Skip to content

Latest commit

 

History

History

ecr-repository

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
README.md
README.md
 
 
main.tf
main.tf
 
 
migrations.tf
migrations.tf
 
 
outputs.tf
outputs.tf
 
 
resource-group.tf
resource-group.tf
 
 
variables.tf
variables.tf
 
 
versions.tf
versions.tf
 
 

README.md

ecr-repository

This module creates following resources.

  • aws_ecr_repository
  • aws_ecr_repository_policy (optional)
  • aws_ecr_lifecycle_policy (optional)

Requirements

Name Version
terraform >= 1.10
aws >= 5.44

Providers

Name Version
aws 5.91.0

Modules

Name Source Version
resource_group tedilabs/misc/aws//modules/resource-group ~> 0.10.0

Resources

Name Type
aws_ecr_lifecycle_policy.this resource
aws_ecr_repository.this resource
aws_ecr_repository_policy.this resource

Inputs

Name Description Type Default Required
name (Required) Desired name for the repository. string n/a yes
encryption (Optional) The encryption configuration of the repository. encryption as defined below.
(Optional) type - The encryption type to use for the repository. Valid values are AES256 or KMS. Defaults to AES256.
(Optional) kms_key - The ARN of the KMS key to use for encryption of the repository when type is KMS. If not specified, uses the default AWS managed key for ECR.		 
object({
    type    = optional(string, "AES256")
    kms_key = optional(string)
  })
 {} no
force_delete (Optional) If true, will delete the repository even if it contains images. Defaults to true. bool true no
image_scan_on_push_enabled (Optional, Deprecated) Indicates whether images are scanned after being pushed to the repository or not scanned. This configuration is deprecated in favor of registry level scan filters. Defaults to false. bool false no
image_tag_immutable_enabled (Optional) Whether to enable the image tag immutability setting for the repository. Enable tag immutability to prevent image tags from being overwritten by subsequent image pushes using the same tag. Disable tag immutability to allow image tags to be overwritten. Defaults to false. bool false no
lifecycle_rules (Optional) A list of Lifecycle rules for ECR repository. Each block of lifecycle_rules as defined below.
(Required) priority - The order in which rules are applied, lowest to highest. A lifecycle policy rule with a priority of 1 will be applied first, a rule with priority of 2 will be next, and so on. Must be unique and do not need to be sequential across rules.
(Optional) descriptoin - The description of the rule to describe the purpose of a rule within a lifecycle policy.
(Required) target - The configuration of target images for the rule. target as defined below.

(Required) status - Valid values are tagged, untagged, or any. When you specify tagged status, either tag_patterns or tag_prefixes are required, but not both.
(Optional) tag_patterns - A list of tag patterns to filter target images. If you specify multiple tags, only the images with all specified tags are selected. There is a maximum limit of four wildcards (*) per string.
(Optional) tag_prefixes - A list of tag prefixes to filter target images. If you specify multiple prefixes, only the images with all specified prefixes are selected.
(Required) expiration - The configuration of expiration condition for the rule. expiration as defined below.

(Optional) count - The maximum number of images to keep.
(Optional) days - The maximum age of days to keep images.		 
list(object({
    priority    = number
    description = optional(string, "Managed by Terraform.")

    target = object({
      status       = string
      tag_patterns = optional(list(string), [])
      tag_prefixes = optional(list(string), [])
    })
    expiration = object({
      count = optional(number)
      days  = optional(number)
    })
  }))
 [] no
module_tags_enabled (Optional) Whether to create AWS Resource Tags for the module informations. bool true no
policy (Optional) The policy document for ECR Repository. This is a JSON formatted string. string "" no
resource_group_description (Optional) The description of Resource Group. string "Managed by Terraform." no
resource_group_enabled (Optional) Whether to create Resource Group to find and group AWS resources which are created by this module. bool true no
resource_group_name (Optional) The name of Resource Group. A Resource Group name can have a maximum of 127 characters, including letters, numbers, hyphens, dots, and underscores. The name cannot start with AWS or aws. string "" no
tags (Optional) A map of tags to add to all resources. map(string) {} no

Outputs

Name Description
arn The ARN of the repository.
encryption The encryption configuration of the repository.
image_scan_on_push_enabled Whether to scan image on push.
image_tag_immutable_enabled Whether to enable tag immutability to prevent image tags from being overwritten.
lifecycle_rules The lifecycle rules for the repository.
name The name of the repository.
registry_id The registry ID where the repository was created.
url The URL of the repository (in the form aws_account_id.dkr.ecr.region.amazonaws.com/repositoryName).