terraform-aws-ecr
Terraform Module to manage Docker Container Registries on AWS ECR
APACHE-2.0 License
Bot releases are visible (Hide)
- the change allows to pass wildcards in protected_tags list
why
- there are use cases when the protected tags are not only prefix defineable and only wildcard can be used like "*prod" or semversion
*.*.*
references
- fixes #133
Published by cloudposse-releaser[bot] 3 months ago
Add support for countType "sinceImagePushed" ECR Lifepolicy rule.
why
- Increase flexibility and usefulness of this module.
references
- Implements #92.
🤖 Automatic Updates
why
- Re-apply
.github/settings.ymlfrom org level - Use organization level auto-release settings
references
- DEV-1242 Add protected tags with Repository Rulesets on GitHub
why
- So we can support commenting on PRs with a link to the release
why
- Reduce nested levels of reusable workflows
why
- The ReviewDog action will comment with line-level suggestions based on linting failures
why
- Support new readme generation workflow.
- Generate banners
- Install latest GitHub Action Workflows
why
- Use shared workflows from
cldouposse/.githubrepository - Simplify management of workflows from centralized hub of configuration
why
- Programmatically manage GitHub repo settings
why
To have most recent changes of README.md and doc from origin templates
why
- Upstream template changed in the
.githubrepo - Work better with repository rulesets
- Modernize look & feel
Published by github-actions[bot] 8 months ago
Published by github-actions[bot] 8 months ago
what
Add a principal list (principals_pull_though_access) which are allowed to use specific repositories as pull through cache (import images from upstream). This holds for repositories where one of the strings in prefixes_pull_through_repositories is a prefix of the repository name.
why
We are using ecr-public pull through cache and we want also new images to be downloaded automatically to the cache. Allowed principals for respective repos can use it with the newly introduced variables.
🤖 Automatic Updates
what
This is an auto-generated PR that updates the README.md and docs
why
To have most recent changes of README.md and doc from origin templates
what
This is an auto-generated PR that updates the README.md and docs
why
To have most recent changes of README.md and doc from origin templates
what
This is an auto-generated PR that updates the README.md and docs
why
To have most recent changes of README.md and doc from origin templates
Published by github-actions[bot] 12 months ago
what
- add
scanning_configurationas child module
why
- support
scan_typesettings - should be deployed as a per-account global, rather than per-ecr-repo
Notes
- fixes #90
Published by github-actions[bot] 12 months ago
what
- Add the ability to have organizations as trustees (read-only) for the ECR repository
why
- As described in #82 , it's sometimes useful to allow an entire organization to consume images from a centralized repository
references
- closes #82
Published by github-actions[bot] over 1 year ago
what
- Clean up of the logic surrounding the
var.principals_lambdapolicies
why
- When this was originally implemented it was copy / pastad across multiple policy docs, which isn't necessary and creates a bunch of bloat.
references
- Discovered in #98
- Originally introduced in #88
Published by github-actions[bot] over 1 year ago
what
- adds the ability to give push-only access to the repository
why
- full access was more than we wanted in our situation (CI pushing images to the repo) so we added a
principals_push_accessto give push-only access.
references
- policy is based on this AWS doc
Sync github from the template
Published by cloudpossebot over 1 year ago
- No changes
Published by cloudpossebot almost 2 years ago
Hi! im adding "force_delete" parameter, is implemented in aws 4.22.0 for an easier delete of the ecr
references
https://registry.terraform.io/providers/hashicorp/aws/4.22.0/docs/resources/ecr_repository
what and why
Change all references to git.io/build-harness into cloudposse.tools/build-harness, since git.io redirects will stop working on April 29th, 2022.
References
- DEV-143
Published by cloudpossebot over 2 years ago
what
- Replace deprecated parameters in aws v4
why
- Make module compatible with v4
references
Published by cloudpossebot over 2 years ago
what
- With the introduction of cross-account ECR for lambda functions, I have put together the necessary code to allow for this functionality
why
- Cross-account ECR is a feature many would use as it doesn't require you to duplicate your ECR repositories in the same account where the lambda function resides saving money
references
https://aws.amazon.com/blogs/compute/introducing-cross-account-amazon-ecr-access-for-aws-lambda/
Published by cloudpossebot about 3 years ago
🤖 Automatic Updates
what
This is an auto-generated PR that updates the context.tf file to the latest version from cloudposse/terraform-null-label
why
To support all the features of the context interface.
Published by cloudpossebot over 3 years ago
🤖 Automatic Updates
what
- update context.tf to v0.24.1
- minimum required Terraform version bumped to 0.13.0
- readme updated, Bridgecrew compliance badges added
why
- It allows for setting the letter case of tag names and labels, back compatibility with context v0.22.0 and below
- we have dropped support for Terraform 0.12
- To be able see and fix the recommendations from Bridgecrew so we can position our modules as standards compliant
Published by cloudpossebot over 3 years ago
🤖 Automatic Updates
what
This is an auto-generated PR that updates the context.tf file to the latest version from cloudposse/terraform-null-label
why
To support all the features of the context interface.
Published by cloudpossebot over 3 years ago
what
- update context.tf to v0.23.0
- minimum required Terraform version bumped to 0.13.0
- readme updated, Bridgecrew compliance badges added
why
- It allows for setting the letter case of tag names and labels
- we have dropped support for Terraform 0.12
- To be able see and fix the recommendations from Bridgecrew so we can position our modules as standards compliant
Published by cloudpossebot over 3 years ago
🤖 Automatic Updates
what
This is an auto-generated PR that updates the README.md and docs
why
To have most recent changes of README.md and doc from origin templates
Published by cloudpossebot over 3 years ago
what
- BridgeCrew compliance checks fix
- readme updated
- workflows updated
- default behaviour changed:
image_tag_mutabilitynowIMMUTABLEby default - default behaviour changed:
scan_images_on_pushenabled by default
why
- To be able to position our modules as standards compliant
- stay in sync with code
- to stay in sync with all repos
- To comply BridgeCrew check
references
Published by cloudpossebot over 3 years ago
what
- Upgrade to support Terraform 0.14 and bring up to current Cloud Posse standard
why
- Support Terraform 0.14
Published by github-actions[bot] over 3 years ago
what
- Remove the unused dependencies on hashicorp/local and hashicorp/template
why
- unused dependencies are unneeded