Skip to content

dod-iac/terraform-aws-ecr-repo

BranchesTags

Repository files navigation

Usage

Creates an AWS ECR repository.

module "ecr_repo" {
  source = "dod-iac/ecr-repo/aws"

  name  = format("app-%s-%s", var.application, var.environment)

  tags = {
    Application = var.application
    Automation  = "Terraform"
  }
}

Creates an AWS ECR repository with container images encrypted using a customer-managed KMS key.

module "ecr_kms_key" {
  source = "dod-iac/ecr-kms-key/aws"

  name = format("alias/app-%s-ecr", var.application, var.environment)
  tags = {
    Application = var.application
    Automation  = "Terraform"
  }
}

module "ecr_repo" {
  source = "dod-iac/ecr-repo/aws"

  encryption_type = "KMS"
  kms_key_arn = module.ecr_kms_key.aws_kms_key_arn
  name  = format("app-%s", var.application)

  tags = {
    Application = var.application
    Automation  = "Terraform"
  }
}

Use the optional lifecycle_policy variable to set the lifecycle policy for the repo.

Use the optional repository_policy variable to set the repository policy for the repo.

Terraform Version

Terraform 0.13. Pin module version to ~> 1.0.0 . Submit pull-requests to main branch.

Terraform 0.11 and 0.12 are not supported.

License

This project constitutes a work of the United States Government and is not subject to domestic copyright protection under 17 USC § 105. However, because the project utilizes code licensed from contributors and other third parties, it therefore is licensed under the MIT License. See LICENSE file for more information.

Requirements

Name Version
terraform >= 0.13
aws >= 3.0, < 5.0

Providers

Name Version
aws >= 3.0, < 5.0

Modules

No modules.

Resources

Name Type
aws_ecr_lifecycle_policy.main resource
aws_ecr_repository.main resource
aws_ecr_repository_policy.main resource
aws_caller_identity.current data source

Inputs

Name Description Type Default Required
encryption_type The encryption type to use for the repository. Valid values are AES256 or KMS. string "AES256" no
immutable If true, image tags are immutable. bool false no
kms_key_arn The ARN of the KMS key to used to encrypt the container images. string "" no
lifecycle_policy Optional lifecycle policy for the ECR repository. string "" no
name Name of the repository. string n/a yes
repository_policy Optional repository policy for the ECR repository. string "" no
scan_on_push Indicates whether images are scanned after being pushed to the repository (true) or not scanned (false). bool true no
tags A mapping of tags to assign to the ECR repo. map(string) {} no

Outputs

Name Description
arn The Amazon Resource Name (ARN) of the AWS ECR repo.
repository_url The URL of the repository (in the form aws_account_id.dkr.ecr.region.amazonaws.com/repositoryName).

About

An AWS ECR repository

registry.terraform.io/modules/dod-iac/ecr-repo/aws

Topics

aws terraform ecr

Resources

Readme

License

View license
Activity
Custom properties

Stars

1 star

Watchers

5 watching

Forks

5 forks
Report repository

Releases

4 tags

Packages

No packages published

Contributors 4

  •  
  •  
  •  
  •  

Languages