Creates a repository creation template. This template is used to define the settings + * for repositories created by Amazon ECR on your behalf. For example, repositories created + * through pull through cache actions. For more information, see Private + * repository creation templates in the + * Amazon Elastic Container Registry User Guide.
+ * @example + * Use a bare-bones client and the command you need to make an API call. + * ```javascript + * import { ECRClient, CreateRepositoryCreationTemplateCommand } from "@aws-sdk/client-ecr"; // ES Modules import + * // const { ECRClient, CreateRepositoryCreationTemplateCommand } = require("@aws-sdk/client-ecr"); // CommonJS import + * const client = new ECRClient(config); + * const input = { // CreateRepositoryCreationTemplateRequest + * prefix: "STRING_VALUE", // required + * description: "STRING_VALUE", + * encryptionConfiguration: { // EncryptionConfigurationForRepositoryCreationTemplate + * encryptionType: "AES256" || "KMS", // required + * kmsKey: "STRING_VALUE", + * }, + * resourceTags: [ // TagList + * { // Tag + * Key: "STRING_VALUE", // required + * Value: "STRING_VALUE", // required + * }, + * ], + * imageTagMutability: "MUTABLE" || "IMMUTABLE", + * repositoryPolicy: "STRING_VALUE", + * lifecyclePolicy: "STRING_VALUE", + * appliedFor: [ // RCTAppliedForList // required + * "REPLICATION" || "PULL_THROUGH_CACHE", + * ], + * customRoleArn: "STRING_VALUE", + * }; + * const command = new CreateRepositoryCreationTemplateCommand(input); + * const response = await client.send(command); + * // { // CreateRepositoryCreationTemplateResponse + * // registryId: "STRING_VALUE", + * // repositoryCreationTemplate: { // RepositoryCreationTemplate + * // prefix: "STRING_VALUE", + * // description: "STRING_VALUE", + * // encryptionConfiguration: { // EncryptionConfigurationForRepositoryCreationTemplate + * // encryptionType: "AES256" || "KMS", // required + * // kmsKey: "STRING_VALUE", + * // }, + * // resourceTags: [ // TagList + * // { // Tag + * // Key: "STRING_VALUE", // required + * // Value: "STRING_VALUE", // required + * // }, + * // ], + * // imageTagMutability: "MUTABLE" || "IMMUTABLE", + * // repositoryPolicy: "STRING_VALUE", + * // lifecyclePolicy: "STRING_VALUE", + * // appliedFor: [ // RCTAppliedForList + * // "REPLICATION" || "PULL_THROUGH_CACHE", + * // ], + * // customRoleArn: "STRING_VALUE", + * // createdAt: new Date("TIMESTAMP"), + * // updatedAt: new Date("TIMESTAMP"), + * // }, + * // }; + * + * ``` + * + * @param CreateRepositoryCreationTemplateCommandInput - {@link CreateRepositoryCreationTemplateCommandInput} + * @returns {@link CreateRepositoryCreationTemplateCommandOutput} + * @see {@link CreateRepositoryCreationTemplateCommandInput} for command's `input` shape. + * @see {@link CreateRepositoryCreationTemplateCommandOutput} for command's `response` shape. + * @see {@link ECRClientResolvedConfig | config} for ECRClient's `config` shape. + * + * @throws {@link InvalidParameterException} (client fault) + *The specified parameter is invalid. Review the available parameters for the API + * request.
+ * + * @throws {@link LimitExceededException} (client fault) + *The operation did not succeed because it would have exceeded a service limit for your + * account. For more information, see Amazon ECR service quotas in + * the Amazon Elastic Container Registry User Guide.
+ * + * @throws {@link ServerException} (server fault) + *These errors are usually caused by a server-side issue.
+ * + * @throws {@link TemplateAlreadyExistsException} (client fault) + *The repository creation template already exists. Specify a unique prefix and try + * again.
+ * + * @throws {@link ValidationException} (client fault) + *There was an exception validating this request.
+ * + * @throws {@link ECRServiceException} + *Base exception class for all service exceptions from ECR service.
+ * + * @public + */ +export class CreateRepositoryCreationTemplateCommand extends $Command + .classBuilder< + CreateRepositoryCreationTemplateCommandInput, + CreateRepositoryCreationTemplateCommandOutput, + ECRClientResolvedConfig, + ServiceInputTypes, + ServiceOutputTypes + >() + .ep({ + ...commonParams, + }) + .m(function (this: any, Command: any, cs: any, config: ECRClientResolvedConfig, o: any) { + return [ + getSerdePlugin(config, this.serialize, this.deserialize), + getEndpointPlugin(config, Command.getEndpointParameterInstructions()), + ]; + }) + .s("AmazonEC2ContainerRegistry_V20150921", "CreateRepositoryCreationTemplate", {}) + .n("ECRClient", "CreateRepositoryCreationTemplateCommand") + .f(void 0, void 0) + .ser(se_CreateRepositoryCreationTemplateCommand) + .de(de_CreateRepositoryCreationTemplateCommand) + .build() {} diff --git a/clients/client-ecr/src/commands/DeleteRepositoryCreationTemplateCommand.ts b/clients/client-ecr/src/commands/DeleteRepositoryCreationTemplateCommand.ts new file mode 100644 index 0000000000000..e188ab1a018da --- /dev/null +++ b/clients/client-ecr/src/commands/DeleteRepositoryCreationTemplateCommand.ts @@ -0,0 +1,124 @@ +// smithy-typescript generated code +import { getEndpointPlugin } from "@smithy/middleware-endpoint"; +import { getSerdePlugin } from "@smithy/middleware-serde"; +import { Command as $Command } from "@smithy/smithy-client"; +import { MetadataBearer as __MetadataBearer } from "@smithy/types"; + +import { ECRClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../ECRClient"; +import { commonParams } from "../endpoint/EndpointParameters"; +import { DeleteRepositoryCreationTemplateRequest, DeleteRepositoryCreationTemplateResponse } from "../models/models_0"; +import { + de_DeleteRepositoryCreationTemplateCommand, + se_DeleteRepositoryCreationTemplateCommand, +} from "../protocols/Aws_json1_1"; + +/** + * @public + */ +export type { __MetadataBearer }; +export { $Command }; +/** + * @public + * + * The input for {@link DeleteRepositoryCreationTemplateCommand}. + */ +export interface DeleteRepositoryCreationTemplateCommandInput extends DeleteRepositoryCreationTemplateRequest {} +/** + * @public + * + * The output of {@link DeleteRepositoryCreationTemplateCommand}. + */ +export interface DeleteRepositoryCreationTemplateCommandOutput + extends DeleteRepositoryCreationTemplateResponse, + __MetadataBearer {} + +/** + *Deletes a repository creation template.
