You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: modules/ecr-registry/README.md
+2-2Lines changed: 2 additions & 2 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -8,7 +8,7 @@ This module creates following resources.
8
8
-`aws_ecr_pull_through_cache_rule` (optional)
9
9
-`aws_ecr_registry_scanning_configuration`
10
10
11
-
<!--BEGINNING OF PRE-COMMIT-TERRAFORM DOCS HOOK-->
11
+
<!--BEGIN_TF_DOCS-->
12
12
## Requirements
13
13
14
14
| Name | Version |
@@ -71,4 +71,4 @@ No modules.
71
71
| <aname="output_scanning_basic_version"></a> [scanning\_basic\_version](#output\_scanning\_basic\_version)| The version of basic scanning for the registry. |
72
72
| <aname="output_scanning_rules"></a> [scanning\_rules](#output\_scanning\_rules)| A list of scanning rules to determine which repository filters are used and at what frequency scanning will occur. |
73
73
| <aname="output_scanning_type"></a> [scanning\_type](#output\_scanning\_type)| The scanning type to set for the registry. |
| <aname="input_name"></a> [name](#input\_name)| (Required) Desired name for the repository. |`string`| n/a | yes |
42
-
| <aname="input_encryption_kms_key"></a> [encryption\_kms\_key](#input\_encryption\_kms\_key)| (Optional) The ARN of the KMS key to use when encryption\_type is `KMS`. If not specified, uses the default AWS managed key for ECR. |`string`|`null`| no |
43
-
| <aname="input_encryption_type"></a> [encryption\_type](#input\_encryption\_type)| (Optional) The encryption type to use for the repository. Valid values are `AES256` or `KMS`. |`string`|`"AES256"`| no |
44
-
| <aname="input_force_delete"></a> [force\_delete](#input\_force\_delete)| (Optional) If `true`, will delete the repository even if it contains images. Defaults to `false`. |`bool`|`false`| no |
45
-
| <aname="input_image_scan_on_push_enabled"></a> [image\_scan\_on\_push\_enabled](#input\_image\_scan\_on\_push\_enabled)| (Optional, Deprecated) Indicates whether images are scanned after being pushed to the repository or not scanned. |`bool`|`false`| no |
46
-
| <aname="input_image_tag_immutable_enabled"></a> [image\_tag\_immutable\_enabled](#input\_image\_tag\_immutable\_enabled)| (Optional) Enable tag immutability to prevent image tags from being overwritten by subsequent image pushes using the same tag. Disable tag immutability to allow image tags to be overwritten. |`bool`|`false`| no |
47
-
| <aname="input_lifecycle_rules"></a> [lifecycle\_rules](#input\_lifecycle\_rules)| (Optional) A list of ECR Repository Lifecycle rules. `priority` must be unique and do not need to be sequential across rules. `descriptoin` is optional. `type` is one of `tagged`, `untagged`, or `any`. `tag_prefixes` is required if you specified `tagged` type. Specify one of `expiration_days` or `expiration_count`|`any`|`[]`| no |
42
+
| <aname="input_encryption"></a> [encryption](#input\_encryption)| (Optional) The encryption configuration of the repository. `encryption` as defined below.<br/> (Optional) `type` - The encryption type to use for the repository. Valid values are `AES256` or `KMS`. Defaults to `AES256`.<br/> (Optional) `kms_key` - The ARN of the KMS key to use for encryption of the repository when `type` is `KMS`. If not specified, uses the default AWS managed key for ECR. | <pre>object({<br/> type = optional(string, "AES256")<br/> kms_key = optional(string)<br/> })</pre> |`{}`| no |
43
+
| <aname="input_force_delete"></a> [force\_delete](#input\_force\_delete)| (Optional) If `true`, will delete the repository even if it contains images. Defaults to `true`. |`bool`|`true`| no |
44
+
| <aname="input_image_scan_on_push_enabled"></a> [image\_scan\_on\_push\_enabled](#input\_image\_scan\_on\_push\_enabled)| (Optional, Deprecated) Indicates whether images are scanned after being pushed to the repository or not scanned. This configuration is deprecated in favor of registry level scan filters. Defaults to `false`. |`bool`|`false`| no |
45
+
| <aname="input_image_tag_immutable_enabled"></a> [image\_tag\_immutable\_enabled](#input\_image\_tag\_immutable\_enabled)| (Optional) Whether to enable the image tag immutability setting for the repository. Enable tag immutability to prevent image tags from being overwritten by subsequent image pushes using the same tag. Disable tag immutability to allow image tags to be overwritten. Defaults to `false`. |`bool`|`false`| no |
46
+
