awsecr

package
v2.15.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 1, 2022 License: Apache-2.0 Imports: 9 Imported by: 18

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func AuthorizationToken_GrantRead 

func AuthorizationToken_GrantRead(grantee awsiam.IGrantable)

Grant access to retrieve an authorization token.

func CfnPublicRepository_CFN_RESOURCE_TYPE_NAME 

func CfnPublicRepository_CFN_RESOURCE_TYPE_NAME() *string

func CfnPublicRepository_IsCfnElement 

func CfnPublicRepository_IsCfnElement(x interface{}) *bool

Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).

Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.

Returns: The construct as a stack element or undefined if it is not a stack element.

func CfnPublicRepository_IsCfnResource 

func CfnPublicRepository_IsCfnResource(construct constructs.IConstruct) *bool

Check whether the given construct is a CfnResource.

func CfnPublicRepository_IsConstruct 

func CfnPublicRepository_IsConstruct(x interface{}) *bool

Checks if `x` is a construct.

Returns: true if `x` is an object created from a class which extends `Construct`. Deprecated: use `x instanceof Construct` instead

func CfnPullThroughCacheRule_CFN_RESOURCE_TYPE_NAME added in v2.13.0 

func CfnPullThroughCacheRule_CFN_RESOURCE_TYPE_NAME() *string

func CfnPullThroughCacheRule_IsCfnElement added in v2.13.0 

func CfnPullThroughCacheRule_IsCfnElement(x interface{}) *bool

Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).

Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.

Returns: The construct as a stack element or undefined if it is not a stack element.

func CfnPullThroughCacheRule_IsCfnResource added in v2.13.0 

func CfnPullThroughCacheRule_IsCfnResource(construct constructs.IConstruct) *bool

Check whether the given construct is a CfnResource.

func CfnPullThroughCacheRule_IsConstruct added in v2.13.0 

func CfnPullThroughCacheRule_IsConstruct(x interface{}) *bool

Checks if `x` is a construct.

Returns: true if `x` is an object created from a class which extends `Construct`. Deprecated: use `x instanceof Construct` instead

func CfnRegistryPolicy_CFN_RESOURCE_TYPE_NAME 

func CfnRegistryPolicy_CFN_RESOURCE_TYPE_NAME() *string

func CfnRegistryPolicy_IsCfnElement 

func CfnRegistryPolicy_IsCfnElement(x interface{}) *bool

Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).

Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.

Returns: The construct as a stack element or undefined if it is not a stack element.

func CfnRegistryPolicy_IsCfnResource 

func CfnRegistryPolicy_IsCfnResource(construct constructs.IConstruct) *bool

Check whether the given construct is a CfnResource.

func CfnRegistryPolicy_IsConstruct 

func CfnRegistryPolicy_IsConstruct(x interface{}) *bool

Checks if `x` is a construct.

Returns: true if `x` is an object created from a class which extends `Construct`. Deprecated: use `x instanceof Construct` instead

func CfnReplicationConfiguration_CFN_RESOURCE_TYPE_NAME 

func CfnReplicationConfiguration_CFN_RESOURCE_TYPE_NAME() *string

func CfnReplicationConfiguration_IsCfnElement 

func CfnReplicationConfiguration_IsCfnElement(x interface{}) *bool

Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).

Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.

Returns: The construct as a stack element or undefined if it is not a stack element.

func CfnReplicationConfiguration_IsCfnResource 

func CfnReplicationConfiguration_IsCfnResource(construct constructs.IConstruct) *bool

Check whether the given construct is a CfnResource.

func CfnReplicationConfiguration_IsConstruct 

func CfnReplicationConfiguration_IsConstruct(x interface{}) *bool

Checks if `x` is a construct.

Returns: true if `x` is an object created from a class which extends `Construct`. Deprecated: use `x instanceof Construct` instead

func CfnRepository_CFN_RESOURCE_TYPE_NAME 

func CfnRepository_CFN_RESOURCE_TYPE_NAME() *string

func CfnRepository_IsCfnElement 

func CfnRepository_IsCfnElement(x interface{}) *bool

Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).

Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.

Returns: The construct as a stack element or undefined if it is not a stack element.

func CfnRepository_IsCfnResource 

func CfnRepository_IsCfnResource(construct constructs.IConstruct) *bool

Check whether the given construct is a CfnResource.

func CfnRepository_IsConstruct 

func CfnRepository_IsConstruct(x interface{}) *bool

Checks if `x` is a construct.

Returns: true if `x` is an object created from a class which extends `Construct`. Deprecated: use `x instanceof Construct` instead

func NewCfnPublicRepository_Override 

func NewCfnPublicRepository_Override(c CfnPublicRepository, scope constructs.Construct, id *string, props *CfnPublicRepositoryProps)

Create a new `AWS::ECR::PublicRepository`.

func NewCfnPullThroughCacheRule_Override added in v2.13.0 

func NewCfnPullThroughCacheRule_Override(c CfnPullThroughCacheRule, scope constructs.Construct, id *string, props *CfnPullThroughCacheRuleProps)

Create a new `AWS::ECR::PullThroughCacheRule`.

func NewCfnRegistryPolicy_Override 

func NewCfnRegistryPolicy_Override(c CfnRegistryPolicy, scope constructs.Construct, id *string, props *CfnRegistryPolicyProps)