+ * @example + * Use a bare-bones client and the command you need to make an API call. + * ```javascript + * import { ECRClient, DeleteRepositoryCreationTemplateCommand } from "@aws-sdk/client-ecr"; // ES Modules import + * // const { ECRClient, DeleteRepositoryCreationTemplateCommand } = require("@aws-sdk/client-ecr"); // CommonJS import + * const client = new ECRClient(config); + * const input = { // DeleteRepositoryCreationTemplateRequest + * prefix: "STRING_VALUE", // required + * }; + * const command = new DeleteRepositoryCreationTemplateCommand(input); + * const response = await client.send(command); + * // { // DeleteRepositoryCreationTemplateResponse + * // registryId: "STRING_VALUE", + * // repositoryCreationTemplate: { // RepositoryCreationTemplate + * // prefix: "STRING_VALUE", + * // description: "STRING_VALUE", + * // encryptionConfiguration: { // EncryptionConfigurationForRepositoryCreationTemplate + * // encryptionType: "AES256" || "KMS", // required + * // kmsKey: "STRING_VALUE", + * // }, + * // resourceTags: [ // TagList + * // { // Tag + * // Key: "STRING_VALUE", // required + * // Value: "STRING_VALUE", // required + * // }, + * // ], + * // imageTagMutability: "MUTABLE" || "IMMUTABLE", + * // repositoryPolicy: "STRING_VALUE", + * // lifecyclePolicy: "STRING_VALUE", + * // appliedFor: [ // RCTAppliedForList + * // "REPLICATION" || "PULL_THROUGH_CACHE", + * // ], + * // customRoleArn: "STRING_VALUE", + * // createdAt: new Date("TIMESTAMP"), + * // updatedAt: new Date("TIMESTAMP"), + * // }, + * // }; + * + * ``` + * + * @param DeleteRepositoryCreationTemplateCommandInput - {@link DeleteRepositoryCreationTemplateCommandInput} + * @returns {@link DeleteRepositoryCreationTemplateCommandOutput} + * @see {@link DeleteRepositoryCreationTemplateCommandInput} for command's `input` shape. + * @see {@link DeleteRepositoryCreationTemplateCommandOutput} for command's `response` shape. + * @see {@link ECRClientResolvedConfig | config} for ECRClient's `config` shape. + * + * @throws {@link InvalidParameterException} (client fault) + *The specified parameter is invalid. Review the available parameters for the API + * request.
+ * + * @throws {@link ServerException} (server fault) + *These errors are usually caused by a server-side issue.
+ * + * @throws {@link TemplateNotFoundException} (client fault) + *The specified repository creation template can't be found. Verify the registry ID and + * prefix and try again.
+ * + * @throws {@link ValidationException} (client fault) + *There was an exception validating this request.
+ * + * @throws {@link ECRServiceException} + *Base exception class for all service exceptions from ECR service.
+ * + * @public + */ +export class DeleteRepositoryCreationTemplateCommand extends $Command + .classBuilder< + DeleteRepositoryCreationTemplateCommandInput, + DeleteRepositoryCreationTemplateCommandOutput, + ECRClientResolvedConfig, + ServiceInputTypes, + ServiceOutputTypes + >() + .ep({ + ...commonParams, + }) + .m(function (this: any, Command: any, cs: any, config: ECRClientResolvedConfig, o: any) { + return [ + getSerdePlugin(config, this.serialize, this.deserialize), + getEndpointPlugin(config, Command.getEndpointParameterInstructions()), + ]; + }) + .s("AmazonEC2ContainerRegistry_V20150921", "DeleteRepositoryCreationTemplate", {}) + .n("ECRClient", "DeleteRepositoryCreationTemplateCommand") + .f(void 0, void 0) + .ser(se_DeleteRepositoryCreationTemplateCommand) + .de(de_DeleteRepositoryCreationTemplateCommand) + .build() {} diff --git a/clients/client-ecr/src/commands/DescribeRepositoryCreationTemplatesCommand.ts b/clients/client-ecr/src/commands/DescribeRepositoryCreationTemplatesCommand.ts new file mode 100644 index 0000000000000..09b47f20289d1 --- /dev/null +++ b/clients/client-ecr/src/commands/DescribeRepositoryCreationTemplatesCommand.ts @@ -0,0 +1,132 @@ +// smithy-typescript generated code +import { getEndpointPlugin } from "@smithy/middleware-endpoint"; +import { getSerdePlugin } from "@smithy/middleware-serde"; +import { Command as $Command } from "@smithy/smithy-client"; +import { MetadataBearer as __MetadataBearer } from "@smithy/types"; + +import { ECRClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../ECRClient"; +import { commonParams } from "../endpoint/EndpointParameters"; +import { + DescribeRepositoryCreationTemplatesRequest, + DescribeRepositoryCreationTemplatesResponse, +} from "../models/models_0"; +import { + de_DescribeRepositoryCreationTemplatesCommand, + se_DescribeRepositoryCreationTemplatesCommand, +} from "../protocols/Aws_json1_1"; + +/** + * @public + */ +export type { __MetadataBearer }; +export { $Command }; +/** + * @public + * + * The input for {@link DescribeRepositoryCreationTemplatesCommand}. + */ +export interface DescribeRepositoryCreationTemplatesCommandInput extends DescribeRepositoryCreationTemplatesRequest {} +/** + * @public + * + * The output of {@link DescribeRepositoryCreationTemplatesCommand}. + */ +export interface DescribeRepositoryCreationTemplatesCommandOutput + extends DescribeRepositoryCreationTemplatesResponse, + __MetadataBearer {} + +/** + *Returns details about the repository creation templates in a registry. The
+ * prefixes request parameter can be used to return the details for a
+ * specific repository creation template.
The specified parameter is invalid. Review the available parameters for the API + * request.
+ * + * @throws {@link ServerException} (server fault) + *These errors are usually caused by a server-side issue.
+ * + * @throws {@link ValidationException} (client fault) + *There was an exception validating this request.
+ * + * @throws {@link ECRServiceException} + *Base exception class for all service exceptions from ECR service.
+ * + * @public + */ +export class DescribeRepositoryCreationTemplatesCommand extends $Command + .classBuilder< + DescribeRepositoryCreationTemplatesCommandInput, + DescribeRepositoryCreationTemplatesCommandOutput, + ECRClientResolvedConfig, + ServiceInputTypes, + ServiceOutputTypes + >() + .ep({ + ...commonParams, + }) + .m(function (this: any, Command: any, cs: any, config: ECRClientResolvedConfig, o: any) { + return [ + getSerdePlugin(config, this.serialize, this.deserialize), + getEndpointPlugin(config, Command.getEndpointParameterInstructions()), + ]; + }) + .s("AmazonEC2ContainerRegistry_V20150921", "DescribeRepositoryCreationTemplates", {}) + .n("ECRClient", "DescribeRepositoryCreationTemplatesCommand") + .f(void 0, void 0) + .ser(se_DescribeRepositoryCreationTemplatesCommand) + .de(de_DescribeRepositoryCreationTemplatesCommand) + .build() {} diff --git a/clients/client-ecr/src/commands/PutReplicationConfigurationCommand.ts b/clients/client-ecr/src/commands/PutReplicationConfigurationCommand.ts index f7eb697b36553..2b5c54771544b 100644 --- a/clients/client-ecr/src/commands/PutReplicationConfigurationCommand.ts +++ b/clients/client-ecr/src/commands/PutReplicationConfigurationCommand.ts @@ -34,8 +34,8 @@ export interface PutReplicationConfigurationCommandOutput * replication configuration for a repository can be retrieved with the DescribeRegistry API action. The first time the * PutReplicationConfiguration API is called, a service-linked IAM role is created in * your account for the replication process. For more information, see Using - * service-linked roles for Amazon ECR in the - * Amazon Elastic Container Registry User Guide. + * service-linked roles for Amazon ECR in the Amazon Elastic Container Registry User Guide. + * For more information on the custom role for replication, see Creating an IAM role for replication. *When configuring cross-account replication, the destination account must grant the * source account permission to replicate. This permission is controlled using a diff --git a/clients/client-ecr/src/commands/UpdateRepositoryCreationTemplateCommand.ts b/clients/client-ecr/src/commands/UpdateRepositoryCreationTemplateCommand.ts new file mode 100644 index 0000000000000..11db9ca211a9c --- /dev/null +++ b/clients/client-ecr/src/commands/UpdateRepositoryCreationTemplateCommand.ts @@ -0,0 +1,142 @@ +// smithy-typescript generated code +import { getEndpointPlugin } from "@smithy/middleware-endpoint"; +import { getSerdePlugin } from "@smithy/middleware-serde"; +import { Command as $Command } from "@smithy/smithy-client"; +import { MetadataBearer as __MetadataBearer } from "@smithy/types"; + +import { ECRClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../ECRClient"; +import { commonParams } from "../endpoint/EndpointParameters"; +import { UpdateRepositoryCreationTemplateRequest, UpdateRepositoryCreationTemplateResponse } from "../models/models_0"; +import { + de_UpdateRepositoryCreationTemplateCommand, + se_UpdateRepositoryCreationTemplateCommand, +} from "../protocols/Aws_json1_1"; + +/** + * @public + */ +export type { __MetadataBearer }; +export { $Command }; +/** + * @public + * + * The input for {@link UpdateRepositoryCreationTemplateCommand}. + */ +export interface UpdateRepositoryCreationTemplateCommandInput extends UpdateRepositoryCreationTemplateRequest {} +/** + * @public + * + * The output of {@link UpdateRepositoryCreationTemplateCommand}. + */ +export interface UpdateRepositoryCreationTemplateCommandOutput + extends UpdateRepositoryCreationTemplateResponse, + __MetadataBearer {} + +/** + *
Updates an existing repository creation template.
