Help Center/ Host Security Service/ API Reference/ API Description/ Container Images/ Querying the Local Image List
Updated on 2026-04-03 GMT+08:00
View PDF
Share

Querying the Local Image List

Function

This API is used to query the local image list.

Authorization Information

Each account has all the permissions required to call all APIs, but IAM users must be assigned the required permissions.

  • If you are using role/policy-based authorization, see Permissions Policies and Supported Actions for details on the required permissions.
  • If you are using identity policy-based authorization, no identity policy-based permission required for calling this API.

URI

GET /v5/{project_id}/image/local-repositories

Table 1 Path Parameters

Parameter

Mandatory

Type

Description

project_id

Yes

String

Definition

Project ID, which is used to specify the project that an asset belongs to. After the project ID is configured, you can query assets in the project using the project ID. For details about how to obtain it, see Obtaining a Project ID.

Constraints

N/A

Range

The value can contain 1 to 256 characters.

Default Value

N/A
Table 2 Query Parameters

Parameter

Mandatory

Type

Description

enterprise_project_id

No

String

Definition

Enterprise project ID, which is used to filter assets in different enterprise projects. For details, see Obtaining an Enterprise Project ID.

To query assets in all enterprise projects, set this parameter to all_granted_eps.

Constraints

You need to set this parameter only after the enterprise project function is enabled.

Range

The value can contain 1 to 256 characters.

Default Value

0: default enterprise project.

offset

No

Integer

Definition

Offset, which specifies the start position of the record to be returned.

Constraints

N/A

Range

The value range is 0 to 2,000,000.

Default Value

The default value is 0.

limit

No

Integer

Definition

Number of records displayed on each page.

Constraints

N/A

Range

Value range: 10-200

Default Value

10

image_name

No

String

Definition

Local image name, which is used to filter the list of local images with a specified name.

Constraints

Partial matching is supported. For example, if web is entered, all images whose names contain web can be matched. The value is case sensitive.

Range

The value can contain 1 to 256 characters, including letters, numbers, hyphens (-), underscores (_), and periods (.). Special characters, including @#$%, are not allowed.

Default Value

None

image_version

No

String

Definition

Local image version, which is used to filter the local image of a specified version. This parameter must be used together with image_name.

Constraints

This parameter is valid only when image_name is specified. Otherwise, the filter criteria do not take effect.

Range

The value can contain 1 to 128 characters, including letters, numbers, hyphens, underscores, periods, and colons.

Default Value

None

scan_status

No

String

Definition

Security scan status of a local image. It is used to filter images with a specified scan status.

Constraints

The value must be within the specified range and is case sensitive. Otherwise, an empty result will be returned.

Range

  • unscan

  • success

  • scanning

  • failed

  • waiting_for_scan

Default Value

None

local_image_type

No

String

Definition

Storage source type of a local image. It is used to filter local images of different sources.

Constraints

The value must be within the specified range and is case sensitive. Otherwise, an empty result will be returned.

Range

  • other_image: non-SWR image

  • swr_image: SWR image

Default Value

None

image_size

No

Long

Definition

Size of a local image, in bytes. It is used to filter images of a specified size (exact match).

Constraints

Only exact match is supported. If range filtering is required, adaptation at the service layer is required.

Range

The value range is 0 to 9,223,372,036,854,775,807 (about 9 EB).

Default Value

None

start_latest_update_time

No

Long

Definition

Beginning of the last update time (Unix timestamp, in ms) of a local image version. It is used together with end_latest_update_time to specify the time range for filtering.

Time Format

Unix timestamp (for example, 1697509433000 indicates 2023-10-16 10:23:53).

Constraints

This parameter must be used together with end_latest_update_time and be earlier than end_latest_update_time. Otherwise, the filtering is invalid.

Range

The value range is 0 to 9,223,372,036,854,775,807.

Default Value

None

end_latest_update_time

No

Long

Definition

Ending of the last update time (Unix timestamp, in ms) of a local image version. It is used together with start_latest_update_time to specify the time range for filtering.

Time Format

Unix timestamp (for example, 1709973506292 indicates 2024-03-08 15:18:26).

Constraints

This parameter must be used together with start_latest_update_time and be earlier than start_latest_update_time. Otherwise, the filtering is invalid.

Range

The value range is 0 to 9,223,372,036,854,775,807.

Default Value

None

start_latest_scan_time

No

Long

Definition

Beginning of the last scan completion time (Unix timestamp, in ms) of a local image version. It is used together with end_latest_scan_time to specify the time range for filtering.

Time Format

Unix timestamp (accurate to milliseconds)

Constraints

This parameter is valid only for images whose scan_status is success. It must be used together with end_latest_scan_time.

Range

The value range is 0 to 9,223,372,036,854,775,807.

Default Value

None

end_latest_scan_time

No

Long

Definition

Ending of the last scan completion time (Unix timestamp, in ms) of a local image version. It is used together with start_latest_scan_time to specify the time range for filtering.

Time Format

Unix timestamp (accurate to milliseconds)

Constraints

This parameter is valid only for images whose scan_status is success. The value must be greater than start_latest_scan_time.