| <a name="input_lifecycle_rules"></a> [lifecycle\_rules](#input\_lifecycle\_rules) | (Optional) A list of Lifecycle rules for ECR repository. Each block of `lifecycle_rules` as defined below.<br/> (Required) `priority` - The order in which rules are applied, lowest to highest. A lifecycle policy rule with a priority of `1` will be applied first, a rule with priority of `2` will be next, and so on. Must be unique and do not need to be sequential across rules.<br/> (Optional) `descriptoin` - The description of the rule to describe the purpose of a rule within a lifecycle policy.<br/> (Required) `target` - The configuration of target images for the rule. `target` as defined below.<br/><br/> (Required) `status` - Valid values are `tagged`, `untagged`, or `any`. When you specify `tagged` status, either `tag_patterns` or `tag_prefixes` are required, but not both.<br/> (Optional) `tag_patterns` - A list of tag patterns to filter target images. If you specify multiple tags, only the images with all specified tags are selected. There is a maximum limit of four wildcards (*) per string.<br/> (Optional) `tag_prefixes` - A list of tag prefixes to filter target images. If you specify multiple prefixes, only the images with all specified prefixes are selected.<br/> (Required) `expiration` - The configuration of expiration condition for the rule. `expiration` as defined below.<br/><br/> (Optional) `count` - The maximum number of images to keep.<br/> (Optional) `days` - The maximum age of days to keep images. | <pre>list(object({<br/> priority = number<br/> description = optional(string, "Managed by Terraform.")<br/><br/> target = object({<br/> status = string<br/> tag_patterns = optional(list(string), [])<br/> tag_prefixes = optional(list(string), [])<br/> })<br/> expiration = object({<br/> count = optional(number)<br/> days = optional(number)<br/> })<br/> }))</pre> | `[]` | no |
48
47
| <aname="input_module_tags_enabled"></a> [module\_tags\_enabled](#input\_module\_tags\_enabled)| (Optional) Whether to create AWS Resource Tags for the module informations. |`bool`|`true`| no |
49
-
| <aname="input_repository_policy"></a> [repository\_policy](#input\_repository\_policy)| (Optional) The policy document for ECR Repository. This is a JSON formatted string. |`string`|`""`| no |
48
+
| <aname="input_policy"></a> [policy](#input\_policy)| (Optional) The policy document for ECR Repository. This is a JSON formatted string. |`string`|`""`| no |
50
49
| <aname="input_resource_group_description"></a> [resource\_group\_description](#input\_resource\_group\_description)| (Optional) The description of Resource Group. |`string`|`"Managed by Terraform."`| no |
51
50
| <aname="input_resource_group_enabled"></a> [resource\_group\_enabled](#input\_resource\_group\_enabled)| (Optional) Whether to create Resource Group to find and group AWS resources which are created by this module. |`bool`|`true`| no |
52
51
| <aname="input_resource_group_name"></a> [resource\_group\_name](#input\_resource\_group\_name)| (Optional) The name of Resource Group. A Resource Group name can have a maximum of 127 characters, including letters, numbers, hyphens, dots, and underscores. The name cannot start with `AWS` or `aws`. |`string`|`""`| no |
@@ -57,10 +56,11 @@ This module creates following resources.
57
56
| Name | Description |
58
57
|------|-------------|
59
58
| <aname="output_arn"></a> [arn](#output\_arn)| The ARN of the repository. |
60
-
| <aname="output_encryption"></a> [encryption](#output\_encryption)| The configuration for the encryption of repository. |
59
+
| <aname="output_encryption"></a> [encryption](#output\_encryption)| The encryption configuration of the repository. |
61
60
| <aname="output_image_scan_on_push_enabled"></a> [image\_scan\_on\_push\_enabled](#output\_image\_scan\_on\_push\_enabled)| Whether to scan image on push. |
62
61
| <aname="output_image_tag_immutable_enabled"></a> [image\_tag\_immutable\_enabled](#output\_image\_tag\_immutable\_enabled)| Whether to enable tag immutability to prevent image tags from being overwritten. |
62
+
| <aname="output_lifecycle_rules"></a> [lifecycle\_rules](#output\_lifecycle\_rules)| The lifecycle rules for the repository. |
63
63
| <aname="output_name"></a> [name](#output\_name)| The name of the repository. |
64
64
| <aname="output_registry_id"></a> [registry\_id](#output\_registry\_id)| The registry ID where the repository was created. |
65
65
| <aname="output_url"></a> [url](#output\_url)| The URL of the repository (in the form aws\_account\_id.dkr.ecr.region.amazonaws.com/repositoryName). |
@@ -40,14 +40,14 @@ This module creates following resources.
