{"id":593,"date":"2019-11-30T12:22:23","date_gmt":"2019-11-30T03:22:23","guid":{"rendered":"https:\/\/p-corporate-blog-cms.mmmcorp.co.jp\/blog\/2019\/11\/30\/ecr-image-scan-slack"},"modified":"2022-10-28T22:35:58","modified_gmt":"2022-10-28T13:35:58","slug":"ecr-image-scan-slack","status":"publish","type":"post","link":"https:\/\/p-corporate-blog-cms.mmmcorp.co.jp\/blog\/2019\/11\/30\/ecr-image-scan-slack\/","title":{"rendered":"Amazon ECR\u306e\u30a4\u30e1\u30fc\u30b8\u30b9\u30ad\u30e3\u30f3\u7d50\u679c\u3092Slack\u901a\u77e5\u3001Backlog\u306b\u8ab2\u984c\u767b\u9332"},"content":{"rendered":"<p>2019\u5e7410\u6708\u306b <code>Amazon ECR<\/code> \u306e\u8106\u5f31\u6027\u306e\u30b9\u30ad\u30e3\u30f3\u6a5f\u80fd\u304c\u5b9f\u88c5\u3055\u308c\u305f\u3002<\/p>\n<p><a href=\"https:\/\/aws.amazon.com\/about-aws\/whats-new\/2019\/10\/announcing-image-scanning-for-amazon-ecr\/\">Announcing Image Scanning for Amazon ECR<\/a><\/p>\n<p>\u4eca\u56de\u306f\u3001\u4e0b\u8a18\u306e\u8a18\u4e8b\u3092\u53c2\u8003\u306b\u3001<\/p>\n<ul>\n<li><code>ECR<\/code> \u3078\u30a4\u30e1\u30fc\u30b8\u3092\u30d7\u30c3\u30b7\u30e5<\/li>\n<li><code>ECR<\/code> \u306e\u30a4\u30e1\u30fc\u30b8\u30b9\u30ad\u30e3\u30f3<\/li>\n<li>\u30b9\u30ad\u30e3\u30f3\u5b9f\u884c\u3092\u30c8\u30ea\u30ac\u30fc\u306b <code>Lambda<\/code> \u3092\u5b9f\u884c\u3057\u3066 <code>Slack<\/code> \u901a\u77e5<\/li>\n<\/ul>\n<p>\u3068\u3044\u3046\u6d41\u308c\u3067\u3084\u3063\u3066\u307f\u305f\u3002<\/p>\n<p>\u3010\u53c2\u8003URL\u3011<\/p>\n<ul>\n<li><a href=\"https:\/\/qiita.com\/hayao_k\/items\/116e5540b2bf0c2a2c9d\">Amazon ECR\u306e\u30a4\u30e1\u30fc\u30b8\u30b9\u30ad\u30e3\u30f3\u7d50\u679c\u3092Slack\u306b\u901a\u77e5\u3059\u308b - Qiita<\/a><\/li>\n<\/ul>\n<h2 id=\"outline__1\" id=\"ecr-\u306e\u30b9\u30ad\u30e3\u30f3\u8a2d\u5b9a\">ECR \u306e\u30b9\u30ad\u30e3\u30f3\u8a2d\u5b9a<\/h2>\n<p>\u307e\u305a\u306f\u3001 <code>ECR<\/code> \u306e\u8a2d\u5b9a\u3092\u884c\u3046\u3002<br \/>\n<code>ECR<\/code> \u306e\u30ea\u30dd\u30b8\u30c8\u30ea\u4f5c\u6210\u6642\u3001\u3082\u3057\u304f\u306f\u65e2\u5b58\u3067\u30ea\u30dd\u30b8\u30c8\u30ea\u304c\u3042\u308b\u5834\u5408\u306f\u8a2d\u5b9a\u3092\u7de8\u96c6\u3057\u3066\u3001 <code>Scan on push<\/code> (\u30d7\u30c3\u30b7\u30e5\u6642\u306b\u30b9\u30ad\u30e3\u30f3) \u3092\u6709\u52b9\u306b\u3059\u308b\u3002<br \/>\n\u3053\u308c\u3092\u8a2d\u5b9a\u3059\u308b\u3053\u3068\u3067\u3001 <code>ECR<\/code> \u306b\u30a4\u30e1\u30fc\u30b8\u3092\u30d7\u30c3\u30b7\u30e5\u3059\u308b\u305f\u3073\u306b\u30b9\u30ad\u30e3\u30f3\u304c\u5b9f\u884c\u3055\u308c\u308b\u3002<\/p>\n<p><img src=\"\/images\/ecr-image-scan-slack\/ecr_scan_on_push.png\" alt=\"\"><\/p>\n<h2 id=\"outline__2\" id=\"lambda-layers\">Lambda Layers<\/h2>\n<p>\u4eca\u56de\u306f\u3001 <code>Python<\/code> \u3067 <code>Lambda<\/code> \u3092\u5b9f\u884c\u3059\u308b\u3002<br \/>\n<code>ECR<\/code> \u306e\u30a4\u30e1\u30fc\u30b8\u306e\u30b9\u30ad\u30e3\u30f3\u7d50\u679c\u3092\u53d6\u5f97\u3059\u308b\u305f\u3081\u306b\u306f\u3001\u6700\u65b0\u306e <code>boto3<\/code> \u304c\u5fc5\u8981\u306b\u306a\u308b\u305f\u3081\u3001 <code>Lambda Layers<\/code> \u3092\u8a2d\u5b9a\u3059\u308b\u3002<\/p>\n<p>\u3000\u3010\u53c2\u8003URL\u3011<\/p>\n<ul>\n<li><a href=\"https:\/\/qiita.com\/hayao_k\/items\/b9750cc8fa69d0ce91b0\">Lambda Layers \u3067\u6700\u65b0\u306e AWS SDK \u3092\u4f7f\u7528\u3059\u308b - Qiita<\/a><\/li>\n<\/ul>\n<p>\u30ed\u30fc\u30ab\u30eb\u74b0\u5883\u306b\u3066\u3001\u4e0b\u8a18\u306e\u3088\u3046\u306b <code>boto3<\/code> \u3092 <code>.\/python<\/code> \u30c7\u30a3\u30ec\u30af\u30c8\u30ea\u914d\u4e0b\u306b\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u3057\u3001 <code>zip<\/code> \u3067\u56fa\u3081\u308b\u3002<\/p>\n<pre><code class=\"language-bash\">$ mkdir python\n$ pip install -t .\/python boto3\n$ zip -r boto3-1.10.28.zip python<\/code><\/pre>\n<p><code>AWS Lambda<\/code> \u306e\u30e1\u30cb\u30e5\u30fc\u3088\u308a\u3001 <code>Layers<\/code> \u3092\u30af\u30ea\u30c3\u30af\u3002<\/p>\n<p><img src=\"\/images\/ecr-image-scan-slack\/lambda_menu.png\" alt=\"\"><\/p>\n<p><code>Create Layer<\/code> \u3092\u30af\u30ea\u30c3\u30af\u3057\u3066\u3001<\/p>\n<p><img src=\"\/images\/ecr-image-scan-slack\/create_layer.png\" alt=\"\"><\/p>\n<p>\u5148\u307b\u3069\u4f5c\u6210\u3057\u305f <code>zip<\/code> \u30d5\u30a1\u30a4\u30eb\u3092\u30a2\u30c3\u30d7\u30ed\u30fc\u30c9\u3057\u3066\u3001 <code>Layer<\/code> \u3092\u4f5c\u6210\u3059\u308b\u3002<\/p>\n<p><img src=\"\/images\/ecr-image-scan-slack\/upload_zip.png\" alt=\"\"><\/p>\n<h2 id=\"outline__3\" id=\"iam-role-\u8a2d\u5b9a\">IAM role \u8a2d\u5b9a<\/h2>\n<p><code>ECR<\/code> \u306e\u30b9\u30ad\u30e3\u30f3\u7d50\u679c\u53d6\u5f97\u306e\u305f\u3081\u3001 <code>Lambda<\/code> \u3092\u5b9f\u884c\u3059\u308b\u30ed\u30fc\u30eb\u306b\u3001 <code>ecr:DescribeImages<\/code> \u3092\u4ed8\u4e0e\u3059\u308b\u3002<\/p>\n<h2 id=\"outline__4\" id=\"lambda-\u95a2\u6570\">Lambda \u95a2\u6570<\/h2>\n<p><code>Lambda<\/code> \u95a2\u6570\u306f\u3001\u53c2\u8003\u306b\u3055\u305b\u3066\u3044\u305f\u3060\u3044\u305f\u8a18\u4e8b\u306e\u3082\u306e\u3092\u30d9\u30fc\u30b9\u306b\u5c11\u3057\u624b\u3092\u52a0\u3048\u3066\u3001\u30c1\u30e3\u30f3\u30cd\u30eb\u540d(<code>CHANNEL<\/code>)\u3001\u4f1a\u793e\u540d(<code>COMPANY<\/code>)\u3001Slack\u306e\u30a6\u30a7\u30d6\u30d5\u30c3\u30afURL\u306e(<code>WEBHOOK_URL<\/code>)\u3092\u74b0\u5883\u5909\u6570\u304b\u3089\u53d6\u5f97\u3059\u308b\u3088\u3046\u306b\u3057\u305f\u3002<br \/>\n\u5f0a\u793e\u3067\u306f\u3001 <code>GitHub<\/code> \u3084 <code>CircleCI<\/code> \u306a\u3069\u306e\u901a\u77e5\u3092\u96c6\u7d04\u3057\u3066\u3044\u308b <code>Slack<\/code> \u30c1\u30e3\u30f3\u30cd\u30eb\u304c\u3042\u308a\u3001\u8907\u6570\u306e\u958b\u767a\u3084\u904b\u7528\u304c\u540c\u6642\u3067\u52d5\u3044\u3066\u3044\u308b\u305f\u3081\u3001\u3069\u306e\u30d7\u30ed\u30b8\u30a7\u30af\u30c8\u306e\u3082\u306e\u304b\u5224\u5225\u3067\u304d\u308b\u3088\u3046\u306b\u5bfe\u5fdc\u3057\u305f\u3082\u306e\u3067\u3042\u308b\u3002<\/p>\n<pre><code class=\"language-py\">from datetime import datetime\nfrom logging import getLogger, INFO\nfrom urllib.request import Request, urlopen\nfrom urllib.error import URLError, HTTPError\nimport json\nimport os\nfrom botocore.exceptions import ClientError\nimport boto3\n\nlogger = getLogger()\nlogger.setLevel(INFO)\n\n\ndef get_properties(s_counts):\n    &quot;&quot;&quot;Returns the color setting of severity&quot;&quot;&quot;\n    if s_counts[&#39;CRITICAL&#39;] != 0:\n        properties = {&#39;color&#39;: &#39;danger&#39;, &#39;icon&#39;: &#39;:red_circle:&#39;}\n    elif s_counts[&#39;HIGH&#39;] != 0:\n        properties = {&#39;color&#39;: &#39;warning&#39;, &#39;icon&#39;: &#39;:large_orange_diamond:&#39;}\n    else:\n        properties = {&#39;color&#39;: &#39;good&#39;, &#39;icon&#39;: &#39;:green_heart:&#39;}\n    return properties\n\n\ndef get_params(scan_result):\n    &quot;&quot;&quot;Slack message formatting&quot;&quot;&quot;\n    region = &#39;ap-northeast-1&#39;\n    channel = os.environ[&#39;CHANNEL&#39;]\n    company = os.environ[&#39;COMPANY&#39;]\n    severity_list = [&#39;CRITICAL&#39;, &#39;HIGH&#39;, &#39;MEDIUM&#39;, &#39;LOW&#39;, &#39;INFORMATIONAL&#39;, &#39;UNDEFINED&#39;]\n    s_counts = scan_result[&#39;imageScanFindingsSummary&#39;][&#39;findingSeverityCounts&#39;]\n\n    for severity in severity_list:\n        s_counts.setdefault(severity, 0)\n\n    message = f&quot;*ECR\u30a4\u30e1\u30fc\u30b8\u30b9\u30ad\u30e3\u30f3\u7d50\u679c | {company} | Account:{scan_result[&#39;registryId&#39;]}*&quot;\n    description = scan_result[&#39;imageScanStatus&#39;][&#39;description&#39;]\n    text_properties = get_properties(s_counts)\n\n    complete_at = datetime.strftime(\n        scan_result[&#39;imageScanFindingsSummary&#39;][&#39;imageScanCompletedAt&#39;],\n        &#39;%Y-%m-%d %H:%M:%S %Z&#39;\n    )\n    source_update_at = datetime.strftime(\n        scan_result[&#39;imageScanFindingsSummary&#39;][&#39;vulnerabilitySourceUpdatedAt&#39;],\n        &#39;%Y-%m-%d %H:%M:%S %Z&#39;\n    )\n\n    slack_message = {\n        &#39;username&#39;: &#39;Amazon ECR&#39;,\n        &#39;channels&#39;: channel,\n        &#39;icon_emoji&#39;: &#39;:ecr:&#39;,\n        &#39;text&#39;: message,\n        &#39;attachments&#39;: [\n            {\n                &#39;fallback&#39;: &#39;AmazonECR Image Scan Findings Description.