",
"arn": "arn:aws:iam::123456789012:role/Admin",
"accountId": "123456789012",
"userName": "Admin"
}
}
},
"eventTime": "2018-07-11T22:17:43Z",
"eventSource": "ecr.amazonaws.com",
"eventName": "CreateRepository",
"awsRegion": "us-east-2",
"sourceIPAddress": "203.0.113.12",
"userAgent": "console.amazonaws.com",
"requestParameters": {
"repositoryName": "testrepo"
},
"responseElements": {
"repository": {
"repositoryArn": "arn:aws:ecr:us-east-2:123456789012:repository/testrepo",
"repositoryName": "testrepo",
"repositoryUri": "123456789012.dkr.ecr.us-east-2.amazonaws.com/testrepo",
"createdAt": "Jul 11, 2018 10:17:44 PM",
"registryId": "123456789012"
}
},
"requestID": "cb8c167e-EXAMPLE",
"eventID": "e3c6f4ce-EXAMPLE",
"resources": [
{
"ARN": "arn:aws:ecr:us-east-2:123456789012:repository/testrepo",
"accountId": "123456789012"
}
],
"eventType": "AwsApiCall",
"recipientAccountId": "123456789012"
}範例: AWS KMSCreateGrant建立 Amazon ECR 儲存庫時的 API 動作
下列範例顯示 CloudTrail 日誌項目,在建立已啟用 KMS 加密的 Amazon ECR 儲存庫時示範 AWS KMS CreateGrant動作。對於使用 KMS 加密建立的每個儲存庫都已啟用,您應該會在 CloudTrail 中看到兩個CreateGrant日誌項目。
{ "eventVersion": "1.05", "userIdentity": { "type": "IAMUser", "principalId": "AIDAIEP6W46J43IG7LXAQ", "arn": "arn:aws:iam::123456789012:user/Mary_Major", "accountId": "123456789012", "accessKeyId": "AKIAIOSFODNN7EXAMPLE", "userName": "Mary_Major", "sessionContext": { "sessionIssuer": { }, "webIdFederationData": { }, "attributes": { "mfaAuthenticated": "false", "creationDate": "2020-06-10T19:22:10Z" } }, "invokedBy": "AWS Internal" }, "eventTime": "2020-06-10T19:22:10Z", "eventSource": "kms.amazonaws.com", "eventName": "CreateGrant", "awsRegion": "us-west-2", "sourceIPAddress": "203.0.113.12", "userAgent": "console.amazonaws.com", "requestParameters": { "keyId": "4b55e5bf-39c8-41ad-b589-18464af7758a", "granteePrincipal": "ecr.us-west-2.amazonaws.com", "operations": [ "GenerateDataKey", "Decrypt" ], "retiringPrincipal": "ecr.us-west-2.amazonaws.com", "constraints": { "encryptionContextSubset": { "aws:ecr:arn": "arn:aws:ecr:us-west-2:123456789012:repository/testrepo" } } }, "responseElements": { "grantId": "3636af9adfee1accb67b83941087dcd45e7fadc4e74ff0103bb338422b5055f3" }, "requestID": "047b7dea-b56b-4013-87e9-a089f0f6602b", "eventID": "af4c9573-c56a-4886-baca-a77526544469", "readOnly": false, "resources": [ { "accountId": "123456789012", "type": "AWS::KMS::Key", "ARN": "arn:aws:kms:us-west-2:123456789012:key/4b55e5bf-39c8-41ad-b589-18464af7758a" } ], "eventType": "AwsApiCall", "recipientAccountId": "123456789012" }
範例:映像推送動作
下列範例顯示 CloudTrail 日誌項目,此項目示範了使用 PutImage 動作的映像推送。
注意
推送映像時,您也會在 CloudTrail 日誌中看到 InitiateLayerUpload、UploadLayerPart 和 CompleteLayerUpload 參考。
{
"eventVersion": "1.04",
"userIdentity": {
"type": "IAMUser",
"principalId": "AIDACKCEVSQ6C2EXAMPLE:account_name",
"arn": "arn:aws:sts::123456789012:user/Mary_Major",
"accountId": "123456789012",
"accessKeyId": "AKIAIOSFODNN7EXAMPLE",
"userName": "Mary_Major",
