This terraform module will deploy the following services:
- ECR Repository
- ECR Repository Policy
- ECR Repository Lifecycle Policy
module "ecr" {
source = "github.com/terrablocks/aws-ecr.git?ref=" # Always use `ref` to point module to a specific version or hash
name = "backend"
}
| Name |
Version |
| terraform |
>= 1.0 |
| aws |
>= 5.82.2 |
| Name |
Description |
Type |
Default |
Required |
| apply_default_lifecycle_policy |
Whether to create a lifecycle policy to delete container image after 30 days. Set this to false if you are passing custom policy |
bool |
true |
no |
| custom_lifecycle_policy |
Pass a custom JSON formatted string policy document. Refer to AWS doc for creating the policy document |
string |
"" |
no |
| ecr_resource_policy |
To attach a resource policy to ECR repository provide a JSON formatted policy document. Refer to AWS doc for creating the policy document |
string |
"" |
no |
| force_delete |
Delete the ECR repository even if it contains images |
bool |
true |
no |
| image_tag_mutability |
Whether to allow image overwrite |
string |
"IMMUTABLE" |
no |
| kms_key |
ID/Alias/ARN of KMS key to use for SSE encryption. You can skip this to use default AWS managed key |
string |
"alias/aws/ecr" |
no |
| name |
Name of ECR repository |
string |
n/a |
yes |
| scan_image_on_push |
Enable scanning of container image for vulnerabilities on push |
bool |
true |
no |
| tags |
Map of key value pair to associate with ECR repo |
map(string) |
{} |
no |
| Name |
Description |
| arn |
ARN of the ECR repository |
| id |
The registry ID where the ECR repository is created |
| name |
Name of the ECR repository |
| url |
URL of the ECR repository |
