1. Packages
  2. AWS Classic
  3. API Docs
  4. ecr
  5. RegistryScanningConfiguration

Try AWS Native preview for resources not in the classic version.

AWS Classic v6.24.0 published on Tuesday, Feb 27, 2024 by Pulumi

aws.ecr.RegistryScanningConfiguration

Explore with Pulumi AI

aws logo

Try AWS Native preview for resources not in the classic version.

AWS Classic v6.24.0 published on Tuesday, Feb 27, 2024 by Pulumi

    Provides an Elastic Container Registry Scanning Configuration. Can’t be completely deleted, instead reverts to the default BASIC scanning configuration without rules.

    Example Usage

    Basic example

    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Aws = Pulumi.Aws;
    
    return await Deployment.RunAsync(() => 
    {
        var configuration = new Aws.Ecr.RegistryScanningConfiguration("configuration", new()
        {
            Rules = new[]
            {
                new Aws.Ecr.Inputs.RegistryScanningConfigurationRuleArgs
                {
                    RepositoryFilters = new[]
                    {
                        new Aws.Ecr.Inputs.RegistryScanningConfigurationRuleRepositoryFilterArgs
                        {
                            Filter = "example",
                            FilterType = "WILDCARD",
                        },
                    },
                    ScanFrequency = "CONTINUOUS_SCAN",
                },
            },
            ScanType = "ENHANCED",
        });
    
    });
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ecr"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := ecr.NewRegistryScanningConfiguration(ctx, "configuration", &ecr.RegistryScanningConfigurationArgs{
    			Rules: ecr.RegistryScanningConfigurationRuleArray{
    				&ecr.RegistryScanningConfigurationRuleArgs{
    					RepositoryFilters: ecr.RegistryScanningConfigurationRuleRepositoryFilterArray{
    						&ecr.RegistryScanningConfigurationRuleRepositoryFilterArgs{
    							Filter:     pulumi.String("example"),
    							FilterType: pulumi.String("WILDCARD"),
    						},
    					},
    					ScanFrequency: pulumi.String("CONTINUOUS_SCAN"),
    				},
    			},
    			ScanType: pulumi.String("ENHANCED"),
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.aws.ecr.RegistryScanningConfiguration;
    import com.pulumi.aws.ecr.RegistryScanningConfigurationArgs;
    import com.pulumi.aws.ecr.inputs.RegistryScanningConfigurationRuleArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var configuration = new RegistryScanningConfiguration("configuration", RegistryScanningConfigurationArgs.builder()        
                .rules(RegistryScanningConfigurationRuleArgs.builder()
                    .repositoryFilters(RegistryScanningConfigurationRuleRepositoryFilterArgs.builder()
                        .filter("example")
                        .filterType("WILDCARD")
                        .build())
                    .scanFrequency("CONTINUOUS_SCAN")
                    .build())
                .scanType("ENHANCED")
                .build());
    
        }
    }
    
    import pulumi
    import pulumi_aws as aws
    
    configuration = aws.ecr.RegistryScanningConfiguration("configuration",
        rules=[aws.ecr.RegistryScanningConfigurationRuleArgs(
            repository_filters=[aws.ecr.RegistryScanningConfigurationRuleRepositoryFilterArgs(
                filter="example",
                filter_type="WILDCARD",
            )],
            scan_frequency="CONTINUOUS_SCAN",
        )],
        scan_type="ENHANCED")
    
    import * as pulumi from "@pulumi/pulumi";
    import * as aws from "@pulumi/aws";
    
    const configuration = new aws.ecr.RegistryScanningConfiguration("configuration", {
        rules: [{
            repositoryFilters: [{
                filter: "example",
                filterType: "WILDCARD",
            }],
            scanFrequency: "CONTINUOUS_SCAN",
        }],
        scanType: "ENHANCED",
    });
    
    resources:
      configuration:
        type: aws:ecr:RegistryScanningConfiguration
        properties:
          rules:
            - repositoryFilters:
                - filter: example
                  filterType: WILDCARD
              scanFrequency: CONTINUOUS_SCAN
          scanType: ENHANCED
    