+ * @example + * Use a bare-bones client and the command you need to make an API call. + * ```javascript + * import { ECRClient, UpdateRepositoryCreationTemplateCommand } from "@aws-sdk/client-ecr"; // ES Modules import + * // const { ECRClient, UpdateRepositoryCreationTemplateCommand } = require("@aws-sdk/client-ecr"); // CommonJS import + * const client = new ECRClient(config); + * const input = { // UpdateRepositoryCreationTemplateRequest + * prefix: "STRING_VALUE", // required + * description: "STRING_VALUE", + * encryptionConfiguration: { // EncryptionConfigurationForRepositoryCreationTemplate + * encryptionType: "AES256" || "KMS", // required + * kmsKey: "STRING_VALUE", + * }, + * resourceTags: [ // TagList + * { // Tag + * Key: "STRING_VALUE", // required + * Value: "STRING_VALUE", // required + * }, + * ], + * imageTagMutability: "MUTABLE" || "IMMUTABLE", + * repositoryPolicy: "STRING_VALUE", + * lifecyclePolicy: "STRING_VALUE", + * appliedFor: [ // RCTAppliedForList + * "REPLICATION" || "PULL_THROUGH_CACHE", + * ], + * customRoleArn: "STRING_VALUE", + * }; + * const command = new UpdateRepositoryCreationTemplateCommand(input); + * const response = await client.send(command); + * // { // UpdateRepositoryCreationTemplateResponse + * // registryId: "STRING_VALUE", + * // repositoryCreationTemplate: { // RepositoryCreationTemplate + * // prefix: "STRING_VALUE", + * // description: "STRING_VALUE", + * // encryptionConfiguration: { // EncryptionConfigurationForRepositoryCreationTemplate + * // encryptionType: "AES256" || "KMS", // required + * // kmsKey: "STRING_VALUE", + * // }, + * // resourceTags: [ // TagList + * // { // Tag + * // Key: "STRING_VALUE", // required + * // Value: "STRING_VALUE", // required + * // }, + * // ], + * // imageTagMutability: "MUTABLE" || "IMMUTABLE", + * // repositoryPolicy: "STRING_VALUE", + * // lifecyclePolicy: "STRING_VALUE", + * // appliedFor: [ // RCTAppliedForList + * // "REPLICATION" || "PULL_THROUGH_CACHE", + * // ], + * // customRoleArn: "STRING_VALUE", + * // createdAt: new Date("TIMESTAMP"), + * // updatedAt: new Date("TIMESTAMP"), + * // }, + * // }; + * + * ``` + * + * @param UpdateRepositoryCreationTemplateCommandInput - {@link UpdateRepositoryCreationTemplateCommandInput} + * @returns {@link UpdateRepositoryCreationTemplateCommandOutput} + * @see {@link UpdateRepositoryCreationTemplateCommandInput} for command's `input` shape. + * @see {@link UpdateRepositoryCreationTemplateCommandOutput} for command's `response` shape. + * @see {@link ECRClientResolvedConfig | config} for ECRClient's `config` shape. + * + * @throws {@link InvalidParameterException} (client fault) + *The specified parameter is invalid. Review the available parameters for the API + * request.
+ * + * @throws {@link ServerException} (server fault) + *These errors are usually caused by a server-side issue.
+ * + * @throws {@link TemplateNotFoundException} (client fault) + *The specified repository creation template can't be found. Verify the registry ID and + * prefix and try again.
+ * + * @throws {@link ValidationException} (client fault) + *There was an exception validating this request.
+ * + * @throws {@link ECRServiceException} + *Base exception class for all service exceptions from ECR service.
+ * + * @public + */ +export class UpdateRepositoryCreationTemplateCommand extends $Command + .classBuilder< + UpdateRepositoryCreationTemplateCommandInput, + UpdateRepositoryCreationTemplateCommandOutput, + ECRClientResolvedConfig, + ServiceInputTypes, + ServiceOutputTypes + >() + .ep({ + ...commonParams, + }) + .m(function (this: any, Command: any, cs: any, config: ECRClientResolvedConfig, o: any) { + return [ + getSerdePlugin(config, this.serialize, this.deserialize), + getEndpointPlugin(config, Command.getEndpointParameterInstructions()), + ]; + }) + .s("AmazonEC2ContainerRegistry_V20150921", "UpdateRepositoryCreationTemplate", {}) + .n("ECRClient", "UpdateRepositoryCreationTemplateCommand") + .f(void 0, void 0) + .ser(se_UpdateRepositoryCreationTemplateCommand) + .de(de_UpdateRepositoryCreationTemplateCommand) + .build() {} diff --git a/clients/client-ecr/src/commands/index.ts b/clients/client-ecr/src/commands/index.ts index 1231e71a3e8fa..be06b2217def0 100644 --- a/clients/client-ecr/src/commands/index.ts +++ b/clients/client-ecr/src/commands/index.ts @@ -6,10 +6,12 @@ export * from "./BatchGetRepositoryScanningConfigurationCommand"; export * from "./CompleteLayerUploadCommand"; export * from "./CreatePullThroughCacheRuleCommand"; export * from "./CreateRepositoryCommand"; +export * from "./CreateRepositoryCreationTemplateCommand"; export * from "./DeleteLifecyclePolicyCommand"; export * from "./DeletePullThroughCacheRuleCommand"; export * from "./DeleteRegistryPolicyCommand"; export * from "./DeleteRepositoryCommand"; +export * from "./DeleteRepositoryCreationTemplateCommand"; export * from "./DeleteRepositoryPolicyCommand"; export * from "./DescribeImageReplicationStatusCommand"; export * from "./DescribeImageScanFindingsCommand"; @@ -17,6 +19,7 @@ export * from "./DescribeImagesCommand"; export * from "./DescribePullThroughCacheRulesCommand"; export * from "./DescribeRegistryCommand"; export * from "./DescribeRepositoriesCommand"; +export * from "./DescribeRepositoryCreationTemplatesCommand"; export * from "./GetAuthorizationTokenCommand"; export * from "./GetDownloadUrlForLayerCommand"; export * from "./GetLifecyclePolicyCommand"; @@ -40,5 +43,6 @@ export * from "./StartLifecyclePolicyPreviewCommand"; export * from "./TagResourceCommand"; export * from "./UntagResourceCommand"; export * from "./UpdatePullThroughCacheRuleCommand"; +export * from "./UpdateRepositoryCreationTemplateCommand"; export * from "./UploadLayerPartCommand"; export * from "./ValidatePullThroughCacheRuleCommand"; diff --git a/clients/client-ecr/src/models/models_0.ts b/clients/client-ecr/src/models/models_0.ts index 94c28a15c1c39..591e4e8230a4c 100644 --- a/clients/client-ecr/src/models/models_0.ts +++ b/clients/client-ecr/src/models/models_0.ts @@ -855,11 +855,6 @@ export interface CreatePullThroughCacheRuleRequest { *.azurecr.io GitLab Container Registry (gitlab-container-registry) -
- * registry.gitlab.com
- *
By default, when no encryption configuration is set or the AES256
* encryption type is used, Amazon ECR uses server-side encryption with Amazon S3-managed encryption
- * keys which encrypts your data at rest using an AES-256 encryption algorithm. This does
+ * keys which encrypts your data at rest using an AES256 encryption algorithm. This does
* not require any action on your part.
