AWS imagebuilder medium security documentation change
Summary
Added new EventBridge event types including CVE detection and pipeline auto-disable events. Restructured topics with detailed event schemas.
Security assessment
The addition of 'EC2 Image Builder CVE Detected' event directly documents security vulnerability detection capabilities. The 'Image Pipeline Automatically Disabled' event relates to mitigating risks from repeated failures, though not explicitly a security flaw. CVE detection is a security feature.
Diff
diff --git a/imagebuilder/latest/userguide/integ-eventbridge.md b/imagebuilder/latest/userguide/integ-eventbridge.md index 77aaa638e..3b0f940fc 100644 --- a//imagebuilder/latest/userguide/integ-eventbridge.md +++ b//imagebuilder/latest/userguide/integ-eventbridge.md @@ -51 +51 @@ Image Builder sends event messages to EventBridge when there are significant cha -**EC2 Image Builder Image State Change** +###### Topics @@ -52,0 +53,12 @@ Image Builder sends event messages to EventBridge when there are significant cha + * EC2 Image Builder Image State Change + + * EC2 Image Builder CVE Detected + + * EC2 Image Builder Workflow Step Waiting + + * EC2 Image Builder Image Pipeline Automatically Disabled + + + + +### EC2 Image Builder Image State Change @@ -87,2 +99 @@ Image Builder sends this event when the state changes for an image resource duri -**EC2 Image Builder CVE Detected** - +### EC2 Image Builder CVE Detected @@ -116,2 +127 @@ If you have CVE detection enabled for your image, Image Builder sends a message -**EC2 Image Builder Workflow Step Waiting** - +### EC2 Image Builder Workflow Step Waiting @@ -137,0 +148,19 @@ Image Builder sends a message when a `WaitForAction` workflow step pauses to wai +### EC2 Image Builder Image Pipeline Automatically Disabled + +If you've configured the `autoDisablePolicy` for your pipeline, then Image Builder disables the pipeline and sends an event message to EventBridge when the number of consecutive scheduled pipeline execution failures exceeds the maximum number that's allowed per the policy. + + + { + "version": "0", + "id": "a1b2c3d4-5678-90ab-cdef-EXAMPLE11111", + "detail-type": "EC2 Image Builder Image Pipeline Automatically Disabled", + "source": "aws.imagebuilder", + "account": "111122223333", + "time": "2025-09-18T16:54:44Z", + "region": "us-west-2", + "resources": ["arn:aws:imagebuilder:us-west-2:111122223333:image-pipeline/disabled-image-pipeline-name"], + "detail": { + "consecutive-failures": "5" + } + } +