Terraform ECR Module

Terraform module that creates ECR resources on AWS.

Description

Provision ECR Repository, Repository Policy and Lifecycle Policy.

This module provides settings:

• Enable access by ARN
• Automation of cleaning up unused images

Usage

Minimal setup & Unrestricted access to ECR

module "ecr" {
  source = "hazelops/ecr/aws"
  version = "~> 2.0"
  name = "test"
}

Requirements

No requirements.

Providers

Name	Version
aws	n/a

Modules

No modules.

Resources

Name	Type
aws_ecr_lifecycle_policy.default	resource
aws_ecr_repository.this	resource
aws_ecr_repository_policy.this	resource
aws_iam_policy_document.this	data source

Inputs

Name	Description	Type	Default	Required
ecr_policy	Optional ECR policy to be applied.	list(string)	[]	no
enabled	If not enabled, no resources will be created.	bool	true	no
encryption_type	The encryption type for the repository. Must be one of: KMS or AES256. Defaults to AES256.	string	null	no
force_delete	If true, will delete the repository even if it contains images.	bool	false	no
image_scan_on_push	Indicates whether images are scanned after being pushed to the repository (true) or not scanned (false).	bool	false	no
image_tag_mutability	The tag mutability setting for the repository. Must be one of: MUTABLE or IMMUTABLE. Defaults to MUTABLE.	string	"MUTABLE"	no
kms_key	The ARN of the KMS key to use when encryption_type is KMS. If not specified, uses the default AWS managed key for ECR.	string	null	no
max_any_image_count	Maximum number of images that you want to retain in repository.	number	100	no
name	Name of the ECR repository.	any	n/a	yes
pull_arns	List of IAM ARNs that can pull images.	list(string)	[]	no
push_arns	List of IAM ARNs that can push and pull images and tags.	list(string)	[]	no
tags	A map of tags to add to all resources.	map(string)	{}	no

Outputs

Name	Description
repository_id	n/a
repository_url	n/a

Terraform Module Registry

Terraform ECR Repo

Inspired by modules from justinm and tmknom

Maintainer: Dmitry Borisov