EC2 Image Builder is a fully managed Amazon Web Services service that makes it easier to automate the creation, management, and deployment of customized, secure, and up-to-date "golden" server images that are pre-installed and pre-configured with software and settings to meet specific IT standards.

CancelImageCreation cancels the creation of Image. This operation can only be used on images in a non-terminal state.

Creates a new component that can be used to build, validate, test, and assess your image. The component is based on a YAML document that you specify using exactly one of the following methods:

• Inline, using the data property in the request body.

• A URL that points to a YAML document file stored in Amazon S3, using the uri property in the request body.

Creates a new container recipe. Container recipes define how images are configured, tested, and assessed.

Creates a new distribution configuration. Distribution configurations define and configure the outputs of your pipeline.

Creates a new image. This request will create a new image along with all of the configured output resources defined in the distribution configuration. You must specify exactly one recipe for your image, using either a ContainerRecipeArn or an ImageRecipeArn.

Creates a new image pipeline. Image pipelines enable you to automate the creation and distribution of images.

Creates a new image recipe. Image recipes define how images are configured, tested, and assessed.

Creates a new infrastructure configuration. An infrastructure configuration defines the environment in which your image will be built and tested.

Deletes a component build version.

Deletes a container recipe.

Deletes a distribution configuration.

Deletes an Image Builder image resource. This does not delete any EC2 AMIs or ECR container images that are created during the image build process. You must clean those up separately, using the appropriate Amazon EC2 or Amazon ECR console actions, or API or CLI commands.

• To deregister an EC2 Linux AMI, see Deregister your Linux AMI in the Amazon EC2 User Guide .

• To deregister an EC2 Windows AMI, see Deregister your Windows AMI in the Amazon EC2 Windows Guide .

• To delete a container image from Amazon ECR, see Deleting an image in the Amazon ECR User Guide.

Deletes an image pipeline.

Deletes an image recipe.

Deletes an infrastructure configuration.

Gets a component object.

Gets a component policy.

Retrieves a container recipe.

Retrieves the policy for a container recipe.

Gets a distribution configuration.

Gets an image.

Gets an image pipeline.

Gets an image policy.

Gets an image recipe.

Gets an image recipe policy.

Gets an infrastructure configuration.

Get the runtime information that was logged for a specific runtime instance of the workflow.

Get the runtime information that was logged for a specific runtime instance of the workflow step.

Imports a component and transforms its data into a component document.

When you export your virtual machine (VM) from its virtualization environment, that process creates a set of one or more disk container files that act as snapshots of your VM’s environment, settings, and data. The Amazon EC2 API ImportImage action uses those files to import your VM and create an AMI. To import using the CLI command, see import-image

You can reference the task ID from the VM import to pull in the AMI that the import created as the base image for your Image Builder recipe.

Returns the list of component build versions for the specified semantic version.

Returns the list of components that can be filtered by name, or by using the listed filters to streamline results. Newly created components can take up to two minutes to appear in the ListComponents API Results.

Returns a list of container recipes.

Returns a list of distribution configurations.

Returns a list of image build versions.

List the Packages that are associated with an Image Build Version, as determined by Amazon Web Services Systems Manager Inventory at build time.

Returns a list of images created by the specified pipeline.

Returns a list of image pipelines.

Returns a list of image recipes.

Returns a list of image scan aggregations for your account. You can filter by the type of key that Image Builder uses to group results. For example, if you want to get a list of findings by severity level for one of your pipelines, you might specify your pipeline with the imagePipelineArn filter. If you don\'t specify a filter, Image Builder returns an aggregation for your account.

To streamline results, you can use the following filters in your request:

• accountId

• imageBuildVersionArn

• imagePipelineArn

• vulnerabilityId

Returns a list of image scan findings for your account.

Returns the list of images that you have access to. Newly created images can take up to two minutes to appear in the ListImages API Results.

Returns a list of infrastructure configurations.

Returns the list of tags for the specified resource.

Returns a list of workflow runtime instance metadata objects for a specific image build version.

Shows runtime data for each step in a runtime instance of the workflow that you specify in the request.

Applies a policy to a component. We recommend that you call the RAM API CreateResourceShare to share resources. If you call the Image Builder API PutComponentPolicy, you must also call the RAM API PromoteResourceShareCreatedFromPolicy in order for the resource to be visible to all principals with whom the resource is shared.

Applies a policy to a container image. We recommend that you call the RAM API CreateResourceShare (https://docs.aws.amazon.com//ram/latest/APIReference/API_CreateResourceShare.html) to share resources. If you call the Image Builder API PutContainerImagePolicy, you must also call the RAM API PromoteResourceShareCreatedFromPolicy (https://docs.aws.amazon.com//ram/latest/APIReference/API_PromoteResourceShareCreatedFromPolicy.html) in order for the resource to be visible to all principals with whom the resource is shared.

Applies a policy to an image. We recommend that you call the RAM API CreateResourceShare to share resources. If you call the Image Builder API PutImagePolicy, you must also call the RAM API PromoteResourceShareCreatedFromPolicy in order for the resource to be visible to all principals with whom the resource is shared.

Applies a policy to an image recipe. We recommend that you call the RAM API CreateResourceShare to share resources. If you call the Image Builder API PutImageRecipePolicy, you must also call the RAM API PromoteResourceShareCreatedFromPolicy in order for the resource to be visible to all principals with whom the resource is shared.

Manually triggers a pipeline to create an image.

Adds a tag to a resource.

Removes a tag from a resource.

Updates a new distribution configuration. Distribution configurations define and configure the outputs of your pipeline.

Updates an image pipeline. Image pipelines enable you to automate the creation and distribution of images.

Updates a new infrastructure configuration. An infrastructure configuration defines the environment in which your image will be built and tested.

Contains counts of vulnerability findings from image scans that run when you create new Image Builder images, or build new versions of existing images. The vulnerability counts are grouped by severity level. The counts are aggregated across resources to create the final tally for the account that owns them.

Returns an object that contains severity counts based on an account ID.

The owner account ID for the fast-launch enabled Windows AMI.

The account ID that this configuration applies to.

The ID of an account to which you want to distribute an image.

The Amazon Web Services account ID.

In addition to your infrastructure configuration, these settings provide an extra layer of control over your build instances. You can also specify commands to run on launch for all of your build instances.

Image Builder does not automatically install the Systems Manager agent on Windows instances. If your base image includes the Systems Manager agent, then the AMI that you create will also include the agent. For Linux instances, if the base image does not already include the Systems Manager agent, Image Builder installs it. For Linux instances where Image Builder installs the Systems Manager agent, you can choose whether to keep it for the AMI that you create.

Specify additional settings and launch scripts for your build instances.

Before you create a new AMI, Image Builder launches temporary Amazon EC2 instances to build and test your image configuration. Instance configuration adds a layer of control over those instances. You can define settings and add scripts to run when an instance is launched from your AMI.

Details of an Amazon EC2 AMI.

Define and configure the output AMIs of the pipeline.

The specific AMI settings; for example, launch permissions or AMI tags.

The Amazon EC2 AMIs created by this image.

The name of the output AMI.

The Amazon Resource Name (ARN) of the image pipeline that created this image.

The Amazon Resource Name (ARN) of the image recipe associated with this image pipeline.

The Amazon Resource Name (ARN) of the container recipe that is used for this pipeline.