Range

The value range is 0 to 9,223,372,036,854,775,807.

Default Value

None

has_vul

No

Boolean

Definition

It specifies whether to filter local images that have software vulnerabilities. true indicates that images with vulnerabilities are filtered. false indicates that images without vulnerabilities are filtered.

Constraints

This parameter is valid only for images whose scan_status is success. Unscanned images are not filtered.

Range

true (vulnerabilities detected), false (no vulnerabilities detected)

Default Value

None (Items are not filtered by vulnerability status.)

host_name

No

String

Definition

Name of the cloud server associated with a local image. It is used to filter the local image associated with a specified server.

Constraints

Fuzzy match is supported. The value is case-sensitive. This parameter is valid only for images associated with servers.

Range

The value can contain 1 to 64 characters, including letters, numbers, hyphens (-), and underscores (_). Special characters are not allowed.

Default Value

None

host_id

No

String

Definition

Unique ID of the cloud server associated with a local image. It is used to accurately filter the local image associated with a specified server.

Constraints

Exact match. This parameter is valid only for images associated with a server.

Range

The value can contain 1 to 64 characters, including letters, numbers, and hyphens (-).

Default Value

None

host_ip

No

String

Definition

Public or private IP address of the server associated with a local image. It is used to filter the local image associated with a specified server.

Constraints

IPv4 addresses are supported. Exact match is applied. Multiple IP addresses are queried in batches at the service layer.

Range

A string in IPv4 format.

Default Value

None

container_id

No

String

Definition

Unique ID (Docker container ID) of the container associated with a local image. It is used to accurately filter the local image associated with a specified container.

Constraints

Exact match. This parameter is valid only for images associated with a container.

Range

The value can contain 1 to 64 characters, including letters, numbers, hyphens (-), and underscores (_).

Default Value

None

container_name

No

String

Definition

Name of the container associated with a local image. It is used to filter the local image associated with a specified container.

Constraints

Fuzzy match is supported. The value is case-sensitive. This parameter is valid only for images associated with containers.

Range

The value can contain 1 to 64 characters, including letters, numbers, hyphens, underscores, and periods.

Default Value

None

pod_id

No

String

Definition

Unique ID of the Kubernetes pod associated with a local image. It is used to accurately filter the local image associated with a specified pod.

Constraints

Exact match. This parameter is valid only for images associated with pods in the Kubernetes environment.

Range

The value can contain 1 to 64 characters, including letters, numbers, and hyphens (-).

Default Value

None

pod_name

No

String

Definition

Name of the Kubernetes pod associated with a local image. It is used to filter the local image associated with a specified pod.

Constraints

Fuzzy match is supported. The value is case-sensitive. This parameter is valid only for images associated with pods in the Kubernetes environment.

Range

The value is a string of 1 to 63 characters, including letters, numbers, and hyphens (-), and cannot start or end with a hyphen (-).

Default Value

None

app_name

No

String

Definition

Name of the application software (such as Nginx and MySQL) deployed in the local image. It is used to filter the local image that contains a specified application.

Constraints

Fuzzy match is supported. The value is case-sensitive. This parameter is valid only for images of identified applications.

Range

The value can contain 1 to 64 characters, including letters, numbers, hyphens (-), and underscores (_).

Default Value

None

has_container

No

Boolean

Definition

Whether a local image is associated with a container.

Range

  • true: The image is associated with a container.

  • false: The image is not associated with a container.

Default Value

None (Items are not filtered by container association status.)

Request Parameters

Table 3 Request header parameters

Parameter

Mandatory

Type

Description

X-Auth-Token

Yes

String

Definition

User token, which contains user identity and permissions. The token can be used for identity authentication when an API is called. For details about how to obtain the token, see Obtaining a User Token.

Constraints

N/A

Range

The value can contain 1 to 32,768 characters.

Default Value

N/A

Response Parameters

Status code: 200

Table 4 Response body parameters

Parameter

Type

Description

total_num

Integer

Definition

Total number of local images that meet all filter criteria. It is used to calculate the total number of pages.

Range

The value range is 0 to 2,147,483,647.

data_list

Array of ImageLocalInfo objects

Definition

It contains details about the queried local images. Each element corresponds to the complete information about a local image.

Range

The array length ranges from 0 to the number of elements displayed on each page. The element structure complies with the ImageLocalInfo definition. If the array is empty, it indicates there are no matching results.
Table 5 ImageLocalInfo

Parameter

Type

Description

image_name

String

Definition

Image

Range

The value can contain 0 to 256 characters.

image_id

String

Definition

Unique ID of the local image, which is used to query image details and perform scans.

Range

The value can contain 1 to 64 characters, including letters, numbers, and hyphens (-). It must comply with the UUID format.

image_digest

String

Definition

Encrypted digest (using SHA-256) of the local image, which is used to uniquely identify the image content and prevent tampering.

Range

The value can contain 64 to 128 characters. It starts with sha256:, followed by a hexadecimal string. Example: sha256:ce0b5d91b072730d0bc9518f11efd07eb7fdb9f43251e11a96cab5b1918b7044

image_version

String

Definition

Image version

Range

The value can contain 0 to 256 characters.

local_image_type

String

Definition

Storage source type of a local image. It indicates whether the image is from Huawei Cloud SWR.

