ListImageRisk - Security Center - Alibaba Cloud Documentation Center

Queries security information about a container image.

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer.

Debug

Authorization information

The following table shows the authorization information corresponding to the API. The authorization information can be used in the Action policy element to grant a RAM user or RAM role the permissions to call this API operation. Description:

Operation: the value that you can use in the Action element to specify the operation on a resource.
Access level: the access level of each operation. The levels are read, write, and list.
Resource type: the type of the resource on which you can authorize the RAM user or the RAM role to perform the operation. Take note of the following items:
- The required resource types are displayed in bold characters.
- If the permissions cannot be granted at the resource level, All Resources is used in the Resource type column of the operation.
Condition Key: the condition key that is defined by the cloud service.
Associated operation: other operations that the RAM user or the RAM role must have permissions to perform to complete the operation. To complete the operation, the RAM user or the RAM role must have the permissions to perform the associated operations.

Operation	Access level	Resource type	Condition key	Associated operation
yundun-sas:ListImageRisk	List	All Resources *	none	none

Request parameters

Parameter	Type	Required	Description	Example
CurrentPage	integer	No	The number of the page to return.	1
PageSize	integer	No	The number of entries to return on each page. Default value: 20.	20
ClusterId	string	No	The ID of the container cluster. Note You can call the DescribeGroupedContainerInstances operation to query the ID of the container cluster.	c80f79959fd724a888e1187779b13****
Namespace	string	No	The name of the namespace to which the repository belongs.	kube-sy****
AppName	string	No	The name of the application.	e****
ImageName	string	No	The name of the image.	container-*:**

Response parameters

Parameter	Type	Description	Example
	object	The returned data.
RequestId	string	The ID of the request, which is used to locate and troubleshoot issues.	050ACC7A-D4FD-55C6-B861-BA9569C1****
ImageRiskList	object []	An array that consists of security information about the image.
RepoNamespace	string	The name of the namespace to which the repository belongs.	vultar***
RepoName	string	The name of the image repository.	scan_test
Tag	string	The tag that is added to the image.	0.1.0
RegionId	string	The region of the image repository.	cn-hangzhou
Digest	string	The digest value of the image.	3f8efc2184cf1d24936b49c27286a284714b77be34c80c9ee38ca6bf322445****
RepoId	string	The ID of the image repository.	crr-bk2l746eyxca1****
RepoType	string	The type of the repository. Valid values: `PUBLIC` `PRIVATE`	PRIVATE
RegistryType	string	The type of the image repository. Valid values: acr harbor quay CI/CD: Jenkins	harbor
Endpoints	string	The endpoint of Container Registry.	https://172.20.XXX.XXX/test
ImageId	string	The ID of the image.	f922bfeb6960436fe3f0e7b62fc6b9a0b47980986669c367c22433269404****
TagImmutable	integer	Indicates whether the image version is immutable. If the image version is immutable, only the image of the latest version in the image repository can be overwritten. Valid values: 0: The image version is mutable. 1: The image version is immutable.	0
Statistics	string	The statistics on a security event.	{ "baselineNum": 0, "newSuspicious": 0, "vul": 0 }
ImageAccessType	string	The registration status of the image repository. Valid values: IN_SAS: The image repository is registered with Security Center. NOT_IN_SAS: The image repository is not registered with Security Center.	IN_SAS
Image	string	The image of the container.	.aliyuncs.com/sas_test/baseline:exploit
Uuid	string	The UUID of the image.	624778f3-5bf2-423c-ac0c-47a62c05****
EndPointList	object []	An array that consists of the details of the endpoint.
Domains	array	An array that consists the details of the domain name in the endpoint.
	string	The domain name in the endpoint.	****-registry-registry-intranet.cn-shenzhen.cr.aliyuncs.com
Type	string	The type of the domain name in the endpoint. Valid values: internet: Internet intranet: internal network	internet
InternetURLs	string	The public endpoint of the image repository.	**registry-registry.cn-shenzhen-finance-1.cr.aliyuncs.com/xxxx/docker-**
VpcURLs	string	The endpoint of the image repository in the VPC.	**-registry-registry-vpc.cn-shenzhen-finance-1.cr.aliyuncs.com/xxxx/docker-**
PageInfo	object	The pagination information.
TotalCount	integer	The total number of entries returned.	23
Count	integer	The number of entries returned on the current page.	3
PageSize	integer	The number of entries returned per page.	20
CurrentPage	integer	The page number of the returned page.	1

Examples

Sample success responses

JSONformat

{
  "RequestId": "050ACC7A-D4FD-55C6-B861-BA9569C1****",
  "ImageRiskList": [
    {
      "RepoNamespace": "vultar***",
      "RepoName": "scan_test",
      "Tag": "0.1.0",
      "RegionId": "cn-hangzhou",
      "Digest": "3f8efc2184cf1d24936b49c27286a284714b77be34c80c9ee38ca6bf322445****",
      "RepoId": "crr-bk2l746eyxca1****",
      "RepoType": "PRIVATE",
      "RegistryType": "harbor",
      "Endpoints": "https://172.20.XXX.XXX/test",
      "ImageId": "f922bfeb6960436fe3f0e7b62fc6b9a0b47980986669c367c22433269404****",
      "TagImmutable": 0,
      "Statistics": "{\n\t\"baselineNum\": 0,\n\t\"newSuspicious\": 0,\n\t\"vul\": 0\n}",
      "ImageAccessType": "IN_SAS",
      "Image": ".aliyuncs.com/sas_test/baseline:exploit",
      "Uuid": "624778f3-5bf2-423c-ac0c-47a62c05****",
      "EndPointList": [
        {
          "Domains": [
            "****-registry-registry-intranet.cn-shenzhen.cr.aliyuncs.com"
          ],
          "Type": "internet"
        }
      ],
      "InternetURLs": "****registry-registry.cn-shenzhen-finance-1.cr.aliyuncs.com/xxxx/docker-****",
      "VpcURLs": "****-registry-registry-vpc.cn-shenzhen-finance-1.cr.aliyuncs.com/xxxx/docker-****"
    }
  ],
  "PageInfo": {
    "TotalCount": 23,
    "Count": 3,
    "PageSize": 20,
    "CurrentPage": 1
  }
}

Error codes

HTTP status code	Error code	Error message	Description
403	NoPermission	caller has no permission	You are not authorized to do this operation.
500	ServerError	ServerError	-

For a list of error codes, visit the Service error codes.

Change history

Change time	Summary of changes	Operation

No change history