The Amazon Resource Name (ARN) of the infrastructure configuration associated with this image pipeline.

The Amazon Resource Name (ARN) of the distribution configuration associated with this image pipeline.

The Amazon Resource Name (ARN) of the AMI that was created during the VM import process. This AMI is used as the base image for the recipe that imported the VM.

Indicates whether component source is hidden from view in the console, and from component detail results for API, CLI, or SDK operations.

Indicates whether component source is hidden from view in the console, and from component detail results for API, CLI, or SDK operations.

A Boolean that represents the current state of faster launching for the Windows AMI. Set to true to start using Windows faster launching, or false to stop using it.

Set the specified Amazon EC2 launch template as the default launch template for the specified account.

Returns the list of components for the specified name.

Requests a list of images with a specific recipe name.

Indicates the type of build that created this image. The build can be initiated in the following ways:

• USER_INITIATED – A manual pipeline build request.

• SCHEDULED – A pipeline build initiated by a cron expression in the Image Builder pipeline, or from EventBridge.

• IMPORT – A VM import created the image to use as the base image for the recipe.

Indicates the type of build that created this image. The build can be initiated in the following ways:

• USER_INITIATED – A manual pipeline build request.

• SCHEDULED – A pipeline build initiated by a cron expression in the Image Builder pipeline, or from EventBridge.

• IMPORT – A VM import created the image to use as the base image for the recipe.

Indicates the type of build that created this image. The build can be initiated in the following ways:

• USER_INITIATED – A manual pipeline build request.

• SCHEDULED – A pipeline build initiated by a cron expression in the Image Builder pipeline, or from EventBridge.

• IMPORT – A VM import created the image to use as the base image for the recipe.

You have exceeded the permitted request rate for the specific operation.

These errors are usually caused by a client action, such as using an action or resource on behalf of a user that doesn\'t have permissions to use the action or resource, or specifying an invalid resource identifier.

Unique, case-sensitive identifier you provide to ensure idempotency of the request. For more information, see Ensuring idempotency in the Amazon EC2 API Reference.

The idempotency token that was used for this request.

The idempotency token of the component.

The idempotency token used to make this request idempotent.

The client token used to make this request idempotent.

The client token used to make this request idempotent.

The idempotency token of the distribution configuration.

The idempotency token used to make this request idempotent.

The idempotency token used to make this request idempotent.

The idempotency token used to make this request idempotent.

The idempotency token used to make this request idempotent.

The idempotency token used to make this request idempotent.

The idempotency token used to make this request idempotent.

The idempotency token used to make this request idempotent.

The idempotency token used to make this request idempotent.

The idempotency token used to make this request idempotent.

The idempotency token of the component.

The idempotency token used to make this request idempotent.

Unique, case-sensitive identifier you provide to ensure idempotency of the request. For more information, see Ensuring idempotency in the Amazon EC2 API Reference.

The idempotency token that was used for this request.

The idempotency token used to make this request idempotent.

The idempotency token used to make this request idempotent.

The idempotency token of the distribution configuration.

The idempotency token used to make this request idempotent.

The idempotency token used to make this request idempotent.

The idempotency token used to make this request idempotent.

The idempotency token used to make this request idempotent.

The idempotency token used to make this request idempotent.

A detailed view of a component.

The component object associated with the specified ARN.

The Amazon Resource Name (ARN) of the component that this request created.

The Amazon Resource Name (ARN) of the component build version to delete.

The ARN of the component build version that this request deleted.

The Amazon Resource Name (ARN) of the component whose policy you want to retrieve.

The Amazon Resource Name (ARN) of the imported component.

The Amazon Resource Name (ARN) of the component that this policy should be applied to.

The Amazon Resource Name (ARN) of the component that this policy was applied to.

Configuration details of the component.

Build and test components that are included in the container recipe. Recipes require a minimum of one build component, and can have a maximum of 20 build and test components in any combination.

Components for build and test that are included in the container recipe. Recipes require a minimum of one build component, and can have a maximum of 20 build and test components in any combination.

The components included in the image recipe.

The components that are included in the image recipe. Recipes require a minimum of one build component, and can have a maximum of 20 build and test components in any combination.

Component data contains the YAML document content for the component.

The format of the resource that you want to import as a component.

Contains a key/value pair that sets the named component parameter.

Describes this parameter.

Defines a parameter that is used to provide configuration details for the component.

Contains parameter details for each of the parameters that the component document defined for the component.

A group of parameter settings that Image Builder uses to configure the component for a specific recipe.

The name of the component parameter to set.

The name of this input parameter.

The type of input this parameter provides. The currently supported value is "string".

Sets the value for the named component parameter.

The default value of this parameter if no input is provided.

A group of fields that describe the current status of components that are no longer active.

Describes the current status of the component. This is used for components that are no longer active.

Describes the current status of the component.

The current state of the component.

A high-level summary of a component.

The list of component summaries for the specified semantic version.

The component type specifies whether Image Builder uses the component to build the image or only to test it.

The component type specifies whether Image Builder uses the component to build the image or only to test it.

The type of the component denotes whether the component is used to build the image or only to test it.

The type of the component denotes whether the component is used to build the image, or only to test it.

The defining characteristics of a specific version of an Amazon Web Services TOE component.

The component version Amazon Resource Name (ARN) whose versions you want to list.

The Amazon Resource Name (ARN) of the component.

The Amazon Resource Name (ARN) of the component that you want to get. Regex requires the suffix /\\d+$.

The list of component semantic versions.

A container encapsulates the runtime environment for an application.

Container distribution settings for encryption, licensing, and sharing in a specific Region.

Container distribution settings for encryption, licensing, and sharing in a specific Region.

Container images that the pipeline has generated and stored in the output repository.

A container recipe.

The container recipe object that is returned.

For container images, this is the container recipe that Image Builder used to create the image. For images that distribute an AMI, this is empty.

Returns the Amazon Resource Name (ARN) of the container recipe that the request created.

The Amazon Resource Name (ARN) of the container recipe that is used to configure images created by this container pipeline.

The Amazon Resource Name (ARN) of the container recipe that defines how images are configured and tested.

The Amazon Resource Name (ARN) of the container recipe to delete.

The Amazon Resource Name (ARN) of the container recipe that was deleted.

The Amazon Resource Name (ARN) of the container recipe for the policy being requested.

The Amazon Resource Name (ARN) of the container recipe to retrieve.

The Amazon Resource Name (ARN) of the container recipe that this policy should be applied to.

The Amazon Resource Name (ARN) of the container recipe that this policy was applied to.

The Amazon Resource Name (ARN) of the container pipeline to update.

A summary of a container recipe

The list of container recipes returned for the request.

Specifies the service in which this image was registered.

Specifies the type of container, such as Docker.

Specifies the type of container, such as "Docker".

The type of container to create.

Amazon Inspector generates a risk score for each finding. This score helps you to prioritize findings, to focus on the most critical findings and the most vulnerable resources. The score uses the Common Vulnerability Scoring System (CVSS) format. This format is a modification of the base CVSS score that the National Vulnerability Database (NVD) provides. For more information about severity levels, see Severity levels for Amazon Inspector findings in the Amazon Inspector User Guide.

Details about an adjustment that Amazon Inspector made to the CVSS score for a finding.

An object that contains details about an adjustment that Amazon Inspector made to the CVSS score for the finding.

Details about the source of the score, and the factors that determined the adjustments to create the final score.