    Multiple rules

    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Aws = Pulumi.Aws;
    
    return await Deployment.RunAsync(() => 
    {
        var test = new Aws.Ecr.RegistryScanningConfiguration("test", new()
        {
            Rules = new[]
            {
                new Aws.Ecr.Inputs.RegistryScanningConfigurationRuleArgs
                {
                    RepositoryFilters = new[]
                    {
                        new Aws.Ecr.Inputs.RegistryScanningConfigurationRuleRepositoryFilterArgs
                        {
                            Filter = "*",
                            FilterType = "WILDCARD",
                        },
                    },
                    ScanFrequency = "SCAN_ON_PUSH",
                },
                new Aws.Ecr.Inputs.RegistryScanningConfigurationRuleArgs
                {
                    RepositoryFilters = new[]
                    {
                        new Aws.Ecr.Inputs.RegistryScanningConfigurationRuleRepositoryFilterArgs
                        {
                            Filter = "example",
                            FilterType = "WILDCARD",
                        },
                    },
                    ScanFrequency = "CONTINUOUS_SCAN",
                },
            },
            ScanType = "ENHANCED",
        });
    
    });
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ecr"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := ecr.NewRegistryScanningConfiguration(ctx, "test", &ecr.RegistryScanningConfigurationArgs{
    			Rules: ecr.RegistryScanningConfigurationRuleArray{
    				&ecr.RegistryScanningConfigurationRuleArgs{
    					RepositoryFilters: ecr.RegistryScanningConfigurationRuleRepositoryFilterArray{
    						&ecr.RegistryScanningConfigurationRuleRepositoryFilterArgs{
    							Filter:     pulumi.String("*"),
    							FilterType: pulumi.String("WILDCARD"),
    						},
    					},
    					ScanFrequency: pulumi.String("SCAN_ON_PUSH"),
    				},
    				&ecr.RegistryScanningConfigurationRuleArgs{
    					RepositoryFilters: ecr.RegistryScanningConfigurationRuleRepositoryFilterArray{
    						&ecr.RegistryScanningConfigurationRuleRepositoryFilterArgs{
    							Filter:     pulumi.String("example"),
    							FilterType: pulumi.String("WILDCARD"),
    						},
    					},
    					ScanFrequency: pulumi.String("CONTINUOUS_SCAN"),
    				},
    			},
    			ScanType: pulumi.String("ENHANCED"),
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.aws.ecr.RegistryScanningConfiguration;
    import com.pulumi.aws.ecr.RegistryScanningConfigurationArgs;
    import com.pulumi.aws.ecr.inputs.RegistryScanningConfigurationRuleArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var test = new RegistryScanningConfiguration("test", RegistryScanningConfigurationArgs.builder()        
                .rules(            
                    RegistryScanningConfigurationRuleArgs.builder()
                        .repositoryFilters(RegistryScanningConfigurationRuleRepositoryFilterArgs.builder()
                            .filter("*")
                            .filterType("WILDCARD")
                            .build())
                        .scanFrequency("SCAN_ON_PUSH")
                        .build(),
                    RegistryScanningConfigurationRuleArgs.builder()
                        .repositoryFilters(RegistryScanningConfigurationRuleRepositoryFilterArgs.builder()
                            .filter("example")
                            .filterType("WILDCARD")
                            .build())
                        .scanFrequency("CONTINUOUS_SCAN")
                        .build())
                .scanType("ENHANCED")
                .build());
    
