Creating an AWS ECR Service with Pulumi
Create an AWS ECR resource using @pulumi/aws
The @pulumi/aws
library enables fine-grained control over the AWS ECR resource meaning it can be coded, deployed, and managed entirely in code.
const aws = require("@pulumi/aws");
const repository = new aws.ecr.Repository("myrepository");
const repositoryPolicy = new aws.ecr.RepositoryPolicy("myrepositorypolicy", {
repository: repository.id,
policy: JSON.stringify({
Version: "2012-10-17",
Statement: [{
Sid: "new policy",
Effect: "Allow",
Principal: "*",
Action: [
"ecr:GetDownloadUrlForLayer",
"ecr:BatchGetImage",
"ecr:BatchCheckLayerAvailability",
"ecr:PutImage",
"ecr:InitiateLayerUpload",
"ecr:UploadLayerPart",
"ecr:CompleteLayerUpload",
"ecr:DescribeRepositories",
"ecr:GetRepositoryPolicy",
"ecr:ListImages",
"ecr:DeleteRepository",
"ecr:BatchDeleteImage",
"ecr:SetRepositoryPolicy",
"ecr:DeleteRepositoryPolicy"
]
}]
})
});
const lifecyclePolicy = new aws.ecr.LifecyclePolicy("mylifecyclepolicy", {
repository: repository.id,
policy: JSON.stringify({
rules: [{
rulePriority: 1,
description: "Expire images older than 14 days",
selection: {
tagStatus: "untagged",
countType: "sinceImagePushed",
countUnit: "days",
countNumber: 14
},
action: {
type: "expire"
}
}]
})
});
Thank you for your feedback!
If you have a question about how to use Pulumi, reach out in Community Slack.
Open an issue on GitHub to report a problem or suggest an improvement.