AWS AmazonECR documentation change
Summary
Formatting changes (bold scanning types, hyphens to en dashes) and clarification about API usage for scan results
Security assessment
Changes clarify security-related scanning features but do not address a specific vulnerability. Enhanced scanning documentation describes vulnerability detection capabilities which are security features.
Diff
diff --git a/AmazonECR/latest/userguide/image-scanning.md b/AmazonECR/latest/userguide/image-scanning.md index 2aa1a4ce9..940a419b8 100644 --- a//AmazonECR/latest/userguide/image-scanning.md +++ b//AmazonECR/latest/userguide/image-scanning.md @@ -11 +11 @@ Amazon ECR image scanning helps to identify software vulnerabilities in your con -Switching between the Enhanced scanning, Basic scanning, and the Improved basic scanning versions will cause previously established scans to no longer be available. You will have to set up your scans again. However, if you switch back to your previous scanning version the established scans will be available. +Switching between the **Enhanced scanning** , **Basic scanning** , and the **Improved basic scanning** versions will cause previously established scans to no longer be available. You will have to set up your scans again. However, if you switch back to your previous scanning version the established scans will be available. @@ -13 +13 @@ Switching between the Enhanced scanning, Basic scanning, and the Improved basic - * **Enhanced scanning** —Amazon ECR integrates with Amazon Inspector to provide automated, continuous scanning of your repositories. Your container images are scanned for both operating systems and programming language package vulnerabilities. As new vulnerabilities appear, the scan results are updated and Amazon Inspector emits an event to EventBridge to notify you. Enhanced scanning provides the following: + * **Enhanced scanning** – Amazon ECR integrates with Amazon Inspector to provide automated, continuous scanning of your repositories. Your container images are scanned for both operating systems and programming language package vulnerabilities. As new vulnerabilities appear, the scan results are updated and Amazon Inspector emits an event to EventBridge to notify you. Enhanced scanning provides the following: @@ -19 +19 @@ Switching between the Enhanced scanning, Basic scanning, and the Improved basic - * **Basic scanning** —Amazon ECR provides two versions of basic scanning which use the Common Vulnerabilities and Exposures (CVEs) database:. + * **Basic scanning** – Amazon ECR provides two versions of basic scanning which use the Common Vulnerabilities and Exposures (CVEs) database:. @@ -21 +21 @@ Switching between the Enhanced scanning, Basic scanning, and the Improved basic - * **AWS native basic scanning** —Uses AWS native technology, which is now GA and recommended. All new customer registries are opted into this improved version by default. + * **AWS native basic scanning** – Uses AWS native technology, which is now GA and recommended. All new customer registries are opted into this improved version by default. @@ -23 +23 @@ Switching between the Enhanced scanning, Basic scanning, and the Improved basic - * **Clair basic scanning** —Uses the open-source Clair project and is deprecated. + * **Clair basic scanning** – Uses the open-source Clair project and is deprecated. @@ -33 +33 @@ With basic scanning, you configure your repositories to scan on push or you can -The new version of basic scanning does not support `imageScanFindingsSummary` and `imageScanStatus` in the `DescribeImages` API. To view these, use the `DescribeImageScanFindings` API. +The new version of Amazon ECR Basic Scanning doesn't use the `imageScanFindingsSummary` and `imageScanStatus` attributes from the `DescribeImages` API response to return scan results. Use the `DescribeImageScanFindings` API instead. For more information, see [`DescribeImageScanFindings`](https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_DescribeImageScanFindings.html).