&#39;,\n                &#39;color&#39;: text_properties[&#39;color&#39;],\n                &#39;title&#39;: f&#39;&#39;&#39;{text_properties[&#39;icon&#39;]} {\n                    scan_result[&#39;repositoryName&#39;]}:{\n                    scan_result[&#39;imageTags&#39;][0]}&#39;&#39;&#39;,\n                &#39;title_link&#39;: f&#39;&#39;&#39;https:\/\/console.aws.amazon.com\/ecr\/repositories\/{\n                    scan_result[&#39;repositoryName&#39;]}\/image\/{\n                    scan_result[&#39;imageDigest&#39;]}\/scan-results?region={region}&#39;&#39;&#39;,\n                &#39;text&#39;: f&#39;&#39;&#39;{description}\n\u30b9\u30ad\u30e3\u30f3\u5b8c\u4e86\u65e5\u6642: {\n                    complete_at}\n\u8106\u5f31\u6027\u60c5\u5831\u66f4\u65b0\u65e5\u6642: {source_update_at}&#39;&#39;&#39;,\n                &#39;fields&#39;: [\n                    {&#39;title&#39;: &#39;Critical&#39;, &#39;value&#39;: s_counts[&#39;CRITICAL&#39;], &#39;short&#39;: True},\n                    {&#39;title&#39;: &#39;High&#39;, &#39;value&#39;: s_counts[&#39;HIGH&#39;], &#39;short&#39;: True},\n                    {&#39;title&#39;: &#39;Medium&#39;, &#39;value&#39;: s_counts[&#39;MEDIUM&#39;], &#39;short&#39;: True},\n                    {&#39;title&#39;: &#39;Low&#39;, &#39;value&#39;: s_counts[&#39;LOW&#39;], &#39;short&#39;: True},\n                    {&#39;title&#39;: &#39;Info&#39;, &#39;value&#39;: s_counts[&#39;INFORMATIONAL&#39;], &#39;short&#39;: True},\n                    {&#39;title&#39;: &#39;Undefined&#39;, &#39;value&#39;: s_counts[&#39;UNDEFINED&#39;], &#39;short&#39;: True},\n                ]\n            }\n        ]\n    }\n    return slack_message\n\n\ndef get_findings(detail):\n    &quot;&quot;&quot;Returns the image scan findings summary&quot;&quot;&quot;\n    ecr = boto3.client(&#39;ecr&#39;)\n    try:\n        response = ecr.describe_images(\n            repositoryName=detail[&#39;repository-name&#39;],\n            imageIds=[\n                {&#39;imageDigest&#39;: detail[&#39;image-digest&#39;]}\n            ]\n        )\n    except ClientError as err:\n        logger.error(&quot;Request failed: %s&quot;, err.response[&#39;Error&#39;][&#39;Message&#39;])\n    else:\n        return response[&#39;imageDetails&#39;][0]\n\n\ndef lambda_handler(event, context):\n    &quot;&quot;&quot;AWS Lambda Function to send ECR Image Scan Findings to Slack&quot;&quot;&quot;\n    response = 1\n    scan_result = get_findings(event[&#39;detail&#39;])\n\n    slack_message = get_params(scan_result)\n    req = Request(os.environ[&#39;WEBHOOK_URL&#39;], json.dumps(slack_message).encode(&#39;utf-8&#39;))\n    try:\n        with urlopen(req) as res:\n            res.read()\n            logger.info(&quot;Message posted.