For more control over the encryption of the contents of your repository, you can use * server-side encryption with Key Management Service key stored in Key Management Service (KMS) to encrypt your @@ -1072,7 +1067,7 @@ export interface EncryptionConfiguration { * Amazon Simple Storage Service Console Developer Guide.
*If you use the AES256 encryption type, Amazon ECR uses server-side encryption
* with Amazon S3-managed encryption keys which encrypts the images in the repository using an
- * AES-256 encryption algorithm. For more information, see Protecting data using
+ * AES256 encryption algorithm. For more information, see Protecting data using
* server-side encryption with Amazon S3-managed encryption keys (SSE-S3) in the
* Amazon Simple Storage Service Console Developer Guide.
The encryption configuration to associate with the repository creation + * template.
+ * @public + */ +export interface EncryptionConfigurationForRepositoryCreationTemplate { + /** + *The encryption type to use.
+ *If you use the KMS encryption type, the contents of the repository will
+ * be encrypted using server-side encryption with Key Management Service key stored in KMS. When you
+ * use KMS to encrypt your data, you can either use the default Amazon Web Services managed KMS key
+ * for Amazon ECR, or specify your own KMS key, which you already created. For more
+ * information, see Protecting data using server-side
+ * encryption with an KMS key stored in Key Management Service (SSE-KMS) in the
+ * Amazon Simple Storage Service Console Developer Guide.
If you use the AES256 encryption type, Amazon ECR uses server-side encryption
+ * with Amazon S3-managed encryption keys which encrypts the images in the repository using an
+ * AES256 encryption algorithm. For more information, see Protecting data using
+ * server-side encryption with Amazon S3-managed encryption keys (SSE-S3) in the
+ * Amazon Simple Storage Service Console Developer Guide.
If you use the KMS encryption type, specify the KMS key to use for
+ * encryption. The full ARN of the KMS key must be specified. The key must exist in the
+ * same Region as the repository. If no key is specified, the default Amazon Web Services managed KMS
+ * key for Amazon ECR will be used.
The repository namespace prefix to associate with the template. All repositories
+ * created using this namespace prefix will have the settings defined in this template
+ * applied. For example, a prefix of prod would apply to all repositories
+ * beginning with prod/. Similarly, a prefix of prod/team would
+ * apply to all repositories beginning with prod/team/.
To apply a template to all repositories in your registry that don't have an associated
+ * creation template, you can use ROOT as the prefix.
There is always an assumed / applied to the end of the prefix. If you
+ * specify ecr-public as the prefix, Amazon ECR treats that as
+ * ecr-public/. When using a pull through cache rule, the repository
+ * prefix you specify during rule creation is what you should specify as your
+ * repository creation template prefix as well.
A description for the repository creation template.
+ * @public + */ + description?: string; + + /** + *The encryption configuration to use for repositories created using the + * template.
+ * @public + */ + encryptionConfiguration?: EncryptionConfigurationForRepositoryCreationTemplate; + + /** + *The metadata to apply to the repository to help you categorize and organize. Each tag + * consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have + * a maximum length of 256 characters.
+ * @public + */ + resourceTags?: Tag[]; + + /** + *The tag mutability setting for the repository. If this parameter is omitted, the
+ * default setting of MUTABLE will be used which will allow image tags to be
+ * overwritten. If IMMUTABLE is specified, all image tags within the
+ * repository will be immutable which will prevent them from being overwritten.
The repository policy to apply to repositories created using the template. A + * repository policy is a permissions policy associated with a repository to control access + * permissions.
+ * @public + */ + repositoryPolicy?: string; + + /** + *The lifecycle policy to use for repositories created using the template.
+ * @public + */ + lifecyclePolicy?: string; + + /** + *A list of enumerable strings representing the Amazon ECR repository creation scenarios that
+ * this template will apply towards. The two supported scenarios are
+ * PULL_THROUGH_CACHE and REPLICATION
+ *
The ARN of the role to be assumed by Amazon ECR. This role must be in the same account as + * the registry that you are configuring.
+ * @public + */ + customRoleArn?: string; +} + +/** + *The details of the repository creation template associated with the request.
+ * @public + */ +export interface RepositoryCreationTemplate { + /** + *The repository namespace prefix associated with the repository creation + * template.
+ * @public + */ + prefix?: string; + + /** + *The description associated with the repository creation template.
+ * @public + */ + description?: string; + + /** + *The encryption configuration associated with the repository creation template.
+ * @public + */ + encryptionConfiguration?: EncryptionConfigurationForRepositoryCreationTemplate; + + /** + *The metadata to apply to the repository to help you categorize and organize. Each tag + * consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have + * a maximum length of 256 characters.
+ * @public + */ + resourceTags?: Tag[]; + + /** + *The tag mutability setting for the repository. If this parameter is omitted, the + * default setting of MUTABLE will be used which will allow image tags to be overwritten. + * If IMMUTABLE is specified, all image tags within the repository will be immutable which + * will prevent them from being overwritten.
+ * @public + */ + imageTagMutability?: ImageTagMutability; + + /** + *he repository policy to apply to repositories created using the template. A repository + * policy is a permissions policy associated with a repository to control access + * permissions.
+ * @public + */ + repositoryPolicy?: string; + + /** + *The lifecycle policy to use for repositories created using the template.
+ * @public + */ + lifecyclePolicy?: string; + + /** + *A list of enumerable Strings representing the repository creation scenarios that this + * template will apply towards. The two supported scenarios are PULL_THROUGH_CACHE and + * REPLICATION
+ * @public + */ + appliedFor?: RCTAppliedFor[]; + + /** + *The ARN of the role to be assumed by Amazon ECR.
+ * @public + */ + customRoleArn?: string; + + /** + *The date and time, in JavaScript date format, when the repository creation template + * was created.
+ * @public + */ + createdAt?: Date; + + /** + *The date and time, in JavaScript date format, when the repository creation template + * was last updated.
+ * @public + */ + updatedAt?: Date; +} + +/** + * @public + */ +export interface CreateRepositoryCreationTemplateResponse { + /** + *The registry ID associated with the request.
+ * @public + */ + registryId?: string; + + /** + *The details of the repository creation template associated with the request.
+ * @public + */ + repositoryCreationTemplate?: RepositoryCreationTemplate; +} + +/** + *The repository creation template already exists. Specify a unique prefix and try + * again.
+ * @public + */ +export class TemplateAlreadyExistsException extends __BaseException { + readonly name: "TemplateAlreadyExistsException" = "TemplateAlreadyExistsException"; + readonly $fault: "client" = "client"; + /** + * @internal + */ + constructor(opts: __ExceptionOptionTypeThe repository namespace prefix associated with the repository creation + * template.
+ * @public + */ + prefix: string | undefined; +} + +/** + * @public + */ +export interface DeleteRepositoryCreationTemplateResponse { + /** + *The registry ID associated with the request.
+ * @public + */ + registryId?: string; + + /** + *The details of the repository creation template that was deleted.
+ * @public + */ + repositoryCreationTemplate?: RepositoryCreationTemplate; +} + +/** + *The specified repository creation template can't be found. Verify the registry ID and + * prefix and try again.
+ * @public + */ +export class TemplateNotFoundException extends __BaseException { + readonly name: "TemplateNotFoundException" = "TemplateNotFoundException"; + readonly $fault: "client" = "client"; + /** + * @internal + */ + constructor(opts: __ExceptionOptionTypeThe ID of the registry.