Create a new `AWS::ECR::RegistryPolicy`.

func NewCfnReplicationConfiguration_Override 

func NewCfnReplicationConfiguration_Override(c CfnReplicationConfiguration, scope constructs.Construct, id *string, props *CfnReplicationConfigurationProps)

Create a new `AWS::ECR::ReplicationConfiguration`.

func NewCfnRepository_Override 

func NewCfnRepository_Override(c CfnRepository, scope constructs.Construct, id *string, props *CfnRepositoryProps)

Create a new `AWS::ECR::Repository`.

func NewRepositoryBase_Override 

func NewRepositoryBase_Override(r RepositoryBase, scope constructs.Construct, id *string, props *awscdk.ResourceProps)

func NewRepositoryEncryption_Override added in v2.11.0 

func NewRepositoryEncryption_Override(r RepositoryEncryption, value *string)

func NewRepository_Override 

func NewRepository_Override(r Repository, scope constructs.Construct, id *string, props *RepositoryProps)

func PublicGalleryAuthorizationToken_GrantRead 

func PublicGalleryAuthorizationToken_GrantRead(grantee awsiam.IGrantable)

Grant access to retrieve an authorization token.

func RepositoryBase_IsConstruct 

func RepositoryBase_IsConstruct(x interface{}) *bool

Checks if `x` is a construct.

Returns: true if `x` is an object created from a class which extends `Construct`. Deprecated: use `x instanceof Construct` instead

func RepositoryBase_IsResource 

func RepositoryBase_IsResource(construct constructs.IConstruct) *bool

Check whether the given construct is a Resource.

func Repository_ArnForLocalRepository 

func Repository_ArnForLocalRepository(repositoryName *string, scope constructs.IConstruct, account *string) *string

Returns an ECR ARN for a repository that resides in the same account/region as the current stack.

func Repository_IsConstruct 

func Repository_IsConstruct(x interface{}) *bool

Checks if `x` is a construct.

Returns: true if `x` is an object created from a class which extends `Construct`. Deprecated: use `x instanceof Construct` instead

func Repository_IsResource 

func Repository_IsResource(construct constructs.IConstruct) *bool

Check whether the given construct is a Resource.

Types

type AuthorizationToken 

type AuthorizationToken interface {
}

Authorization token to access private ECR repositories in the current environment via Docker CLI.

TODO: EXAMPLE

See: https://docs.aws.amazon.com/AmazonECR/latest/userguide/registry_auth.html

type CfnPublicRepository 

type CfnPublicRepository interface {
	awscdk.CfnResource
	awscdk.IInspectable
	AttrArn() *string
	CfnOptions() awscdk.ICfnResourceOptions
	CfnProperties() *map[string]interface{}
	CfnResourceType() *string
	CreationStack() *[]*string
	LogicalId() *string
	Node() constructs.Node
	Ref() *string
	RepositoryCatalogData() interface{}
	SetRepositoryCatalogData(val interface{})
	RepositoryName() *string
	SetRepositoryName(val *string)
	RepositoryPolicyText() interface{}
	SetRepositoryPolicyText(val interface{})
	Stack() awscdk.Stack
	Tags() awscdk.TagManager
	UpdatedProperites() *map[string]interface{}
	AddDeletionOverride(path *string)
	AddDependsOn(target awscdk.CfnResource)
	AddMetadata(key *string, value interface{})
	AddOverride(path *string, value interface{})
	AddPropertyDeletionOverride(propertyPath *string)
	AddPropertyOverride(propertyPath *string, value interface{})
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions)
	GetAtt(attributeName *string) awscdk.Reference
	GetMetadata(key *string) interface{}
	Inspect(inspector awscdk.TreeInspector)
	OverrideLogicalId(newLogicalId *string)
	RenderProperties(props *map[string]interface{}) *map[string]interface{}
	ShouldSynthesize() *bool
	ToString() *string
	ValidateProperties(_properties interface{})
}

A CloudFormation `AWS::ECR::PublicRepository`.

The `AWS::ECR::PublicRepository` resource specifies an Amazon Elastic Container Registry Public (Amazon ECR Public) repository, where users can push and pull Docker images, Open Container Initiative (OCI) images, and OCI compatible artifacts. For more information, see [Amazon ECR public repositories](https://docs.aws.amazon.com/AmazonECR/latest/public/public-repositories.html) in the *Amazon ECR Public User Guide* .

TODO: EXAMPLE

func NewCfnPublicRepository 

func NewCfnPublicRepository(scope constructs.Construct, id *string, props *CfnPublicRepositoryProps) CfnPublicRepository

Create a new `AWS::ECR::PublicRepository`.

type CfnPublicRepositoryProps 

type CfnPublicRepositoryProps struct {
	// The details about the repository that are publicly visible in the Amazon ECR Public Gallery.
	//
	// For more information, see [Amazon ECR Public repository catalog data](https://docs.aws.amazon.com/AmazonECR/latest/public/public-repository-catalog-data.html) in the *Amazon ECR Public User Guide* .
	RepositoryCatalogData interface{} `json:"repositoryCatalogData" yaml:"repositoryCatalogData"`
	// The name to use for the public repository.
	//
	// The repository name may be specified on its own (such as `nginx-web-app` ) or it can be prepended with a namespace to group the repository into a category (such as `project-a/nginx-web-app` ). If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the repository name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .
	//
	// > If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.
	RepositoryName *string `json:"repositoryName" yaml:"repositoryName"`
	// The JSON repository policy text to apply to the public repository.
	//
	// For more information, see [Amazon ECR Public repository policies](https://docs.aws.amazon.com/AmazonECR/latest/public/public-repository-policies.html) in the *Amazon ECR Public User Guide* .
	RepositoryPolicyText interface{} `json:"repositoryPolicyText" yaml:"repositoryPolicyText"`
	// An array of key-value pairs to apply to this resource.
	Tags *[]*awscdk.CfnTag `json:"tags" yaml:"tags"`
}

Properties for defining a `CfnPublicRepository`.

