{"note":"OpenAPI conversion -- returning structured metadata","name":"amazonaws-com-ecr","description":"Amazon EC2 Container Registry","version":"2015-09-21","base_url":"","endpoints":49,"raw":"@lap v0.3\n# Machine-readable API spec. Each @endpoint block is one API call.\n@api Amazon EC2 Container Registry\n@version 2015-09-21\n@auth AWS SigV4\n@endpoints 49\n@hint download_for_search\n@toc root(49)\n\n@endpoint POST /\n@desc Checks the availability of one or more image layers in a repository. When an image is pushed to a repository, each image layer is checked to verify if it has been uploaded before. If it has been uploaded, then the image layer is skipped. This operation is used by the Amazon ECR proxy and is not generally used by customers for pulling and pushing images. In most cases, you should use the docker CLI to pull, tag, and push images.\n@required {repositoryName: str, layerDigests: [str]}\n@optional {registryId: str}\n@returns(200) {layers: [Layer]?, failures: [LayerFailure]?}\n\n@endpoint POST /\n@desc Deletes a list of specified images within a repository. Images are specified with either an imageTag or imageDigest. You can remove a tag from an image by specifying the image's tag in your request. When you remove the last tag from an image, the image is deleted from your repository. You can completely delete an image (and all of its tags) by specifying the image's digest in your request.\n@required {repositoryName: str, imageIds: [ImageIdentifier]}\n@optional {registryId: str}\n@returns(200) {imageIds: [ImageIdentifier]?, failures: [ImageFailure]?}\n\n@endpoint POST /\n@desc Gets detailed information for an image. Images are specified with either an imageTag or imageDigest. When an image is pulled, the BatchGetImage API is called once to retrieve the image manifest.\n@required {repositoryName: str, imageIds: [ImageIdentifier]}\n@optional {registryId: str, acceptedMediaTypes: [str]}\n@returns(200) {images: [Image]?, failures: [ImageFailure]?}\n\n@endpoint POST /\n@desc Gets the scanning configuration for one or more repositories.\n@required {repositoryNames: [str]}\n@returns(200) {scanningConfigurations: [RepositoryScanningConfiguration]?, failures: [RepositoryScanningConfigurationFailure]?}\n\n@endpoint POST /\n@desc Informs Amazon ECR that the image layer upload has completed for a specified registry, repository name, and upload ID. You can optionally provide a sha256 digest of the image layer for data validation purposes. When an image is pushed, the CompleteLayerUpload API is called once per each new image layer to verify that the upload has completed. This operation is used by the Amazon ECR proxy and is not generally used by customers for pulling and pushing images. In most cases, you should use the docker CLI to pull, tag, and push images.\n@required {repositoryName: str, uploadId: str, layerDigests: [str]}\n@optional {registryId: str}\n@returns(200) {registryId: str?, repositoryName: str?, uploadId: str?, layerDigest: str?}\n\n@endpoint POST /\n@desc Creates a pull through cache rule. A pull through cache rule provides a way to cache images from an upstream registry source in your Amazon ECR private registry. For more information, see Using pull through cache rules in the Amazon Elastic Container Registry User Guide.\n@required {ecrRepositoryPrefix: str, upstreamRegistryUrl: str}\n@optional {registryId: str, upstreamRegistry: str, credentialArn: str}\n@returns(200) {ecrRepositoryPrefix: str?, upstreamRegistryUrl: str?, createdAt: str(timestamp)?, registryId: str?, upstreamRegistry: str?, credentialArn: str?}\n\n@endpoint POST /\n@desc Creates a repository. For more information, see Amazon ECR repositories in the Amazon Elastic Container Registry User Guide.\n@required {repositoryName: str}\n@optional {registryId: str, tags: [Tag], imageTagMutability: str, imageScanningConfiguration: ImageScanningConfiguration, encryptionConfiguration: EncryptionConfiguration}\n@returns(200) {repository: Repository?{repositoryArn: str?, registryId: str?, repositoryName: str?, repositoryUri: str?, createdAt: str(timestamp)?, imageTagMutability: str?, imageScanningConfiguration: ImageScanningConfiguration?{scanOnPush: bool?}, encryptionConfiguration: EncryptionConfiguration?{encryptionType: str, kmsKey: str?