        }
    }
    
    import pulumi
    import pulumi_aws as aws
    
    test = aws.ecr.RegistryScanningConfiguration("test",
        rules=[
            aws.ecr.RegistryScanningConfigurationRuleArgs(
                repository_filters=[aws.ecr.RegistryScanningConfigurationRuleRepositoryFilterArgs(
                    filter="*",
                    filter_type="WILDCARD",
                )],
                scan_frequency="SCAN_ON_PUSH",
            ),
            aws.ecr.RegistryScanningConfigurationRuleArgs(
                repository_filters=[aws.ecr.RegistryScanningConfigurationRuleRepositoryFilterArgs(
                    filter="example",
                    filter_type="WILDCARD",
                )],
                scan_frequency="CONTINUOUS_SCAN",
            ),
        ],
        scan_type="ENHANCED")
    
    import * as pulumi from "@pulumi/pulumi";
    import * as aws from "@pulumi/aws";
    
    const test = new aws.ecr.RegistryScanningConfiguration("test", {
        rules: [
            {
                repositoryFilters: [{
                    filter: "*",
                    filterType: "WILDCARD",
                }],
                scanFrequency: "SCAN_ON_PUSH",
            },
            {
                repositoryFilters: [{
                    filter: "example",
                    filterType: "WILDCARD",
                }],
                scanFrequency: "CONTINUOUS_SCAN",
            },
        ],
        scanType: "ENHANCED",
    });
    
    resources:
      test:
        type: aws:ecr:RegistryScanningConfiguration
        properties:
          rules:
            - repositoryFilters:
                - filter: '*'
                  filterType: WILDCARD
              scanFrequency: SCAN_ON_PUSH
            - repositoryFilters:
                - filter: example
                  filterType: WILDCARD
              scanFrequency: CONTINUOUS_SCAN
          scanType: ENHANCED
    

    Create RegistryScanningConfiguration Resource

    new RegistryScanningConfiguration(name: string, args: RegistryScanningConfigurationArgs, opts?: CustomResourceOptions);
    @overload
    def RegistryScanningConfiguration(resource_name: str,
                                      opts: Optional[ResourceOptions] = None,
                                      rules: Optional[Sequence[RegistryScanningConfigurationRuleArgs]] = None,
                                      scan_type: Optional[str] = None)
    @overload
    def RegistryScanningConfiguration(resource_name: str,
                                      args: RegistryScanningConfigurationArgs,
                                      opts: Optional[ResourceOptions] = None)
    func NewRegistryScanningConfiguration(ctx *Context, name string, args RegistryScanningConfigurationArgs, opts ...ResourceOption) (*RegistryScanningConfiguration, error)
    public RegistryScanningConfiguration(string name, RegistryScanningConfigurationArgs args, CustomResourceOptions? opts = null)
    public RegistryScanningConfiguration(String name, RegistryScanningConfigurationArgs args)
    public RegistryScanningConfiguration(String name, RegistryScanningConfigurationArgs args, CustomResourceOptions options)
    
    type: aws:ecr:RegistryScanningConfiguration
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    
    name string
    The unique name of the resource.
    args RegistryScanningConfigurationArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args RegistryScanningConfigurationArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args RegistryScanningConfigurationArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args RegistryScanningConfigurationArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args RegistryScanningConfigurationArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    RegistryScanningConfiguration Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The RegistryScanningConfiguration resource accepts the following input properties:

