<@942479022397456425>, <@768428918298378241> How do I find out which image a vulnerability finding is recorded in the aws_inspector2_findings table?
Hi, can you post a few more details about what data you’re after specifically and what you currently have synced? Are the fields in our docs (AWS Inspector2 Findings) missing from your destination?
Hi @marcel, we have finding_arn in aws_inspector2_findings, right? This finding_arn contains the ARN which is the vulnerability of the image. But now I want to find to which particular image in the account the vulnerability is for. How can I get it?
For EC2 images, you would have to sync the aws_ec2_images table (https://hub.cloudquery.io/plugins/source/cloudquery/aws/latest/tables/aws_ec2_images) which lists the arn of the image. Is that what you’re after?
No, the vulnerabilities I’m getting are for the ECR images, right? So how can I find which image the vulnerability is reported in the aws_inspector2_findings?
I don’t have local data on hand to confirm, but I think what you’re looking for will be in the aws_inspector2_findings resources JSON column. For an image, the type will be AWS_ECR_CONTAINER_IMAGE, and details -> AwsEcrContainerImage will contain details about the specific image.
Or something along those lines at least.
Hey, thanks! I was using the 23.1.0 AWS plugin version, so I couldn’t find it. I checked with 24.1.0, and it’s there.