images
Creates, updates, deletes or gets an image resource or lists images in a region
Overview
| Name | images |
| Type | Resource |
| Description | Resource schema for AWS::ImageBuilder::Image |
| Id | aws.imagebuilder.images |
Fields
| Name | Datatype | Description |
|---|---|---|
arn | string | The Amazon Resource Name (ARN) of the image. |
name | string | The name of the image. |
image_tests_configuration | object | The image tests configuration used when creating this image. |
image_recipe_arn | string | The Amazon Resource Name (ARN) of the image recipe that defines how images are configured, tested, and assessed. |
container_recipe_arn | string | The Amazon Resource Name (ARN) of the container recipe that defines how images are configured and tested. |
distribution_configuration_arn | string | The Amazon Resource Name (ARN) of the distribution configuration. |
infrastructure_configuration_arn | string | The Amazon Resource Name (ARN) of the infrastructure configuration. |
workflows | array | Workflows to define the image build process |
image_id | string | The AMI ID of the EC2 AMI in current region. |
image_uri | string | URI for containers created in current Region with default ECR image tag |
enhanced_image_metadata_enabled | boolean | Collects additional information about the image being created, including the operating system (OS) version and package list. |
image_scanning_configuration | object | Contains settings for vulnerability scans. |
execution_role | string | The execution role name/ARN for the image build, if provided |
tags | object | The tags associated with the image. |
region | string | AWS region. |
Methods
| Name | Accessible by | Required Params |
|---|---|---|
create_resource | INSERT | region |
delete_resource | DELETE | data__Identifier, region |
list_resources | SELECT | region |
get_resource | SELECT | data__Identifier, region |
SELECT examples
Gets all images in a region.
SELECT
region,
arn,
name,
image_tests_configuration,
image_recipe_arn,
container_recipe_arn,
distribution_configuration_arn,
infrastructure_configuration_arn,
workflows,
image_id,
image_uri,
enhanced_image_metadata_enabled,
image_scanning_configuration,
execution_role,
tags
FROM aws.imagebuilder.images
WHERE region = 'us-east-1';
Gets all properties from an individual image.
SELECT
region,
arn,
name,
image_tests_configuration,
image_recipe_arn,
container_recipe_arn,
distribution_configuration_arn,
infrastructure_configuration_arn,
workflows,
image_id,
image_uri,
enhanced_image_metadata_enabled,
image_scanning_configuration,
execution_role,
tags
FROM aws.imagebuilder.images
WHERE region = 'us-east-1' AND data__Identifier = '<Arn>';
INSERT example
Use the following StackQL query and manifest file to create a new image resource, using stack-deploy.
- Required Properties
- All Properties
- Manifest
/*+ create */
INSERT INTO aws.imagebuilder.images (
ImageTestsConfiguration,
ImageRecipeArn,
ContainerRecipeArn,
DistributionConfigurationArn,
InfrastructureConfigurationArn,
Workflows,
EnhancedImageMetadataEnabled,
ImageScanningConfiguration,
ExecutionRole,
Tags,
region
)
SELECT
'{{ ImageTestsConfiguration }}',
'{{ ImageRecipeArn }}',
'{{ ContainerRecipeArn }}',
'{{ DistributionConfigurationArn }}',
'{{ InfrastructureConfigurationArn }}',
'{{ Workflows }}',
'{{ EnhancedImageMetadataEnabled }}',
'{{ ImageScanningConfiguration }}',
'{{ ExecutionRole }}',
'{{ Tags }}',
'{{ region }}';
/*+ create */
INSERT INTO aws.imagebuilder.images (
ImageTestsConfiguration,
ImageRecipeArn,
ContainerRecipeArn,
DistributionConfigurationArn,
InfrastructureConfigurationArn,
Workflows,
EnhancedImageMetadataEnabled,
ImageScanningConfiguration,
ExecutionRole,
Tags,
region
)
SELECT
'{{ ImageTestsConfiguration }}',
'{{ ImageRecipeArn }}',
'{{ ContainerRecipeArn }}',
'{{ DistributionConfigurationArn }}',
'{{ InfrastructureConfigurationArn }}',
'{{ Workflows }}',
'{{ EnhancedImageMetadataEnabled }}',
'{{ ImageScanningConfiguration }}',
'{{ ExecutionRole }}',
'{{ Tags }}',
'{{ region }}';
version: 1
name: stack name
description: stack description
providers:
- aws
globals:
- name: region
value: '{{ vars.AWS_REGION }}'
resources:
- name: image
props:
- name: ImageTestsConfiguration
value:
ImageTestsEnabled: '{{ ImageTestsEnabled }}'
TimeoutMinutes: '{{ TimeoutMinutes }}'
- name: ImageRecipeArn
value: '{{ ImageRecipeArn }}'
- name: ContainerRecipeArn
value: '{{ ContainerRecipeArn }}'
- name: DistributionConfigurationArn
value: '{{ DistributionConfigurationArn }}'
- name: InfrastructureConfigurationArn
value: '{{ InfrastructureConfigurationArn }}'
- name: Workflows
value:
- WorkflowArn: '{{ WorkflowArn }}'
Parameters:
- Name: '{{ Name }}'
Value:
- '{{ Value[0] }}'
ParallelGroup: '{{ ParallelGroup }}'
OnFailure: '{{ OnFailure }}'
- name: EnhancedImageMetadataEnabled
value: '{{ EnhancedImageMetadataEnabled }}'
- name: ImageScanningConfiguration
value:
EcrConfiguration:
ContainerTags:
- '{{ ContainerTags[0] }}'
RepositoryName: '{{ RepositoryName }}'
ImageScanningEnabled: '{{ ImageScanningEnabled }}'
- name: ExecutionRole
value: '{{ ExecutionRole }}'
- name: Tags
value: {}
DELETE example
/*+ delete */
DELETE FROM aws.imagebuilder.images
WHERE data__Identifier = '<Arn>'
AND region = 'us-east-1';
Permissions
To operate on the images resource, the following permissions are required:
Create
ecr:BatchGetRepositoryScanningConfiguration,
iam:GetRole,
iam:PassRole,
iam:CreateServiceLinkedRole,
imagebuilder:GetImageRecipe,
imagebuilder:GetInfrastructureConfiguration,
imagebuilder:GetDistributionConfiguration,
imagebuilder:GetWorkflow,
imagebuilder:GetImage,
imagebuilder:CreateImage,
imagebuilder:TagResource,
inspector2:BatchGetAccountStatus
Read
imagebuilder:GetImage
Delete
imagebuilder:GetImage,
imagebuilder:DeleteImage,
imagebuilder:UnTagResource,
imagebuilder:CancelImageCreation
List
imagebuilder:ListImages