An object that contains details about an adjustment that Amazon Inspector made to the CVSS score for the finding.

CVSS scores for one or more vulnerabilities that Amazon Inspector identified for a package.

The date that Image Builder created the component.

The original creation date of the component.

The date that the component was created.

The date when this container recipe was created.

The date when this container recipe was created.

The date on which this distribution configuration was created.

The date on which this distribution configuration was last updated.

The date on which the distribution configuration was created.

The date on which the distribution configuration was updated.

The timestamp when the specified runtime instance of the workflow started.

The timestamp when the specified runtime instance of the workflow finished.

The timestamp when the specified runtime version of the workflow step started.

The timestamp when the specified runtime instance of the workflow step finished.

The date on which Image Builder created this image.

The date on which this image pipeline was created.

The date on which this image pipeline was last updated.

This is no longer supported, and does not return a value.

The next date when the pipeline is scheduled to run.

The date on which this image recipe was created.

The date on which this image recipe was created.

The date on which Image Builder created this image.

The date on which this specific version of the Image Builder image was created.

The date on which the infrastructure configuration was created.

The date on which the infrastructure configuration was last updated.

The date on which the infrastructure configuration was created.

The date on which the infrastructure configuration was last updated.

The timestamp when the runtime instance of this workflow started.

The timestamp when this runtime instance of the workflow finished.

The timestamp when the workflow step started.

The timestamp when the workflow step finished.

The date and time when the finding was first observed.

The timestamp when the finding was last updated.

The date and time when this vulnerability was first added to the vendor\'s database.

The date and time when the vendor last updated this vulnerability in their database.

Export the updated image to one of the following supported disk image formats:

• Virtual Hard Disk (VHD) – Compatible with Citrix Xen and Microsoft Hyper-V virtualization products.

• Stream-optimized ESX Virtual Machine Disk (VMDK) – Compatible with VMware ESX and VMware vSphere versions 4, 5, and 6.

• Raw – Raw format.

Defines the settings for a specific Region.

A distribution configuration.

The distribution configuration object.

The distribution configuration that Image Builder used to create this image.

The Amazon Resource Name (ARN) of the distribution configuration that was created by this request.

The Amazon Resource Name (ARN) of the distribution configuration that will be used to configure and distribute images created by this image pipeline.

The Amazon Resource Name (ARN) of the distribution configuration that defines and configures the outputs of your pipeline.

The Amazon Resource Name (ARN) of the distribution configuration to delete.

The Amazon Resource Name (ARN) of the distribution configuration that was deleted.

The Amazon Resource Name (ARN) of the distribution configuration that you want to retrieve.

The Amazon Resource Name (ARN) of the distribution configuration that you want to update.

The Amazon Resource Name (ARN) of the distribution configuration that was updated by this request.

The Amazon Resource Name (ARN) of the distribution configuration that Image Builder uses to configure and distribute images that this image pipeline has updated.

A high-level overview of a distribution configuration.

The list of distributions.

The distributions of the distribution configuration.

The distribution objects that apply Region-specific settings for the deployment of the image to targeted Regions.

The distributions of the distribution configuration.

The maximum duration in minutes for this distribution configuration.

Dockerfiles are text documents that are used to build Docker containers, and ensure that they contain all of the elements required by the application running inside. The template data consists of contextual variables where Image Builder places build information or scripts, based on your container image recipe.

Amazon EBS-specific block device mapping specifications.

Use to manage Amazon EBS-specific configuration for this mapping.

Use to configure device IOPS.

Use to override the device\'s volume size.

For GP3 volumes only – The throughput in MiB/s that the volume supports.

Use to override the device\'s volume type.

Settings that Image Builder uses to configure the ECR repository and the output container images that Amazon Inspector scans.

Contains Amazon ECR settings for vulnerability scans.

Use to remove a mapping from the base image.

Define and configure faster launching for output Windows AMIs.

The Windows faster-launching configurations to use for AMI distribution.

Identifies the launch template that the associated Windows AMI uses for launching an instance when faster launching is enabled.

The launch template that the fast-launch enabled Windows AMI uses when it launches Windows instances to create pre-provisioned snapshots.

Configuration settings for creating and managing pre-provisioned snapshots for a fast-launch enabled Windows AMI.

Configuration settings for managing the number of snapshots that are created from pre-provisioned instances for the Windows AMI when faster launching is enabled.

A filter name and value pair that is used to return a more specific list of results from a list operation. Filters can be used to match a set of resources by specific criteria, such as tags, attributes, or IDs.

Use the following filters to streamline results:

• description

• name

• platform

• supportedOsVersion

• type

• version

Use the following filters to streamline results:

• containerType

• name

• parentImage

• platform

You can filter on name to streamline results.

Use the following filters to streamline results:

• name

• osVersion

• platform

• type

• version

Use the following filters to streamline results:

• name

• version

Use the following filters to streamline results:

• description

• distributionConfigurationArn

• imageRecipeArn

• infrastructureConfigurationArn

• name

• status

Use the following filters to streamline results:

• name

• parentImage

• platform

Use the following filters to streamline results:

• name

• osVersion

• platform

• type

• version

You can filter on name to streamline results.

The name of the filter. Filter names are case-sensitive.

The name of the image scan finding filter. Filter names are case-sensitive.

The filter values. Filter values are case-sensitive.

You are not authorized to perform the requested operation.

GetInfrastructureConfiguration request object.

GetInfrastructureConfiguration response object.

Limit the number of hops that an instance metadata request can traverse to reach its destination. The default is one hop. However, if HTTP tokens are required, container image builds need a minimum of two hops.

Indicates whether a signed token header is required for instance metadata retrieval requests. The values affect the response as follows:

• required – When you retrieve the IAM role credentials, version 2.0 credentials are returned in all cases.

• optional – You can include a signed token header in your request to retrieve instance metadata, or you can leave it out. If you include it, version 2.0 credentials are returned for the IAM role. Otherwise, version 1.0 credentials are returned.

The default setting is optional.

You have specified a client token for an operation using parameter values that differ from a previous request that used the same client token.

An Image Builder image. You must specify exactly one recipe for the image – either a container recipe (containerRecipe), which creates a container image, or an image recipe (imageRecipe), which creates an AMI.

The image object.

Contains vulnerability counts for a specific image.

Returns an object that contains severity counts based on the Amazon Resource Name (ARN) for a specific image.

The output message from the list action, if applicable.

The output message from the list action, if applicable.

The Amazon Resource Name (ARN) of the image that you want to cancel creation for.

The ARN of the image whose creation this request canceled.

The Amazon Resource Name (ARN) of the image that this request created.

The Amazon Resource Name (ARN) of the Image Builder image resource to delete.

The ARN of the Image Builder image resource that this request deleted.

The Amazon Resource Name (ARN) of the image whose policy you want to retrieve.

The Amazon Resource Name (ARN) of the image resource build version that the specified runtime instance of the workflow created.

The Amazon Resource Name (ARN) of the image resource build version that the specified runtime instance of the workflow step creates.

The Amazon Resource Name (ARN) that identifies the image for this aggregation.

The Amazon Resource Name (ARN) of the image build version that\'s associated with the finding.

Filter results for the ListImagePackages request by the Image Build Version ARN

List all workflow runtime instances for the specified image build version resource ARN.

The resource ARN of the image build version for which you requested a list of workflow runtime details.