TODO: EXAMPLE

type CfnPullThroughCacheRule added in v2.13.0 

type CfnPullThroughCacheRule interface {
	awscdk.CfnResource
	awscdk.IInspectable
	CfnOptions() awscdk.ICfnResourceOptions
	CfnProperties() *map[string]interface{}
	CfnResourceType() *string
	CreationStack() *[]*string
	EcrRepositoryPrefix() *string
	SetEcrRepositoryPrefix(val *string)
	LogicalId() *string
	Node() constructs.Node
	Ref() *string
	Stack() awscdk.Stack
	UpdatedProperites() *map[string]interface{}
	UpstreamRegistryUrl() *string
	SetUpstreamRegistryUrl(val *string)
	AddDeletionOverride(path *string)
	AddDependsOn(target awscdk.CfnResource)
	AddMetadata(key *string, value interface{})
	AddOverride(path *string, value interface{})
	AddPropertyDeletionOverride(propertyPath *string)
	AddPropertyOverride(propertyPath *string, value interface{})
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions)
	GetAtt(attributeName *string) awscdk.Reference
	GetMetadata(key *string) interface{}
	Inspect(inspector awscdk.TreeInspector)
	OverrideLogicalId(newLogicalId *string)
	RenderProperties(props *map[string]interface{}) *map[string]interface{}
	ShouldSynthesize() *bool
	ToString() *string
	ValidateProperties(_properties interface{})
}

A CloudFormation `AWS::ECR::PullThroughCacheRule`.

Creates a pull through cache rule. A pull through cache rule provides a way to cache images from an external public registry in your Amazon ECR private registry.

TODO: EXAMPLE

func NewCfnPullThroughCacheRule added in v2.13.0 

func NewCfnPullThroughCacheRule(scope constructs.Construct, id *string, props *CfnPullThroughCacheRuleProps) CfnPullThroughCacheRule

Create a new `AWS::ECR::PullThroughCacheRule`.

type CfnPullThroughCacheRuleProps added in v2.13.0 

type CfnPullThroughCacheRuleProps struct {
	// The Amazon ECR repository prefix associated with the pull through cache rule.
	EcrRepositoryPrefix *string `json:"ecrRepositoryPrefix" yaml:"ecrRepositoryPrefix"`
	// The upstream registry URL associated with the pull through cache rule.
	UpstreamRegistryUrl *string `json:"upstreamRegistryUrl" yaml:"upstreamRegistryUrl"`
}

Properties for defining a `CfnPullThroughCacheRule`.

TODO: EXAMPLE

type CfnRegistryPolicy 

type CfnRegistryPolicy interface {
	awscdk.CfnResource
	awscdk.IInspectable
	AttrRegistryId() *string
	CfnOptions() awscdk.ICfnResourceOptions
	CfnProperties() *map[string]interface{}
	CfnResourceType() *string
	CreationStack() *[]*string
	LogicalId() *string
	Node() constructs.Node
	PolicyText() interface{}
	SetPolicyText(val interface{})
	Ref() *string
	Stack() awscdk.Stack
	UpdatedProperites() *map[string]interface{}
	AddDeletionOverride(path *string)
	AddDependsOn(target awscdk.CfnResource)
	AddMetadata(key *string, value interface{})
	AddOverride(path *string, value interface{})
	AddPropertyDeletionOverride(propertyPath *string)
	AddPropertyOverride(propertyPath *string, value interface{})
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions)
	GetAtt(attributeName *string) awscdk.Reference
	GetMetadata(key *string) interface{}
	Inspect(inspector awscdk.TreeInspector)
	OverrideLogicalId(newLogicalId *string)
	RenderProperties(props *map[string]interface{}) *map[string]interface{}
	ShouldSynthesize() *bool
	ToString() *string
	ValidateProperties(_properties interface{})
}

A CloudFormation `AWS::ECR::RegistryPolicy`.

The `AWS::ECR::RegistryPolicy` resource creates or updates the permissions policy for a private registry.

A private registry policy is used to specify permissions for another AWS account and is used when configuring cross-account replication. For more information, see [Registry permissions](https://docs.aws.amazon.com/AmazonECR/latest/userguide/registry-permissions.html) in the *Amazon Elastic Container Registry User Guide* .

TODO: EXAMPLE

func NewCfnRegistryPolicy 

func NewCfnRegistryPolicy(scope constructs.Construct, id *string, props *CfnRegistryPolicyProps) CfnRegistryPolicy

Create a new `AWS::ECR::RegistryPolicy`.

type CfnRegistryPolicyProps 

type CfnRegistryPolicyProps struct {
	// The JSON policy text for your registry.
	PolicyText interface{} `json:"policyText" yaml:"policyText"`
}

Properties for defining a `CfnRegistryPolicy`.