&quot;)\n    except HTTPError as err:\n        logger.error(&quot;Request failed: %d %s&quot;, err.code, err.reason)\n    except URLError as err:\n        logger.error(&quot;Server connection failed: %s&quot;, err.reason)\n    else:\n        response = 0\n\n    return response<\/code><\/pre>\n<p><code>Lambda<\/code> \u30d5\u30a1\u30f3\u30af\u30b7\u30e7\u30f3\u306b\u3001\u5148\u307b\u3069\u4f5c\u6210\u3057\u305f <code>Layer<\/code> \u3092\u5fd8\u308c\u305a\u306b\u8a2d\u5b9a\u3059\u308b\u3002<\/p>\n<p><img src=\"\/images\/ecr-image-scan-slack\/lambda_layer_set.png\" alt=\"\"><\/p>\n<h2 id=\"outline__5\" id=\"\u30c8\u30ea\u30ac\u30fc\u8a2d\u5b9a\">\u30c8\u30ea\u30ac\u30fc\u8a2d\u5b9a<\/h2>\n<p><code>Lambda<\/code> \u95a2\u6570\u306e\u30c8\u30ea\u30ac\u30fc\u3068\u306a\u308b\u3001 <code>CloudWatch Events<\/code> \u306e <code>Rule<\/code> \u3092\u4f5c\u6210\u3059\u308b\u3002<\/p>\n<p>\u30b5\u30fc\u30d3\u30b9\u540d\u306b\u3001 <code>Elastic Container Registry(ECR)<\/code> \u3092\u9078\u629e\u3002<\/p>\n<p><img src=\"\/images\/ecr-image-scan-slack\/create_rule1.png\" alt=\"\"><\/p>\n<p>\u30a4\u30d9\u30f3\u30c8\u30bf\u30a4\u30d7\u3068\u3057\u3066\u3001 <code>ECR Image Scan<\/code> \u3092\u8a2d\u5b9a\u3002<\/p>\n<p><img src=\"\/images\/ecr-image-scan-slack\/create_rule2.png\" alt=\"\"><\/p>\n<p>\u30bf\u30fc\u30b2\u30c3\u30c8\u3068\u3057\u3066\u3001\u5148\u307b\u3069\u4f5c\u6210\u3057\u305f <code>Lambda<\/code> \u30d5\u30a1\u30f3\u30af\u30b7\u30e7\u30f3\u3092\u30bb\u30c3\u30c8\u3002<\/p>\n<p><img src=\"\/images\/ecr-image-scan-slack\/target.png\" alt=\"\"><\/p>\n<h2 id=\"outline__6\" id=\"\u52d5\u4f5c\u78ba\u8a8d\">\u52d5\u4f5c\u78ba\u8a8d<\/h2>\n<p>\u8a66\u3057\u306b\u3001\u8106\u5f31\u6027\u3092\u542b\u3093\u3060\u30a4\u30e1\u30fc\u30b8\u3092\u30d7\u30c3\u30b7\u30e5\u3057\u3066\u307f\u308b\u3068\u3001<\/p>\n<p><img src=\"\/images\/ecr-image-scan-slack\/scan_critical.png\" alt=\"\"><\/p>\n<p>\u7121\u4e8b\u901a\u77e5\u304c\u884c\u308f\u308c\u305f\u3002<\/p>\n<h2 id=\"outline__7\" id=\"backlog-\u306b\u8ab2\u984c\u4f5c\u6210\u3082\u3084\u3063\u3066\u307f\u308b\">Backlog \u306b\u8ab2\u984c\u4f5c\u6210\u3082\u3084\u3063\u3066\u307f\u308b<\/h2>\n<p><code>Slack<\/code> \u306e\u901a\u77e5\u3067\u306f\u306a\u304f\u3066\u3001<\/p>\n<ul>\n<li>\u691c\u51fa\u3055\u308c\u305f\u8106\u5f31\u6027\u306e\u30ec\u30d9\u30eb\u306b <code>CRITICAL<\/code> \u304c\u542b\u307e\u308c\u3066\u3044\u305f\u5834\u5408\u306f <code>Backlog<\/code> \u306b\u3066\u8ab2\u984c\u767b\u9332<\/li>\n<\/ul>\n<p>\u3068\u3044\u3046\u3053\u3068\u3082\u3084\u3063\u3066\u307f\u308b\u3002<\/p>\n<p>\u3010\u53c2\u8003URL\u3011<\/p>\n<ul>\n<li><a