Created
May 27, 2025 19:58
-
-
Save duboisf/b809ff7bef00f48a0b1df1c73e73b53d to your computer and use it in GitHub Desktop.
Enable scan on push for all AWS ECR repositories that don't have it enabled, in nushell
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| aws ecr describe-repositories | from json | get repositories.repositoryName | |
| | sort | |
| | each { |repo| | |
| let scanOnPush = (aws ecr batch-get-repository-scanning-configuration --repository-names $repo | |
| | from json | |
| | get scanningConfigurations | |
| | first | |
| | get scanOnPush | |
| ) | |
| print $"Repository: ($repo), Scanning on push: ($scanOnPush)" | |
| if not $scanOnPush { | |
| print $"Repository ($repo) is not configured for scanning on push, enabling it now." | |
| aws ecr put-image-scanning-configuration --repository-name ($repo) --image-scanning-configuration scanOnPush=true | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment