terraform-aws-ecr

Terraform module to create AWS ECR resources.

Default configurations

Tag image mutability to IMMUTABLE.
Scanning image on push with BASIC mode.
Encryption type with AES256.
Always having a tag called ManagedBy with value Terraform

Usage

Basic Repository

module "ecr" {
  source = "git::[email protected]:cauealvesbraz/terraform-aws-ecr.git?ref=v1.0.0"

  name = "basic-repository-example"

  force_delete = true
  image_tag_mutability = "MUTABLE"

  tags = {
    environment = "dev"
  }
}

Registry Scanning Configuration

The image_scanning_configuration block supports the following:

registry_scanning_configuration = object({
  scan_type = string
  rules = optional(list(object({
    scan_frequency = string
    repository_filter = object({
      filter = string
    })
  })))
})

The following example shows how to create a repository with registry scanning configuration.

module "ecr" {
  source = "git::[email protected]:cauealvesbraz/terraform-aws-ecr.git?ref=v1.0.0"

  name = "basic-repository-example"

  force_delete = true
  image_tag_mutability = "MUTABLE"

  registry_scanning_configuration = {
    scan_type = "ENHANCED"
    rules = [
      {
        scan_frequency = "CONTINUOUS_SCAN"
        repository_filter = {
          filter = "*"
        }
      }
    ]
  }
}

Requirements

Name	Version
`terraform`	>= 1.32.2
`hashicorp/aws`	>= 4.34

Modules

No modules.

Resources

Name	Type
aws_ecr_repository.this	resource
aws_ecr_registry_scanning_configuration.this	resource

Inputs

Name	Description	Type	Default	Required
`name`	Name of the repository.	`string`	`""`	yes
`encryption.type`	Encryption configuration of the repository.	`string`	`AES256`	no
`encryption.kms_key`	The ARN of KMS key.	`string`	`""`	no
`image_tag_mutability`	The tag mutability setting for the repository. Must be one of: MUTABLE or IMMUTABLE.	`string`	`"IMMUTABLE"`	no
`force_delete`	If true, will delete the repository even if it contains images.	`boolean`	`false`	no
`scan_on_push`	Indicates whether images are scanned after being pushed to the repository.	`boolean`	`true`	no
`registry_scanning_configuration`	The registry scanning configuration	`object`	`object.scan_type = "BASIC"`	no
`tags`	A map of tags to add to resources	`map(string)`	`{}`	no

Outputs

Name	Description
`repository_arn`	Full ARN of the repository
`registry_id`	The registry ID of the repository
`repository_url`	The URL of the repository

License

MIT

Name		Name	Last commit message	Last commit date
Latest commit History 22 Commits
.github/workflows		.github/workflows
tests		tests
.editorconfig		.editorconfig
.gitignore		.gitignore
.pre-commit-config.yaml		.pre-commit-config.yaml
.releaserc.json		.releaserc.json
.tflint.hcl		.tflint.hcl
CHANGELOG.md		CHANGELOG.md
LICENSE		LICENSE
README.md		README.md
main.tf		main.tf
outputs.tf		outputs.tf
variables.tf		variables.tf
versions.tf		versions.tf

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

terraform-aws-ecr

Default configurations

Usage

Basic Repository

Registry Scanning Configuration

Requirements

Modules

Resources

Inputs

Outputs

License

About

Releases 4

Contributors 2

Languages

License

cauealvesbraz/terraform-aws-ecr

Folders and files

Latest commit

History

Repository files navigation

terraform-aws-ecr

Default configurations

Usage

Basic Repository

Registry Scanning Configuration

Requirements

Modules

Resources

Inputs

Outputs

License

About

Topics

Resources

License

Stars

Watchers

Forks

Releases 4

Contributors 2

Languages