AWS ECR
Defines the settings for AWS ECR integration, including CI/CD and assets
Properties
| Name | Type | Description | Required |
|---|---|---|---|
| ci (CI/CD Image Push Configuration) | object | Set up credentials for writing and pushing Docker images to ECR as part of your CI/CD pipelines | yes |
| read (Cross-Account Pull Access) | object | Configure permissions for pulling Docker images from a centralized ECR repository across AWS accounts | no |
| setup (Storage configuration) | object | Configure base settings for storing Docker builds in your ECR repository | yes |
| repository_provider (Provider) | string | Default: "aws-ecr"Constant Value: "aws-ecr" | no |
Additional Properties: not allowed
Example
{
"ci": {
"region": "us-east-1"
},
"read": {
"region": "us-east-1",
"role_arn": "arn:aws:iam::123456789012:role/ecr-read-role"
},
"setup": {
"region": "us-east-1",
"role_arn": "arn:aws:iam::123456789012:role/ecr-access-role"
},
"repository_provider": "aws-ecr"
}
ci: CI/CD Image Push Configuration
Set up credentials for writing and pushing Docker images to ECR as part of your CI/CD pipelines
Properties
| Name | Type | Description | Required |
|---|---|---|---|
| region (AWS Region) | string | AWS region for CI/CD operations Enum: "us-east-1", "us-east-2", "us-west-1", "us-west-2", "eu-west-1", "eu-west-2", "eu-west-3", "eu-central-1", "eu-north-1", "ap-southeast-1", "ap-southeast-2", "ap-northeast-1", "ap-northeast-2", "ap-south-1", "sa-east-1", "ca-central-1", "me-south-1", "af-south-1" | yes |
| access_key | string | AWS access key for CI/CD pipeline Minimal Length: 20Maximal Length: 20Pattern: ^[A-Z0-9]{20}$ | yes |
| secret_key | string | AWS secret key for CI/CD pipeline Minimal Length: 1 | yes |
Additional Properties: not allowed
Example
{
"region": "us-east-1"
}
read: Cross-Account Pull Access
Configure permissions for pulling Docker images from a centralized ECR repository across AWS accounts
Properties
| Name | Type | Description | Required |
|---|---|---|---|
| region (ECR Region) | string | AWS region where the centralized Amazon ECR repository is located Enum: "us-east-1", "us-east-2", "us-west-1", "us-west-2", "eu-west-1", "eu-west-2", "eu-west-3", "eu-central-1", "eu-north-1", "ap-southeast-1", "ap-southeast-2", "ap-northeast-1", "ap-northeast-2", "ap-south-1", "sa-east-1", "ca-central-1", "me-south-1", "af-south-1" | |
| role_arn (Assume Role ARN) | string | Intermediate IAM role ARN that will be assumed to pull Docker images from the centralized ECR repository Minimal Length: 1Pattern: ^arn:aws:iam::[0-9]{12}:role/[a-zA-Z0-9+=,.@_-]+$ |
Additional Properties: not allowed
Example
{
"region": "us-east-1",
"role_arn": "arn:aws:iam::123456789012:role/ecr-read-role"
}
setup: Storage configuration
Configure base settings for storing Docker builds in your ECR repository
Properties
| Name | Type | Description | Required |
|---|---|---|---|
| policy (Repository Policy) | string | ECR repository access policy as a JSON string | no |
| region (AWS Region) | string | AWS region for ECR Enum: "us-east-1", "us-east-2", "us-west-1", "us-west-2", "eu-west-1", "eu-west-2", "eu-west-3", "eu-central-1", "eu-north-1", "ap-southeast-1", "ap-southeast-2", "ap-northeast-1", "ap-northeast-2", "ap-south-1", "sa-east-1", "ca-central-1", "me-south-1", "af-south-1" | yes |
| role_arn | string | AWS IAM role ARN for ECR access Minimal Length: 1Pattern: ^arn:aws:iam::[0-9]{12}:role/[a-zA-Z0-9+=,.@_-]+$ | yes |
| external_id (Role External ID) | string | External ID for the main IAM role Minimal Length: 1 | no |
| intermediate_role | string | Intermediate IAM role for cross-account access Minimal Length: 1Pattern: ^arn:aws:iam::[0-9]{12}:role/[a-zA-Z0-9+=,.@_-]+$ | no |
| intermediate_external_id (Intermediate Role External ID) | string | External ID for the intermediate IAM role Minimal Length: 1 | no |
Additional Properties: not allowed
Example
{
"region": "us-east-1",
"role_arn": "arn:aws:iam::123456789012:role/ecr-access-role"
}