+ *The registry ID associated with the request.
* @public */ registryId?: string; @@ -2966,6 +3265,78 @@ export interface DescribeRepositoriesResponse { nextToken?: string; } +/** + * @public + */ +export interface DescribeRepositoryCreationTemplatesRequest { + /** + *The repository namespace prefixes associated with the repository creation templates to + * describe. If this value is not specified, all repository creation templates are + * returned.
+ * @public + */ + prefixes?: string[]; + + /** + *The nextToken value returned from a previous paginated
+ * DescribeRepositoryCreationTemplates request where
+ * maxResults was used and the results exceeded the value of that
+ * parameter. Pagination continues from the end of the previous results that returned the
+ * nextToken value. This value is null when there are no more
+ * results to return.
This token should be treated as an opaque identifier that is only used to + * retrieve the next items in a list and not for other programmatic purposes.
+ *The maximum number of repository results returned by
+ * DescribeRepositoryCreationTemplatesRequest in paginated output. When
+ * this parameter is used, DescribeRepositoryCreationTemplatesRequest only
+ * returns maxResults results in a single page along with a
+ * nextToken response element. The remaining results of the initial
+ * request can be seen by sending another
+ * DescribeRepositoryCreationTemplatesRequest request with the returned
+ * nextToken value. This value can be between 1 and
+ * 1000. If this parameter is not used, then
+ * DescribeRepositoryCreationTemplatesRequest returns up to
+ * 100 results and a nextToken value, if applicable.
The registry ID associated with the request.
+ * @public + */ + registryId?: string; + + /** + *The details of the repository creation templates.
+ * @public + */ + repositoryCreationTemplates?: RepositoryCreationTemplate[]; + + /** + *The nextToken value to include in a future
+ * DescribeRepositoryCreationTemplates request. When the results of a
+ * DescribeRepositoryCreationTemplates request exceed
+ * maxResults, this value can be used to retrieve the next page of
+ * results. This value is null when there are no more results to
+ * return.
The ID of the registry.
+ *The registry ID associated with the request.
* @public */ registryId?: string; @@ -3494,7 +3865,7 @@ export interface RegistryScanningConfiguration { */ export interface GetRegistryScanningConfigurationResponse { /** - *The ID of the registry.
+ *The registry ID associated with the request.
* @public */ registryId?: string; @@ -3999,7 +4370,7 @@ export interface PutRegistryPolicyRequest { */ export interface PutRegistryPolicyResponse { /** - *The registry ID.
+ *The registry ID associated with the request.
* @public */ registryId?: string; @@ -4380,6 +4751,101 @@ export interface UpdatePullThroughCacheRuleResponse { credentialArn?: string; } +/** + * @public + */ +export interface UpdateRepositoryCreationTemplateRequest { + /** + *The repository namespace prefix that matches an existing repository creation template
+ * in the registry. All repositories created using this namespace prefix will have the
+ * settings defined in this template applied. For example, a prefix of prod
+ * would apply to all repositories beginning with prod/. This includes a
+ * repository named prod/team1 as well as a repository named
+ * prod/repository1.
To apply a template to all repositories in your registry that don't have an associated
+ * creation template, you can use ROOT as the prefix.
A description for the repository creation template.
+ * @public + */ + description?: string; + + /** + *The encryption configuration to associate with the repository creation + * template.
+ * @public + */ + encryptionConfiguration?: EncryptionConfigurationForRepositoryCreationTemplate; + + /** + *The metadata to apply to the repository to help you categorize and organize. Each tag + * consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have + * a maximum length of 256 characters.
+ * @public + */ + resourceTags?: Tag[]; + + /** + *Updates the tag mutability setting for the repository. If this parameter is omitted,
+ * the default setting of MUTABLE will be used which will allow image tags to
+ * be overwritten. If IMMUTABLE is specified, all image tags within the
+ * repository will be immutable which will prevent them from being overwritten.
Updates the repository policy created using the template. A repository policy is a + * permissions policy associated with a repository to control access permissions.
+ * @public + */ + repositoryPolicy?: string; + + /** + *Updates the lifecycle policy associated with the specified repository creation + * template.
+ * @public + */ + lifecyclePolicy?: string; + + /** + *Updates the list of enumerable strings representing the Amazon ECR repository creation
+ * scenarios that this template will apply towards. The two supported scenarios are
+ * PULL_THROUGH_CACHE and REPLICATION
+ *
The ARN of the role to be assumed by Amazon ECR. This role must be in the same account as + * the registry that you are configuring.
+ * @public + */ + customRoleArn?: string; +} + +/** + * @public + */ +export interface UpdateRepositoryCreationTemplateResponse { + /** + *The registry ID associated with the request.
+ * @public + */ + registryId?: string; + + /** + *The details of the repository creation template associated with the request.
+ * @public + */ + repositoryCreationTemplate?: RepositoryCreationTemplate; +} + /** *The layer part size is not valid, or the first byte specified is not consecutive to * the last byte of a previous layer part upload.
diff --git a/clients/client-ecr/src/pagination/DescribeRepositoryCreationTemplatesPaginator.ts b/clients/client-ecr/src/pagination/DescribeRepositoryCreationTemplatesPaginator.ts new file mode 100644 index 0000000000000..3cbb5ff374c24 --- /dev/null +++ b/clients/client-ecr/src/pagination/DescribeRepositoryCreationTemplatesPaginator.ts @@ -0,0 +1,24 @@ +// smithy-typescript generated code +import { createPaginator } from "@smithy/core"; +import { Paginator } from "@smithy/types"; + +import { + DescribeRepositoryCreationTemplatesCommand, + DescribeRepositoryCreationTemplatesCommandInput, + DescribeRepositoryCreationTemplatesCommandOutput, +} from "../commands/DescribeRepositoryCreationTemplatesCommand"; +import { ECRClient } from "../ECRClient"; +import { ECRPaginationConfiguration } from "./Interfaces"; + +/** + * @public + */ +export const paginateDescribeRepositoryCreationTemplates: ( + config: ECRPaginationConfiguration, + input: DescribeRepositoryCreationTemplatesCommandInput, + ...rest: any[] +) => PaginatorThe registry URL of the upstream public registry to use as the source for the pull\n through cache rule. The following is the syntax to use for each supported upstream\n registry.
\nAmazon ECR Public (ecr-public) - public.ecr.aws\n
Docker Hub (docker-hub) -\n registry-1.docker.io\n
Quay (quay) - quay.io\n
Kubernetes (k8s) - registry.k8s.io\n
GitHub Container Registry (github-container-registry) -\n ghcr.io\n
Microsoft Azure Container Registry (azure-container-registry) -\n
GitLab Container Registry (gitlab-container-registry) -\n registry.gitlab.com\n
The registry URL of the upstream public registry to use as the source for the pull\n through cache rule. The following is the syntax to use for each supported upstream\n registry.
\nAmazon ECR Public (ecr-public) - public.ecr.aws\n
Docker Hub (docker-hub) -\n registry-1.docker.io\n
Quay (quay) - quay.io\n
Kubernetes (k8s) - registry.k8s.io\n
GitHub Container Registry (github-container-registry) -\n ghcr.io\n
Microsoft Azure Container Registry (azure-container-registry) -\n
Creates a repository creation template. This template is used to define the settings\n for repositories created by Amazon ECR on your behalf. For example, repositories created\n through pull through cache actions. For more information, see Private\n repository creation templates in the\n Amazon Elastic Container Registry User Guide.