TODO: EXAMPLE

type CfnReplicationConfiguration 

type CfnReplicationConfiguration interface {
	awscdk.CfnResource
	awscdk.IInspectable
	AttrRegistryId() *string
	CfnOptions() awscdk.ICfnResourceOptions
	CfnProperties() *map[string]interface{}
	CfnResourceType() *string
	CreationStack() *[]*string
	LogicalId() *string
	Node() constructs.Node
	Ref() *string
	ReplicationConfiguration() interface{}
	SetReplicationConfiguration(val interface{})
	Stack() awscdk.Stack
	UpdatedProperites() *map[string]interface{}
	AddDeletionOverride(path *string)
	AddDependsOn(target awscdk.CfnResource)
	AddMetadata(key *string, value interface{})
	AddOverride(path *string, value interface{})
	AddPropertyDeletionOverride(propertyPath *string)
	AddPropertyOverride(propertyPath *string, value interface{})
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions)
	GetAtt(attributeName *string) awscdk.Reference
	GetMetadata(key *string) interface{}
	Inspect(inspector awscdk.TreeInspector)
	OverrideLogicalId(newLogicalId *string)
	RenderProperties(props *map[string]interface{}) *map[string]interface{}
	ShouldSynthesize() *bool
	ToString() *string
	ValidateProperties(_properties interface{})
}

A CloudFormation `AWS::ECR::ReplicationConfiguration`.

The `AWS::ECR::ReplicationConfiguration` resource creates or updates the replication configuration for a private registry. The first time a replication configuration is applied to a private registry, a service-linked IAM role is created in your account for the replication process. For more information, see [Using Service-Linked Roles for Amazon ECR](https://docs.aws.amazon.com/AmazonECR/latest/userguide/using-service-linked-roles.html) in the *Amazon Elastic Container Registry User Guide* .

> When configuring cross-account replication, the destination account must grant the source account permission to replicate. This permission is controlled using a private registry permissions policy. For more information, see `AWS::ECR::RegistryPolicy` .

TODO: EXAMPLE

func NewCfnReplicationConfiguration 

func NewCfnReplicationConfiguration(scope constructs.Construct, id *string, props *CfnReplicationConfigurationProps) CfnReplicationConfiguration

Create a new `AWS::ECR::ReplicationConfiguration`.

type CfnReplicationConfigurationProps 

type CfnReplicationConfigurationProps struct {
	// The replication configuration for a registry.
	ReplicationConfiguration interface{} `json:"replicationConfiguration" yaml:"replicationConfiguration"`
}

Properties for defining a `CfnReplicationConfiguration`.

TODO: EXAMPLE

type CfnReplicationConfiguration_ReplicationConfigurationProperty 

type CfnReplicationConfiguration_ReplicationConfigurationProperty struct {
	// An array of objects representing the replication destinations and repository filters for a replication configuration.
	Rules interface{} `json:"rules" yaml:"rules"`
}

The replication configuration for a registry.

TODO: EXAMPLE

type CfnReplicationConfiguration_ReplicationDestinationProperty 

type CfnReplicationConfiguration_ReplicationDestinationProperty struct {
	// The Region to replicate to.
	Region *string `json:"region" yaml:"region"`
	// The AWS account ID of the Amazon ECR private registry to replicate to.
	//
	// When configuring cross-Region replication within your own registry, specify your own account ID.
	RegistryId *string `json:"registryId" yaml:"registryId"`
}

An array of objects representing the destination for a replication rule.

TODO: EXAMPLE

type CfnReplicationConfiguration_ReplicationRuleProperty 

type CfnReplicationConfiguration_ReplicationRuleProperty struct {
	// An array of objects representing the destination for a replication rule.
	Destinations interface{} `json:"destinations" yaml:"destinations"`
	// An array of objects representing the filters for a replication rule.
	//
	// Specifying a repository filter for a replication rule provides a method for controlling which repositories in a private registry are replicated.
	RepositoryFilters interface{} `json:"repositoryFilters" yaml:"repositoryFilters"`
}

An array of objects representing the replication destinations and repository filters for a replication configuration.

TODO: EXAMPLE

type CfnReplicationConfiguration_RepositoryFilterProperty 

type CfnReplicationConfiguration_RepositoryFilterProperty struct {
	// The repository filter details.
	//
	// When the `PREFIX_MATCH` filter type is specified, this value is required and should be the repository name prefix to configure replication for.
	Filter *string `json:"filter" yaml:"filter"`
	// The repository filter type.
	//
	// The only supported value is `PREFIX_MATCH` , which is a repository name prefix specified with the `filter` parameter.
	FilterType *string `json:"filterType" yaml:"filterType"`
}

The filter settings used with image replication.

Specifying a repository filter to a replication rule provides a method for controlling which repositories in a private registry are replicated. If no repository filter is specified, all images in the repository are replicated.