href=\"https:\/\/nasrinjp1.hatenablog.com\/entry\/2018\/09\/05\/204956\">Datadog \u3067\u969c\u5bb3\u691c\u77e5\u3057\u305f\u3089 Slack \u3068 Backlog \u306b\u901a\u77e5\u3057\u3088\u3046<\/a><\/li>\n<\/ul>\n<p><code>Lambda<\/code> \u30d5\u30a1\u30f3\u30af\u30b7\u30e7\u30f3\u306f\u4e0b\u8a18\u306e\u3088\u3046\u306b\u3057\u305f\u3002<\/p>\n<pre><code class=\"language-py\">from datetime import datetime\nfrom logging import getLogger, INFO\nimport os\nfrom botocore.exceptions import ClientError\nimport boto3\nimport requests\n\nlogger = getLogger()\nlogger.setLevel(INFO)\n\n\ndef get_findings(detail):\n    &quot;&quot;&quot;Returns the image scan findings summary&quot;&quot;&quot;\n    ecr = boto3.client(&#39;ecr&#39;)\n    try:\n        response = ecr.describe_images(\n            repositoryName=detail[&#39;repository-name&#39;],\n            imageIds=[\n                {&#39;imageDigest&#39;: detail[&#39;image-digest&#39;]}\n            ]\n        )\n    except ClientError as err:\n        logger.error(&quot;Request failed: %s&quot;, err.response[&#39;Error&#39;][&#39;Message&#39;])\n    else:\n        return response[&#39;imageDetails&#39;][0]\n\n\ndef create_backlog_issue(scan_result):\n    &quot;&quot;&quot;Create Backlog Issue&quot;&quot;&quot;\n    company = os.environ[&#39;COMPANY&#39;]\n    severity = 2\n    region = &#39;ap-northeast-1&#39;\n    title = &quot;ECR\u30a4\u30e1\u30fc\u30b8\u30b9\u30ad\u30e3\u30f3\u306b\u3066\u8106\u5f31\u6027\u304c\u691c\u51fa\u3055\u308c\u307e\u3057\u305f&quot;\n    url = f&quot;https:\/\/{os.environ[&#39;BACKLOG_SPACE_ID&#39;]}.backlog.com\/api\/v2\/issues&quot;\n    repo = f&quot;{scan_result[&#39;repositoryName&#39;]}:{scan_result[&#39;imageTags&#39;][0]}&quot;\n\n    summary = scan_result[&#39;imageScanFindingsSummary&#39;][&#39;findingSeverityCounts&#39;]\n    complete_at = datetime.strftime(\n        scan_result[&#39;imageScanFindingsSummary&#39;][&#39;imageScanCompletedAt&#39;],\n        &#39;%Y-%m-%d %H:%M:%S %Z&#39;\n    )\n    source_update_at = datetime.strftime(\n        scan_result[&#39;imageScanFindingsSummary&#39;][&#39;vulnerabilitySourceUpdatedAt&#39;],\n        &#39;%Y-%m-%d %H:%M:%S %Z&#39;\n    )\n    result_url = f&#39;&#39;&#39;https:\/\/console.aws.amazon.com\/ecr\/repositories\/{\n                    scan_result[&#39;repositoryName&#39;]}\/image\/{\n                    scan_result[&#39;imageDigest&#39;]}\/scan-results?region={region}&#39;&#39;&#39;\n\n    description = &quot;&quot;&quot;\n\u4f1a\u793e\u540d: %s\n\u30a4\u30e1\u30fc\u30b8: %s\n\u30b9\u30ad\u30e3\u30f3\u5b8c\u4e86\u65e5\u6642: %s\n\u8106\u5f31\u6027\u60c5\u5831\u66f4\u65b0\u65e5\u6642: %s\n\u30b9\u30ad\u30e3\u30f3\u7d50\u679c: %s\n\nURL: %s\n    &quot;&quot;&quot; % (company, repo, complete_at, source_update_at, summary, result_url)\n\n    payload = {\n        &#39;projectId&#39; : os.environ[&#39;BACKLOG_PROJECT_ID&#39;],\n        &#39;issueTypeId&#39; : os.environ[&#39;BACKLOG_ISSUE_TYPE_ID&#39;],\n        &#39;priorityId&#39; : severity,\n        &#39;summary&#39; : title,\n        &#39;description&#39; : description,\n        &#39;apiKey&#39; : os.environ[&#39;BACKLOG_API_KEY&#39;]\n    }\n    response = requests.post(url, params=payload)\n    return response.json()\n\n\ndef lambda_handler(event, context):\n    &quot;&quot;&quot;ECR Image Scan Findings to Backlog&quot;&quot;&quot;\n    logger.info(event)\n    response = 1\n    scan_result = get_findings(event[&#39;detail&#39;])\n\n    # create backlog issue if &#39;CRITICAL&#39; found\n    counts = scan_result[&#39;imageScanFindingsSummary&#39;][&#39;findingSeverityCounts&#39;]\n    logger.info(counts)\n    if &#39;CRITICAL&#39; in counts:\n        logger.info(&quot;CRITICAL found. Creating Backlog Issue.&quot;)\n        response = create_backlog_issue(scan_result)\n\n    return response<\/code><\/pre>\n<p>\u203b \u74b0\u5883\u5909\u6570\u306b\u4e0b\u8a18\u306e\u5909\u6570\u8a2d\u5b9a\u3092\u3059\u308b\u5fc5\u8981\u304c\u3042\u308b\u306e\u3067\u6ce8\u610f\u3002<\/p>\n<p>COMPANY<br \/>\nBACKLOG_SPACE_ID<br \/>\nBACKLOG_PROJECT_ID<br \/>\nBACKLOG_ISSUE_TYPE_ID<br \/>\nBACKLOG_API_KEY<\/p>\n<p>\u203b \u307e\u305f\u3001\u3053\u306e\u30d5\u30a1\u30f3\u30af\u30b7\u30e7\u30f3\u3067\u306f\u3001 <code>requests<\/code> \u3092\u4f7f\u7528\u3057\u3066\u3044\u308b\u306e\u3067\u3001 <code>Lambda Layer<\/code> \u306b <code>requests<\/code> \u3092\u542b\u3081\u3066\u3084\u308b\u5fc5\u8981\u304c\u3042\u308b\u306e\u3067\u6ce8\u610f\u3002<\/p>\n<pre><code class=\"language-bash\">$ mkdir python\n$ pip install -t .\/python boto3 requests\n$ zip -r boto3-1.10.28.zip python<\/code><\/pre>\n<h2 id=\"outline__8\" id=\"\u52d5\u4f5c\u78ba\u8a8d-1\">\u52d5\u4f5c\u78ba\u8a8d<\/h2>\n<p>\u8106\u5f31\u6027\u3092\u542b\u3093\u3060\u30a4\u30e1\u30fc\u30b8\u3092\u30d7\u30c3\u30b7\u30e5\u3057\u3066\u307f\u308b\u3068\u3001 \u7121\u4e8b <code>Backlog<\/code> \u4e0a\u306b\u8ab2\u984c\u304c\u767b\u9332\u3055\u308c\u305f\u3002<\/p>\n<p><img src=\"\/images\/ecr-image-scan-slack\/backlog.png\" alt=\"\"><\/p>\n<p>\u4e0a\u8a18\u306e\u51e6\u7406\u3092\u7d44\u307f\u5408\u308f\u305b\u3066\u3001\u958b\u767a\u6642\u306b <code>ECR<\/code> \u3078\u30d7\u30c3\u30b7\u30e5\u3059\u308b\u305f\u3073\u306b\u30b9\u30ad\u30e3\u30f3\u5b9f\u884c\u3001\u30b9\u30ad\u30e3\u30f3\u7d50\u679c\u3092 <code>Slack<\/code> \u3078\u901a\u77e5\u3001\u3082\u3057\u8106\u5f31\u6027\u306e\u30ec\u30d9\u30eb\u306b <code>CRITICAL<\/code> \u304c\u542b\u307e\u308c\u3066\u3044\u305f\u3089 <code>Backlog<\/code> \u3078\u8ab2\u984c\u767b\u9332\u3059\u308b\u3001\u3068\u3044\u3046\u6d41\u308c\u304c\u3067\u304d\u308b\u3002<br \/>\n\u30ea\u30f3\u30af\u5148\u306e <code>URL<\/code> \u3067\u30b9\u30ad\u30e3\u30f3\u7d50\u679c\u306e\u8a73\u7d30\u304c\u78ba\u8a8d\u3067\u304d\u308b\u3088\u3046\u306b\u306a\u3063\u3066\u3044\u308b\u306e\u3067\u3001\u78ba\u8a8d\u304a\u3088\u3073\u5bfe\u5fdc\u3092\u3059\u308b\u3053\u3068\u304c\u3067\u304d\u308b\u3002<\/p>\n<p><img src=\"\/images\/ecr-image-scan-slack\/ecr_scan_result.png\" alt=\"\"><\/p>\n","protected":false},"excerpt":{"rendered":"<p>2019\u5e7410\u6708\u306b Amazon ECR \u306e\u8106\u5f31\u6027\u306e\u30b9\u30ad\u30e3\u30f3\u6a5f\u80fd\u304c\u5b9f\u88c5\u3055\u308c\u305f\u3002 Announcing Image Scanning for Amazon ECR \u4eca\u56de\u306f\u3001\u4e0b\u8a18\u306e\u8a18\u4e8b\u3092\u53c2\u8003\u306b\u3001 ECR \u3078\u30a4\u30e1\u30fc\u30b8\u3092\u30d7\u30c3\u30b7\u30e5 ECR \u306e\u30a4\u30e1\u30fc\u30b8\u30b9\u30ad\u30e3\u30f3 \u30b9\u30ad\u30e3\u30f3\u5b9f\u884c\u3092\u30c8\u30ea\u30ac\u30fc\u306b Lambda \u3092\u5b9f\u884c\u3057\u3066 Slack \u901a\u77e5 \u3068\u3044\u3046\u6d41\u308c\u3067\u3084\u3063\u3066\u307f\u305f\u3002 \u3010\u53c2\u8003URL\u3011 Amazon ECR\u306e\u30a4\u30e1\u30fc\u30b8\u30b9\u30ad\u30e3\u30f3 [&hellip;]<\/p>\n","protected":false},"author":3,"featured_media":684,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[13],"tags":[270,399],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/p-corporate-blog-cms.mmmcorp.co.jp\/wp-json\/wp\/v2\/posts\/593"}],"collection":[{"href":"https:\/\/p-corporate-blog-cms.mmmcorp.co.jp\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/p-corporate-blog-cms.mmmcorp.co.jp\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/p-corporate-blog-cms.mmmcorp.co.jp\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/p-corporate-blog-cms.mmmcorp.co.jp\/wp-json\/wp\/v2\/comments?post=593"}],"version-history":[{"count":1,"href":"https:\/\/p-corporate-blog-cms.mmmcorp.co.jp\/wp-json\/wp\/v2\/posts\/593\/revisions"}],"predecessor-version":[{"id":3287,"href":"https:\/\/p-corporate-blog-cms.mmmcorp.co.jp\/wp-json\/wp\/v2\/posts\/593\/revisions\/3287"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/p-corporate-blog-cms.mmmcorp.co.jp\/wp-json\/"}],"wp:attachment":[{"href":"https:\/\/p-corporate-blog-cms.mmmcorp.co.jp\/wp-json\/wp\/v2\/media?parent=593"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/p-corporate-blog-cms.mmmcorp.co.jp\/wp-json\/wp\/v2\/categories?post=593"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/p-corporate-blog-cms.mmmcorp.co.jp\/wp-json\/wp\/v2\/tags?post=593"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}