This terraform module will deploy the following services:
- ECR Repository
- ECR Repository Policy
- ECR Repository Lifecycle Policy
module "ecr" {
source = "github.com/terrablocks/aws-ecr.git"
name = "backend"
}| Name | Version |
|---|---|
| terraform | >= 1.0 |
| aws | >= 4.0.0 |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| name | Name of ECR repository | string |
n/a | yes |
| kms_key | ID/Alias/ARN of KMS key to use for SSE encryption. You can skip this to use default AWS managed key | string |
"alias/aws/ecr" |
no |
| image_tag_mutability | Whether to allow image overwrite | string |
"IMMUTABLE" |
no |
| scan_image_on_push | Enable scanning of container image for vulnerabilities on push | bool |
true |
no |
| ecr_resource_policy | To attach a resource policy to ECR repository provide a JSON formatted policy document. Refer to AWS doc for creating the policy document | string |
"" |
no |
| apply_default_lifecycle_policy | Whether to create a lifecycle policy to delete container image after 30 days. Set this to false if you are passing custom policy | bool |
true |
no |
| custom_lifecycle_policy | Pass a custom JSON formatted string policy document. Refer to AWS doc for creating the policy document | string |
"" |
no |
| tags | Map of key value pair to associate with ECR repo | map(string) |
{} |
no |
| Name | Description |
|---|---|
| arn | ARN of ECR repository |
| id | The registry ID where the repository was created |
| url | URL of the repository |