create_ecr_policy |
n/a |
bool |
false |
no |
create_iam_role_pull |
n/a |
bool |
false |
no |
create_iam_role_push |
n/a |
bool |
false |
no |
create_iam_user_pull |
n/a |
bool |
false |
no |
create_iam_user_push |
n/a |
bool |
false |
no |
create_lifecycle_policy |
n/a |
bool |
true |
no |
custom_ecr_policy |
Json formatted ECR policy - overrides any default policy |
any |
null |
no |
default_ecr_policy_type |
pull or push |
any |
null |
no |
ecr_policy_principal_type |
List of principals allowed to use the ECR policy |
string |
"AWS" |
no |
ecr_policy_principals |
List of principals allowed to use the ECR policy |
list |
[ "*" ] |
no |
ecr_pull_role_policy_arn |
Arn of ECR policy to attach to pull role |
string |
null |
no |
ecr_pull_role_principal_type |
n/a |
string |
"*" |
no |
ecr_pull_role_principals |
n/a |
list(any) |
[ "*" ] |
no |
ecr_push_role_policy_arn |
Arn of ECR policy to attach to push role |
string |
null |
no |
ecr_push_role_principal_type |
n/a |
string |
"*" |
no |
ecr_push_role_principals |
n/a |
list(any) |
[ "*" ] |
no |
encryption_type |
(Optional) The encryption type to use for the repository. Valid values are AES256 or KMS. Defaults to AES256 |
string |
"AES256" |
no |
expire_untagged_image_days |
Expire untagged images older than X days |
number |
30 |
no |
image_tag_mutability |
Image tag immutablity MUTABLE/IMMUTABLE |
string |
"IMMUTABLE" |
no |
keep_last_x_tagged_images |
Keep last X tagged images |
number |
10 |
no |
kms_key |
(Optional) The ARN of the KMS key to use when encryption_type is KMS. If not specified, uses the default AWS managed key for ECR |
any |
null |
no |
lifecycle_policy |
ECR lifecycle policy (jsonencoded) |
any |
null |
no |
name |
EC Repository Name |
any |
n/a |
yes |
pull_iam_role_name |
ECR Pull Role name - leave blank for default name based on var.name |
any |
null |
no |
pull_iam_user_name |
ECR Pull User name - leave blank for default name based on var.name |
any |
null |
no |
push_iam_role_name |
ECR Push Role name - leave blank for default name based on var.name |
any |
null |
no |
push_iam_user_name |
ECR Push User name - leave blank for default name based on var.name |
any |
null |
no |
scan_image_on_push |
Scan image for vulnerabilities on push |
bool |
true |
no |
tag_prefix_list |
List of tag prefixes |
list |
[ "v" ] |
no |
tags |
(Required) Map of tags to apply to repository |
map(any) |
{} |
no |