Module ecr

@pulumi/aws > ecr

This provider is a derived work of the Terraform Provider distributed under MPL 2.0. If you encounter a bug or missing feature, first check the pulumi/pulumi-aws repo; however, if that doesn’t turn up anything, please consult the source terraform-providers/terraform-provider-aws repo.

class LifecyclePolicy

extends CustomResource

Manages an ECR repository lifecycle policy.

NOTE: Only one aws.ecr.LifecyclePolicy resource can be used with the same ECR repository. To apply multiple rules, they must be combined in the policy JSON.

NOTE: The AWS ECR API seems to reorder rules based on rulePriority. If you define multiple rules that are not sorted in ascending rulePriority order in the this provider code, the resource will be flagged for recreation every deployment.

Example Usage

Policy on untagged image

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const foo = new aws.ecr.Repository("foo", {});
const foopolicy = new aws.ecr.LifecyclePolicy("foopolicy", {
    policy: `{
    "rules": [
        {
            "rulePriority": 1,
            "description": "Expire images older than 14 days",
            "selection": {
                "tagStatus": "untagged",
                "countType": "sinceImagePushed",
                "countUnit": "days",
                "countNumber": 14
            },
            "action": {
                "type": "expire"
            }
        }
    ]
}
`,
    repository: foo.name,
});

Policy on tagged image

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const foo = new aws.ecr.Repository("foo", {});
const foopolicy = new aws.ecr.LifecyclePolicy("foopolicy", {
    policy: `{
    "rules": [
        {
            "rulePriority": 1,
            "description": "Keep last 30 images",
            "selection": {
                "tagStatus": "tagged",
                "tagPrefixList": ["v"],
                "countType": "imageCountMoreThan",
                "countNumber": 30
            },
            "action": {
                "type": "expire"
            }
        }
    ]
}
`,
    repository: foo.name,
});

This content is derived from https://github.com/terraform-providers/terraform-provider-aws/blob/master/website/docs/r/ecr_lifecycle_policy.html.markdown.

constructor

new LifecyclePolicy(name: string, args: LifecyclePolicyArgs, opts?: pulumi.CustomResourceOptions)

Create a LifecyclePolicy resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: LifecyclePolicyState, opts?: pulumi.CustomResourceOptions): LifecyclePolicy

Get an existing LifecyclePolicy resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): boolean

Returns true if the given object is an instance of LifecyclePolicy. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property policy

public policy: pulumi.Output<string>;

The policy document. This is a JSON formatted string. See more details about Policy Parameters in the official AWS docs.

property registryId

public registryId: pulumi.Output<string>;

The registry ID where the repository was created.

property repository

public repository: pulumi.Output<string>;

Name of the repository to apply the policy.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

class Repository

extends CustomResource

Provides an Elastic Container Registry Repository.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const foo = new aws.ecr.Repository("foo", {});

This content is derived from https://github.com/terraform-providers/terraform-provider-aws/blob/master/website/docs/r/ecr_repository.html.markdown.

constructor

new Repository(name: string, args?: RepositoryArgs, opts?: pulumi.CustomResourceOptions)

Create a Repository resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: RepositoryState, opts?: pulumi.CustomResourceOptions): Repository

Get an existing Repository resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): boolean

Returns true if the given object is an instance of Repository. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property arn

public arn: pulumi.Output<string>;

Full ARN of the repository.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property imageTagMutability

public imageTagMutability: pulumi.Output<string | undefined>;

The tag mutability setting for the repository. Must be one of: MUTABLE or IMMUTABLE. Defaults to MUTABLE.

property name

public name: pulumi.Output<string>;

Name of the repository.

property registryId

public registryId: pulumi.Output<string>;

The registry ID where the repository was created.

property repositoryUrl

public repositoryUrl: pulumi.Output<string>;

The URL of the repository (in the form aws_account_id.dkr.ecr.region.amazonaws.com/repositoryName

property tags

public tags: pulumi.Output<{[key: string]: any} | undefined>;

A mapping of tags to assign to the resource.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

class RepositoryPolicy

extends CustomResource

Provides an Elastic Container Registry Repository Policy.

