Skip to content

Resource: awsEcrRepository

Provides an Elastic Container Registry Repository.

Example Usage

/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as aws from "./.gen/providers/aws";
new aws.ecrRepository.EcrRepository(this, "foo", {
  imageScanningConfiguration: {
    scanOnPush: true,
  },
  imageTagMutability: "MUTABLE",
  name: "bar",
});

Argument Reference

The following arguments are supported:

  • name - (Required) Name of the repository.
  • encryptionConfiguration - (Optional) Encryption configuration for the repository. See below for schema.
  • forceDelete - (Optional) If true, will delete the repository even if it contains images. Defaults to false.
  • imageTagMutability - (Optional) The tag mutability setting for the repository. Must be one of: mutable or immutable. Defaults to mutable.
  • imageScanningConfiguration - (Optional) Configuration block that defines image scanning configuration for the repository. By default, image scanning must be manually triggered. See the ECR User Guide for more information about image scanning.
  • scanOnPush - (Required) Indicates whether images are scanned after being pushed to the repository (true) or not scanned (false).
  • tags - (Optional) A map of tags to assign to the resource. If configured with a provider defaultTags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

encryptionConfiguration

  • encryptionType - (Optional) The encryption type to use for the repository. Valid values are aes256 or kms. Defaults to aes256.
  • kmsKey - (Optional) The ARN of the KMS key to use when encryptionType is kms. If not specified, uses the default AWS managed key for ECR.

Attributes Reference

In addition to all arguments above, the following attributes are exported:

  • arn - Full ARN of the repository.
  • registryId - The registry ID where the repository was created.
  • repositoryUrl - The URL of the repository (in the form awsAccountIdDkrEcrRegionAmazonawsCom/repositoryName).
  • tagsAll - A map of tags assigned to the resource, including those inherited from the provider defaultTags configuration block.

Timeouts

Configuration options:

  • delete - (Default 20M)

Import

ECR Repositories can be imported using the name, e.g.,

$ terraform import aws_ecr_repository.service test-service