The image build version resource ARN that\'s associated with the specified runtime instance of the workflow.

The Amazon Resource Name (ARN) of the image that this policy should be applied to.

The Amazon Resource Name (ARN) of the image that this policy was applied to.

The Amazon Resource Name (ARN) of the image that was created by this request.

The Amazon Resource Name (ARN) of the component.

The Amazon Resource Name (ARN) of the component.

The Amazon Resource Name (ARN) of the component.

The Amazon Resource Name (ARN) of the container recipe.

The Amazon Resource Name (ARN) of the container recipe.

The Amazon Resource Name (ARN) of the distribution configuration.

The Amazon Resource Name (ARN) of the distribution configuration.

The Amazon Resource Name (ARN) of the image.

The Amazon Resource Name (ARN) of the image pipeline.

The Amazon Resource Name (ARN) of the image recipe.

The Amazon Resource Name (ARN) of the image recipe.

The Amazon Resource Name (ARN) of the image.

The Amazon Resource Name (ARN) of a specific version of an Image Builder image.

The Amazon Resource Name (ARN) of the infrastructure configuration.

The Amazon Resource Name (ARN) of the infrastructure configuration.

The Amazon Resource Name (ARN) of the resource whose tags you want to retrieve.

The Amazon Resource Name (ARN) of the resource that you want to tag.

The Amazon Resource Name (ARN) of the resource that you want to untag.

Represents a package installed on an Image Builder image.

The list of Image Packages returned in the response.

Details of an image pipeline.

The image pipeline object.

Contains vulnerability counts for a specific image pipeline.

Returns an object that contains severity counts based on an image pipeline ARN.

The Amazon Resource Name (ARN) of the image pipeline that was created by this request.

The Amazon Resource Name (ARN) of the image pipeline to delete.

The Amazon Resource Name (ARN) of the image pipeline that was deleted.

The Amazon Resource Name (ARN) of the image pipeline that you want to retrieve.

The Amazon Resource Name (ARN) that identifies the image pipeline for this aggregation.

The Amazon Resource Name (ARN) of the image pipeline that\'s associated with the finding.

The Amazon Resource Name (ARN) of the image pipeline whose images you want to view.

The Amazon Resource Name (ARN) of the image pipeline that you want to manually invoke.

The Amazon Resource Name (ARN) of the image pipeline that you want to update.

The Amazon Resource Name (ARN) of the image pipeline that was updated by this request.

The list of image pipelines.

An image recipe.

The image recipe object.

For images that distribute an AMI, this is the image recipe that Image Builder used to create the image. For container images, this is empty.

The Amazon Resource Name (ARN) of the image recipe that will be used to configure images created by this image pipeline.

The Amazon Resource Name (ARN) of the image recipe that was created by this request.

The Amazon Resource Name (ARN) of the image recipe that defines how images are configured, tested, and assessed.

The Amazon Resource Name (ARN) of the image recipe to delete.

The Amazon Resource Name (ARN) of the image recipe that was deleted.

The Amazon Resource Name (ARN) of the image recipe whose policy you want to retrieve.

The Amazon Resource Name (ARN) of the image recipe that you want to retrieve.

The Amazon Resource Name (ARN) of the image recipe that this policy should be applied to.

The Amazon Resource Name (ARN) of the image recipe that this policy was applied to.

The Amazon Resource Name (ARN) of the image recipe that will be used to configure images updated by this image pipeline.

A summary of an image recipe.

The list of image pipelines.

Contains details about a vulnerability scan finding.

This returns exactly one type of aggregation, based on the filter that Image Builder applies in its API action.

An array of image scan finding aggregations that match the filter criteria.

A name value pair that Image Builder applies to streamline results from the vulnerability scan findings list action.

An array of name value pairs that you can use to filter your results. You can use the following filters to streamline results:

• imageBuildVersionArn

• imagePipelineArn

• vulnerabilityId

• severity

If you don\'t request a filter, then all findings in your account are listed.

The filter values. Filter values are case-sensitive.

The image scan findings for your account that meet your request filter criteria.

Shows the vulnerability scan status for a specific image, and the reason for that status.

Contains information about the current state of scans for this image.

The current state of vulnerability scans for the image.

Contains settings for Image Builder image resource and container image scans.

Contains settings for vulnerability scans.

Contains settings for vulnerability scans.

Contains settings for vulnerability scans.

Contains settings for vulnerability scans.

Contains settings for vulnerability scans.

The origin of the base image that Image Builder used to build this image.

The origin of the base image that Image Builder used to build this image.

The origin of the base image that Image Builder used to build this image.

Image status and the reason for that status.

The state of the image.

The state of the image.

The status of the image.

An image summary.

The list of image build versions.

The list of images built by this pipeline.

Configure image tests for your pipeline build. Tests run after building the image, to verify that the AMI or container image is valid before distributing it.

The image test configuration of the image pipeline.

The image tests configuration of the image.

The image tests that ran when that Image Builder created this image.

The image tests configuration of the image pipeline.

The image test configuration of the image pipeline.

The maximum time in minutes that tests are permitted to run.

Specifies whether this image produces an AMI or a container image.

Specifies which type of image is created by the recipe - an AMI or a container image.

Specifies whether this image produces an AMI or a container image.

Specifies whether this image produces an AMI or a container image.

The defining characteristics of a specific version of an Image Builder image.

The Amazon Resource Name (ARN) of the image whose build versions you want to retrieve.

The Amazon Resource Name (ARN) of the image that you want to get.

The list of image semantic versions.

Details of the infrastructure configuration.

The infrastructure configuration object.

The infrastructure that Image Builder used to create this image.

The Amazon Resource Name (ARN) of the infrastructure configuration that will be used to build images created by this image pipeline.

The Amazon Resource Name (ARN) of the infrastructure configuration that defines the environment in which your image will be built and tested.

The Amazon Resource Name (ARN) of the infrastructure configuration that was created by this request.

The Amazon Resource Name (ARN) of the infrastructure configuration to delete.

The Amazon Resource Name (ARN) of the infrastructure configuration that was deleted.

The Amazon Resource Name (ARN) of the infrastructure configuration that you want to retrieve.

The Amazon Resource Name (ARN) of the infrastructure configuration that Image Builder uses to build images that this image pipeline has updated.

The Amazon Resource Name (ARN) of the infrastructure configuration that you want to update.

The Amazon Resource Name (ARN) of the infrastructure configuration that was updated by this request.

The infrastructure used when building Amazon EC2 AMIs.

The list of infrastructure configurations.

Component data contains inline YAML document content for the component. Alternatively, you can specify the uri of a YAML document file stored in Amazon S3. However, you cannot specify both properties.

The Dockerfile template used to build your image as an inline data blob.

Information about the factors that influenced the score that Amazon Inspector assigned for a finding.

An object that contains details of the Amazon Inspector score.

Defines block device mappings for the instance used to configure your image.

The block device mappings of the image recipe.

The block device mappings to apply when creating images from this recipe.

Defines the block devices to attach for building an instance from this Image Builder AMI.

Defines a custom base AMI and block device mapping configurations of an instance used for building and testing container images.

A group of options that can be used to configure an instance for building and testing container images.

A group of options that can be used to configure an instance for building and testing container images.

