HomeTerraform Moduleecr-cross-account

ecr-cross-account

doingcloudright/ecr-cross-account/aws

Terraform Module HCL AWS ⏱ stale 2y 6mo

Terraform module to create an ECR repo with cross-account-access

Install

module "ecr-cross-account" {
source = "doingcloudright/ecr-cross-account/aws"
version = "1.1.0"
}
⭐ Source on GitHub 📦 Registry page

README

AWS ECR Module ![Build Status](https://travis-ci.org/doingcloudright/terraform-aws-ecr-cross-account) This module simplifies the creation of an ECR Bucket which serves different AWS Accounts and different stages of development. The lifecycle policy rules can be passed as list of strings inside lifecycle_policy_rules. For generation of lifecycle policy rules please check out doingcloudright/ecr-lifecycle-policy-rule/aws . The list allowed_read_principals is mandatory and defines which principals have read access to the repository. allowed_write_principals could define a principle which has write (&read) access to the repository e.g. the CICD user. _NOTE_ ECR Resource Level policies give certain arns specific access to the Repository configured. However, a minimal IAM policy for the specific

Inputs (11)

NameTypeDescriptionDefault
namespacestringThe namespace we interpolate in all resources required
namestringname defines the name of the repository, by default it will be interpolated to { required
allowed_read_principalslistallowed_read_principals defines which external principals are allowed to read fr required
lifecycle_policy_ruleslistList of json lifecycle policy rules, created by another module: doingcloudright/[]
image_tag_mutabilitystringThe tag mutability setting for the repository. Must be one of: MUTABLE or IMMUTA"MUTABLE"
tagsmapA map of tags to assign to the resource.{}
use_namespacesbooluse_namespaces defines if we want to interpolate the namespace inside the repo ntrue
lifecycle_policy_rules_countstringThe amount of lifecycle_policy_rules, this to make sure we are not running into "0"
allowed_write_principalslistallowed_write_principals defines which external principals are allowed to write []
scan_on_pushingboolIndicates whether images are scanned after being pushed to the repository (true)false
createboolcreate defines if resources need to be created true/falsetrue

Outputs (4)

repository_arn — Repository ARN
repository_name — Repository name
registry_id — Registry ID
registry_url — Registry URL

Resources (3)

aws_ecr_lifecycle_policyaws_ecr_repositoryaws_ecr_repository_policy

Details

FrameworkTerraform Module
LanguageHCL
Version1.1.0
Cloud AWS
★ Stars12
Forks15
Total downloads11.9k
Inputs11
Outputs4
Resources3
LicenseApache-2.0
Namespacedoingcloudright
Updated

Tools

⚖ Compare with another construct → 📋 View data schema