All Products
Search
Document Center

Security Center:PublicCreateImageScanTask

Last Updated:Jun 16, 2026

Creates an image scan task that is not limited by a single primary task.

Operation description

Before calling this operation, call the PublicPreCheckImageScanTask operation to query the number of container images covered by the image scan node and the number of authorizations consumed. This ensures that sufficient authorizations are available for the image scan node and prevents the image scan node from a break due to insufficient authorizations.

Try it now

Try this API in OpenAPI Explorer, no manual signing needed. Successful calls auto-generate SDK code matching your parameters. Download it with built-in credential security for local usage.

Test

RAM authorization

The table below describes the authorization required to call this API. You can define it in a Resource Access Management (RAM) policy. The table's columns are detailed below:

  • Action: The actions can be used in the Action element of RAM permission policy statements to grant permissions to perform the operation.

  • API: The API that you can call to perform the action.

  • Access level: The predefined level of access granted for each API. Valid values: create, list, get, update, and delete.

  • Resource type: The type of the resource that supports authorization to perform the action. It indicates if the action supports resource-level permission. The specified resource must be compatible with the action. Otherwise, the policy will be ineffective.

    • For APIs with resource-level permissions, required resource types are marked with an asterisk (*). Specify the corresponding Alibaba Cloud Resource Name (ARN) in the Resource element of the policy.

    • For APIs without resource-level permissions, it is shown as All Resources. Use an asterisk (*) in the Resource element of the policy.

  • Condition key: The condition keys defined by the service. The key allows for granular control, applying to either actions alone or actions associated with specific resources. In addition to service-specific condition keys, Alibaba Cloud provides a set of common condition keys applicable across all RAM-supported services.

  • Dependent action: The dependent actions required to run the action. To complete the action, the RAM user or the RAM role must have the permissions to perform all dependent actions.

Action

Access level

Resource type

Condition key

Dependent action

yundun-sas:PublicCreateImageScanTask

none

*All Resource

*

None None

Request parameters

Parameter

Type

Required

Description

Example

SourceIp

string

No

The IP address of the access source.

192.168..XX.XX

RegistryTypes

string

No

The types of image registries. Separate multiple types with commas (,). Valid values:

  • acr

  • harbor

  • quay.

acr

RegionIds

string

No

The region IDs of the images. Separate multiple region IDs with commas (,).

cn-hangzhou

InstanceIds

string

No

The IDs of the Container Registry (ACR) instances. Separate multiple IDs with commas (,).

i-uf6j8vq9l4r5ntht****

RepoNamespaces

string

No

The namespaces of the image registries. Separate multiple namespaces with commas (,).

hanghai-namespace

RepoIds

string

No

The IDs of the image registries. Separate multiple IDs with commas (,).

crr-vridcl4****

RepoNames

string

No

The names of the image registries. Separate multiple names with commas (,).

centos

Digests

string

No

The SHA256 digest values of the images. Separate multiple SHA256 values with commas (,).

6a5e103187b31a94592a47a5858617f7a6c

Tags

string

No

The tags of the images. Separate multiple tags with commas (,).

0.2

Response elements

Element

Type

Description

Example

object

Schema of Response

RequestId

string

The request ID. Alibaba Cloud generates a unique identifier for each request. You can use the request ID to troubleshoot issues.

F9353221-40F4-5F98-B73C-2803DC804033

Data

object

The data returned when the operation is successful.

TaskId

string

The ID of the scan task.

a410bb3e68c217a3368bc0238c66886d

TotalCount

integer

The total number of images to scan.

5

FinishCount

integer

The number of images that have been scanned.

5

CollectTime

integer

The timestamp when image information was collected, in milliseconds.

1644286364150

ExecTime

integer

The timestamp when the scan task started running, in milliseconds.

1644286364150

Status

string

The status of the scan task. Valid values:

  • INIT: Initializing.

  • PRE_ANALYZER: Pre-analyzing.

  • SUCCESS: Succeeded.

  • FAIL: Failed.

SUCCESS

Progress

integer

The progress percentage of the scan task.

100

Result

string

The execution result of the scan task. Valid values:

  • SUCCESS: The scan task succeeded.

  • TASK_NOT_SUPPORT_REGION: The image is in a region that does not support scanning.

Note

For the regions that support image security scanning, see the table of supported regions after the response parameters table in this topic.

SUCCESS

CanCreate

boolean

Indicates whether more scan tasks can be created. Valid values:

  • true: More scan tasks can be created.

  • false: No more scan tasks can be created.

Note

By default, up to 10 scan tasks can exist at the same time. If the number of scan tasks exceeds 10, creating a scan task by calling this operation fails. Wait until an existing scan task is completed before creating a new scan task.

true

Regions that support image security scanning

RegionCityRegion ID
China (Hangzhou)Hangzhoucn-hangzhou
China (Shanghai)Shanghaicn-shanghai
China (Shenzhen)Shenzhencn-shenzhen
China (Qingdao)Qingdaocn-qingdao
China (Beijing)Beijingcn-beijing
China (Zhangjiakou)Zhangjiakoucn-zhangjiakou
China (Hohhot)Hohhotcn-huhehaote
China (Hong Kong)Hong Kongcn-hongkong
Japan (Tokyo)Tokyoap-northeast-1
Indonesia (Jakarta)Jakartaap-southeast-5
US (Silicon Valley)Silicon Valleyus-west-1
US (Virginia)Virginiaus-east-1
Germany (Frankfurt)Frankfurteu-central-1
UK (London)Londoneu-west-1

Examples

Success response

JSON format

{
  "RequestId": "F9353221-40F4-5F98-B73C-2803DC804033",
  "Data": {
    "TaskId": "a410bb3e68c217a3368bc0238c66886d",
    "TotalCount": 5,
    "FinishCount": 5,
    "CollectTime": 1644286364150,
    "ExecTime": 1644286364150,
    "Status": "SUCCESS",
    "Progress": 100,
    "Result": "SUCCESS",
    "CanCreate": true
  }
}

Error codes

HTTP status code

Error code

Error message

Description

400 BeyondQuata Please check the scan quota
400 TaskNumEmpty Create task quantity is empty.
500 ServerError ServerError
403 NoPermission caller has no permission

See Error Codes for a complete list.

Release notes

See Release Notes for a complete list.