Skip to content

Latest commit

 

History

History
54 lines (41 loc) · 1.68 KB

README.md

File metadata and controls

54 lines (41 loc) · 1.68 KB
Raw

IAM: ECR

IAM roles & policies relating to managing ECR.

Optionally, an CI/CD IAM user can be generated to manage ECR (and ECS).

Example

## CI/CD user role for managing pipeline for AWS ECR resources
module "ecr_ecs_ci_user" {
    source            = "github.com/Jareechang/tf-modules//iam/ecr?ref=v1.0.1"
    env               = var.env
    project_id        = var.project_id
    create_ci_user    = true
    ecr_resource_arns = [
        "arn:aws:ecr:${var.aws_region}:${data.aws_caller_identity.current.account_id}:repository/web/${var.project_id}",
        "arn:aws:ecr:${var.aws_region}:${data.aws_caller_identity.current.account_id}:repository/web/${var.project_id}/*"
    ]
}

Requirements

No requirements.

Providers

Name Version
aws n/a

Inputs

Name Description Type Default Required
create_ci_user Whether or not to create a CI/CD role bool false no
ecr_resource_arns The target ECR arn to add permissions to list(string) 
[
  ""
]
 no
env Environment for the project string "dev" no
other_iam_statements Additional iam permission statement to be added 
map(object({
        actions   = list(string)
        effect    = string
        resources = list(string)
    }))
 n/a no
project_id Unique project ID string "web" no

Outputs

Name Description
aws_iam_access_id n/a
aws_iam_access_key n/a