TODO: EXAMPLE

type CfnRepository 

type CfnRepository interface {
	awscdk.CfnResource
	awscdk.IInspectable
	AttrArn() *string
	AttrRepositoryUri() *string
	CfnOptions() awscdk.ICfnResourceOptions
	CfnProperties() *map[string]interface{}
	CfnResourceType() *string
	CreationStack() *[]*string
	EncryptionConfiguration() interface{}
	SetEncryptionConfiguration(val interface{})
	ImageScanningConfiguration() interface{}
	SetImageScanningConfiguration(val interface{})
	ImageTagMutability() *string
	SetImageTagMutability(val *string)
	LifecyclePolicy() interface{}
	SetLifecyclePolicy(val interface{})
	LogicalId() *string
	Node() constructs.Node
	Ref() *string
	RepositoryName() *string
	SetRepositoryName(val *string)
	RepositoryPolicyText() interface{}
	SetRepositoryPolicyText(val interface{})
	Stack() awscdk.Stack
	Tags() awscdk.TagManager
	UpdatedProperites() *map[string]interface{}
	AddDeletionOverride(path *string)
	AddDependsOn(target awscdk.CfnResource)
	AddMetadata(key *string, value interface{})
	AddOverride(path *string, value interface{})
	AddPropertyDeletionOverride(propertyPath *string)
	AddPropertyOverride(propertyPath *string, value interface{})
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions)
	GetAtt(attributeName *string) awscdk.Reference
	GetMetadata(key *string) interface{}
	Inspect(inspector awscdk.TreeInspector)
	OverrideLogicalId(newLogicalId *string)
	RenderProperties(props *map[string]interface{}) *map[string]interface{}
	ShouldSynthesize() *bool
	ToString() *string
	ValidateProperties(_properties interface{})
}

A CloudFormation `AWS::ECR::Repository`.

The `AWS::ECR::Repository` resource specifies an Amazon Elastic Container Registry (Amazon ECR) repository, where users can push and pull Docker images, Open Container Initiative (OCI) images, and OCI compatible artifacts. For more information, see [Amazon ECR private repositories](https://docs.aws.amazon.com/AmazonECR/latest/userguide/Repositories.html) in the *Amazon ECR User Guide* .

TODO: EXAMPLE

func NewCfnRepository 

func NewCfnRepository(scope constructs.Construct, id *string, props *CfnRepositoryProps) CfnRepository

Create a new `AWS::ECR::Repository`.

type CfnRepositoryProps 

type CfnRepositoryProps struct {
	// The encryption configuration for the repository.
	//
	// This determines how the contents of your repository are encrypted at rest.
	EncryptionConfiguration interface{} `json:"encryptionConfiguration" yaml:"encryptionConfiguration"`
	// The image scanning configuration for the repository.
	//
	// This determines whether images are scanned for known vulnerabilities after being pushed to the repository.
	ImageScanningConfiguration interface{} `json:"imageScanningConfiguration" yaml:"imageScanningConfiguration"`
	// The tag mutability setting for the repository.
	//
	// If this parameter is omitted, the default setting of `MUTABLE` will be used which will allow image tags to be overwritten. If `IMMUTABLE` is specified, all image tags within the repository will be immutable which will prevent them from being overwritten.
	ImageTagMutability *string `json:"imageTagMutability" yaml:"imageTagMutability"`
	// Creates or updates a lifecycle policy.
	//
	// For information about lifecycle policy syntax, see [Lifecycle policy template](https://docs.aws.amazon.com/AmazonECR/latest/userguide/LifecyclePolicies.html) .
	LifecyclePolicy interface{} `json:"lifecyclePolicy" yaml:"lifecyclePolicy"`
	// The name to use for the repository.
	//
	// The repository name may be specified on its own (such as `nginx-web-app` ) or it can be prepended with a namespace to group the repository into a category (such as `project-a/nginx-web-app` ). If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the repository name. For more information, see [Name type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .
	//
	// > If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.
	RepositoryName *string `json:"repositoryName" yaml:"repositoryName"`
	// The JSON repository policy text to apply to the repository.
	//
	// For more information, see [Amazon ECR repository policies](https://docs.aws.amazon.com/AmazonECR/latest/userguide/repository-policy-examples.html) in the *Amazon Elastic Container Registry User Guide* .
	RepositoryPolicyText interface{} `json:"repositoryPolicyText" yaml:"repositoryPolicyText"`
	// An array of key-value pairs to apply to this resource.
	Tags *[]*awscdk.CfnTag `json:"tags" yaml:"tags"`
}

Properties for defining a `CfnRepository`.

TODO: EXAMPLE

type CfnRepository_EncryptionConfigurationProperty 

type CfnRepository_EncryptionConfigurationProperty struct {
	// The encryption type to use.
	//
	// If you use the `KMS` encryption type, the contents of the repository will be encrypted using server-side encryption with AWS Key Management Service key stored in AWS KMS . When you use AWS KMS to encrypt your data, you can either use the default AWS managed AWS KMS key for Amazon ECR, or specify your own AWS KMS key, which you already created. For more information, see [Protecting data using server-side encryption with an AWS KMS key stored in AWS Key Management Service (SSE-KMS)](https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingKMSEncryption.html) in the *Amazon Simple Storage Service Console Developer Guide* .
	//
	// If you use the `AES256` encryption type, Amazon ECR uses server-side encryption with Amazon S3-managed encryption keys which encrypts the images in the repository using an AES-256 encryption algorithm. For more information, see [Protecting data using server-side encryption with Amazon S3-managed encryption keys (SSE-S3)](https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingServerSideEncryption.html) in the *Amazon Simple Storage Service Console Developer Guide* .
	EncryptionType *string `json:"encryptionType" yaml:"encryptionType"`
	// If you use the `KMS` encryption type, specify the AWS KMS key to use for encryption.
	//
	// The alias, key ID, or full ARN of the AWS KMS key can be specified. The key must exist in the same Region as the repository. If no key is specified, the default AWS managed AWS KMS key for Amazon ECR will be used.
	KmsKey *string `json:"kmsKey" yaml:"kmsKey"`
}

The encryption configuration for the repository. This determines how the contents of your repository are encrypted at rest.