}}}\n\n@endpoint POST /\n@desc Creates a repository creation template. This template is used to define the settings for repositories created by Amazon ECR on your behalf. For example, repositories created through pull through cache actions. For more information, see Private repository creation templates in the Amazon Elastic Container Registry User Guide.\n@required {prefix: str, appliedFor: [str]}\n@optional {description: str, encryptionConfiguration: EncryptionConfigurationForRepositoryCreationTemplate, resourceTags: [Tag], imageTagMutability: str, repositoryPolicy: str, lifecyclePolicy: str, customRoleArn: str}\n@returns(200) {registryId: str?, repositoryCreationTemplate: RepositoryCreationTemplate?{prefix: str?, description: str?, encryptionConfiguration: EncryptionConfigurationForRepositoryCreationTemplate?{encryptionType: str, kmsKey: str?}, resourceTags: [Tag]?, imageTagMutability: str?, repositoryPolicy: str?, lifecyclePolicy: str?, appliedFor: [str]?, customRoleArn: str?, createdAt: str(timestamp)?, updatedAt: str(timestamp)?}}\n\n@endpoint POST /\n@desc Deletes the lifecycle policy associated with the specified repository.\n@required {repositoryName: str}\n@optional {registryId: str}\n@returns(200) {registryId: str?, repositoryName: str?, lifecyclePolicyText: str?, lastEvaluatedAt: str(timestamp)?}\n\n@endpoint POST /\n@desc Deletes a pull through cache rule.\n@required {ecrRepositoryPrefix: str}\n@optional {registryId: str}\n@returns(200) {ecrRepositoryPrefix: str?, upstreamRegistryUrl: str?, createdAt: str(timestamp)?, registryId: str?, credentialArn: str?}\n\n@endpoint POST /\n@desc Deletes the registry permissions policy.\n@returns(200) {registryId: str?, policyText: str?}\n\n@endpoint POST /\n@desc Deletes a repository. If the repository isn't empty, you must either delete the contents of the repository or use the force option to delete the repository and have Amazon ECR delete all of its contents on your behalf.\n@required {repositoryName: str}\n@optional {registryId: str, force: bool}\n@returns(200) {repository: Repository?{repositoryArn: str?, registryId: str?, repositoryName: str?, repositoryUri: str?, createdAt: str(timestamp)?, imageTagMutability: str?, imageScanningConfiguration: ImageScanningConfiguration?{scanOnPush: bool?}, encryptionConfiguration: EncryptionConfiguration?{encryptionType: str, kmsKey: str?}}}\n\n@endpoint POST /\n@desc Deletes a repository creation template.\n@required {prefix: str}\n@returns(200) {registryId: str?, repositoryCreationTemplate: RepositoryCreationTemplate?{prefix: str?, description: str?, encryptionConfiguration: EncryptionConfigurationForRepositoryCreationTemplate?{encryptionType: str, kmsKey: str?}, resourceTags: [Tag]?, imageTagMutability: str?, repositoryPolicy: str?, lifecyclePolicy: str?, appliedFor: [str]?, customRoleArn: str?, createdAt: str(timestamp)?, updatedAt: str(timestamp)?}}\n\n@endpoint POST /\n@desc Deletes the repository policy associated with the specified repository.\n@required {repositoryName: str}\n@optional {registryId: str}\n@returns(200) {registryId: str?, repositoryName: str?, policyText: str?}\n\n@endpoint POST /\n@desc Returns the replication status for a specified image.\n@required {repositoryName: str, imageId: ImageIdentifier}\n@optional {registryId: str}\n@returns(200) {repositoryName: str?, imageId: ImageIdentifier?{imageDigest: str?, imageTag: str?}, replicationStatuses: [ImageReplicationStatus]?}\n\n@endpoint POST /\n@desc Returns the scan findings for the specified image.\n@required {repositoryName: str, imageId: ImageIdentifier}\n@optional {registryId: str, nextToken: str, maxResults: int}\n@returns(200) {registryId: str?, repositoryName: str?, imageId: ImageIdentifier?{imageDigest: str?, imageTag: str?}, imageScanStatus: ImageScanStatus?{status: str?, description: str?}, imageScanFindings: ImageScanFindings?{imageScanCompletedAt: str(timestamp)?, vulnerabilitySourceUpdatedAt: str(timestamp)?, findingSeverityCounts: map?, findings: [ImageScanFinding]?, enhancedFindings: [EnhancedImageScanFinding]?}, nextToken: str?}\n\n@endpoint POST /\n@desc Returns metadata about the images in a repository. Beginning with Docker version 1.9, the Docker client compresses image layers before pushing them to a V2 Docker registry. The output of the docker images command shows the uncompressed image size, so it may return a larger image size than the image sizes returned by DescribeImages.\n@required {repositoryName: str}\n@optional {registryId: str, imageIds: [ImageIdentifier], nextToken: str, maxResults: int, filter: DescribeImagesFilter}\n@returns(200) {imageDetails: [ImageDetail]?, nextToken: str?