Skip to content

Resource: awsEcrLifecyclePolicy

Manages an ECR repository lifecycle policy.

\~> NOTE: Only one awsEcrLifecyclePolicy resource can be used with the same ECR repository. To apply multiple rules, they must be combined in the policy JSON.

\~> NOTE: The AWS ECR API seems to reorder rules based on rulePriority. If you define multiple rules that are not sorted in ascending rulePriority order in the Terraform code, the resource will be flagged for recreation every terraformPlan.

Example Usage

Policy on untagged image

/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as aws from "./.gen/providers/aws";
const awsEcrRepositoryFoo = new aws.ecrRepository.EcrRepository(this, "foo", {
  name: "bar",
});
new aws.ecrLifecyclePolicy.EcrLifecyclePolicy(this, "foopolicy", {
  policy:
    '{\n    "rules": [\n        {\n            "rulePriority": 1,\n            "description": "Expire images older than 14 days",\n            "selection": {\n                "tagStatus": "untagged",\n                "countType": "sinceImagePushed",\n                "countUnit": "days",\n                "countNumber": 14\n            },\n            "action": {\n                "type": "expire"\n            }\n        }\n    ]\n}\n',
  repository: awsEcrRepositoryFoo.name,
});

Policy on tagged image

/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as aws from "./.gen/providers/aws";
const awsEcrRepositoryFoo = new aws.ecrRepository.EcrRepository(this, "foo", {
  name: "bar",
});
new aws.ecrLifecyclePolicy.EcrLifecyclePolicy(this, "foopolicy", {
  policy:
    '{\n    "rules": [\n        {\n            "rulePriority": 1,\n            "description": "Keep last 30 images",\n            "selection": {\n                "tagStatus": "tagged",\n                "tagPrefixList": ["v"],\n                "countType": "imageCountMoreThan",\n                "countNumber": 30\n            },\n            "action": {\n                "type": "expire"\n            }\n        }\n    ]\n}\n',
  repository: awsEcrRepositoryFoo.name,
});

Argument Reference

The following arguments are supported:

  • repository - (Required) Name of the repository to apply the policy.
  • policy - (Required) The policy document. This is a JSON formatted string. See more details about Policy Parameters in the official AWS docs.

Attributes Reference

In addition to all arguments above, the following attributes are exported:

  • repository - The name of the repository.
  • registryId - The registry ID where the repository was created.

Import

ECR Lifecycle Policy can be imported using the name of the repository, e.g.,

$ terraform import aws_ecr_lifecycle_policy.example tf-example