" + } + }, + "com.amazonaws.ecr#CreateRepositoryCreationTemplateRequest": { + "type": "structure", + "members": { + "prefix": { + "target": "com.amazonaws.ecr#Prefix", + "traits": { + "smithy.api#documentation": "The repository namespace prefix to associate with the template. All repositories\n created using this namespace prefix will have the settings defined in this template\n applied. For example, a prefix of prod would apply to all repositories\n beginning with prod/. Similarly, a prefix of prod/team would\n apply to all repositories beginning with prod/team/.
To apply a template to all repositories in your registry that don't have an associated\n creation template, you can use ROOT as the prefix.
There is always an assumed / applied to the end of the prefix. If you\n specify ecr-public as the prefix, Amazon ECR treats that as\n ecr-public/. When using a pull through cache rule, the repository\n prefix you specify during rule creation is what you should specify as your\n repository creation template prefix as well.
A description for the repository creation template.
" + } + }, + "encryptionConfiguration": { + "target": "com.amazonaws.ecr#EncryptionConfigurationForRepositoryCreationTemplate", + "traits": { + "smithy.api#documentation": "The encryption configuration to use for repositories created using the\n template.
" + } + }, + "resourceTags": { + "target": "com.amazonaws.ecr#TagList", + "traits": { + "smithy.api#documentation": "The metadata to apply to the repository to help you categorize and organize. Each tag\n consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have\n a maximum length of 256 characters.
" + } + }, + "imageTagMutability": { + "target": "com.amazonaws.ecr#ImageTagMutability", + "traits": { + "smithy.api#documentation": "The tag mutability setting for the repository. If this parameter is omitted, the\n default setting of MUTABLE will be used which will allow image tags to be\n overwritten. If IMMUTABLE is specified, all image tags within the\n repository will be immutable which will prevent them from being overwritten.
The repository policy to apply to repositories created using the template. A\n repository policy is a permissions policy associated with a repository to control access\n permissions.
" + } + }, + "lifecyclePolicy": { + "target": "com.amazonaws.ecr#LifecyclePolicyTextForRepositoryCreationTemplate", + "traits": { + "smithy.api#documentation": "The lifecycle policy to use for repositories created using the template.
" + } + }, + "appliedFor": { + "target": "com.amazonaws.ecr#RCTAppliedForList", + "traits": { + "smithy.api#documentation": "A list of enumerable strings representing the Amazon ECR repository creation scenarios that\n this template will apply towards. The two supported scenarios are\n PULL_THROUGH_CACHE and REPLICATION\n
The ARN of the role to be assumed by Amazon ECR. This role must be in the same account as\n the registry that you are configuring.
" + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.ecr#CreateRepositoryCreationTemplateResponse": { + "type": "structure", + "members": { + "registryId": { + "target": "com.amazonaws.ecr#RegistryId", + "traits": { + "smithy.api#documentation": "The registry ID associated with the request.
" + } + }, + "repositoryCreationTemplate": { + "target": "com.amazonaws.ecr#RepositoryCreationTemplate", + "traits": { + "smithy.api#documentation": "The details of the repository creation template associated with the request.
" + } + } + }, + "traits": { + "smithy.api#output": {} + } + }, "com.amazonaws.ecr#CreateRepositoryRequest": { "type": "structure", "members": { @@ -2099,6 +2224,15 @@ "smithy.api#pattern": "^arn:aws:secretsmanager:[a-zA-Z0-9-:]+:secret:ecr\\-pullthroughcache\\/[a-zA-Z0-9\\/_+=.@-]+$" } }, + "com.amazonaws.ecr#CustomRoleArn": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 0, + "max": 2048 + } + } + }, "com.amazonaws.ecr#CvssScore": { "type": "structure", "members": { @@ -2472,6 +2606,67 @@ ] } }, + "com.amazonaws.ecr#DeleteRepositoryCreationTemplate": { + "type": "operation", + "input": { + "target": "com.amazonaws.ecr#DeleteRepositoryCreationTemplateRequest" + }, + "output": { + "target": "com.amazonaws.ecr#DeleteRepositoryCreationTemplateResponse" + }, + "errors": [ + { + "target": "com.amazonaws.ecr#InvalidParameterException" + }, + { + "target": "com.amazonaws.ecr#ServerException" + }, + { + "target": "com.amazonaws.ecr#TemplateNotFoundException" + }, + { + "target": "com.amazonaws.ecr#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "Deletes a repository creation template.
" + } + }, + "com.amazonaws.ecr#DeleteRepositoryCreationTemplateRequest": { + "type": "structure", + "members": { + "prefix": { + "target": "com.amazonaws.ecr#Prefix", + "traits": { + "smithy.api#documentation": "The repository namespace prefix associated with the repository creation\n template.
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.ecr#DeleteRepositoryCreationTemplateResponse": { + "type": "structure", + "members": { + "registryId": { + "target": "com.amazonaws.ecr#RegistryId", + "traits": { + "smithy.api#documentation": "The registry ID associated with the request.
" + } + }, + "repositoryCreationTemplate": { + "target": "com.amazonaws.ecr#RepositoryCreationTemplate", + "traits": { + "smithy.api#documentation": "The details of the repository creation template that was deleted.
" + } + } + }, + "traits": { + "smithy.api#output": {} + } + }, "com.amazonaws.ecr#DeleteRepositoryPolicy": { "type": "operation", "input": { @@ -3056,7 +3251,7 @@ "registryId": { "target": "com.amazonaws.ecr#RegistryId", "traits": { - "smithy.api#documentation": "The ID of the registry.
" + "smithy.api#documentation": "The registry ID associated with the request.
" } }, "replicationConfiguration": { @@ -3171,6 +3366,87 @@ "smithy.api#output": {} } }, + "com.amazonaws.ecr#DescribeRepositoryCreationTemplates": { + "type": "operation", + "input": { + "target": "com.amazonaws.ecr#DescribeRepositoryCreationTemplatesRequest" + }, + "output": { + "target": "com.amazonaws.ecr#DescribeRepositoryCreationTemplatesResponse" + }, + "errors": [ + { + "target": "com.amazonaws.ecr#InvalidParameterException" + }, + { + "target": "com.amazonaws.ecr#ServerException" + }, + { + "target": "com.amazonaws.ecr#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "Returns details about the repository creation templates in a registry. The\n prefixes request parameter can be used to return the details for a\n specific repository creation template.
The repository namespace prefixes associated with the repository creation templates to\n describe. If this value is not specified, all repository creation templates are\n returned.
" + } + }, + "nextToken": { + "target": "com.amazonaws.ecr#NextToken", + "traits": { + "smithy.api#documentation": "The nextToken value returned from a previous paginated\n DescribeRepositoryCreationTemplates request where\n maxResults was used and the results exceeded the value of that\n parameter. Pagination continues from the end of the previous results that returned the\n nextToken value. This value is null when there are no more\n results to return.
This token should be treated as an opaque identifier that is only used to\n retrieve the next items in a list and not for other programmatic purposes.
\nThe maximum number of repository results returned by\n DescribeRepositoryCreationTemplatesRequest in paginated output. When\n this parameter is used, DescribeRepositoryCreationTemplatesRequest only\n returns maxResults results in a single page along with a\n nextToken response element. The remaining results of the initial\n request can be seen by sending another\n DescribeRepositoryCreationTemplatesRequest request with the returned\n nextToken value. This value can be between 1 and\n 1000. If this parameter is not used, then\n DescribeRepositoryCreationTemplatesRequest returns up to\n 100 results and a nextToken value, if applicable.
The registry ID associated with the request.
" + } + }, + "repositoryCreationTemplates": { + "target": "com.amazonaws.ecr#RepositoryCreationTemplateList", + "traits": { + "smithy.api#documentation": "The details of the repository creation templates.
" + } + }, + "nextToken": { + "target": "com.amazonaws.ecr#NextToken", + "traits": { + "smithy.api#documentation": "The nextToken value to include in a future\n DescribeRepositoryCreationTemplates request. When the results of a\n DescribeRepositoryCreationTemplates request exceed\n maxResults, this value can be used to retrieve the next page of\n results. This value is null when there are no more results to\n return.
