Cloudformation-coverage-roadmap: AWS::ECR::Repository-ImageScanningConfiguration
CloudFormation requires the equivalent setting to:
aws ecr create-repository --repository-name name --image-scanning-configuration scanOnPush=true
to enable the automatic image scanning on ECR.
https://docs.aws.amazon.com/en_pv/AmazonECR/latest/userguide/image-scanning.html
ECR is Compute and the expected behaviour is to make the scanOnPush settings configurable through CloudFormation as well. I think what needs to be done is clear.
autarchprinceps
All 13 comments
whereisaaron
on 30 Oct 2019
Any ETA on this?
RomanCRS
on 27 Feb 2020
Why isn't CloudFormation a first class citizen like the API when new features are released? Sigh.
et304383
on 13 Mar 2020
Why isn't CloudFormation a first class citizen like the API when new features are released? Sigh.
Yeah, I have asked myself this many times, especially, when it is not something that seems to be very complex, since it is a 1:1 match to the corresponding fields in the API. I've seen several of those cases, and they still take months to be in Cloudformation.
Often terraform is faster than CloudFormation. How can that be?
autarchprinceps
on 14 Apr 2020
I'd like an ETA on this as well. From a feature perspective if it isn't available via CFN it isn't worth us using unless we go the custom resource route, which is a pain.
1davidmichael
on 15 Apr 2020
@1davidmichael I agree, custom resources are for something that is truly custom work, not for adding base-line support of feature that AWS has added.
I have reached out to our TAM team to ask about this specific feature, I would ask that others do the same.
ngamradt-turner
on 20 Apr 2020
Please make this happen faster....
JonLittleIT
on 7 Aug 2020
I hear you @JonLittleIT :) hopefully we'll have some good news real soon now ...
luiseduardocolon
on 17 Aug 2020
Looks like this is available now: https://github.com/aws/containers-roadmap/issues/552#issuecomment-676292818
mwarkentin
on 21 Aug 2020
PatMyron
on 10 Sep 2020
ImageScanningConfiguration works but I get a validation error in my template on AWS Console:
"myRepository": {
"Type": "AWS::ECR::Repository",
"Properties": {
"RepositoryName": "myRepoName",
"ImageScanningConfiguration": {
"scanOnPush": "true"
}
}
}
Here is the error message:
Stack operations on resource myRepository would fail starting from 03/01/2021 as the template has invalid properties. Please refer to the resource documentation to fix the template. Properties validation failed for resource myRepository with message: #/ImageScanningConfiguration: extraneous key [scanOnPush] is not permitted
Is this a bug?
Will my template stop working from 03/01/2021 as the error message says?
masoud919
on 22 Feb 2021
wonder if that has to do with property casing:
https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-ecr/blob/9b93cbd64f26fe62a5389ea2df6a3d86274fe1fe/aws-ecr-repository/aws-ecr-repository.json#L99-L107
PatMyron
on 22 Feb 2021
Yes "ScanOnPush" did it. So should the example in the docs be corrected?
https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ecr-repository.html#aws-resource-ecr-repository--examples
masoud919
on 23 Feb 2021
Related issues
JohnPreston
路
3Comments
san-san
路
3Comments
rjpereira
路
4Comments
baxang
路
3Comments
mweagle
路
3Comments
Most helpful comment
Why isn't CloudFormation a first class citizen like the API when new features are released? Sigh.