The instance metadata options that apply to the HTTP requests that pipeline builds use to launch EC2 build and test instances. For more information about instance metadata options, see Configure the instance metadata options in the Amazon EC2 User Guide for Linux instances, or Configure the instance metadata options in the Amazon EC2 Windows Guide for Windows instances.

The instance metadata options that you can set for the HTTP requests that pipeline builds use to launch EC2 build and test instances.

The instance metadata option settings for the infrastructure configuration.

The instance metadata options that you can set for the HTTP requests that pipeline builds use to launch EC2 build and test instances. For more information about instance metadata options, see one of the following links:

• Configure the instance metadata options in the Amazon EC2 User Guide for Linux instances.

• Configure the instance metadata options in the Amazon EC2 Windows Guide for Windows instances.

The instance profile to associate with the instance used to customize your Amazon EC2 AMI.

The instance profile of the infrastructure configuration.

The instance profile of the infrastructure configuration.

The instance profile to associate with the instance used to customize your Amazon EC2 AMI.

The instance types of the infrastructure configuration. You can specify one or more instance types to use for this build. The service will pick one of these instance types based on availability.

The instance types of the infrastructure configuration.

The instance types of the infrastructure configuration.

The instance types of the infrastructure configuration. You can specify one or more instance types to use for this build. The service will pick one of these instance types based on availability.

You have provided an invalid pagination token in your request.

You have specified two or more mutually exclusive parameters. Review the error message for details.

The specified parameter is invalid. Review the available parameters for the API request.

The value that you provided for the specified parameter is invalid.

You have requested an action that that the service doesn\'t support.

Your version number is out of bounds or does not follow the required syntax.

Describes the configuration for a launch permission. The launch permission modification request is sent to the Amazon EC2 ModifyImageAttribute API on behalf of the user for each Region they have selected to distribute the AMI. To make an AMI public, set the launch permission authorized accounts to all. See the examples for making an AMI public at Amazon EC2 ModifyImageAttribute.

Launch permissions can be used to configure which Amazon Web Services accounts can use the AMI to launch instances.

Identifies an Amazon EC2 launch template to use for a specific account.

A group of launchTemplateConfiguration settings that apply to image distribution for specified accounts.

The ID of the launch template to use for faster launching for a Windows AMI.

Identifies the Amazon EC2 launch template to use.

The License Manager Configuration to associate with the AMI in the specified Region.

Logging configuration defines where Image Builder uploads your logs.

The logging configuration of the infrastructure configuration.

The logging configuration of the infrastructure configuration.

The logging configuration of the infrastructure configuration.

The maximum number of parallel instances that are launched for creating resources.

Identifies the account that owns the aggregated resource findings.

The Amazon Web Services Region of the Amazon EC2 AMI.

The AMI ID of the Amazon EC2 AMI.

The name of the Amazon EC2 AMI.

The description of the Amazon EC2 AMI. Minimum and maximum length are in characters.

The account ID of the owner of the AMI.

The description of the AMI distribution configuration. Minimum and maximum length are in characters.

The KMS key identifier used to encrypt the distributed image.

The request ID that uniquely identifies this request.

The description of the component.

The change description of the component.

The owner of the component.

The KMS key identifier used to encrypt the component.

Contains the name of the publisher if this is a third-party component. Otherwise, this property is empty.

Describes how or why the component changed state.

The owner of the component.

The description of the component.

The change description for the current version of the component.

Contains the name of the publisher if this is a third-party component. Otherwise, this property is empty.

The description of the component.

The owner of the component.

Containers and container images are Region-specific. This is the Region context for the container.

The description of the container distribution configuration.

The description of the container recipe.

The owner of the container recipe.

Identifies which KMS key is used to encrypt the container image for distribution to the target Region.

The base image for the container recipe.

The working directory for use during build and test workflows.

The owner of the container recipe.

The base image for the container recipe.

Describes the contents of the component.

The change description of the component. Describes what change has been made in this version, or what makes this version different from other versions of this component.

The ID of the KMS key that is used to encrypt this component.

The request ID that uniquely identifies this request.

The description of the container recipe.

Specifies the operating system version for the base image.

The base image for the container recipe.

The working directory for use during build and test workflows.

Identifies which KMS key is used to encrypt the container image.

The request ID that uniquely identifies this request.

The description of the distribution configuration.

The request ID that uniquely identifies this request.

The description of the image pipeline.

The request ID that uniquely identifies this request.

The description of the image recipe.

The base image of the image recipe. The value of the string can be the ARN of the base image or an AMI ID. The format for the ARN follows this example: arn:aws:imagebuilder:us-west-2:aws:image/windows-server-2016-english-full-base-x86/x.x.x. You can provide the specific version that you want to use, or you can use a wildcard in all of the fields. If you enter an AMI ID for the string value, you must have access to the AMI, and the AMI must be in the same Region in which you are using Image Builder.

The working directory used during build and test workflows.

The request ID that uniquely identifies this request.

The request ID that uniquely identifies this request.

The description of the infrastructure configuration.

The subnet ID in which to place the instance used to customize your Amazon EC2 AMI.

The key pair of the infrastructure configuration. You can use this to log on to and debug the instance used to create your image.

The request ID that uniquely identifies this request.

The vector string of the CVSS score.

The CVSS version that generated the score.

The source of the CVSS score.

The metric that Amazon Inspector used to adjust the CVSS score.

The reason for the CVSS score adjustment.

The source for the CVSS score.

The source of the finding.

The CVSS version that generated the score.

A vector that measures the severity of the vulnerability.

The request ID that uniquely identifies this request.

The request ID that uniquely identifies this request.

The request ID that uniquely identifies this request.

The request ID that uniquely identifies this request.

The request ID that uniquely identifies this request.

The request ID that uniquely identifies this request.

The request ID that uniquely identifies this request.

The target Region.

The description of the distribution configuration.

The description of the distribution configuration.

Use to configure the KMS key to use when encrypting the device.

The snapshot that defines the device contents.

The name of the container repository that Amazon Inspector scans to identify findings for your container images. The name includes the path for the repository location. If you don’t provide this information, Image Builder creates a repository in your account named image-builder-image-scanning-repository for vulnerability scans of your output container images.

The name of the launch template to use for faster launching for a Windows AMI.

The version of the launch template to use for faster launching for a Windows AMI.

The request ID that uniquely identifies this request.

The request ID that uniquely identifies this request.

The request ID that uniquely identifies this request.

The request ID that uniquely identifies this request.

The request ID that uniquely identifies this request.

The request ID that uniquely identifies this request.

The request ID that uniquely identifies this request.

The request ID that uniquely identifies this request.

The request ID that uniquely identifies this request.

The request ID that uniquely identifies this request.

The request ID that uniquely identifies this request.

The request ID that uniquely identifies this request.

The request ID that uniquely identifies this request.

The action to perform if the workflow step fails.

The name of the package as reported to the operating system package manager.

The version of the package as reported to the operating system package manager.

The description of the image pipeline.

The description of the image recipe.

The owner of the image recipe.

The base image of the image recipe.

The working directory to be used during build and test workflows.

The owner of the image recipe.

The base image of the image recipe.

The Amazon Web Services account ID that\'s associated with the finding.

The type of the finding. Image Builder looks for findings of the type PACKAGE_VULNERABILITY that apply to output images, and excludes other types.

The description of the finding.

The title of the finding.

The severity of the finding.

Details about whether a fix is available for any of the packages that are identified in the finding through a version update.

The reason for the scan status for the image.

