Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ecr_repositories_scan_vulnerabilities_in_latest_image: Configure level #2535

Closed
HarryBo112 opened this issue Jun 29, 2023 · 2 comments · Fixed by #2736
Closed

ecr_repositories_scan_vulnerabilities_in_latest_image: Configure level #2535

HarryBo112 opened this issue Jun 29, 2023 · 2 comments · Fixed by #2736
Assignees
@MrCloudSec
Labels
feature-request New feature request for Prowler. provider/aws Issues/PRs related with the AWS provider severity/informational Cosmetic or nice-to-have. status/awaiting-reponse Waiting response from Issue owner

Comments

@HarryBo112
Copy link

New feature motivation

Hi, is it possible to configure the level from which the test shall fail?
AWS tags some findings as medium which I might want to ignore, but of course I don't want to mute critical findings for the image.

Solution Proposed

none

Describe alternatives you've considered

none

Additional context

No response
@HarryBo112 HarryBo112 added feature-request New feature request for Prowler. status/needs-triage Issue pending triage labels Jun 29, 2023
@n4ch04 n4ch04 added status/awaiting-reponse Waiting response from Issue owner severity/informational Cosmetic or nice-to-have. provider/aws Issues/PRs related with the AWS provider and removed status/needs-triage Issue pending triage labels Jul 10, 2023
@prowler-cloud prowler-cloud deleted a comment from n4ch04 Jul 24, 2023
@MrCloudSec MrCloudSec self-assigned this Jul 24, 2023
@MrCloudSec
Copy link
Member

Hi @HarryBo112, we will add a config variable to set your desire severity of the findings of an ECR image that you do not want to ignore.

@jfagoagas jfagoagas mentioned this issue Aug 16, 2023
Merged
@jfagoagas
Copy link
Member

Hi @HarryBo112, we've included a new feature to be able to set the base vulnerability level for this check to raise a FAIL, could you please check the above PR?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@MrCloudSec MrCloudSec

Labels
feature-request New feature request for Prowler. provider/aws Issues/PRs related with the AWS provider severity/informational Cosmetic or nice-to-have. status/awaiting-reponse Waiting response from Issue owner
Projects
None yet
Milestone
No milestone
4 participants
@jfagoagas @MrCloudSec @n4ch04 @HarryBo112