}\n\n@endpoint POST /\n@desc Returns the pull through cache rules for a registry.\n@optional {registryId: str, ecrRepositoryPrefixes: [str], nextToken: str, maxResults: int}\n@returns(200) {pullThroughCacheRules: [PullThroughCacheRule]?, nextToken: str?}\n\n@endpoint POST /\n@desc Describes the settings for a registry. The replication configuration for a repository can be created or updated with the PutReplicationConfiguration API action.\n@returns(200) {registryId: str?, replicationConfiguration: ReplicationConfiguration?{rules: [ReplicationRule]}}\n\n@endpoint POST /\n@desc Describes image repositories in a registry.\n@optional {registryId: str, repositoryNames: [str], nextToken: str, maxResults: int}\n@returns(200) {repositories: [Repository]?, nextToken: str?}\n\n@endpoint POST /\n@desc Returns details about the repository creation templates in a registry. The prefixes request parameter can be used to return the details for a specific repository creation template.\n@optional {prefixes: [str], nextToken: str, maxResults: int}\n@returns(200) {registryId: str?, repositoryCreationTemplates: [RepositoryCreationTemplate]?, nextToken: str?}\n\n@endpoint POST /\n@desc Retrieves the basic scan type version name.\n@required {name: str}\n@returns(200) {name: str?, value: str?}\n\n@endpoint POST /\n@desc Retrieves an authorization token. An authorization token represents your IAM authentication credentials and can be used to access any Amazon ECR registry that your IAM principal has access to. The authorization token is valid for 12 hours. The authorizationToken returned is a base64 encoded string that can be decoded and used in a docker login command to authenticate to a registry. The CLI offers an get-login-password command that simplifies the login process. For more information, see Registry authentication in the Amazon Elastic Container Registry User Guide.\n@optional {registryIds: [str]}\n@returns(200) {authorizationData: [AuthorizationData]?}\n\n@endpoint POST /\n@desc Retrieves the pre-signed Amazon S3 download URL corresponding to an image layer. You can only get URLs for image layers that are referenced in an image. When an image is pulled, the GetDownloadUrlForLayer API is called once per image layer that is not already cached. This operation is used by the Amazon ECR proxy and is not generally used by customers for pulling and pushing images. In most cases, you should use the docker CLI to pull, tag, and push images.\n@required {repositoryName: str, layerDigest: str}\n@optional {registryId: str}\n@returns(200) {downloadUrl: str?, layerDigest: str?}\n\n@endpoint POST /\n@desc Retrieves the lifecycle policy for the specified repository.\n@required {repositoryName: str}\n@optional {registryId: str}\n@returns(200) {registryId: str?, repositoryName: str?, lifecyclePolicyText: str?, lastEvaluatedAt: str(timestamp)?}\n\n@endpoint POST /\n@desc Retrieves the results of the lifecycle policy preview request for the specified repository.\n@required {repositoryName: str}\n@optional {registryId: str, imageIds: [ImageIdentifier], nextToken: str, maxResults: int, filter: LifecyclePolicyPreviewFilter}\n@returns(200) {registryId: str?, repositoryName: str?, lifecyclePolicyText: str?, status: str?, nextToken: str?, previewResults: [LifecyclePolicyPreviewResult]?, summary: LifecyclePolicyPreviewSummary?{expiringImageTotalCount: int?}}\n\n@endpoint POST /\n@desc Retrieves the permissions policy for a registry.\n@returns(200) {registryId: str?, policyText: str?}\n\n@endpoint POST /\n@desc Retrieves the scanning configuration for a registry.\n@returns(200) {registryId: str?, scanningConfiguration: RegistryScanningConfiguration?{scanType: str?, rules: [RegistryScanningRule]?}}\n\n@endpoint POST /\n@desc Retrieves the repository policy for the specified repository.\n@required {repositoryName: str}\n@optional {registryId: str}\n@returns(200) {registryId: str?, repositoryName: str?, policyText: str?}\n\n@endpoint POST /\n@desc Notifies Amazon ECR that you intend to upload an image layer. When an image is pushed, the InitiateLayerUpload API is called once per image layer that has not already been uploaded. Whether or not an image layer has been uploaded is determined by the BatchCheckLayerAvailability API action. This operation is used by the Amazon ECR proxy and is not generally used by customers for pulling and pushing images. In most cases, you should use the docker CLI to pull, tag, and push images.