The reason for the status of the image.

The owner of the image.

The owner of the image version.

The description of the component. Describes the contents of the component.

The change description of the component. This description indicates the change that has been made in this version, or what makes this version different from other versions of this component.

The data of the component. Used to specify the data inline. Either data or uri can be used to specify the data within the component.

The ID of the KMS key that should be used to encrypt this component.

The request ID that uniquely identifies this request.

The name of the base image that is created by the import process.

The description for the base image that is created by the import process.

The importTaskId (API) or ImportTaskId (CLI) from the Amazon EC2 VM import process. Image Builder retrieves information from the import process to pull in the AMI that is created from the VM source as the base image for your recipe.

The request ID that uniquely identifies this request.

The description of the infrastructure configuration.

The subnet ID of the infrastructure configuration.

The Amazon EC2 key pair of the infrastructure configuration.

The Amazon Resource Name (ARN) for the SNS topic to which we send image build event notifications.

The description of the infrastructure configuration.

The device to which these mappings apply.

Use to manage instance ephemeral devices.

The AMI ID to use as the base image for a container build and test instance. If not specified, Image Builder will use the appropriate ECS-optimized AMI as a base image.

The request ID that uniquely identifies this request.

The request ID that uniquely identifies this request.

A token to specify where to start paginating. This is the NextToken from a previously truncated response.

The request ID that uniquely identifies this request.

The next token used for paginated responses. When this field isn\'t empty, there are additional elements that the service has\'ot included in this request. Use this token with the next request to retrieve additional objects.

The request ID that uniquely identifies this request.

The request ID that uniquely identifies this request.

The request ID that uniquely identifies this request.

The request ID that uniquely identifies this request.

The request ID that uniquely identifies this request.

The request ID that uniquely identifies this request.

The request ID that uniquely identifies this request.

The aggregation type specifies what type of key is used to group the image scan findings. Image Builder returns results based on the request filter. If you didn\'t specify a filter in the request, the type defaults to accountId.

Aggregation types

• accountId

• imageBuildVersionArn

• imagePipelineArn

• vulnerabilityId

Each aggregation includes counts by severity level for medium severity and higher level findings, plus a total for all of the findings for each key value.

The request ID that uniquely identifies this request.

The request ID that uniquely identifies this request.

The request ID that uniquely identifies this request.

The request ID that uniquely identifies this request.

The request ID that uniquely identifies this request.

The source of the vulnerability information.

A link to the source of the vulnerability information.

The severity that the vendor assigned to this vulnerability type.

The request ID that uniquely identifies this request.

The request ID that uniquely identifies this request.

The request ID that uniquely identifies this request.

The request ID that uniquely identifies this request.

The recommended course of action to remediate the finding.

A link to more information about the recommended remediation for this vulnerability.

The name of the role that grants VM Import/Export permission to export images to your S3 bucket.

The S3 bucket in which to store the output disk images for your VM.

The Amazon S3 path for the bucket where the output disk images for your VM are stored.

The S3 bucket in which to store the logs.

The Amazon S3 path to the bucket where the logs are stored.

The cron expression determines how often EC2 Image Builder evaluates your pipelineExecutionStartCondition.

For information on how to format a cron expression in Image Builder, see Use cron expressions in EC2 Image Builder.

The request ID that uniquely identifies this request.

The name of the container repository where the output container image is stored. This name is prefixed by the repository location.

The description of the distribution configuration.

The request ID that uniquely identifies this request.

The description of the image pipeline.

The request ID that uniquely identifies this request.

The description of the infrastructure configuration.

The subnet ID to place the instance used to customize your Amazon EC2 AMI in.

The key pair of the infrastructure configuration. You can use this to log on to and debug the instance used to create your image.

The request ID that uniquely identifies this request.

The vulnerability Id for this set of counts.

The name of the vulnerable package.

The version of the vulnerable package.

The release of the vulnerable package.

The package manager of the vulnerable package.

The file path of the vulnerable package.

The version of the package that contains the vulnerability fix.

The code to run in your environment to update packages with a fix available.

Links to web pages that contain details about the vulnerabilities that Amazon Inspector identified for the package.

The CVSS base score.

The CVSS score.

The score that Amazon Inspector assigned for the finding.

The encryption status of the component.

A flag that indicates if the target container is encrypted.

Collects additional information about the image being created, including the operating system (OS) version and package list. This information is used to enhance the overall experience of using EC2 Image Builder. Enabled by default.

Collects additional information about the image being created, including the operating system (OS) version and package list. This information is used to enhance the overall experience of using EC2 Image Builder. Enabled by default.

The terminate instance on failure setting of the infrastructure configuration. Set to false if you want Image Builder to retain the instance used to configure your AMI if the build or test phase of your workflow fails.

Use to configure device encryption.

Use to configure delete on termination of the associated device.

Indicates whether Image Builder collects additional information about the image, such as the operating system (OS) version and package list.

Collects additional information about the image being created, including the operating system (OS) version and package list. This information is used to enhance the overall experience of using EC2 Image Builder. Enabled by default.

A setting that indicates whether Image Builder keeps a snapshot of the vulnerability scans that Amazon Inspector runs against the build instance when you create a new image.

Determines if tests should run after building the image. Image Builder defaults to enable tests to run following the image build, before image distribution.

The terminate instance on failure configuration of the infrastructure configuration.

Includes deprecated images in the response list.

Controls whether the Systems Manager agent is removed from your final build image, prior to creating the new AMI. If this is set to true, then the agent is removed from the final image. If it\'s set to false, then the agent is left in, so that it is included in the new AMI. The default value is false.

Collects additional information about the image being created, including the operating system (OS) version and package list. This information is used to enhance the overall experience of using EC2 Image Builder. Enabled by default.

The terminate instance on failure setting of the infrastructure configuration. Set to false if you want Image Builder to retain the instance used to configure your AMI if the build or test phase of your workflow fails.

The ARN for an Amazon Web Services Organization that you want to share your AMI with. For more information, see What is Organizations?.

The ARN for an Organizations organizational unit (OU) that you want to share your AMI with. For more information about key concepts for Organizations, see Organizations terminology and concepts.

The operating system version for instances that launch from this image. For example, Amazon Linux 2, Ubuntu 18, or Microsoft Windows Server 2019.

The operating system version of the instances that launch from this image. For example, Amazon Linux 2, Ubuntu 18, or Microsoft Windows Server 2019.

The operating system version of the Amazon EC2 build instance. For example, Amazon Linux 2, Ubuntu 18, or Microsoft Windows Server 2019.

The operating system version for the imported VM.

The operating system (OS) version supported by the component. If the OS information is available, Image Builder performs a prefix match against the base image OS version during image recipe creation.

The operating system (OS) version that the component supports. If the OS information is available, Image Builder performs a prefix match against the base image OS version during image recipe creation.

he operating system (OS) version supported by the component. If the OS information is available, a prefix match is performed against the base image OS version during image recipe creation.

The operating system (OS) version supported by the component. If the OS information is available, a prefix match is performed against the base image OS version during image recipe creation.

The resources produced by this image.

The output resources that Image Builder produces for this image.

The output resources that Image Builder produced when it created this image.

Filters results based on the type of owner for the component. By default, this request returns a list of components that your account owns. To see results for other types of owners, you can specify components that Amazon manages, third party components, or components that other accounts have shared with you.

