Skip to content

Commit

Permalink
Merge pull request #930 from jackywong-amazon/d-improve-awscc_ecr_rep…
Browse files Browse the repository at this point in the history 
…ository

docs - awscc_ecr_repository
  • Loading branch information
@ewbankkit
ewbankkit authored May 11, 2023
2 parents 325469b + 82b6962 commit 062160a
Show file tree
Hide file tree
Showing 5 changed files with 189 additions and 2 deletions.
87 changes: 85 additions & 2 deletions docs/resources/ecr_repository.md
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,4 @@
---
# generated by https://github.com/hashicorp/terraform-plugin-docs
page_title: "awscc_ecr_repository Resource - terraform-provider-awscc"
subcategory: ""
description: |-
Expand All @@ -10,7 +9,91 @@ description: |-

The AWS::ECR::Repository resource specifies an Amazon Elastic Container Registry (Amazon ECR) repository, where users can push and pull Docker images. For more information, see https://docs.aws.amazon.com/AmazonECR/latest/userguide/Repositories.html

## Example Usage

### ECR Repository with scan on push
To create ECR Repository with scan on push:

```terraform
resource "awscc_ecr_repository" "this" {
repository_name = "example-ecr"
image_tag_mutability = "MUTABLE"
image_scanning_configuration = {
scan_on_push = true
}
}
```

### ECR Repository with lifecycle policy
To create ECR Repository with lifecycle policy that expires untagged images older than 14 days:

```terraform
resource "awscc_ecr_repository" "lifecycle_policy_example" {
repository_name = "example-ecr-lifecycle-policy"
image_tag_mutability = "MUTABLE"
lifecycle_policy = {
lifecycle_policy_text = <<EOF
{
"rules": [
{
"rulePriority": 1,
"description": "Expire images older than 14 days",
"selection": {
"tagStatus": "untagged",
"countType": "sinceImagePushed",
"countUnit": "days",
"countNumber": 14
},
"action": {
"type": "expire"
}
}
]
}
EOF
}
}
```

### ECR Repository with repository policy
To create ECR Repository with repository policy that allows AWS CodeBuild access to the Amazon ECR API actions:

```terraform
resource "awscc_ecr_repository" "repo_policy_example" {
repository_name = "example-ecr-repository-policy"
image_tag_mutability = "MUTABLE"
repository_policy_text = jsonencode(
{
"Version" : "2012-10-17",
"Statement" : [
{
"Sid" : "CodeBuildAccess",
"Effect" : "Allow",
"Principal" : {
"Service" : "codebuild.amazonaws.com"
},
"Action" : [
"ecr:BatchGetImage",
"ecr:GetDownloadUrlForLayer"
],
"Condition" : {
"ArnLike" : {
"aws:SourceArn" : "arn:aws:codebuild:region:123456789012:project/project-name"
},
"StringEquals" : {
"aws:SourceAccount" : "123456789012"
}
}
}
]
}
)
}
```

<!-- schema generated by tfplugindocs -->
## Schema
Expand Down Expand Up @@ -78,4 +161,4 @@ Import is supported using the following syntax:

```shell
$ terraform import awscc_ecr_repository.example <resource ID>
```
```
8 changes: 8 additions & 0 deletions examples/resources/awscc_ecr_repository/ecr_repository.tf
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
resource "awscc_ecr_repository" "this" {
repository_name = "example-ecr"
image_tag_mutability = "MUTABLE"
image_scanning_configuration = {
scan_on_push = true
}

}
26 changes: 26 additions & 0 deletions examples/resources/awscc_ecr_repository/ecr_repository_lifecycle_policy.tf
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,26 @@
resource "awscc_ecr_repository" "lifecycle_policy_example" {
repository_name = "example-ecr-lifecycle-policy"
image_tag_mutability = "MUTABLE"

lifecycle_policy = {
lifecycle_policy_text = <<EOF
{
"rules": [
{
"rulePriority": 1,
"description": "Expire images older than 14 days",
"selection": {
"tagStatus": "untagged",
"countType": "sinceImagePushed",
"countUnit": "days",
"countNumber": 14
},
"action": {
"type": "expire"
}
}
]
}
EOF
}
}
32 changes: 32 additions & 0 deletions examples/resources/awscc_ecr_repository/ecr_repository_repository_policy.tf
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,32 @@
resource "awscc_ecr_repository" "repo_policy_example" {
repository_name = "example-ecr-repository-policy"
image_tag_mutability = "MUTABLE"

repository_policy_text = jsonencode(
{
"Version" : "2012-10-17",
"Statement" : [
{
"Sid" : "CodeBuildAccess",
"Effect" : "Allow",
"Principal" : {
"Service" : "codebuild.amazonaws.com"
},
"Action" : [
"ecr:BatchGetImage",
"ecr:GetDownloadUrlForLayer"
],
"Condition" : {
"ArnLike" : {
"aws:SourceArn" : "arn:aws:codebuild:region:123456789012:project/project-name"
},
"StringEquals" : {
"aws:SourceAccount" : "123456789012"
}
}
}
]
}
)

}
38 changes: 38 additions & 0 deletions templates/resources/ecr_repository.md.tmpl
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,38 @@
---
page_title: "{{.Name}} {{.Type}} - {{.ProviderName}}"
subcategory: ""
description: |-
{{ .Description | plainmarkdown | trimspace | prefixlines " " }}
---

# {{.Name}} ({{.Type}})

{{ .Description | trimspace }}

## Example Usage

### ECR Repository with scan on push
To create ECR Repository with scan on push:

{{ tffile (printf "examples/resources/%s/ecr_repository.tf" .Name)}}

### ECR Repository with lifecycle policy
To create ECR Repository with lifecycle policy that expires untagged images older than 14 days:

{{ tffile (printf "examples/resources/%s/ecr_repository_lifecycle_policy.tf" .Name)}}

### ECR Repository with repository policy
To create ECR Repository with repository policy that allows AWS CodeBuild access to the Amazon ECR API actions:

{{ tffile (printf "examples/resources/%s/ecr_repository_repository_policy.tf" .Name)}}

{{ .SchemaMarkdown | trimspace }}
{{- if .HasImport }}

## Import

Import is supported using the following syntax:

{{ codefile "shell" .ImportFile }}

{{- end }}

0 comments on commit 062160a

Please sign in to comment.