\n@required {repositoryName: str}\n@optional {registryId: str}\n@returns(200) {uploadId: str?, partSize: int(i64)?}\n\n@endpoint POST /\n@desc Lists all the image IDs for the specified repository. You can filter images based on whether or not they are tagged by using the tagStatus filter and specifying either TAGGED, UNTAGGED or ANY. For example, you can filter your results to return only UNTAGGED images and then pipe that result to a BatchDeleteImage operation to delete them. Or, you can filter your results to return only TAGGED images to list all of the tags in your repository.\n@required {repositoryName: str}\n@optional {registryId: str, nextToken: str, maxResults: int, filter: ListImagesFilter}\n@returns(200) {imageIds: [ImageIdentifier]?, nextToken: str?}\n\n@endpoint POST /\n@desc List the tags for an Amazon ECR resource.\n@required {resourceArn: str}\n@returns(200) {tags: [Tag]?}\n\n@endpoint POST /\n@desc Allows you to change the basic scan type version by setting the name parameter to either CLAIR to AWS_NATIVE.\n@required {name: str, value: str}\n@returns(200) {name: str?, value: str?}\n\n@endpoint POST /\n@desc Creates or updates the image manifest and tags associated with an image. When an image is pushed and all new image layers have been uploaded, the PutImage API is called once to create or update the image manifest and the tags associated with the image. This operation is used by the Amazon ECR proxy and is not generally used by customers for pulling and pushing images. In most cases, you should use the docker CLI to pull, tag, and push images.\n@required {repositoryName: str, imageManifest: str}\n@optional {registryId: str, imageManifestMediaType: str, imageTag: str, imageDigest: str}\n@returns(200) {image: Image?{registryId: str?, repositoryName: str?, imageId: ImageIdentifier?{imageDigest: str?, imageTag: str?}, imageManifest: str?, imageManifestMediaType: str?}}\n\n@endpoint POST /\n@desc The PutImageScanningConfiguration API is being deprecated, in favor of specifying the image scanning configuration at the registry level. For more information, see PutRegistryScanningConfiguration. Updates the image scanning configuration for the specified repository.\n@required {repositoryName: str, imageScanningConfiguration: ImageScanningConfiguration}\n@optional {registryId: str}\n@returns(200) {registryId: str?, repositoryName: str?, imageScanningConfiguration: ImageScanningConfiguration?{scanOnPush: bool?}}\n\n@endpoint POST /\n@desc Updates the image tag mutability settings for the specified repository. For more information, see Image tag mutability in the Amazon Elastic Container Registry User Guide.\n@required {repositoryName: str, imageTagMutability: str}\n@optional {registryId: str}\n@returns(200) {registryId: str?, repositoryName: str?, imageTagMutability: str?}\n\n@endpoint POST /\n@desc Creates or updates the lifecycle policy for the specified repository. For more information, see Lifecycle policy template.\n@required {repositoryName: str, lifecyclePolicyText: str}\n@optional {registryId: str}\n@returns(200) {registryId: str?, repositoryName: str?, lifecyclePolicyText: str?}\n\n@endpoint POST /\n@desc Creates or updates the permissions policy for your registry. A registry policy is used to specify permissions for another Amazon Web Services account and is used when configuring cross-account replication. For more information, see Registry permissions in the Amazon Elastic Container Registry User Guide.\n@required {policyText: str}\n@returns(200) {registryId: str?, policyText: str?}\n\n@endpoint POST /\n@desc Creates or updates the scanning configuration for your private registry.\n@optional {scanType: str, rules: [RegistryScanningRule]}\n@returns(200) {registryScanningConfiguration: RegistryScanningConfiguration?{scanType: str?, rules: [RegistryScanningRule]?}}\n\n@endpoint POST /\n@desc Creates or updates the replication configuration for a registry. The existing replication configuration for a repository can be retrieved with the DescribeRegistry API action. The first time the PutReplicationConfiguration API is called, a service-linked IAM role is created in your account for the replication process. For more information, see Using service-linked roles for Amazon ECR in the Amazon Elastic Container Registry User Guide. For more information on the custom role for replication, see Creating an IAM role for replication. When configuring cross-account replication, the destination account must grant the source account permission to replicate. This permission is controlled using a registry permissions policy. For more information, see PutRegistryPolicy.