Skip to content

pbs/terraform-aws-ecr-module

Repository files navigation

PBS TF ECR Module

Installation

Using the Repo Source

github.com/pbs/terraform-aws-ecr-module?ref=0.3.25

Alternative Installation Methods

More information can be found on these install methods and more in the documentation here.

Usage

This module provisions an ECR repository.

By default, the repository will be created with a 50 image retention policy, be AES256 encrypted and allow access from Lambda. Use the optional variables provided in this module to adjust those configurations.

Integrate this module like so:

module "ecr" {
  source = "github.com/pbs/terraform-aws-ecr-module?ref=0.3.25"

  # Tagging Parameters
  organization = var.organization
  environment  = var.environment
  product      = var.product
  repo         = var.repo

  # Optional Parameters
}

Adding This Version of the Module

If this repo is added as a subtree, then the version of the module should be close to the version shown here:

0.3.25

Note, however that subtrees can be altered as desired within repositories.

Further documentation on usage can be found here.

Below is automatically generated documentation on this Terraform module using terraform-docs


Requirements

Name Version
terraform >= 1.3.2
aws >= 4.5.0

Providers

Name Version
aws 5.24.0

Modules

No modules.

Resources

Name Type
aws_ecr_lifecycle_policy.repo_lifecycle_policy resource
aws_ecr_repository.repo resource
aws_ecr_repository_policy.policy resource
aws_default_tags.common_tags data source

Inputs

Name Description Type Default Required
environment Environment (sharedtools, dev, staging, prod) string n/a yes
organization Organization using this module. Used to prefix tags so that they are easily identified as being from your organization string n/a yes
product Tag used to group resources according to product string n/a yes
repo Tag used to point to the repo using this module string n/a yes
allow_lambda_access (optional) Allow Lambda access to ECR bool true no
create_ecr_policy (optional) Create ECR policy bool true no
encryption_configuration (optional) Encryption configuration. Set encryption_type to KMS to use KMS encryption. Set kms_key_arn to the ARN of the KMS key to use. Set encryption_type to AES256 to use AES256 encryption.
object({
encryption_type = string
kms_key_arn = optional(string)
})
{
"encryption_type": "AES256",
"kms_key_arn": null
}
no
force_delete (optional) Force delete ECR repository even if it has images in it bool false no
image_tag_mutability (optional) Image tag mutability (allowance for a tag be reassigned to another image) string "IMMUTABLE" no
images_to_retain (optional) Number of most recent images to retain (set to null for no retention policy) number 50 no
name (optional) Name of the ECR repository (defaults to product if null) string null no
scan_on_push (optional) Security scan on push bool true no
tags Extra tags map(string) {} no

Outputs

Name Description
repo_url URL for the repository