My Saved Presets
You must be logged in to view saved presets

Loading Library ...

ECR Repository and Policy Setup

Creates an AWS ECR repository and attaches a policy document to it, allowing specified actions for a given AWS principal.

example

aws_ecr_repository


encryption_configuration


image_scanning_configuration

depends_on


lifecycle

ignore_changes

replace_triggered_by

precondition


postcondition



example

aws_ecr_repository_policy



depends_on


lifecycle

ignore_changes

replace_triggered_by

precondition


postcondition



example

aws_iam_policy_document

override_policy_documents


source_policy_documents

statement

actions

condition


values


not_actions

not_principals

identifiers

not_resources

principals

identifiers

resources


depends_on


lifecycle

ignore_changes

replace_triggered_by

precondition


postcondition



Terraform Template

data "aws_iam_policy_document" "example" {

  statement {
    actions = ["ecr:GetDownloadUrlForLayer", "ecr:BatchGetImage", "ecr:BatchCheckLayerAvailability", "ecr:PutImage", "ecr:InitiateLayerUpload", "ecr:UploadLayerPart", "ecr:CompleteLayerUpload", "ecr:DescribeRepositories", "ecr:GetRepositoryPolicy", "ecr:ListImages", "ecr:DeleteRepository", "ecr:BatchDeleteImage", "ecr:SetRepositoryPolicy", "ecr:DeleteRepositoryPolicy"]
    effect = "Allow"

    principals {
      identifiers = ["123456789012"]
      type = "AWS"
    }
    sid = "new policy"
  }
}

resource "aws_ecr_repository" "example" {
  name = "example-repo"
}

resource "aws_ecr_repository_policy" "example" {
  policy = data.aws_iam_policy_document.example.json
  repository = aws_ecr_repository.example.name
}

© 2024 asecurecloud. All rights reserved.