/terraform-aws-ecr-watch

A Dashboard for AWS ECR usage based on CloudWatch log insight queries

Primary LanguageHCLMIT LicenseMIT

ecr-watch

Terraform module to configure an AWS ECR Usage Dashboard based on AWS CloudWatch log insight queries with data fetched from AWS CloudTrail.

STATUS

The Cloudwatch Dashboard includes the following widgets:

  • Images per Accounts
  • Usage by Accounts
  • ECR Repositories Usage
  • Images and tags per accounts

Usage

Module call for ecr-watch

  • Call the module as follows
module "ecr-watch" {
    source = "github.com/porscheofficial/terraform-aws-ecr-watch"
    aws_cloudwatch_cloudtrail_log_group = "<cloudtrail/log_group/path>"
    aws_region = <aws-region>
}

To perform security scan:

Please install https://github.com/aquasecurity/tfsec

tfsec --format=default

Requirements

Name Version
terraform ~> 1.4.5

Providers

Name Version
aws 4.63.0

Resources

Name Type
aws_cloudwatch_dashboard resource
aws_caller_identity data source

Inputs

Name Type Description Default value
aws_region string Specify AWS region for CloudWatch Log Group containing CloudTrail Logs eu-central-1
aws_cloudwatch... string Specify the CloudWatch Log Group which contains CloudTrail Logs aws/cloudtrail