IAM: ECR

IAM roles & policies relating to managing ECR.

Optionally, an CI/CD IAM user can be generated to manage ECR (and ECS).

Example
Requirements
Providers
Inputs
Outputs

Example

## CI/CD user role for managing pipeline for AWS ECR resources
module "ecr_ecs_ci_user" {
    source            = "github.com/Jareechang/tf-modules//iam/ecr?ref=v1.0.1"
    env               = var.env
    project_id        = var.project_id
    create_ci_user    = true
    ecr_resource_arns = [
        "arn:aws:ecr:${var.aws_region}:${data.aws_caller_identity.current.account_id}:repository/web/${var.project_id}",
        "arn:aws:ecr:${var.aws_region}:${data.aws_caller_identity.current.account_id}:repository/web/${var.project_id}/*"
    ]
}

Requirements

No requirements.

Providers

Name	Version
aws	n/a

Inputs

Name	Description	Type	Default	Required
create_ci_user	Whether or not to create a CI/CD role	`bool`	`false`	no
ecr_resource_arns	The target ECR arn to add permissions to	`list(string)`	[ "" ]	no
env	Environment for the project	`string`	`"dev"`	no
other_iam_statements	Additional iam permission statement to be added	map(object({ actions = list(string) effect = string resources = list(string) }))	n/a	no
project_id	Unique project ID	`string`	`"web"`	no

Outputs

Name	Description
aws_iam_access_id	n/a
aws_iam_access_key	n/a

Provide feedback

Saved searches

Use saved searches to filter your results more quickly