40
40
| <aname="input_name"></a> [name](#input\_name)| (Required) The name of the Amazon EKS access entry. |`string`| n/a | yes |
41
41
| <aname="input_principal"></a> [principal](#input\_principal)| (Required) The ARN of one, and only one, existing IAM principal to grant access to Kubernetes objects on the cluster. An IAM principal can't be included in more than one access entry. |`string`| n/a | yes |
42
42
| <aname="input_kubernetes_groups"></a> [kubernetes\_groups](#input\_kubernetes\_groups)| (Optional) A set of groups within the Kubernetes cluster. Only used when `type` is `STANDARD`. |`set(string)`|`[]`| no |
43
-
| <aname="input_kubernetes_permissions"></a> [kubernetes\_permissions](#input\_kubernetes\_permissions)| (Optional) A list of permissions for EKS access entry to the EKS cluster. Each item of `kubernetes_permissions` block as defined below.<br> (Required) `policy` - The ARN of the access policy that you're associating.<br> (Optional) `scope` - The type of access scope that you're associating. Valid values are `NAMESPACE`, `CLUSTER`. Defaults to `CLUSTER`.<br> (Optional) `namespaces` - A set of namespaces to which the access scope applies. You can enter plain text namespaces, or wildcard namespaces such as `dev-*`. | <pre>list(object({<br> policy = string<br> scope = optional(string, "CLUSTER")<br> namespaces = optional(set(string), [])<br> }))</pre> |`[]`| no |
43
+
| <aname="input_kubernetes_permissions"></a> [kubernetes\_permissions](#input\_kubernetes\_permissions)| (Optional) A list of permissions for EKS access entry to the EKS cluster. Each item of `kubernetes_permissions` block as defined below.<br/> (Required) `policy` - The ARN of the access policy that you're associating.<br/> (Optional) `scope` - The type of access scope that you're associating. Valid values are `NAMESPACE`, `CLUSTER`. Defaults to `CLUSTER`.<br/> (Optional) `namespaces` - A set of namespaces to which the access scope applies. You can enter plain text namespaces, or wildcard namespaces such as `dev-*`. | <pre>list(object({<br/> policy = string<br/> scope = optional(string, "CLUSTER")<br/> namespaces = optional(set(string), [])<br/> }))</pre> |`[]`| no |
44
44
| <aname="input_kubernetes_username"></a> [kubernetes\_username](#input\_kubernetes\_username)| (Optional) The username to authenticate to Kubernetes with. We recommend not specifying a username and letting Amazon EKS specify it for you. Defaults to the IAM principal ARN. Only used when `type` is `STANDARD`. |`string`|`null`| no |
45
45
| <aname="input_module_tags_enabled"></a> [module\_tags\_enabled](#input\_module\_tags\_enabled)| (Optional) Whether to create AWS Resource Tags for the module informations. |`bool`|`true`| no |
46
46
| <aname="input_resource_group_description"></a> [resource\_group\_description](#input\_resource\_group\_description)| (Optional) The description of Resource Group. |`string`|`"Managed by Terraform."`| no |
47
47
| <aname="input_resource_group_enabled"></a> [resource\_group\_enabled](#input\_resource\_group\_enabled)| (Optional) Whether to create Resource Group to find and group AWS resources which are created by this module. |`bool`|`true`| no |
48
48
| <aname="input_resource_group_name"></a> [resource\_group\_name](#input\_resource\_group\_name)| (Optional) The name of Resource Group. A Resource Group name can have a maximum of 127 characters, including letters, numbers, hyphens, dots, and underscores. The name cannot start with `AWS` or `aws`. |`string`|`""`| no |
49
49
| <aname="input_tags"></a> [tags](#input\_tags)| (Optional) A map of tags to add to all resources. |`map(string)`|`{}`| no |
50
-
| <aname="input_timeouts"></a> [timeouts](#input\_timeouts)| (Optional) How long to wait for the EKS access entry to be created/deleted. | <pre>object({<br> create = optional(string, "20m")<br> delete = optional(string, "40m")<br> })</pre> |`{}`| no |
50
+
| <aname="input_timeouts"></a> [timeouts](#input\_timeouts)| (Optional) How long to wait for the EKS access entry to be created/deleted. | <pre>object({<br/> create = optional(string, "20m")<br/> delete = optional(string, "40m")<br/> })</pre> |`{}`| no |
51
51
| <aname="input_type"></a> [type](#input\_type)| (Optional) The type of the access entry. Valid values are `EC2_LINUX`, `EC2_WINDOWS`, `FARGATE_LINUX`, `STANDARD`. Defaults to `STANDARD`. |`string`|`"STANDARD"`| no |
52
52
53
53
## Outputs
@@ -64,4 +64,4 @@ This module creates following resources.
64
64
| <aname="output_principal"></a> [principal](#output\_principal)| The ARN of one, and only one, existing IAM principal to grant access to Kubernetes objects on the cluster. |
65
65
| <aname="output_type"></a> [type](#output\_type)| The type of the access entry. |
66
66
| <aname="output_updated_at"></a> [updated\_at](#output\_updated\_at)| Date and time in RFC3339 format that the EKS access entry was updated. |
0 commit comments