By default, when no encryption configuration is set or the `AES256` encryption type is used, Amazon ECR uses server-side encryption with Amazon S3-managed encryption keys which encrypts your data at rest using an AES-256 encryption algorithm. This does not require any action on your part.

For more control over the encryption of the contents of your repository, you can use server-side encryption with AWS Key Management Service key stored in AWS Key Management Service ( AWS KMS ) to encrypt your images. For more information, see [Amazon ECR encryption at rest](https://docs.aws.amazon.com/AmazonECR/latest/userguide/encryption-at-rest.html) in the *Amazon Elastic Container Registry User Guide* .

TODO: EXAMPLE

type CfnRepository_ImageScanningConfigurationProperty 

type CfnRepository_ImageScanningConfigurationProperty struct {
	// The setting that determines whether images are scanned after being pushed to a repository.
	//
	// If set to `true` , images will be scanned after being pushed. If this parameter is not specified, it will default to `false` and images will not be scanned unless a scan is manually started.
	ScanOnPush interface{} `json:"scanOnPush" yaml:"scanOnPush"`
}

The image scanning configuration for a repository.

TODO: EXAMPLE

type CfnRepository_LifecyclePolicyProperty 

type CfnRepository_LifecyclePolicyProperty struct {
	// The JSON repository policy text to apply to the repository.
	LifecyclePolicyText *string `json:"lifecyclePolicyText" yaml:"lifecyclePolicyText"`
	// The AWS account ID associated with the registry that contains the repository.
	//
	// If you do not specify a registry, the default registry is assumed.
	RegistryId *string `json:"registryId" yaml:"registryId"`
}

The `LifecyclePolicy` property type specifies a lifecycle policy.

For information about lifecycle policy syntax, see [Lifecycle policy template](https://docs.aws.amazon.com/AmazonECR/latest/userguide/LifecyclePolicies.html) in the *Amazon ECR User Guide* .

TODO: EXAMPLE

type IRepository 

type IRepository interface {
	awscdk.IResource
	// Add a policy statement to the repository's resource policy.
	AddToResourcePolicy(statement awsiam.PolicyStatement) *awsiam.AddToResourcePolicyResult
	// Grant the given principal identity permissions to perform the actions on this repository.
	Grant(grantee awsiam.IGrantable, actions ...*string) awsiam.Grant
	// Grant the given identity permissions to pull images in this repository.
	GrantPull(grantee awsiam.IGrantable) awsiam.Grant
	// Grant the given identity permissions to pull and push images to this repository.
	GrantPullPush(grantee awsiam.IGrantable) awsiam.Grant
	// Define a CloudWatch event that triggers when something happens to this repository.
	//
	// Requires that there exists at least one CloudTrail Trail in your account
	// that captures the event. This method will not create the Trail.
	OnCloudTrailEvent(id *string, options *awsevents.OnEventOptions) awsevents.Rule
	// Defines an AWS CloudWatch event rule that can trigger a target when an image is pushed to this repository.
	//
	// Requires that there exists at least one CloudTrail Trail in your account
	// that captures the event. This method will not create the Trail.
	OnCloudTrailImagePushed(id *string, options *OnCloudTrailImagePushedOptions) awsevents.Rule
	// Defines a CloudWatch event rule which triggers for repository events.
	//
	// Use
	// `rule.addEventPattern(pattern)` to specify a filter.
	OnEvent(id *string, options *awsevents.OnEventOptions) awsevents.Rule
	// Defines an AWS CloudWatch event rule that can trigger a target when the image scan is completed.
	OnImageScanCompleted(id *string, options *OnImageScanCompletedOptions) awsevents.Rule
	// Returns the URI of the repository for a certain tag. Can be used in `docker push/pull`.
	//
	// ACCOUNT.dkr.ecr.REGION.amazonaws.com/REPOSITORY[@DIGEST]
	RepositoryUriForDigest(digest *string) *string
	// Returns the URI of the repository for a certain tag. Can be used in `docker push/pull`.
	//
	// ACCOUNT.dkr.ecr.REGION.amazonaws.com/REPOSITORY[:TAG]
	RepositoryUriForTag(tag *string) *string
	// The ARN of the repository.
	RepositoryArn() *string
	// The name of the repository.
	RepositoryName() *string
	// The URI of this repository (represents the latest image):.
	//
	// ACCOUNT.dkr.ecr.REGION.amazonaws.com/REPOSITORY
	RepositoryUri() *string
}

Represents an ECR repository.