\n@required {replicationConfiguration: ReplicationConfiguration}\n@returns(200) {replicationConfiguration: ReplicationConfiguration?{rules: [ReplicationRule]}}\n\n@endpoint POST /\n@desc Applies a repository policy to the specified repository to control access permissions. For more information, see Amazon ECR Repository policies in the Amazon Elastic Container Registry User Guide.\n@required {repositoryName: str, policyText: str}\n@optional {registryId: str, force: bool}\n@returns(200) {registryId: str?, repositoryName: str?, policyText: str?}\n\n@endpoint POST /\n@desc Starts an image vulnerability scan. An image scan can only be started once per 24 hours on an individual image. This limit includes if an image was scanned on initial push. For more information, see Image scanning in the Amazon Elastic Container Registry User Guide.\n@required {repositoryName: str, imageId: ImageIdentifier}\n@optional {registryId: str}\n@returns(200) {registryId: str?, repositoryName: str?, imageId: ImageIdentifier?{imageDigest: str?, imageTag: str?}, imageScanStatus: ImageScanStatus?{status: str?, description: str?}}\n\n@endpoint POST /\n@desc Starts a preview of a lifecycle policy for the specified repository. This allows you to see the results before associating the lifecycle policy with the repository.\n@required {repositoryName: str}\n@optional {registryId: str, lifecyclePolicyText: str}\n@returns(200) {registryId: str?, repositoryName: str?, lifecyclePolicyText: str?, status: str?}\n\n@endpoint POST /\n@desc Adds specified tags to a resource with the specified ARN. Existing tags on a resource are not changed if they are not specified in the request parameters.\n@required {resourceArn: str, tags: [Tag]}\n\n@endpoint POST /\n@desc Deletes specified tags from a resource.\n@required {resourceArn: str, tagKeys: [str]}\n\n@endpoint POST /\n@desc Updates an existing pull through cache rule.\n@required {ecrRepositoryPrefix: str, credentialArn: str}\n@optional {registryId: str}\n@returns(200) {ecrRepositoryPrefix: str?, registryId: str?, updatedAt: str(timestamp)?, credentialArn: str?}\n\n@endpoint POST /\n@desc Updates an existing repository creation template.\n@required {prefix: str}\n@optional {description: str, encryptionConfiguration: EncryptionConfigurationForRepositoryCreationTemplate, resourceTags: [Tag], imageTagMutability: str, repositoryPolicy: str, lifecyclePolicy: str, appliedFor: [str], customRoleArn: str}\n@returns(200) {registryId: str?, repositoryCreationTemplate: RepositoryCreationTemplate?{prefix: str?, description: str?, encryptionConfiguration: EncryptionConfigurationForRepositoryCreationTemplate?{encryptionType: str, kmsKey: str?}, resourceTags: [Tag]?, imageTagMutability: str?, repositoryPolicy: str?, lifecyclePolicy: str?, appliedFor: [str]?, customRoleArn: str?, createdAt: str(timestamp)?, updatedAt: str(timestamp)?}}\n\n@endpoint POST /\n@desc Uploads an image layer part to Amazon ECR. When an image is pushed, each new image layer is uploaded in parts. The maximum size of each image layer part can be 20971520 bytes (or about 20MB). The UploadLayerPart API is called once per each new image layer part. This operation is used by the Amazon ECR proxy and is not generally used by customers for pulling and pushing images. In most cases, you should use the docker CLI to pull, tag, and push images.\n@required {repositoryName: str, uploadId: str, partFirstByte: int(i64), partLastByte: int(i64), layerPartBlob: bytes}\n@optional {registryId: str}\n@returns(200) {registryId: str?, repositoryName: str?, uploadId: str?, lastByteReceived: int(i64)?}\n\n@endpoint POST /\n@desc Validates an existing pull through cache rule for an upstream registry that requires authentication. This will retrieve the contents of the Amazon Web Services Secrets Manager secret, verify the syntax, and then validate that authentication to the upstream registry is successful.\n@required {ecrRepositoryPrefix: str}\n@optional {registryId: str}\n@returns(200) {ecrRepositoryPrefix: str?, registryId: str?, upstreamRegistryUrl: str?, credentialArn: str?, isValid: bool?, failure: str?}\n\n@end\n"}