    ScanType string
    the scanning type to set for the registry. Can be either ENHANCED or BASIC.
    Rules List<RegistryScanningConfigurationRule>
    One or multiple blocks specifying scanning rules to determine which repository filters are used and at what frequency scanning will occur. See below for schema.
    ScanType string
    the scanning type to set for the registry. Can be either ENHANCED or BASIC.
    Rules []RegistryScanningConfigurationRuleArgs
    One or multiple blocks specifying scanning rules to determine which repository filters are used and at what frequency scanning will occur. See below for schema.
    scanType String
    the scanning type to set for the registry. Can be either ENHANCED or BASIC.
    rules List<RegistryScanningConfigurationRule>
    One or multiple blocks specifying scanning rules to determine which repository filters are used and at what frequency scanning will occur. See below for schema.
    scanType string
    the scanning type to set for the registry. Can be either ENHANCED or BASIC.
    rules RegistryScanningConfigurationRule[]
    One or multiple blocks specifying scanning rules to determine which repository filters are used and at what frequency scanning will occur. See below for schema.
    scan_type str
    the scanning type to set for the registry. Can be either ENHANCED or BASIC.
    rules Sequence[RegistryScanningConfigurationRuleArgs]
    One or multiple blocks specifying scanning rules to determine which repository filters are used and at what frequency scanning will occur. See below for schema.
    scanType String
    the scanning type to set for the registry. Can be either ENHANCED or BASIC.
    rules List<Property Map>
    One or multiple blocks specifying scanning rules to determine which repository filters are used and at what frequency scanning will occur. See below for schema.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the RegistryScanningConfiguration resource produces the following output properties:

    Id string
    The provider-assigned unique ID for this managed resource.
    RegistryId string
    The registry ID the scanning configuration applies to.
    Id string
    The provider-assigned unique ID for this managed resource.
    RegistryId string
    The registry ID the scanning configuration applies to.
    id String
    The provider-assigned unique ID for this managed resource.
    registryId String
    The registry ID the scanning configuration applies to.
    id string
    The provider-assigned unique ID for this managed resource.
    registryId string
    The registry ID the scanning configuration applies to.
    id str
    The provider-assigned unique ID for this managed resource.
    registry_id str
    The registry ID the scanning configuration applies to.
    id String
    The provider-assigned unique ID for this managed resource.
    registryId String
    The registry ID the scanning configuration applies to.

    Look up Existing RegistryScanningConfiguration Resource

    Get an existing RegistryScanningConfiguration resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: RegistryScanningConfigurationState, opts?: CustomResourceOptions): RegistryScanningConfiguration
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            registry_id: Optional[str] = None,
            rules: Optional[Sequence[RegistryScanningConfigurationRuleArgs]] = None,
            scan_type: Optional[str] = None) -> RegistryScanningConfiguration
    func GetRegistryScanningConfiguration(ctx *Context, name string, id IDInput, state *RegistryScanningConfigurationState, opts ...ResourceOption) (*RegistryScanningConfiguration, error)
    public static RegistryScanningConfiguration Get(string name, Input<string> id, RegistryScanningConfigurationState? state, CustomResourceOptions? opts = null)
    public static RegistryScanningConfiguration get(String name, Output<String> id, RegistryScanningConfigurationState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    RegistryId string
    The registry ID the scanning configuration applies to.
    Rules List<RegistryScanningConfigurationRule>
    One or multiple blocks specifying scanning rules to determine which repository filters are used and at what frequency scanning will occur. See below for schema.
    ScanType string
    the scanning type to set for the registry. Can be either ENHANCED or BASIC.
    RegistryId string
    The registry ID the scanning configuration applies to.
    Rules []RegistryScanningConfigurationRuleArgs
    One or multiple blocks specifying scanning rules to determine which repository filters are used and at what frequency scanning will occur. See below for schema.
    ScanType string
    the scanning type to set for the registry. Can be either ENHANCED or BASIC.
    registryId String
    The registry ID the scanning configuration applies to.
    rules List<RegistryScanningConfigurationRule>
    One or multiple blocks specifying scanning rules to determine which repository filters are used and at what frequency scanning will occur. See below for schema.
    scanType String
    the scanning type to set for the registry. Can be either ENHANCED or BASIC.
    registryId string
    The registry ID the scanning configuration applies to.
    rules RegistryScanningConfigurationRule[]
    One or multiple blocks specifying scanning rules to determine which repository filters are used and at what frequency scanning will occur. See below for schema.
    scanType string
    the scanning type to set for the registry. Can be either ENHANCED or BASIC.
    registry_id str
    The registry ID the scanning configuration applies to.
    rules Sequence[RegistryScanningConfigurationRuleArgs]
    One or multiple blocks specifying scanning rules to determine which repository filters are used and at what frequency scanning will occur. See below for schema.
    scan_type str
    the scanning type to set for the registry. Can be either ENHANCED or BASIC.
    registryId String
    The registry ID the scanning configuration applies to.
    rules List<Property Map>
    One or multiple blocks specifying scanning rules to determine which repository filters are used and at what frequency scanning will occur. See below for schema.
    scanType String
    the scanning type to set for the registry. Can be either ENHANCED or BASIC.