The encryption type to use.
\nIf you use the KMS encryption type, the contents of the repository will\n be encrypted using server-side encryption with Key Management Service key stored in KMS. When you\n use KMS to encrypt your data, you can either use the default Amazon Web Services managed KMS key\n for Amazon ECR, or specify your own KMS key, which you already created. For more\n information, see Protecting data using server-side\n encryption with an KMS key stored in Key Management Service (SSE-KMS) in the\n Amazon Simple Storage Service Console Developer Guide.
If you use the AES256 encryption type, Amazon ECR uses server-side encryption\n with Amazon S3-managed encryption keys which encrypts the images in the repository using an\n AES-256 encryption algorithm. For more information, see Protecting data using\n server-side encryption with Amazon S3-managed encryption keys (SSE-S3) in the\n Amazon Simple Storage Service Console Developer Guide.
The encryption type to use.
\nIf you use the KMS encryption type, the contents of the repository will\n be encrypted using server-side encryption with Key Management Service key stored in KMS. When you\n use KMS to encrypt your data, you can either use the default Amazon Web Services managed KMS key\n for Amazon ECR, or specify your own KMS key, which you already created. For more\n information, see Protecting data using server-side\n encryption with an KMS key stored in Key Management Service (SSE-KMS) in the\n Amazon Simple Storage Service Console Developer Guide.
If you use the AES256 encryption type, Amazon ECR uses server-side encryption\n with Amazon S3-managed encryption keys which encrypts the images in the repository using an\n AES256 encryption algorithm. For more information, see Protecting data using\n server-side encryption with Amazon S3-managed encryption keys (SSE-S3) in the\n Amazon Simple Storage Service Console Developer Guide.
The encryption configuration for the repository. This determines how the contents of\n your repository are encrypted at rest.
\nBy default, when no encryption configuration is set or the AES256\n encryption type is used, Amazon ECR uses server-side encryption with Amazon S3-managed encryption\n keys which encrypts your data at rest using an AES-256 encryption algorithm. This does\n not require any action on your part.
For more control over the encryption of the contents of your repository, you can use\n server-side encryption with Key Management Service key stored in Key Management Service (KMS) to encrypt your\n images. For more information, see Amazon ECR encryption at\n rest in the Amazon Elastic Container Registry User Guide.
" + "smithy.api#documentation": "The encryption configuration for the repository. This determines how the contents of\n your repository are encrypted at rest.
\nBy default, when no encryption configuration is set or the AES256\n encryption type is used, Amazon ECR uses server-side encryption with Amazon S3-managed encryption\n keys which encrypts your data at rest using an AES256 encryption algorithm. This does\n not require any action on your part.
For more control over the encryption of the contents of your repository, you can use\n server-side encryption with Key Management Service key stored in Key Management Service (KMS) to encrypt your\n images. For more information, see Amazon ECR encryption at\n rest in the Amazon Elastic Container Registry User Guide.
" + } + }, + "com.amazonaws.ecr#EncryptionConfigurationForRepositoryCreationTemplate": { + "type": "structure", + "members": { + "encryptionType": { + "target": "com.amazonaws.ecr#EncryptionType", + "traits": { + "smithy.api#documentation": "The encryption type to use.
\nIf you use the KMS encryption type, the contents of the repository will\n be encrypted using server-side encryption with Key Management Service key stored in KMS. When you\n use KMS to encrypt your data, you can either use the default Amazon Web Services managed KMS key\n for Amazon ECR, or specify your own KMS key, which you already created. For more\n information, see Protecting data using server-side\n encryption with an KMS key stored in Key Management Service (SSE-KMS) in the\n Amazon Simple Storage Service Console Developer Guide.
If you use the AES256 encryption type, Amazon ECR uses server-side encryption\n with Amazon S3-managed encryption keys which encrypts the images in the repository using an\n AES256 encryption algorithm. For more information, see Protecting data using\n server-side encryption with Amazon S3-managed encryption keys (SSE-S3) in the\n Amazon Simple Storage Service Console Developer Guide.
If you use the KMS encryption type, specify the KMS key to use for\n encryption. The full ARN of the KMS key must be specified. The key must exist in the\n same Region as the repository. If no key is specified, the default Amazon Web Services managed KMS\n key for Amazon ECR will be used.
The encryption configuration to associate with the repository creation\n template.
" } }, "com.amazonaws.ecr#EncryptionType": { @@ -3831,7 +4128,7 @@ "registryId": { "target": "com.amazonaws.ecr#RegistryId", "traits": { - "smithy.api#documentation": "The ID of the registry.
" + "smithy.api#documentation": "The registry ID associated with the request.
" } }, "policyText": { @@ -3881,7 +4178,7 @@ "registryId": { "target": "com.amazonaws.ecr#RegistryId", "traits": { - "smithy.api#documentation": "The ID of the registry.
" + "smithy.api#documentation": "The registry ID associated with the request.
" } }, "scanningConfiguration": { @@ -4726,6 +5023,16 @@ } } }, + "com.amazonaws.ecr#KmsKeyForRepositoryCreationTemplate": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 0, + "max": 2048 + }, + "smithy.api#pattern": "^$|arn:aws:kms:[a-z0-9-]+:[0-9]{12}:key\\/[a-z0-9-]+$" + } + }, "com.amazonaws.ecr#Layer": { "type": "structure", "members": { @@ -5091,6 +5398,15 @@ } } }, + "com.amazonaws.ecr#LifecyclePolicyTextForRepositoryCreationTemplate": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 0, + "max": 30720 + } + } + }, "com.amazonaws.ecr#LifecyclePreviewMaxResults": { "type": "integer", "traits": { @@ -5401,6 +5717,22 @@ "com.amazonaws.ecr#Platform": { "type": "string" }, + "com.amazonaws.ecr#Prefix": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 256 + }, + "smithy.api#pattern": "^((?:[a-z0-9]+(?:[._-][a-z0-9]+)*/)*[a-z0-9]+(?:[._-][a-z0-9]+)*/?|ROOT)$" + } + }, + "com.amazonaws.ecr#PrefixList": { + "type": "list", + "member": { + "target": "com.amazonaws.ecr#Prefix" + } + }, "com.amazonaws.ecr#ProxyEndpoint": { "type": "string" }, @@ -5894,7 +6226,7 @@ "registryId": { "target": "com.amazonaws.ecr#RegistryId", "traits": { - "smithy.api#documentation": "The registry ID.
" + "smithy.api#documentation": "The registry ID associated with the request.
" } }, "policyText": { @@ -5985,7 +6317,7 @@ } ], "traits": { - "smithy.api#documentation": "Creates or updates the replication configuration for a registry. The existing\n replication configuration for a repository can be retrieved with the DescribeRegistry API action. The first time the\n PutReplicationConfiguration API is called, a service-linked IAM role is created in\n your account for the replication process. For more information, see Using\n service-linked roles for Amazon ECR in the\n Amazon Elastic Container Registry User Guide.
\nWhen configuring cross-account replication, the destination account must grant the\n source account permission to replicate. This permission is controlled using a\n registry permissions policy. For more information, see PutRegistryPolicy.
\nCreates or updates the replication configuration for a registry. The existing\n replication configuration for a repository can be retrieved with the DescribeRegistry API action. The first time the\n PutReplicationConfiguration API is called, a service-linked IAM role is created in\n your account for the replication process. For more information, see Using\n service-linked roles for Amazon ECR in the Amazon Elastic Container Registry User Guide.\n For more information on the custom role for replication, see Creating an IAM role for replication.
\nWhen configuring cross-account replication, the destination account must grant the\n source account permission to replicate. This permission is controlled using a\n registry permissions policy. For more information, see PutRegistryPolicy.