Returns container recipes belonging to the specified owner, that have been shared with you. You can omit this field to return container recipes belonging to your account.

The owner defines which image recipes you want to list. By default, this request will only show image recipes owned by your account. You can use this field to specify if you want to view image recipes owned by yourself, by Amazon, or those image recipes that have been shared with you by other customers.

The owner defines which images you want to list. By default, this request will only show images owned by your account. You can use this field to specify if you want to view images owned by yourself, by Amazon, or those images that have been shared with you by other customers.

The architecture of the vulnerable package.

The epoch of the vulnerable package.

Information about package vulnerability findings.

An object that contains the details of a package vulnerability finding.

A token to specify where to start paginating. This is the NextToken from a previously truncated response.

The next token used for paginated responses. When this field isn\'t empty, there are additional elements that the service has\'ot included in this request. Use this token with the next request to retrieve additional objects.

A token to specify where to start paginating. This is the NextToken from a previously truncated response.

The next token used for paginated responses. When this field isn\'t empty, there are additional elements that the service has\'ot included in this request. Use this token with the next request to retrieve additional objects.

A token to specify where to start paginating. This is the NextToken from a previously truncated response.

The next token used for paginated responses. When this field isn\'t empty, there are additional elements that the service has\'ot included in this request. Use this token with the next request to retrieve additional objects.

A token to specify where to start paginating. This is the NextToken from a previously truncated response.

The next token used for paginated responses. When this field isn\'t empty, there are additional elements that the service has\'ot included in this request. Use this token with the next request to retrieve additional objects.

A token to specify where to start paginating. This is the NextToken from a previously truncated response.

The next token used for paginated responses. When this field isn\'t empty, there are additional elements that the service has\'ot included in this request. Use this token with the next request to retrieve additional objects.

A token to specify where to start paginating. This is the NextToken from a previously truncated response.

The next token used for paginated responses. When this field isn\'t empty, there are additional elements that the service has\'ot included in this request. Use this token with the next request to retrieve additional objects.

A token to specify where to start paginating. This is the NextToken from a previously truncated response.

The next token used for paginated responses. When this field isn\'t empty, there are additional elements that the service has\'ot included in this request. Use this token with the next request to retrieve additional objects.

A token to specify where to start paginating. This is the NextToken from a previously truncated response.

The next token used for paginated responses. When this field isn\'t empty, there are additional elements that the service has\'ot included in this request. Use this token with the next request to retrieve additional objects.

A token to specify where to start paginating. This is the NextToken from a previously truncated response.

The next token used for paginated responses. When this field isn\'t empty, there are additional elements that the service has\'ot included in this request. Use this token with the next request to retrieve additional objects.

A token to specify where to start paginating. This is the NextToken from a previously truncated response.

The next token used for paginated responses. When this field isn\'t empty, there are additional elements that the service has\'ot included in this request. Use this token with the next request to retrieve additional objects.

A token to specify where to start paginating. This is the NextToken from a previously truncated response.

The next token used for paginated responses. When this field isn\'t empty, there are additional elements that the service has\'ot included in this request. Use this token with the next request to retrieve additional objects.

A token to specify where to start paginating. This is the NextToken from a previously truncated response.

The next token used for paginated responses. When this field isn\'t empty, there are additional elements that the service has\'ot included in this request. Use this token with the next request to retrieve additional objects.

A token to specify where to start paginating. This is the NextToken from a previously truncated response.

The next token used for paginated responses. When this field isn\'t empty, there are additional elements that the service has\'ot included in this request. Use this token with the next request to retrieve additional objects.

A token to specify where to start paginating. This is the NextToken from a previously truncated response.

The next token used for paginated responses. When this field isn\'t empty, there are additional elements that the service has\'ot included in this request. Use this token with the next request to retrieve additional objects.

The condition configures when the pipeline should trigger a new image build. When the pipelineExecutionStartCondition is set to EXPRESSION_MATCH_AND_DEPENDENCY_UPDATES_AVAILABLE, and you use semantic version filters on the base image or components in your image recipe, EC2 Image Builder will build a new image only when there are new versions of the image or components in your recipe that match the semantic version filter. When it is set to EXPRESSION_MATCH_ONLY, it will build a new image every time the CRON expression matches the current time. For semantic version syntax, see CreateComponent in the EC2 Image Builder API Reference.

The status of the image pipeline.

The status of the image pipeline.

The status of the image pipeline.

The operating system platform of the component.

The operating system platform of the component.

The platform of the component.

The system platform for the container, such as Windows or Linux.

The system platform for the container, such as Windows or Linux.

The operating system platform of the component.

Specifies the operating system platform when you use a custom base image.

The image operating system platform, such as Linux or Windows.

The platform of the image pipeline.

The platform of the image recipe.

The platform of the image recipe.

The image operating system platform, such as Linux or Windows.

The operating system platform of the image version, for example "Windows" or "Linux".

The platform of the component.

The operating system platform for the imported VM.

A list of Regions where the container image is distributed to.

Information about how to remediate a finding.

An object that contains the details about how to remediate the finding.

Details about the recommended course of action to remediate the finding.

An object that contains information about the recommended course of action to remediate the finding.

The resource that you are trying to create already exists.

You have attempted to mutate or delete a resource with a dependency that prohibits this action. See the error message for more details.

The resource that you are trying to operate on is currently in use. Review the message details and retry later.

The name of the component.

The name of the component.

The name of the component.

The name of the container recipe.

The name of the container recipe.

The name of the component.

The name of the container recipe.

The name of the distribution configuration.

The name of the image pipeline.

The name of the image recipe.

The name of the infrastructure configuration.

The name of the distribution configuration.

The name of the distribution configuration.

The name of the image.

The name of the image pipeline that created this image.

The name of the image pipeline.

The name of the image recipe.

The name of the image recipe.

The name of the image.

The name of this specific version of an Image Builder image.

The name of the component.

The name of the infrastructure configuration.

The name of the infrastructure configuration.

At least one of the resources referenced by your request does not exist.

The component policy.

The container recipe policy object that is returned.

The image policy object.

The image recipe policy object.

The policy to apply.

The policy to apply to the container recipe.

The policy to apply.

The policy to apply.

The tags attached to the resource created by Image Builder.

The tags attached to the resource created by Image Builder.

The tags attached to the image created by Image Builder.

The tags attached to the resource created by Image Builder.

The maximum items to return in a request.

The maximum items to return in a request.

The maximum items to return in a request.

The maximum items to return in a request.

The maximum items to return in a request.

The maximum items to return in a request.

The maximum items to return in a request.

The maximum items to return in a request.

The maximum items to return in a request.

The maximum items to return in a request.

The maximum items to return in a request.

The maximum items to return in a request.

The maximum items to return in a request.

The maximum items to return in a request.

Properties that configure export from your build instance to a compatible file format for your VM.

Configure export settings to deliver disk images created from your image build, using a file format that is compatible with your VMs in that Region.

Amazon S3 logging configuration.

The Amazon S3 logging configuration.

A schedule configures how often and when a pipeline will automatically create a new image.

The schedule of the image pipeline.

The schedule of the image pipeline.

The schedule of the image pipeline.

The security group IDs to associate with the instance used to customize your Amazon EC2 AMI.

The security group IDs of the infrastructure configuration.

The security group IDs to associate with the instance used to customize your Amazon EC2 AMI.

This exception is thrown when the service encounters an unrecoverable exception.