    Supporting Types

    RegistryScanningConfigurationRule, RegistryScanningConfigurationRuleArgs

    RepositoryFilters List<RegistryScanningConfigurationRuleRepositoryFilter>
    One or more repository filter blocks, containing a filter (required string filtering repositories, see pattern regex here) and a filter_type (required string, currently only WILDCARD is supported).
    ScanFrequency string
    The frequency that scans are performed at for a private registry. Can be SCAN_ON_PUSH, CONTINUOUS_SCAN, or MANUAL.
    RepositoryFilters []RegistryScanningConfigurationRuleRepositoryFilter
    One or more repository filter blocks, containing a filter (required string filtering repositories, see pattern regex here) and a filter_type (required string, currently only WILDCARD is supported).
    ScanFrequency string
    The frequency that scans are performed at for a private registry. Can be SCAN_ON_PUSH, CONTINUOUS_SCAN, or MANUAL.
    repositoryFilters List<RegistryScanningConfigurationRuleRepositoryFilter>
    One or more repository filter blocks, containing a filter (required string filtering repositories, see pattern regex here) and a filter_type (required string, currently only WILDCARD is supported).
    scanFrequency String
    The frequency that scans are performed at for a private registry. Can be SCAN_ON_PUSH, CONTINUOUS_SCAN, or MANUAL.
    repositoryFilters RegistryScanningConfigurationRuleRepositoryFilter[]
    One or more repository filter blocks, containing a filter (required string filtering repositories, see pattern regex here) and a filter_type (required string, currently only WILDCARD is supported).
    scanFrequency string
    The frequency that scans are performed at for a private registry. Can be SCAN_ON_PUSH, CONTINUOUS_SCAN, or MANUAL.
    repository_filters Sequence[RegistryScanningConfigurationRuleRepositoryFilter]
    One or more repository filter blocks, containing a filter (required string filtering repositories, see pattern regex here) and a filter_type (required string, currently only WILDCARD is supported).
    scan_frequency str
    The frequency that scans are performed at for a private registry. Can be SCAN_ON_PUSH, CONTINUOUS_SCAN, or MANUAL.
    repositoryFilters List<Property Map>
    One or more repository filter blocks, containing a filter (required string filtering repositories, see pattern regex here) and a filter_type (required string, currently only WILDCARD is supported).
    scanFrequency String
    The frequency that scans are performed at for a private registry. Can be SCAN_ON_PUSH, CONTINUOUS_SCAN, or MANUAL.

    RegistryScanningConfigurationRuleRepositoryFilter, RegistryScanningConfigurationRuleRepositoryFilterArgs

    Filter string
    FilterType string
    Filter string
    FilterType string
    filter String
    filterType String
    filter string
    filterType string
    filter String
    filterType String

    Import

    Using pulumi import, import ECR Scanning Configurations using the registry_id. For example:

     $ pulumi import aws:ecr/registryScanningConfiguration:RegistryScanningConfiguration example 012345678901
    

    Package Details

    Repository
    AWS Classic pulumi/pulumi-aws
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the aws Terraform Provider.
    aws logo

    Try AWS Native preview for resources not in the classic version.

    AWS Classic v6.24.0 published on Tuesday, Feb 27, 2024 by Pulumi