func Repository_FromRepositoryArn 

func Repository_FromRepositoryArn(scope constructs.Construct, id *string, repositoryArn *string) IRepository

func Repository_FromRepositoryAttributes 

func Repository_FromRepositoryAttributes(scope constructs.Construct, id *string, attrs *RepositoryAttributes) IRepository

Import a repository.

func Repository_FromRepositoryName 

func Repository_FromRepositoryName(scope constructs.Construct, id *string, repositoryName *string) IRepository

type LifecycleRule 

type LifecycleRule struct {
	// Describes the purpose of the rule.
	Description *string `json:"description" yaml:"description"`
	// The maximum age of images to retain. The value must represent a number of days.
	//
	// Specify exactly one of maxImageCount and maxImageAge.
	MaxImageAge awscdk.Duration `json:"maxImageAge" yaml:"maxImageAge"`
	// The maximum number of images to retain.
	//
	// Specify exactly one of maxImageCount and maxImageAge.
	MaxImageCount *float64 `json:"maxImageCount" yaml:"maxImageCount"`
	// Controls the order in which rules are evaluated (low to high).
	//
	// All rules must have a unique priority, where lower numbers have
	// higher precedence. The first rule that matches is applied to an image.
	//
	// There can only be one rule with a tagStatus of Any, and it must have
	// the highest rulePriority.
	//
	// All rules without a specified priority will have incrementing priorities
	// automatically assigned to them, higher than any rules that DO have priorities.
	RulePriority *float64 `json:"rulePriority" yaml:"rulePriority"`
	// Select images that have ALL the given prefixes in their tag.
	//
	// Only if tagStatus == TagStatus.Tagged
	TagPrefixList *[]*string `json:"tagPrefixList" yaml:"tagPrefixList"`
	// Select images based on tags.
	//
	// Only one rule is allowed to select untagged images, and it must
	// have the highest rulePriority.
	TagStatus TagStatus `json:"tagStatus" yaml:"tagStatus"`
}

An ECR life cycle rule.

TODO: EXAMPLE

type OnCloudTrailImagePushedOptions 

type OnCloudTrailImagePushedOptions struct {
	// A description of the rule's purpose.
	Description *string `json:"description" yaml:"description"`
	// Additional restrictions for the event to route to the specified target.
	//
	// The method that generates the rule probably imposes some type of event
	// filtering. The filtering implied by what you pass here is added
	// on top of that filtering.
	// See: https://docs.aws.amazon.com/eventbridge/latest/userguide/eventbridge-and-event-patterns.html
	//
	EventPattern *awsevents.EventPattern `json:"eventPattern" yaml:"eventPattern"`
	// A name for the rule.
	RuleName *string `json:"ruleName" yaml:"ruleName"`
	// The target to register for the event.
	Target awsevents.IRuleTarget `json:"target" yaml:"target"`
	// Only watch changes to this image tag.
	ImageTag *string `json:"imageTag" yaml:"imageTag"`
}

Options for the onCloudTrailImagePushed method.

TODO: EXAMPLE

type OnImageScanCompletedOptions 

type OnImageScanCompletedOptions struct {
	// A description of the rule's purpose.
	Description *string `json:"description" yaml:"description"`
	// Additional restrictions for the event to route to the specified target.
	//
	// The method that generates the rule probably imposes some type of event
	// filtering. The filtering implied by what you pass here is added
	// on top of that filtering.
	// See: https://docs.aws.amazon.com/eventbridge/latest/userguide/eventbridge-and-event-patterns.html
	//
	EventPattern *awsevents.EventPattern `json:"eventPattern" yaml:"eventPattern"`
	// A name for the rule.
	RuleName *string `json:"ruleName" yaml:"ruleName"`
	// The target to register for the event.
	Target awsevents.IRuleTarget `json:"target" yaml:"target"`
	// Only watch changes to the image tags spedified.
	//
	// Leave it undefined to watch the full repository.
	ImageTags *[]*string `json:"imageTags" yaml:"imageTags"`
}

Options for the OnImageScanCompleted method.

TODO: EXAMPLE

type PublicGalleryAuthorizationToken 

type PublicGalleryAuthorizationToken interface {
}

Authorization token to access the global public ECR Gallery via Docker CLI.

TODO: EXAMPLE

See: https://docs.aws.amazon.com/AmazonECR/latest/public/public-registries.html#public-registry-auth

type Repository 

type Repository interface {
	RepositoryBase
	Env() *awscdk.ResourceEnvironment
	Node() constructs.Node
	PhysicalName() *string
	RepositoryArn() *string
	RepositoryName() *string
	RepositoryUri() *string
	Stack() awscdk.Stack
	AddLifecycleRule(rule *LifecycleRule)
	AddToResourcePolicy(statement awsiam.PolicyStatement) *awsiam.AddToResourcePolicyResult
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
	GeneratePhysicalName() *string
	GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
	GetResourceNameAttribute(nameAttr *string) *string
	Grant(grantee awsiam.IGrantable, actions ...*string) awsiam.Grant
	GrantPull(grantee awsiam.IGrantable) awsiam.Grant
	GrantPullPush(grantee awsiam.IGrantable) awsiam.Grant
	OnCloudTrailEvent(id *string, options *awsevents.OnEventOptions) awsevents.Rule
	OnCloudTrailImagePushed(id *string, options *OnCloudTrailImagePushedOptions) awsevents.Rule
	OnEvent(id *string, options *awsevents.OnEventOptions) awsevents.Rule
	OnImageScanCompleted(id *string, options *OnImageScanCompletedOptions) awsevents.Rule
	RepositoryUriForDigest(digest *string) *string
	RepositoryUriForTag(tag *string) *string
	ToString() *string
}

Define an ECR repository.