Note that currently only one policy may be applied to a repository.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const foo = new aws.ecr.Repository("foo", {});
const foopolicy = new aws.ecr.RepositoryPolicy("foopolicy", {
    policy: `{
    "Version": "2008-10-17",
    "Statement": [
        {
            "Sid": "new policy",
            "Effect": "Allow",
            "Principal": "*",
            "Action": [
                "ecr:GetDownloadUrlForLayer",
                "ecr:BatchGetImage",
                "ecr:BatchCheckLayerAvailability",
                "ecr:PutImage",
                "ecr:InitiateLayerUpload",
                "ecr:UploadLayerPart",
                "ecr:CompleteLayerUpload",
                "ecr:DescribeRepositories",
                "ecr:GetRepositoryPolicy",
                "ecr:ListImages",
                "ecr:DeleteRepository",
                "ecr:BatchDeleteImage",
                "ecr:SetRepositoryPolicy",
                "ecr:DeleteRepositoryPolicy"
            ]
        }
    ]
}
`,
    repository: foo.name,
});

This content is derived from https://github.com/terraform-providers/terraform-provider-aws/blob/master/website/docs/r/ecr_repository_policy.html.markdown.

constructor

new RepositoryPolicy(name: string, args: RepositoryPolicyArgs, opts?: pulumi.CustomResourceOptions)

Create a RepositoryPolicy resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: RepositoryPolicyState, opts?: pulumi.CustomResourceOptions): RepositoryPolicy

Get an existing RepositoryPolicy resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): boolean

Returns true if the given object is an instance of RepositoryPolicy. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property policy

public policy: pulumi.Output<string>;

The policy document. This is a JSON formatted string.

property registryId

public registryId: pulumi.Output<string>;

The registry ID where the repository was created.

property repository

public repository: pulumi.Output<string>;

Name of the repository to apply the policy.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

function getCredentials

function getImage

getImage(args: GetImageArgs, opts?: pulumi.InvokeOptions): Promise<GetImageResult> & GetImageResult

The ECR Image data source allows the details of an image with a particular tag or digest to be retrieved.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const serviceImage = pulumi.output(aws.ecr.getImage({
    imageTag: "latest",
    repositoryName: "my/service",
}));

This content is derived from https://github.com/terraform-providers/terraform-provider-aws/blob/master/website/docs/d/ecr_image.html.markdown.

function getRepository

getRepository(args: GetRepositoryArgs, opts?: pulumi.InvokeOptions): Promise<GetRepositoryResult> & GetRepositoryResult

The ECR Repository data source allows the ARN, Repository URI and Registry ID to be retrieved for an ECR repository.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const service = pulumi.output(aws.ecr.getRepository({
    name: "ecr-repository",
}));

This content is derived from https://github.com/terraform-providers/terraform-provider-aws/blob/master/website/docs/d/ecr_repository.html.markdown.

interface Action

property type

type: Input<“expire”>;

The specified action type - the only supported value is expire.

interface GetCredentialsArgs

A collection of arguments for invoking getCredentials.

property registryId

registryId: string;

interface GetCredentialsResult

A collection of values returned by getCredentials.

property authorizationToken

authorizationToken: string;

property expiresAt

expiresAt: string;

property id

id: string;

id is the provider-assigned unique ID for this managed resource.

property proxyEndpoint

proxyEndpoint: string;

property registryId

registryId: string;

interface GetImageArgs

A collection of arguments for invoking getImage.

property imageDigest

imageDigest?: undefined | string;

The sha256 digest of the image manifest. At least one of imageDigest or imageTag must be specified.

property imageTag

imageTag?: undefined | string;

The tag associated with this image. At least one of imageDigest or imageTag must be specified.

property registryId

registryId?: undefined | string;

The ID of the Registry where the repository resides.

property repositoryName

repositoryName: string;

The name of the ECR Repository.

interface GetImageResult

A collection of values returned by getImage.

property id

id: string;

id is the provider-assigned unique ID for this managed resource.

property imageDigest

imageDigest: string;

property imagePushedAt

imagePushedAt: number;

The date and time, expressed as a unix timestamp, at which the current image was pushed to the repository.

property imageSizeInBytes

imageSizeInBytes: number;

The size, in bytes, of the image in the repository.

property imageTag

imageTag?: undefined | string;

property imageTags

imageTags: string[];

The list of tags associated with this image.

property registryId

registryId: string;

property repositoryName

repositoryName: string;

interface GetRepositoryArgs

A collection of arguments for invoking getRepository.

property name

name: string;

The name of the ECR Repository.

property tags

tags?: undefined | {[key: string]: any};

interface GetRepositoryResult

A collection of values returned by getRepository.

property arn

arn: string;

Full ARN of the repository.

property id

id: string;

id is the provider-assigned unique ID for this managed resource.

property name

name: string;

property registryId

registryId: string;

The registry ID where the repository was created.

property repositoryUrl

repositoryUrl: string;