"sessionContext": {
"attributes": {
"mfaAuthenticated": "false",
"creationDate": "2019-04-15T16:42:14Z"
}
}
},
"eventTime": "2019-04-15T16:45:00Z",
"eventSource": "ecr.amazonaws.com",
"eventName": "PutImage",
"awsRegion": "us-east-2",
"sourceIPAddress": "AWS Internal",
"userAgent": "AWS Internal",
"requestParameters": {
"repositoryName": "testrepo",
"imageTag": "latest",
"registryId": "123456789012",
"imageManifest": "{\n \"schemaVersion\": 2,\n \"mediaType\": \"application/vnd.docker.distribution.manifest.v2+json\",\n \"config\": {\n \"mediaType\": \"application/vnd.docker.container.image.v1+json\",\n \"size\": 5543,\n \"digest\": \"sha256:000b9b805af1cdb60628898c9f411996301a1c13afd3dbef1d8a16ac6dbf503a\"\n },\n \"layers\": [\n {\n \"mediaType\": \"application/vnd.docker.image.rootfs.diff.tar.gzip\",\n \"size\": 43252507,\n \"digest\": \"sha256:3b37166ec61459e76e33282dda08f2a9cd698ca7e3d6bc44e6a6e7580cdeff8e\"\n },\n {\n \"mediaType\": \"application/vnd.docker.image.rootfs.diff.tar.gzip\",\n \"size\": 846,\n \"digest\": \"sha256:504facff238fde83f1ca8f9f54520b4219c5b8f80be9616ddc52d31448a044bd\"\n },\n {\n \"mediaType\": \"application/vnd.docker.image.rootfs.diff.tar.gzip\",\n \"size\": 615,\n \"digest\": \"sha256:ebbcacd28e101968415b0c812b2d2dc60f969e36b0b08c073bf796e12b1bb449\"\n },\n {\n \"mediaType\": \"application/vnd.docker.image.rootfs.diff.tar.gzip\",\n \"size\": 850,\n \"digest\": \"sha256:c7fb3351ecad291a88b92b600037e2435c84a347683d540042086fe72c902b8a\"\n },\n {\n \"mediaType\": \"application/vnd.docker.image.rootfs.diff.tar.gzip\",\n \"size\": 168,\n \"digest\": \"sha256:2e3debadcbf7e542e2aefbce1b64a358b1931fb403b3e4aeca27cb4d809d56c2\"\n },\n {\n \"mediaType\": \"application/vnd.docker.image.rootfs.diff.tar.gzip\",\n \"size\": 37720774,\n \"digest\": \"sha256:f8c9f51ad524d8ae9bf4db69cd3e720ba92373ec265f5c390ffb21bb0c277941\"\n },\n {\n \"mediaType\": \"application/vnd.docker.image.rootfs.diff.tar.gzip\",\n \"size\": 30432107,\n \"digest\": \"sha256:813a50b13f61cf1f8d25f19fa96ad3aa5b552896c83e86ce413b48b091d7f01b\"\n },\n {\n \"mediaType\": \"application/vnd.docker.image.rootfs.diff.tar.gzip\",\n \"size\": 197,\n \"digest\": \"sha256:7ab043301a6187ea3293d80b30ba06c7bf1a0c3cd4c43d10353b31bc0cecfe7d\"\n },\n {\n \"mediaType\": \"application/vnd.docker.image.rootfs.diff.tar.gzip\",\n \"size\": 154,\n \"digest\": \"sha256:67012cca8f31dc3b8ee2305e7762fee20c250513effdedb38a1c37784a5a2e71\"\n },\n {\n \"mediaType\": \"application/vnd.docker.image.rootfs.diff.tar.gzip\",\n \"size\": 176,\n \"digest\": \"sha256:3bc892145603fffc9b1c97c94e2985b4cb19ca508750b15845a5d97becbd1a0e\"\n },\n {\n \"mediaType\": \"application/vnd.docker.image.rootfs.diff.tar.gzip\",\n \"size\": 183,\n \"digest\": \"sha256:6f1c79518f18251d35977e7e46bfa6c6b9cf50df2a79d4194941d95c54258d18\"\n },\n {\n \"mediaType\": \"application/vnd.docker.image.rootfs.diff.tar.gzip\",\n \"size\": 212,\n \"digest\": \"sha256:b7bcfbc2e2888afebede4dd1cd5eebf029bb6315feeaf0b56e425e11a50afe42\"\n },\n {\n \"mediaType\": \"application/vnd.docker.image.rootfs.diff.tar.gzip\",\n \"size\": 212,\n \"digest\": \"sha256:2b220f8b0f32b7c2ed8eaafe1c802633bbd94849b9ab73926f0ba46cdae91629\"\n }\n ]\n}"
