terraform-aws-ecr

Terraform module which creates ECR resources on AWS.

Description

Provision ECR Repository, Repository Policy and Lifecycle Policy.

This module provides recommended settings:

• Enable cross account access
• Automation of cleaning up unused images

Usage

Minimal

module "ecr" {
  source          = "git::https://github.com/tmknom/terraform-aws-ecr.git?ref=tags/2.3.0"
  name            = "minimal"
  tag_prefix_list = ["release"]
}

Complete

module "ecr" {
  source               = "git::https://github.com/tmknom/terraform-aws-ecr.git?ref=tags/2.3.0"
  name                 = "complete"
  tag_prefix_list      = ["release"]
  scan_on_push         = true
  image_tag_mutability = "IMMUTABLE"

  only_pull_accounts       = ["123456789012"]
  push_and_pull_accounts   = ["111111111111"]
  max_untagged_image_count = 5
  max_tagged_image_count   = 50
}

Examples

• Minimal
• Complete

Requirements

Name	Version
terraform	>= 0.12

Providers

Name	Version
aws	n/a

Inputs

Name	Description	Type	Default	Required
name	Name of the repository.	string	n/a	yes
tag_prefix_list	List of image tag prefixes on which to take action with lifecycle policy.	list(string)	n/a	yes
image_tag_mutability	Whether images are allowed to overwrite existing tags.	string	"MUTABLE"	no
max_tagged_image_count	The maximum number of tagged images that you want to retain in repository.	number	30	no
max_untagged_image_count	The maximum number of untagged images that you want to retain in repository.	number	1	no
only_pull_accounts	AWS accounts which pull only.	list(string)	[]	no
push_and_pull_accounts	AWS accounts which push and pull.	list(string)	[]	no
scan_on_push	Whether images should automatically be scanned on push or not.	bool	false	no

Outputs

Name	Description
ecr_repository_arn	Full ARN of the repository.
ecr_repository_name	The name of the repository.
ecr_repository_registry_id	The registry ID where the repository was created.
ecr_repository_url	The URL of the repository (in the form aws_account_id.dkr.ecr.region.amazonaws.com/repositoryName)

Development

Development Requirements

• Docker

Configure environment variables

export AWS_ACCESS_KEY_ID=AKIAIOSFODNN7EXAMPLE
export AWS_SECRET_ACCESS_KEY=wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
export AWS_DEFAULT_REGION=ap-northeast-1

Installation

git clone git@github.com:tmknom/terraform-aws-ecr.git
cd terraform-aws-ecr
make install

Makefile targets

apply-complete                 Run terraform apply examples/complete
apply-minimal                  Run terraform apply examples/minimal
bump-version                   Bump version (Required argument 'VERSION')
check-format                   Check format code
clean                          Clean .terraform
destroy-complete               Run terraform destroy examples/complete
destroy-minimal                Run terraform destroy examples/minimal
diff                           Word diff
docs                           Generate docs
format                         Format code
help                           Show help
install                        Install requirements
lint                           Lint code
plan-complete                  Run terraform plan examples/complete
plan-minimal                   Run terraform plan examples/minimal
release                        Release GitHub and Terraform Module Registry
upgrade                        Upgrade makefile

Releasing new versions

Bump VERSION file, and run make release.

Terraform Module Registry

• https://registry.terraform.io/modules/tmknom/ecr/aws

License

Apache 2 Licensed. See LICENSE for full details.