Range

swr_image: image from Huawei Cloud SWR

other_image: non-SWR image

scan_status

String

Definition

Security scan status of a local image. It indicates whether the image has been scanned.

Range

Scan status. Its value can be:

  • unscan

  • success

    • scanning

    • failed

  • waiting

image_size

Long

Definition

Actual storage size of a local image, in bytes.

Range

The value range is 0 to 9,223,372,036,854,775,807 (about 9 EB).

latest_update_time

Long

Definition

Last update time of a local image tag, that is, the timestamp when the image is created or updated.

Range

Unix timestamp (unit: ms). The value ranges from 0 to 9223372036854775807.

latest_scan_time

Long

Definition

Timestamp of the last security scan of a local image. If no scan is performed, the value of this field may be 0 or empty.

Range

Unix timestamp (unit: ms). The value ranges from 0 to 9223372036854775807. If no scans have been performed, the value is 0.

vul_num

Long

Definition

Total number of software vulnerabilities detected in local images, including high-, medium-, and low-risk vulnerabilities.

Range

The value range is 0 to 9,223,372,036,854,775,807.

unsafe_setting_num

Long

Definition

Number of local image check items that failed the security baseline check. It reflects the image configuration compliance.

Range

The value range is 0 to 9,223,372,036,854,775,807.

malicious_file_num

Long

Definition

Total number of malicious files (such as viruses and Trojans) detected in local images.

Range

The value range is 0 to 9,223,372,036,854,775,807.

host_num

Long

Definition

Total number of cloud servers associated with the local image.

Range

The value range is 0 to 9,223,372,036,854,775,807.

container_num

Long

Definition

Total number of containers created or associated with the local image.

Range

The value range is 0 to 9,223,372,036,854,775,807.

component_num

Long

Definition

Total number of software components (such as dependency libraries and applications) contained in the local image.

Range

The value range is 0 to 9,223,372,036,854,775,807.

scan_failed_desc

String

Definition

If scan_status is failed, this field indicates the specific reason why the scan failed. If the scan is not failed, this field is left blank.

Range

  • unknown_error: Unknown error.

    • failed_to_match_agent: The container edition is not enabled for the server, or the agent of the server is offline.

    • create_container_failed: The container fails to be created.

  • get_container_info_failed: The container information fails to be obtained.

    • docker_offline: The docker engine is offline.

    • get_docker_root_failed: The root file system of the container fails to be obtained.

    • image_not_exist_or_docker_api_fault: The image does not exist or the Docker API is abnormal.

    • huge_image: The image is too large.

    • docker_root_in_nfs: The root directory of the container is mounted to the network.

  • response_timed_out: The response timed out.

severity_level

String

Definition

Risk level evaluated based on the image vulnerabilities, baseline violations, and malicious files.

Range

  • Security

  • Low

  • Medium

  • High

host_name

String

Definition

Name of the cloud server where an application protection event belongs. It is used to identify the event source server.

Range

The value contains 1 to 64 characters. It can contain letters, numbers, hyphens (-), and underscores (_), and must comply with the Huawei Cloud ECS naming rules.

host_id

String

Definition

Host ID.

Constraints

N/A

Range

The value can contain 1 to 128 characters.

Default Value

N/A

agent_id

String

Definition

Unique ID of the HSS agent installed on the server where the local image is located, which is used to associate agent operations.

Range

The value can contain 1 to 128 characters, including letters, numbers, hyphens (-), and underscores (_).

non_scan_reason

String

Definition

It specifies the reason why a local image cannot be scanned (for example, the image format is not supported or the permission is insufficient). If this parameter is left blank, the image can be scanned.

Range

The value can contain 0 to 1024 characters, including letters, numbers, common punctuations, and spaces.

Example Requests

Query the first 10 records in the local image list.

GET https://{endpoint}/v5/{project_id}/image/local-repositories?offset=0&limit=10

Example Responses

Status code: 200

Request succeeded.

{
  "data_list" : [ {
    "image_id" : "f757deea-781e-45ec-90ec-f199249890df",
    "image_name" : "webshell-ljx",
    "image_version" : "v1",
    "image_digest" : "sha256:ce0b5d91b072730d0bc9518f11efd07eb7fdb9f43251e11a96cab5b1918b7044",
    "local_image_type" : "swr_image",
    "scan_status" : "success",
    "image_size" : 215304488,
    "latest_update_time" : 1697509433000,
    "latest_scan_time" : 1709973506292,
    "host_num" : 0,
    "container_num" : 5,
    "component_num" : 146,
    "vul_num" : 77,
    "host_name" : "myhost",
    "host_id" : "9ad79426-992c-4be4-a2d1-dfd3a75b7c14",
    "agent_id" : "1c1d073c5fc403eb0d9c3088bc49da4e015586fd4864513a2fd81afedce282d4",
    "severity_level" : "High"
  } ],
  "total_num" : 1
}

Status Codes

Status Code

Description

200

Request succeeded.

Error Codes

See Error Codes.

Parent Topic: Container Images