},
"responseElements": {
"image": {
"repositoryName": "testrepo",
"imageManifest": "{\n \"schemaVersion\": 2,\n \"mediaType\": \"application/vnd.docker.distribution.manifest.v2+json\",\n \"config\": {\n \"mediaType\": \"application/vnd.docker.container.image.v1+json\",\n \"size\": 5543,\n \"digest\": \"sha256:000b9b805af1cdb60628898c9f411996301a1c13afd3dbef1d8a16ac6dbf503a\"\n },\n \"layers\": [\n {\n \"mediaType\": \"application/vnd.docker.image.rootfs.diff.tar.gzip\",\n \"size\": 43252507,\n \"digest\": \"sha256:3b37166ec61459e76e33282dda08f2a9cd698ca7e3d6bc44e6a6e7580cdeff8e\"\n },\n {\n \"mediaType\": \"application/vnd.docker.image.rootfs.diff.tar.gzip\",\n \"size\": 846,\n \"digest\": \"sha256:504facff238fde83f1ca8f9f54520b4219c5b8f80be9616ddc52d31448a044bd\"\n },\n {\n \"mediaType\": \"application/vnd.docker.image.rootfs.diff.tar.gzip\",\n \"size\": 615,\n \"digest\": \"sha256:ebbcacd28e101968415b0c812b2d2dc60f969e36b0b08c073bf796e12b1bb449\"\n },\n {\n \"mediaType\": \"application/vnd.docker.image.rootfs.diff.tar.gzip\",\n \"size\": 850,\n \"digest\": \"sha256:c7fb3351ecad291a88b92b600037e2435c84a347683d540042086fe72c902b8a\"\n },\n {\n \"mediaType\": \"application/vnd.docker.image.rootfs.diff.tar.gzip\",\n \"size\": 168,\n \"digest\": \"sha256:2e3debadcbf7e542e2aefbce1b64a358b1931fb403b3e4aeca27cb4d809d56c2\"\n },\n {\n \"mediaType\": \"application/vnd.docker.image.rootfs.diff.tar.gzip\",\n \"size\": 37720774,\n \"digest\": \"sha256:f8c9f51ad524d8ae9bf4db69cd3e720ba92373ec265f5c390ffb21bb0c277941\"\n },\n {\n \"mediaType\": \"application/vnd.docker.image.rootfs.diff.tar.gzip\",\n \"size\": 30432107,\n \"digest\": \"sha256:813a50b13f61cf1f8d25f19fa96ad3aa5b552896c83e86ce413b48b091d7f01b\"\n },\n {\n \"mediaType\": \"application/vnd.docker.image.rootfs.diff.tar.gzip\",\n \"size\": 197,\n \"digest\": \"sha256:7ab043301a6187ea3293d80b30ba06c7bf1a0c3cd4c43d10353b31bc0cecfe7d\"\n },\n {\n \"mediaType\": \"application/vnd.docker.image.rootfs.diff.tar.gzip\",\n \"size\": 154,\n \"digest\": \"sha256:67012cca8f31dc3b8ee2305e7762fee20c250513effdedb38a1c37784a5a2e71\"\n },\n {\n \"mediaType\": \"application/vnd.docker.image.rootfs.diff.tar.gzip\",\n \"size\": 176,\n \"digest\": \"sha256:3bc892145603fffc9b1c97c94e2985b4cb19ca508750b15845a5d97becbd1a0e\"\n },\n {\n \"mediaType\": \"application/vnd.docker.image.rootfs.diff.tar.gzip\",\n \"size\": 183,\n \"digest\": \"sha256:6f1c79518f18251d35977e7e46bfa6c6b9cf50df2a79d4194941d95c54258d18\"\n },\n {\n \"mediaType\": \"application/vnd.docker.image.rootfs.diff.tar.gzip\",\n \"size\": 212,\n \"digest\": \"sha256:b7bcfbc2e2888afebede4dd1cd5eebf029bb6315feeaf0b56e425e11a50afe42\"\n },\n {\n \"mediaType\": \"application/vnd.docker.image.rootfs.diff.tar.gzip\",\n \"size\": 212,\n \"digest\": \"sha256:2b220f8b0f32b7c2ed8eaafe1c802633bbd94849b9ab73926f0ba46cdae91629\"\n }\n ]\n}",
