Skip to content

Commit

Permalink
Merge pull request #93 from ministryofjustice/main
Browse files Browse the repository at this point in the history
List + delete images
  • Loading branch information
jakemulley authored Aug 9, 2023
2 parents c5f3fbf + 6b87bd9 commit 79c0bdb
Showing 1 changed file with 5 additions and 1 deletion.
6 changes: 5 additions & 1 deletion main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -202,6 +202,7 @@ resource "random_id" "oidc" {
}

# Base ECR policy for pushing and pulling images, can be used across all OIDC providers
# Also allows listing existing images and deleting them
# See: https://github.com/aws-actions/amazon-ecr-login#permissions
data "aws_iam_policy_document" "base" {
version = "2012-10-17"
Expand All @@ -214,14 +215,17 @@ data "aws_iam_policy_document" "base" {
}

statement {
sid = "AllowPushPull"
sid = "AllowPushPullListDelete"
effect = "Allow"
actions = [
"ecr:BatchGetImage",
"ecr:BatchCheckLayerAvailability",
"ecr:BatchDeleteImage",
"ecr:CompleteLayerUpload",
"ecr:DescribeImages",
"ecr:GetDownloadUrlForLayer",
"ecr:InitiateLayerUpload",
"ecr:ListImages",
"ecr:PutImage",
"ecr:UploadLayerPart"
]
Expand Down

0 comments on commit 79c0bdb

Please sign in to comment.