TODO: EXAMPLE

func NewRepository 

func NewRepository(scope constructs.Construct, id *string, props *RepositoryProps) Repository

type RepositoryAttributes 

type RepositoryAttributes struct {
	RepositoryArn  *string `json:"repositoryArn" yaml:"repositoryArn"`
	RepositoryName *string `json:"repositoryName" yaml:"repositoryName"`
}

TODO: EXAMPLE

type RepositoryBase 

type RepositoryBase interface {
	awscdk.Resource
	IRepository
	Env() *awscdk.ResourceEnvironment
	Node() constructs.Node
	PhysicalName() *string
	RepositoryArn() *string
	RepositoryName() *string
	RepositoryUri() *string
	Stack() awscdk.Stack
	AddToResourcePolicy(statement awsiam.PolicyStatement) *awsiam.AddToResourcePolicyResult
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
	GeneratePhysicalName() *string
	GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
	GetResourceNameAttribute(nameAttr *string) *string
	Grant(grantee awsiam.IGrantable, actions ...*string) awsiam.Grant
	GrantPull(grantee awsiam.IGrantable) awsiam.Grant
	GrantPullPush(grantee awsiam.IGrantable) awsiam.Grant
	OnCloudTrailEvent(id *string, options *awsevents.OnEventOptions) awsevents.Rule
	OnCloudTrailImagePushed(id *string, options *OnCloudTrailImagePushedOptions) awsevents.Rule
	OnEvent(id *string, options *awsevents.OnEventOptions) awsevents.Rule
	OnImageScanCompleted(id *string, options *OnImageScanCompletedOptions) awsevents.Rule
	RepositoryUriForDigest(digest *string) *string
	RepositoryUriForTag(tag *string) *string
	ToString() *string
}

Base class for ECR repository.

Reused between imported repositories and owned repositories.

type RepositoryEncryption added in v2.11.0 

type RepositoryEncryption interface {
	Value() *string
}

Indicates whether server-side encryption is enabled for the object, and whether that encryption is from the AWS Key Management Service (AWS KMS) or from Amazon S3 managed encryption (SSE-S3).

TODO: EXAMPLE

See: https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingMetadata.html#SysMetadata

func NewRepositoryEncryption added in v2.11.0 

func NewRepositoryEncryption(value *string) RepositoryEncryption

func RepositoryEncryption_AES_256 added in v2.11.0 

func RepositoryEncryption_AES_256() RepositoryEncryption

func RepositoryEncryption_KMS added in v2.11.0 

func RepositoryEncryption_KMS() RepositoryEncryption

type RepositoryProps 

type RepositoryProps struct {
	// The kind of server-side encryption to apply to this repository.
	//
	// If you choose KMS, you can specify a KMS key via `encryptionKey`. If
	// encryptionKey is not specified, an AWS managed KMS key is used.
	Encryption RepositoryEncryption `json:"encryption" yaml:"encryption"`
	// External KMS key to use for repository encryption.
	//
	// The 'encryption' property must be either not specified or set to "KMS".
	// An error will be emitted if encryption is set to "AES256".
	EncryptionKey awskms.IKey `json:"encryptionKey" yaml:"encryptionKey"`
	// Enable the scan on push when creating the repository.
	ImageScanOnPush *bool `json:"imageScanOnPush" yaml:"imageScanOnPush"`
	// The tag mutability setting for the repository.
	//
	// If this parameter is omitted, the default setting of MUTABLE will be used which will allow image tags to be overwritten.
	ImageTagMutability TagMutability `json:"imageTagMutability" yaml:"imageTagMutability"`
	// The AWS account ID associated with the registry that contains the repository.
	// See: https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_PutLifecyclePolicy.html
	//
	LifecycleRegistryId *string `json:"lifecycleRegistryId" yaml:"lifecycleRegistryId"`
	// Life cycle rules to apply to this registry.
	LifecycleRules *[]*LifecycleRule `json:"lifecycleRules" yaml:"lifecycleRules"`
	// Determine what happens to the repository when the resource/stack is deleted.
	RemovalPolicy awscdk.RemovalPolicy `json:"removalPolicy" yaml:"removalPolicy"`
	// Name for this repository.
	RepositoryName *string `json:"repositoryName" yaml:"repositoryName"`
}

TODO: EXAMPLE

type TagMutability 

type TagMutability string

The tag mutability setting for your repository.

TODO: EXAMPLE 

const (
	TagMutability_MUTABLE   TagMutability = "MUTABLE"
	TagMutability_IMMUTABLE TagMutability = "IMMUTABLE"
)

type TagStatus 

type TagStatus string

Select images based on tags. 

const (
	TagStatus_ANY      TagStatus = "ANY"
	TagStatus_TAGGED   TagStatus = "TAGGED"
	TagStatus_UNTAGGED TagStatus = "UNTAGGED"
)

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.