"registryId": "123456789012",
"imageId": {
"imageDigest": "sha256:98c8b060c21d9adbb6b8c41b916e95e6307102786973ab93a41e8b86d1fc6d3e",
"imageTag": "latest"
}
}
},
"requestID": "cf044b7d-5f9d-11e9-9b2a-95983139cc57",
"eventID": "2bfd4ee2-2178-4a82-a27d-b12939923f0f",
"resources": [{
"ARN": "arn:aws:ecr:us-east-2:123456789012:repository/testrepo",
"accountId": "123456789012"
}],
"eventType": "AwsApiCall",
"recipientAccountId": "123456789012"
}範例:映像提取動作
下列範例顯示 CloudTrail 日誌項目,此項目示範了使用 BatchGetImage 動作的映像提取。
注意
提取映像時,如果您在本機尚未有映像,則也會在 CloudTrail 日誌中看到 GetDownloadUrlForLayer 參考。
{
"eventVersion": "1.04",
"userIdentity": {
"type": "IAMUser",
"principalId": "AIDACKCEVSQ6C2EXAMPLE:account_name",
"arn": "arn:aws:sts::123456789012:user/Mary_Major",
"accountId": "123456789012",
"accessKeyId": "AKIAIOSFODNN7EXAMPLE",
"userName": "Mary_Major",
"sessionContext": {
"attributes": {
"mfaAuthenticated": "false",
"creationDate": "2019-04-15T16:42:14Z"
}
}
},
"eventTime": "2019-04-15T17:23:20Z",
"eventSource": "ecr.amazonaws.com",
"eventName": "BatchGetImage",
"awsRegion": "us-east-2",
"sourceIPAddress": "ecr.amazonaws.com",
"userAgent": "ecr.amazonaws.com",
"requestParameters": {
"imageIds": [{
"imageTag": "latest"
}],
"acceptedMediaTypes": [
"application/json",
"application/vnd.oci.image.manifest.v1+json",
"application/vnd.oci.image.index.v1+json",
"application/vnd.docker.distribution.manifest.v2+json",
"application/vnd.docker.distribution.manifest.list.v2+json",
"application/vnd.docker.distribution.manifest.v1+prettyjws"
],
"repositoryName": "testrepo",
"registryId": "123456789012"
},
"responseElements": null,
"requestID": "2a1b97ee-5fa3-11e9-a8cd-cd2391aeda93",
"eventID": "c84f5880-c2f9-4585-9757-28fa5c1065df",
"resources": [{
"ARN": "arn:aws:ecr:us-east-2:123456789012:repository/testrepo",
"accountId": "123456789012"
}],
"eventType": "AwsApiCall",
"recipientAccountId": "123456789012"
}範例:映像生命週期政策動作
以下範例顯示 CloudTrail 日誌項目,其示範映像何時會因為生命週期政策規則而導致過期。您可以藉由為事件名稱欄位篩選 PolicyExecutionEvent,找出事件類型。
當您測試生命週期政策預覽時,Amazon ECR 會產生事件名稱欄位為 的 CloudTrail 日誌項目DryRunEvent,其結構與 完全相同PolicyExecutionEvent。透過將事件名稱變更為 DryRunEvent,您可以改為篩選乾執行事件。
重要
由於個別 CloudTrail 事件的大小限制,對於有 10 個或更多映像過期的生命週期政策動作,Amazon ECR 會向 CloudTrail 發送多個事件。此外,Amazon ECR 每個映像最多包含 100 個標籤。
{
"eventVersion": "1.05",
"userIdentity": {
"accountId": "123456789012",
"invokedBy": "AWS Internal"
},
"eventTime": "2020-03-12T20:22:12Z",
"eventSource": "ecr.amazonaws.com",
"eventName": "PolicyExecutionEvent",
"awsRegion": "us-west-2",
"sourceIPAddress": "AWS Internal",
"userAgent": "AWS Internal",
"requestParameters": null,
"responseElements": null,
"eventID": "9354dd7f-9aac-4e9d-956d-12561a4923aa",
"readOnly": true,
"resources": [
{
"ARN": "arn:aws:ecr:us-west-2:123456789012:repository/testrepo",
