repository_creation_templates

Creates, updates, deletes or gets a repository_creation_template resource or lists repository_creation_templates in a region

Overview

Name	`repository_creation_templates`
Type	Resource
Description	AWS::ECR::RepositoryCreationTemplate is used to create repository with configuration from a pre-defined template.
Id	`aws.ecr.repository_creation_templates`

Fields

Name	Datatype	Description
`prefix`	`string`	The prefix use to match the repository name and apply the template.
`description`	`string`	The description of the template.
`image_tag_mutability`	`string`	The image tag mutability setting for the repository.
`repository_policy`	`string`	The JSON repository policy text to apply to the repository. For more information, see https://docs.aws.amazon.com/AmazonECR/latest/userguide/RepositoryPolicyExamples.html
`lifecycle_policy`	`string`	The JSON lifecycle policy text to apply to the repository. For information about lifecycle policy syntax, see https://docs.aws.amazon.com/AmazonECR/latest/userguide/LifecyclePolicies.html
`encryption_configuration`	`object`	The encryption configuration for the repository. This determines how the contents of your repository are encrypted at rest. By default, when no encryption configuration is set or the AES256 encryption type is used, Amazon ECR uses server-side encryption with Amazon S3-managed encryption keys which encrypts your data at rest using an AES-256 encryption algorithm. This does not require any action on your part. For more information, see https://docs.aws.amazon.com/AmazonECR/latest/userguide/encryption-at-rest.html
`resource_tags`	`array`	An array of key-value pairs to apply to this resource.
`applied_for`	`array`	A list of enumerable Strings representing the repository creation scenarios that the template will apply towards.
`custom_role_arn`	`string`	The ARN of the role to be assumed by ECR. This role must be in the same account as the registry that you are configuring.
`created_at`	`string`	Create timestamp of the template.
`updated_at`	`string`	Update timestamp of the template.
`region`	`string`	AWS region.

For more information, see AWS::ECR::RepositoryCreationTemplate.

Methods

Name	Accessible by	Required Params
`create_resource`	`INSERT`	`Prefix, AppliedFor, region`
`delete_resource`	`DELETE`	`data__Identifier, region`
`update_resource`	`UPDATE`	`data__Identifier, data__PatchDocument, region`
`list_resources`	`SELECT`	`region`
`get_resource`	`SELECT`	`data__Identifier, region`

`SELECT` examples

Gets all repository_creation_templates in a region.

SELECT
region,
prefix,
description,
image_tag_mutability,
repository_policy,
lifecycle_policy,
encryption_configuration,
resource_tags,
applied_for,
custom_role_arn,
created_at,
updated_at
FROM aws.ecr.repository_creation_templates
WHERE region = 'us-east-1';

Gets all properties from an individual repository_creation_template.

SELECT
region,
prefix,
description,
image_tag_mutability,
repository_policy,
lifecycle_policy,
encryption_configuration,
resource_tags,
applied_for,
custom_role_arn,
created_at,
updated_at
FROM aws.ecr.repository_creation_templates
WHERE region = 'us-east-1' AND data__Identifier = '<Prefix>';

`INSERT` example

Use the following StackQL query and manifest file to create a new repository_creation_template resource, using stack-deploy.

Required Properties
All Properties
Manifest

/*+ create */
INSERT INTO aws.ecr.repository_creation_templates (
 Prefix,
 AppliedFor,
 region
)
SELECT 
'{{ Prefix }}',
 '{{ AppliedFor }}',
'{{ region }}';

/*+ create */
INSERT INTO aws.ecr.repository_creation_templates (
 Prefix,
 Description,
 ImageTagMutability,
 RepositoryPolicy,
 LifecyclePolicy,
 EncryptionConfiguration,
 ResourceTags,
 AppliedFor,
 CustomRoleArn,
 region
)
SELECT 
 '{{ Prefix }}',
 '{{ Description }}',
 '{{ ImageTagMutability }}',
 '{{ RepositoryPolicy }}',
 '{{ LifecyclePolicy }}',
 '{{ EncryptionConfiguration }}',
 '{{ ResourceTags }}',
 '{{ AppliedFor }}',
 '{{ CustomRoleArn }}',
 '{{ region }}';

version: 1
name: stack name
description: stack description
providers:
  - aws
globals:
  - name: region
    value: '{{ vars.AWS_REGION }}'
resources:
  - name: repository_creation_template
    props:
      - name: Prefix
        value: '{{ Prefix }}'
      - name: Description
        value: '{{ Description }}'
      - name: ImageTagMutability
        value: '{{ ImageTagMutability }}'
      - name: RepositoryPolicy
        value: '{{ RepositoryPolicy }}'
      - name: LifecyclePolicy
        value: '{{ LifecyclePolicy }}'
      - name: EncryptionConfiguration
        value:
          EncryptionType: '{{ EncryptionType }}'
          KmsKey: '{{ KmsKey }}'
      - name: ResourceTags
        value:
          - Key: '{{ Key }}'
            Value: '{{ Value }}'
      - name: AppliedFor
        value:
          - '{{ AppliedFor[0] }}'
      - name: CustomRoleArn
        value: '{{ CustomRoleArn }}'

`DELETE` example

/*+ delete */
DELETE FROM aws.ecr.repository_creation_templates
WHERE data__Identifier = '<Prefix>'
AND region = 'us-east-1';

Permissions

To operate on the repository_creation_templates resource, the following permissions are required:

Create

ecr:CreateRepositoryCreationTemplate,
ecr:PutLifecyclePolicy,
ecr:SetRepositoryPolicy,
ecr:CreateRepository,
iam:CreateServiceLinkedRole,
iam:PassRole

Read

ecr:DescribeRepositoryCreationTemplates

Update

ecr:DescribeRepositoryCreationTemplates,
ecr:UpdateRepositoryCreationTemplate,
ecr:PutLifecyclePolicy,
ecr:SetRepositoryPolicy,
ecr:CreateRepository,
iam:CreateServiceLinkedRole,
iam:PassRole

Delete

ecr:DeleteRepositoryCreationTemplate

List

ecr:DescribeRepositoryCreationTemplates

Overview​

Fields​

Methods​

SELECT examples​

INSERT example​

DELETE example​

Permissions​

Create​

Read​

Update​

Delete​

List​