pull_through_cache_rules
Creates, updates, deletes or gets a pull_through_cache_rule resource or lists pull_through_cache_rules in a region
Overview
| Name | pull_through_cache_rules |
| Type | Resource |
| Description | The AWS::ECR::PullThroughCacheRule resource configures the upstream registry configuration details for an Amazon Elastic Container Registry (Amazon Private ECR) pull-through cache. |
| Id | aws.ecr.pull_through_cache_rules |
Fields
| Name | Datatype | Description |
|---|---|---|
ecr_repository_prefix | string | The ECRRepositoryPrefix is a custom alias for upstream registry url. |
upstream_registry_url | string | The upstreamRegistryUrl is the endpoint of upstream registry url of the public repository to be cached |
credential_arn | string | The Amazon Resource Name (ARN) of the AWS Secrets Manager secret that identifies the credentials to authenticate to the upstream registry. |
upstream_registry | string | The name of the upstream registry. |
region | string | AWS region. |
Methods
| Name | Accessible by | Required Params |
|---|---|---|
create_resource | INSERT | region |
delete_resource | DELETE | data__Identifier, region |
update_resource | UPDATE | data__Identifier, data__PatchDocument, region |
list_resources | SELECT | region |
get_resource | SELECT | data__Identifier, region |
SELECT examples
Gets all pull_through_cache_rules in a region.
SELECT
region,
ecr_repository_prefix,
upstream_registry_url,
credential_arn,
upstream_registry
FROM aws.ecr.pull_through_cache_rules
WHERE region = 'us-east-1';
Gets all properties from an individual pull_through_cache_rule.
SELECT
region,
ecr_repository_prefix,
upstream_registry_url,
credential_arn,
upstream_registry
FROM aws.ecr.pull_through_cache_rules
WHERE region = 'us-east-1' AND data__Identifier = '<EcrRepositoryPrefix>';
INSERT example
Use the following StackQL query and manifest file to create a new pull_through_cache_rule resource, using stack-deploy.
- Required Properties
- All Properties
- Manifest
/*+ create */
INSERT INTO aws.ecr.pull_through_cache_rules (
EcrRepositoryPrefix,
UpstreamRegistryUrl,
CredentialArn,
UpstreamRegistry,
region
)
SELECT
'{{ EcrRepositoryPrefix }}',
'{{ UpstreamRegistryUrl }}',
'{{ CredentialArn }}',
'{{ UpstreamRegistry }}',
'{{ region }}';
/*+ create */
INSERT INTO aws.ecr.pull_through_cache_rules (
EcrRepositoryPrefix,
UpstreamRegistryUrl,
CredentialArn,
UpstreamRegistry,
region
)
SELECT
'{{ EcrRepositoryPrefix }}',
'{{ UpstreamRegistryUrl }}',
'{{ CredentialArn }}',
'{{ UpstreamRegistry }}',
'{{ region }}';
version: 1
name: stack name
description: stack description
providers:
- aws
globals:
- name: region
value: '{{ vars.AWS_REGION }}'
resources:
- name: pull_through_cache_rule
props:
- name: EcrRepositoryPrefix
value: '{{ EcrRepositoryPrefix }}'
- name: UpstreamRegistryUrl
value: '{{ UpstreamRegistryUrl }}'
- name: CredentialArn
value: '{{ CredentialArn }}'
- name: UpstreamRegistry
value: '{{ UpstreamRegistry }}'
DELETE example
/*+ delete */
DELETE FROM aws.ecr.pull_through_cache_rules
WHERE data__Identifier = '<EcrRepositoryPrefix>'
AND region = 'us-east-1';
Permissions
To operate on the pull_through_cache_rules resource, the following permissions are required:
Create
ecr:DescribePullThroughCacheRules,
ecr:CreatePullThroughCacheRule,
ecr:DeletePullThroughCacheRule,
iam:CreateServiceLinkedRole,
secretsmanager:GetSecretValue
Read
ecr:DescribePullThroughCacheRules
Update
ecr:DescribePullThroughCacheRules,
ecr:CreatePullThroughCacheRule,
ecr:DeletePullThroughCacheRule,
iam:CreateServiceLinkedRole,
secretsmanager:GetSecretValue
Delete
ecr:DescribePullThroughCacheRules,
ecr:DeletePullThroughCacheRule
List
ecr:DescribePullThroughCacheRules