"accountId": "123456789012",
"type": "AWS::ECR::Repository"
}
],
"eventType": "AwsServiceEvent",
"recipientAccountId": "123456789012",
"serviceEventDetails": {
"repositoryName": "testrepo",
"lifecycleEventPolicy": {
"lifecycleEventRules": [
{
"rulePriority": 1,
"description": "remove all images > 2",
"lifecycleEventSelection": {
"tagStatus": "Any",
"tagPrefixList": [],
"countType": "Image count more than",
"countNumber": 2
},
"action": "expire"
}
],
"lastEvaluatedAt": 0,
"policyVersion": 1,
"policyId": "ceb86829-58e7-9498-920c-aa042e33037b"
},
"lifecycleEventImageActions": [
{
"lifecycleEventImage": {
"digest": "sha256:ddba4d27a7ffc3f86dd6c2f92041af252a1f23a8e742c90e6e1297bfa1bc0c45",
"tagStatus": "Tagged",
"tagList": [
"alpine"
],
"pushedAt": 1584042813000
},
"rulePriority": 1
},
{
"lifecycleEventImage": {
"digest": "sha256:6ab380c5a5acf71c1b6660d645d2cd79cc8ce91b38e0352cbf9561e050427baf",
"tagStatus": "Tagged",
"tagList": [
"centos"
],
"pushedAt": 1584042842000
},
"rulePriority": 1
}
],
"lifecycleEventFailureDetails": [
{
"lifecycleEventImage": {
"digest": "sha256:9117e1bc28cd20751e584b4ccd19b1178d14cf02d134b04ce6be0cc51bff762a",
"tagStatus": "Untagged",
"tagList": [],
"pushedAt": 1584042844000
},
"rulePriority": 1,
"failureCode": "ImageReferencedByManifestList",
"failureReason": "Requested image referenced by manifest list: [sha256:4b27c83d44a18c31543039d9e8b2786043ec6c8d00804d5800c5148d6b6f65bc]"
}
]
}
}範例:映像參考程式動作
下列範例顯示 AWS CloudTrail 日誌項目,示範OCI 1.1合規用戶端何時使用 Referrers API 擷取映像的參考者或參考成品清單。
{
"eventVersion": "1.08",
"userIdentity": {
"type": "AssumedRole",
"principalId": "AIDACKCEVSQ6C2EXAMPLE:account_name",
"arn": "arn:aws:sts::123456789012:user/Mary_Major",
"accountId": "123456789012",
"accessKeyId": "AKIAIOSFODNN7EXAMPLE",
"sessionContext": {
"sessionIssuer": {
"type": "Role",
"principalId": "AIDACKCEVSQ6C2EXAMPLE",
"arn": "arn:aws:iam::123456789012:role/Admin",
"accountId": "123456789012",
"userName": "Admin"
},
"webIdFederationData": {},
"attributes": {
"creationDate": "2024-10-08T16:38:39Z",
"mfaAuthenticated": "false"
},
"ec2RoleDelivery": "2.0"
},
"invokedBy": "ecr.amazonaws.com"
},
"eventTime": "2024-10-08T17:22:51Z",
"eventSource": "ecr.amazonaws.com",
"eventName": "ListImageReferrers",
"awsRegion": "us-east-2",
"sourceIPAddress": "ecr.amazonaws.com",
"userAgent": "ecr.amazonaws.com",
"requestParameters": {
"registryId": "123456789012",
"repositoryName": "testrepo",
"subjectId": {
"imageDigest": "sha256:000b9b805af1cdb60628898c9f411996301a1c13afd3dbef1d8a16ac6dbf503a"
},
"nextToken": "urD72mdD/mC8b5-EXAMPLE"
},
"responseElements": null,
"requestID": "cb8c167e-EXAMPLE",
"eventID": "e3c6f4ce-EXAMPLE",
"readOnly": true,
"resources": [
{
"accountId": "123456789012",
"ARN": "arn:aws:ecr:us-east-2:123456789012:repository/testrepo"
}
],
"eventType": "AwsApiCall",
"managementEvent": true,
"recipientAccountId": "123456789012",
"eventCategory": "Management"
}