You have exceeded the number of permitted resources or operations for this service. For service quotas, see EC2 Image Builder endpoints and quotas.

The service is unable to process your request at this time.

The total number of findings across all severity levels for the specified filter.

The number of critical severity findings for the specified filter.

The number of high severity findings for the specified filter.

The number of medium severity findings for the specified filter.

Includes counts by severity level for medium severity and higher level findings, plus a total for all of the findings for the specified filter.

Counts by severity level for medium severity and higher level findings, plus a total for all of the findings.

Counts by severity level for medium severity and higher level findings, plus a total for all of the findings for the specified image.

Counts by severity level for medium severity and higher level findings, plus a total for all of the findings for the specified image pipeline.

Counts by severity level for medium severity and higher level findings, plus a total for all of the findings for the specified vulnerability.

The Amazon Resource Name (ARN) for the SNS topic to which we send image build event notifications.

The Amazon Resource Name (ARN) for the SNS topic to which we send image build event notifications.

The source layer hash of the vulnerable package.

A list of URIs for containers created in the context Region.

Tags that are attached to the container distribution configuration.

Tags for Image Builder to apply to the output container image that &INS; scans. Tags can help you identify and manage your scanned images.

The name of the group.

Contains settings for the Systems Manager agent on your build instance.

Contains settings for the Systems Manager agent on your build instance.

The tag keys to remove from the resource.

The tags to apply to AMIs distributed to this Region.

The tags that apply to the component.

The tags that apply to the component.

Tags that are attached to the container recipe.

Tags that are attached to the container recipe.

The tags that apply to the component.

Tags that are attached to the container recipe.

The tags of the distribution configuration.

The tags of the image pipeline.

The tags of the image recipe.

The tags of the image.

The tags of the infrastructure configuration.

The tags of the distribution configuration.

The tags associated with the distribution configuration.

The tags that apply to this image.

The tags of this image pipeline.

The tags of the image recipe.

The tags of the image recipe.

The tags that apply to this image.

The tags of the component.

Tags that are attached to the import resources.

The tags of the infrastructure configuration.

The tags of the infrastructure configuration.

The tags for the specified resource.

The tags to apply to the resource.

The container repository where the output container image is stored.

The destination repository for the container distribution configuration.

The destination repository for the container image.

The destination repository for the container image.

The number of pre-provisioned snapshots to keep on hand for a fast-launch enabled Windows AMI.

The timezone that applies to the scheduling expression. For example, "Etc/UTC", "America/Los_Angeles" in the IANA timezone format. If not specified this defaults to UTC.

The uri of a YAML component document file. This must be an S3 URL (s3://bucket/key), and the requester must have permission to access the S3 bucket it points to. If you use Amazon S3, you can specify component content up to your service quota.

Alternatively, you can specify the YAML document inline, using the component data property. You cannot specify both properties.

The Amazon S3 URI for the Dockerfile that will be used to build your container image.

The uri of the component. Must be an Amazon S3 URL and the requester must have permission to access the Amazon S3 bucket. If you use Amazon S3, you can specify component content up to your service quota. Either data or uri can be used to specify the data within the component.

Use this property to provide commands or a command script to run when you launch your build instance.

The userDataOverride property replaces any commands that Image Builder might have added to ensure that Systems Manager is installed on your Linux build instance. If you override the user data, make sure that you add commands to install Systems Manager, if it is not pre-installed on your base image.

The version of the component.

The version of the component.

The semantic version of the component.

The semantic version of the container recipe.

The semantic version of the component. This version follows the semantic version syntax.

The semantic version of the container recipe. This version follows the semantic version syntax.

The semantic version of the image recipe. This version follows the semantic version syntax.

The semantic version of the image.

The version of the image recipe.

The version of the image.

Details for a specific version of an Image Builder image. This version follows the semantic version syntax.

The semantic version of the component. This version follows the semantic version syntax.

The semantic version to attach to the base image that was created during the import process. This version follows the semantic version syntax.

A unique identifier for this vulnerability.

Includes counts of image and pipeline resource findings by vulnerability.

Returns an object that contains severity counts based on vulnerability ID.

Vulnerabilities that are often related to the findings for the package.

Information about a vulnerable package that Amazon Inspector identifies in a finding.

The packages that this vulnerability impacts.

The Amazon Resource Name (ARN) of the build version for the Image Builder workflow resource that defines the specified runtime instance of the workflow.

The Amazon Resource Name (ARN) of the build version for the Image Builder workflow resource that defines this workflow step.

The build version ARN for the Image Builder workflow resource that defines the steps for this runtime instance of the workflow.

The Amazon Resource Name (ARN) of the workflow resource build version that ran.

Use the unique identifier for a runtime instance of the workflow to get runtime details.

The unique identifier that Image Builder assigned to keep track of runtime details when it ran the workflow.

The unique identifier that Image Builder assigned to keep track of runtime details when it ran the workflow.

The unique identifier that Image Builder assigned to keep track of runtime details when it ran the workflow.

The unique identifier that Image Builder assigned to keep track of runtime details when it ran the workflow.

Unique identifier that Image Builder assigns to keep track of runtime resources each time it runs a workflow.

The output message from the specified runtime instance of the workflow, if applicable.

The runtime output message from the workflow, if applicable.

Metadata that includes details and status from this runtime instance of the workflow.

The current runtime status for the specified runtime instance of the workflow.

The current runtime status for this workflow.

Contains an array of runtime details that represents each time a workflow ran for the requested image build version.

The name of the action that the specified step performs.

The step action name.

The total number of steps in the specified runtime instance of the workflow that ran. This number should equal the sum of the step counts for steps that succeeded, were skipped, and failed.

A runtime count for the number of steps that ran successfully in the specified runtime instance of the workflow.

A runtime count for the number of steps that failed in the specified runtime instance of the workflow.

A runtime count for the number of steps that were skipped in the specified runtime instance of the workflow.

The total number of steps in the workflow. This should equal the sum of the step counts for steps that succeeded, were skipped, and failed.

A runtime count for the number of steps in the workflow that ran successfully.

A runtime count for the number of steps in the workflow that failed.

A runtime count for the number of steps in the workflow that were skipped.

Describes the specified workflow step.

Description of the workflow step.

Use the unique identifier for a specific runtime instance of the workflow step to get runtime details for that step.

The unique identifier for the runtime version of the workflow step that you specified in the request.

A unique identifier for the workflow step, assigned at runtime.

Reports on the rollback status of the specified runtime version of the workflow step, if applicable.

Reports on the rollback status of the step, if applicable.

The current status for the specified runtime version of the workflow step.

Runtime status for the workflow step.

Contains an array of runtime details that represents each step in this runtime instance of the workflow.

Input parameters that Image Builder provided for the specified runtime instance of the workflow step.

Input parameters that Image Builder provides for the workflow step.

The output message from the specified runtime instance of the workflow step, if applicable.

Detailed output message that the workflow step provides at runtime.

Runtime details and status for the workflow step.

The name of the specified runtime instance of the workflow step.

The name of the workflow step.

The file names that the specified runtime version of the workflow step created as output.

The file names that the workflow step created as output for this runtime instance of the workflow.

The maximum duration in seconds for this step to complete its action.

The type of workflow that Image Builder ran for the specified runtime instance of the workflow.

Indicates what type of workflow that Image Builder ran for this runtime instance of the workflow.