The URL of the repository (in the form aws_account_id.dkr.ecr.region.amazonaws.com/repositoryName).

property tags

tags: {[key: string]: any};

A mapping of tags assigned to the resource.

interface LifecyclePolicyArgs

The set of arguments for constructing a LifecyclePolicy resource.

property policy

policy: pulumi.Input<string | LifecyclePolicyDocument>;

The policy document. This is a JSON formatted string. See more details about Policy Parameters in the official AWS docs.

property repository

repository: pulumi.Input<string>;

Name of the repository to apply the policy.

interface LifecyclePolicyDocument

Amazon ECR lifecycle policies enable you to specify the lifecycle management of images in a repository. A lifecycle policy is a set of one or more rules, where each rule defines an action for Amazon ECR. The actions apply to images that contain tags prefixed with the given strings. This allows the automation of cleaning up unused images, for example expiring images based on age or count. You should expect that after creating a lifecycle policy the affected images are expired within 24 hours.

For more details about ECR lifecycle policies, please refer to the AWS documentation online: https://docs.aws.amazon.com/AmazonECR/latest/userguide/LifecyclePolicies.html

property rules

rules: PolicyRule[];

interface LifecyclePolicyState

Input properties used for looking up and filtering LifecyclePolicy resources.

property policy

policy?: pulumi.Input<string | LifecyclePolicyDocument>;

The policy document. This is a JSON formatted string. See more details about Policy Parameters in the official AWS docs.

property registryId

registryId?: pulumi.Input<string>;

The registry ID where the repository was created.

property repository

repository?: pulumi.Input<string>;

Name of the repository to apply the policy.

interface PolicyRule

property action

action: Action;

The action to perform when selection criteria is met.

property description

description?: Input<string>;

An optional description for the rule.

property rulePriority

rulePriority: Input<number>;

Indicate the Rule Priority - each rule must have a different priority.

property selection

selection: Selection;

The selection criteria for the rule.

interface RepositoryArgs

The set of arguments for constructing a Repository resource.

property imageTagMutability

imageTagMutability?: pulumi.Input<string>;

The tag mutability setting for the repository. Must be one of: MUTABLE or IMMUTABLE. Defaults to MUTABLE.

property name

name?: pulumi.Input<string>;

Name of the repository.

property tags

tags?: pulumi.Input<{[key: string]: any}>;

A mapping of tags to assign to the resource.

interface RepositoryPolicyArgs

The set of arguments for constructing a RepositoryPolicy resource.

property policy

policy: pulumi.Input<string | PolicyDocument>;

The policy document. This is a JSON formatted string.

property repository

repository: pulumi.Input<string>;

Name of the repository to apply the policy.

interface RepositoryPolicyState

Input properties used for looking up and filtering RepositoryPolicy resources.

property policy

policy?: pulumi.Input<string | PolicyDocument>;

The policy document. This is a JSON formatted string.

property registryId

registryId?: pulumi.Input<string>;

The registry ID where the repository was created.

property repository

repository?: pulumi.Input<string>;

Name of the repository to apply the policy.

interface RepositoryState

Input properties used for looking up and filtering Repository resources.

property arn

arn?: pulumi.Input<string>;

Full ARN of the repository.

property imageTagMutability

imageTagMutability?: pulumi.Input<string>;

The tag mutability setting for the repository. Must be one of: MUTABLE or IMMUTABLE. Defaults to MUTABLE.

property name

name?: pulumi.Input<string>;

Name of the repository.

property registryId

registryId?: pulumi.Input<string>;

The registry ID where the repository was created.

property repositoryUrl

repositoryUrl?: pulumi.Input<string>;

The URL of the repository (in the form aws_account_id.dkr.ecr.region.amazonaws.com/repositoryName

property tags

tags?: pulumi.Input<{[key: string]: any}>;

A mapping of tags to assign to the resource.

interface Selection

Selection is the selection criteria for the rule and is the mart part of the policy.

property countNumber

countNumber: Input<number>;

The maximum number of images or the max age for which to apply the image selection.

property countType

countType: Input<“imageCountMoreThan” | “sinceImagePushed”>;

Indicate whether to evaluate the rule based on imageCountMoreThan or sinceImagePushed.

property countUnit

countUnit?: Input<string>;

The unit of time e.g. days for which to apply the selection.

property tagPrefixList

tagPrefixList?: Input<string> | Input<string>[];

Specify one or more image tag prefixes for selection.

property tagStatus

tagStatus: Input<“tagged” | “untagged” | “any”>;

Indicate whether to select tagged, untagged or any images in the repository.