{"id":17281569,"url":"https://github.com/markusl/ecr-image-scan-result-handler-lambda","last_synced_at":"2025-04-14T10:02:46.153Z","repository":{"id":46063058,"uuid":"222259712","full_name":"markusl/ecr-image-scan-result-handler-lambda","owner":"markusl","description":"This repository contains an easy-to-deploy lambda handler to handle the ECR image scan results.","archived":false,"fork":false,"pushed_at":"2021-11-16T22:03:49.000Z","size":114,"stargazers_count":6,"open_issues_count":2,"forks_count":0,"subscribers_count":3,"default_branch":"master","last_synced_at":"2025-03-27T23:12:51.056Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/markusl.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2019-11-17T14:21:48.000Z","updated_at":"2020-03-20T19:26:14.000Z","dependencies_parsed_at":"2022-08-30T20:11:04.221Z","dependency_job_id":null,"html_url":"https://github.com/markusl/ecr-image-scan-result-handler-lambda","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/markusl%2Fecr-image-scan-result-handler-lambda","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/markusl%2Fecr-image-scan-result-handler-lambda/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/markusl%2Fecr-image-scan-result-handler-lambda/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/markusl%2Fecr-image-scan-result-handler-lambda/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/markusl","download_url":"https://codeload.github.com/markusl/ecr-image-scan-result-handler-lambda/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248860330,"owners_count":21173342,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-10-15T09:46:14.382Z","updated_at":"2025-04-14T10:02:46.112Z","avatar_url":"https://github.com/markusl.png","language":"TypeScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# ECR Image Scan Result Handler Lambda\n\nThis repository contains an easy-to-deploy lambda handler to handle the ECR image scan results.\n\nTo increase security finding handling in your project you might want to get notifications about issues in your images.\n\n[Learn more about ECR image scanning](https://docs.aws.amazon.com/AmazonECR/latest/userguide/image-scanning.html)\n\nWhat you should have in place:\n\n* ECR repositories\n* Image scanning enabled on them\n* A SNS topic that gets notified when there are image scan results available\n\n![AWS Architecture of ECR image scan result handler lambda](ECR_image_scan_handler.png)\n\n## What this lambda does\n\nWhen the lambda is triggered from the ECR image scan results it will go and fetch the image scan results to see if there are any reported problems.\n\nIf scan finds any issues, the lambda will send an email to predefined address to notify the developers.\n\nThe implementation consists of three parts:\n\n* `lambda-handler/` contains the actual lambda code\n* `lambda-runtime-layer/` contains a runtime layer for the lambda with the needed AWS SDK\n* `cdk/` contains deployment code for the functionality\n\nWe must include the latest AWS SDK in a Lambda Layer since nodejs12.x runtime contains AWS SDK version 2.536.0 which does not include the ECR image scan compatibility (released in 2.557.0).\n\n### Configuration\n\nConfigure the SNS topic and sender address in the `cdk.json` file. You might have to verify the email in Amazon SES service.\n\n```json\ncdk.json\n{\n  \"app\": \"node dist/index\",\n  \"context\": {\n    \"from_email\": \"from@example.com\",\n    \"target_email\": \"target@example.com\",\n    \"notification_topic\": \"arn:aws:sns:eu-west-1:992821666999:ExampleStack-ImageScanCompletedTopic08428532-RTLEXMO8349I\"\n  }\n}\n```\n\n### Deployment\n\nIn `cdk` directory run the following commands:\n\n```bash\ncdk cdk\nnpm run build\ncdk deploy EcrImageScanResultHandler\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmarkusl%2Fecr-image-scan-result-handler-lambda","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmarkusl%2Fecr-image-scan-result-handler-lambda","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmarkusl%2Fecr-image-scan-result-handler-lambda/lists"}