aws∕ecr - dicomgrid/pt-modules GitHub Wiki
Usage
To use this module in your Terraform, refer to the below module example:
module "aws_ecr" {
source = "git::https://github.com/dicomgrid/pt-modules.git?ref=null"
# See inputs below for additional required parameters
}
Attributes
Requirements
| Name | Version |
|---|---|
| terraform | ~> 1.0 |
| aws | >= 4.64.0 |
Providers
| Name | Version |
|---|---|
| aws | >= 4.64.0 |
Modules
No modules.
Resources
| Name | Type |
|---|---|
| aws_ecr_lifecycle_policy.main | resource |
| aws_ecr_repository.main | resource |
| aws_ecr_repository_policy.main | resource |
| aws_iam_policy_document.permissions | data source |
Inputs
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| tags | n/a | any |
n/a | yes |
| aws_project_id | n/a | string |
"null" |
no |
| code_managed | n/a | string |
"true" |
no |
| compliance | n/a | string |
"null" |
no |
| cross_account_access | n/a | bool |
false |
no |
| encryption_type | n/a | string |
"AES256" |
no |
| image_tag_mutability | The tag mutability setting for the repository. Must be one of: MUTABLE or IMMUTABLE. Defaults to MUTABLE. | string |
"MUTABLE" |
no |
| kms_key | ARN of the KMS to use when encryption type is KMS | string |
null |
no |
| lifecycle_policy | n/a | string |
"default" |
no |
| lifecycle_policy_default | n/a | string |
"{\n \"rules\": [\n {\n \"rulePriority\": 10,\n \"description\": \"Expire older final releases\",\n \"selection\": {\n \"tagStatus\": \"tagged\",\n \"tagPrefixList\": [\"final\"],\n \"countType\": \"sinceImagePushed\",\n \"countUnit\": \"days\",\n \"countNumber\": 90\n },\n \"action\": {\n \"type\": \"expire\"\n }\n },\n {\n \"rulePriority\": 11,\n \"description\": \"Expire older rc\",\n \"selection\": {\n \"tagStatus\": \"tagged\",\n \"tagPrefixList\": [\"rc\"],\n \"countType\": \"sinceImagePushed\",\n \"countUnit\": \"days\",\n \"countNumber\": 14\n },\n \"action\": {\n \"type\": \"expire\"\n }\n },\n {\n \"rulePriority\": 12,\n \"description\": \"Expire older dev images\",\n \"selection\": {\n \"tagStatus\": \"tagged\",\n \"tagPrefixList\": [\"dev\"],\n \"countType\": \"sinceImagePushed\",\n \"countUnit\": \"days\",\n \"countNumber\": 14\n },\n \"action\": {\n \"type\": \"expire\"\n }\n },\n {\n \"rulePriority\": 13,\n \"description\": \"Expire dirty images\",\n \"selection\": {\n \"tagStatus\": \"tagged\",\n \"tagPrefixList\": [\"dirty\"],\n \"countType\": \"sinceImagePushed\",\n \"countUnit\": \"days\",\n \"countNumber\": 1\n },\n \"action\": {\n \"type\": \"expire\"\n }\n },\n {\n \"rulePriority\": 14,\n \"description\": \"Expire untagged >1w old\",\n \"selection\": {\n \"tagStatus\": \"untagged\",\n \"countType\": \"sinceImagePushed\",\n \"countUnit\": \"days\",\n \"countNumber\": 1\n },\n \"action\": {\n \"type\": \"expire\"\n }\n }\n ]\n}\n" |
no |
| lifecycle_policy_enable | n/a | bool |
true |
no |
| map_migrated | n/a | string |
"null" |
no |
| onetime | n/a | string |
"null" |
no |
| pull_roles | Role ARN's that have read-only access | list(string) |
[] |
no |
| pull_service_identifiers | Service identifiers that have read-only access | list(string) |
[] |
no |
| push_roles | Role ARN's that have read/write access | list(string) |
[] |
no |
| push_service_identifiers | Service identifiers that have read/write access | list(string) |
[] |
no |
| scan_on_push | Enable image scanning on push | string |
true |
no |
Outputs
| Name | Description |
|---|---|
| permissions | n/a |
| registry_id | n/a |
| repository_url | n/a |