\nThe repository namespace prefix associated with the repository creation\n template.
" + } + }, + "description": { + "target": "com.amazonaws.ecr#RepositoryTemplateDescription", + "traits": { + "smithy.api#documentation": "The description associated with the repository creation template.
" + } + }, + "encryptionConfiguration": { + "target": "com.amazonaws.ecr#EncryptionConfigurationForRepositoryCreationTemplate", + "traits": { + "smithy.api#documentation": "The encryption configuration associated with the repository creation template.
" + } + }, + "resourceTags": { + "target": "com.amazonaws.ecr#TagList", + "traits": { + "smithy.api#documentation": "The metadata to apply to the repository to help you categorize and organize. Each tag\n consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have\n a maximum length of 256 characters.
" + } + }, + "imageTagMutability": { + "target": "com.amazonaws.ecr#ImageTagMutability", + "traits": { + "smithy.api#documentation": "The tag mutability setting for the repository. If this parameter is omitted, the\n default setting of MUTABLE will be used which will allow image tags to be overwritten.\n If IMMUTABLE is specified, all image tags within the repository will be immutable which\n will prevent them from being overwritten.
" + } + }, + "repositoryPolicy": { + "target": "com.amazonaws.ecr#RepositoryPolicyText", + "traits": { + "smithy.api#documentation": "he repository policy to apply to repositories created using the template. A repository\n policy is a permissions policy associated with a repository to control access\n permissions.
" + } + }, + "lifecyclePolicy": { + "target": "com.amazonaws.ecr#LifecyclePolicyTextForRepositoryCreationTemplate", + "traits": { + "smithy.api#documentation": "The lifecycle policy to use for repositories created using the template.
" + } + }, + "appliedFor": { + "target": "com.amazonaws.ecr#RCTAppliedForList", + "traits": { + "smithy.api#documentation": "A list of enumerable Strings representing the repository creation scenarios that this\n template will apply towards. The two supported scenarios are PULL_THROUGH_CACHE and\n REPLICATION
" + } + }, + "customRoleArn": { + "target": "com.amazonaws.ecr#CustomRoleArn", + "traits": { + "smithy.api#documentation": "The ARN of the role to be assumed by Amazon ECR.
" + } + }, + "createdAt": { + "target": "com.amazonaws.ecr#Date", + "traits": { + "smithy.api#documentation": "The date and time, in JavaScript date format, when the repository creation template\n was created.
" + } + }, + "updatedAt": { + "target": "com.amazonaws.ecr#Date", + "traits": { + "smithy.api#documentation": "The date and time, in JavaScript date format, when the repository creation template\n was last updated.
" + } + } + }, + "traits": { + "smithy.api#documentation": "The details of the repository creation template associated with the request.
" + } + }, + "com.amazonaws.ecr#RepositoryCreationTemplateList": { + "type": "list", + "member": { + "target": "com.amazonaws.ecr#RepositoryCreationTemplate" + } + }, "com.amazonaws.ecr#RepositoryFilter": { "type": "structure", "members": { @@ -6571,6 +7006,15 @@ "target": "com.amazonaws.ecr#RepositoryScanningConfiguration" } }, + "com.amazonaws.ecr#RepositoryTemplateDescription": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 0, + "max": 256 + } + } + }, "com.amazonaws.ecr#Resource": { "type": "structure", "members": { @@ -7290,6 +7734,30 @@ "target": "com.amazonaws.ecr#TagValue" } }, + "com.amazonaws.ecr#TemplateAlreadyExistsException": { + "type": "structure", + "members": { + "message": { + "target": "com.amazonaws.ecr#ExceptionMessage" + } + }, + "traits": { + "smithy.api#documentation": "The repository creation template already exists. Specify a unique prefix and try\n again.
", + "smithy.api#error": "client" + } + }, + "com.amazonaws.ecr#TemplateNotFoundException": { + "type": "structure", + "members": { + "message": { + "target": "com.amazonaws.ecr#ExceptionMessage" + } + }, + "traits": { + "smithy.api#documentation": "The specified repository creation template can't be found. Verify the registry ID and\n prefix and try again.
", + "smithy.api#error": "client" + } + }, "com.amazonaws.ecr#Title": { "type": "string" }, @@ -7533,6 +8001,112 @@ "smithy.api#output": {} } }, + "com.amazonaws.ecr#UpdateRepositoryCreationTemplate": { + "type": "operation", + "input": { + "target": "com.amazonaws.ecr#UpdateRepositoryCreationTemplateRequest" + }, + "output": { + "target": "com.amazonaws.ecr#UpdateRepositoryCreationTemplateResponse" + }, + "errors": [ + { + "target": "com.amazonaws.ecr#InvalidParameterException" + }, + { + "target": "com.amazonaws.ecr#ServerException" + }, + { + "target": "com.amazonaws.ecr#TemplateNotFoundException" + }, + { + "target": "com.amazonaws.ecr#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "Updates an existing repository creation template.
" + } + }, + "com.amazonaws.ecr#UpdateRepositoryCreationTemplateRequest": { + "type": "structure", + "members": { + "prefix": { + "target": "com.amazonaws.ecr#Prefix", + "traits": { + "smithy.api#documentation": "The repository namespace prefix that matches an existing repository creation template\n in the registry. All repositories created using this namespace prefix will have the\n settings defined in this template applied. For example, a prefix of prod\n would apply to all repositories beginning with prod/. This includes a\n repository named prod/team1 as well as a repository named\n prod/repository1.
To apply a template to all repositories in your registry that don't have an associated\n creation template, you can use ROOT as the prefix.
A description for the repository creation template.
" + } + }, + "encryptionConfiguration": { + "target": "com.amazonaws.ecr#EncryptionConfigurationForRepositoryCreationTemplate" + }, + "resourceTags": { + "target": "com.amazonaws.ecr#TagList", + "traits": { + "smithy.api#documentation": "The metadata to apply to the repository to help you categorize and organize. Each tag\n consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have\n a maximum length of 256 characters.
" + } + }, + "imageTagMutability": { + "target": "com.amazonaws.ecr#ImageTagMutability", + "traits": { + "smithy.api#documentation": "Updates the tag mutability setting for the repository. If this parameter is omitted,\n the default setting of MUTABLE will be used which will allow image tags to\n be overwritten. If IMMUTABLE is specified, all image tags within the\n repository will be immutable which will prevent them from being overwritten.
Updates the repository policy created using the template. A repository policy is a\n permissions policy associated with a repository to control access permissions.
" + } + }, + "lifecyclePolicy": { + "target": "com.amazonaws.ecr#LifecyclePolicyTextForRepositoryCreationTemplate", + "traits": { + "smithy.api#documentation": "Updates the lifecycle policy associated with the specified repository creation\n template.
" + } + }, + "appliedFor": { + "target": "com.amazonaws.ecr#RCTAppliedForList", + "traits": { + "smithy.api#documentation": "Updates the list of enumerable strings representing the Amazon ECR repository creation\n scenarios that this template will apply towards. The two supported scenarios are\n PULL_THROUGH_CACHE and REPLICATION\n
The ARN of the role to be assumed by Amazon ECR. This role must be in the same account as\n the registry that you are configuring.
" + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.ecr#UpdateRepositoryCreationTemplateResponse": { + "type": "structure", + "members": { + "registryId": { + "target": "com.amazonaws.ecr#RegistryId", + "traits": { + "smithy.api#documentation": "The registry ID associated with the request.
" + } + }, + "repositoryCreationTemplate": { + "target": "com.amazonaws.ecr#RepositoryCreationTemplate", + "traits": { + "smithy.api#documentation": "The details of the repository creation template associated with the request.
" + } + } + }, + "traits": { + "smithy.api#output": {} + } + }, "com.amazonaws.ecr#UpdatedTimestamp": { "type": "timestamp" },