Skip to content
/ terraform-aws-ecr Public

A Terraform Module to integrate Amazon Container Registries (ECR) with Lacework.

License

MIT license
2 stars 10 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

lacework/terraform-aws-ecr

BranchesTags

Repository files navigation

terraform-aws-ecr

GitHub release Codefresh build status

A Terraform Module to integrate Amazon Container Registries (ECR) with Lacework.

Requirements

Name Version
terraform >= 0.14
aws >= 3.0
lacework ~> 2.0
time ~> 0.6

Providers

Name Version
aws >= 3.0
lacework ~> 2.0
time ~> 0.6

Modules

Name Source Version
lacework_ecr_iam_role lacework/iam-role/aws ~> 0.4

Resources

Name Type
aws_iam_role_policy_attachment.ecr_read_only_policy_attachment resource
lacework_integration_ecr.iam_role resource
time_sleep.wait_time resource
aws_caller_identity.current data source
aws_region.current data source
lacework_metric_module.lwmetrics data source

Inputs

Name Description Type Default Required
external_id_length Deprecated - Will be removed on our next major release v1.0.0 number 16 no
iam_role_arn The IAM role ARN. required when setting use_existing_iam_role to true string "" no
iam_role_external_id The external ID configured inside the IAM role. required when setting use_existing_iam_role to true string "" no
iam_role_name The IAM role name. Required to match with iam_role_arn if use_existing_iam_role is set to true string "" no
lacework_aws_account_id The Lacework AWS account that the IAM role will grant access string "434813966438" no
lacework_integration_name The name of the external ECR integration string "TF ECR IAM Role" no
limit_by_labels A list of objects with image labels to limit the assessment of images with matching labels. If you specify limit_by_tags and limit_by_label limits, they function as an AND. 
list(object({
    key   = string
    value = string
  }))
 [] no
limit_by_repositories A list of repositories to assess list(string) [] no
limit_by_tags A list of tags to limit the assessment of images with matching tags. If you specify limit_by_tags and limit_by_label limits, they function as an AND. list(string) [] no
limit_num_imgs The maximum number of newest container images to assess per repository. Must be one of 5, 10, or 15. Defaults to 5. number 5 no
non_os_package_support Whether or not the integration should check non-os packages in the container for vulnerabilities bool true no
registry_domain The registry domain to configure string "" no
tags A map/dictionary of Tags to be assigned to created resources map(string) {} no
use_existing_iam_role Set this to true to use an existing IAM role bool false no
wait_time Amount of time to wait before the next resource is provisioned string "15s" no

Outputs

Name Description
external_id The External ID configured into the IAM role
iam_role_arn The IAM Role ARN
iam_role_name The IAM Role name
registry_domain The registry domain configured

About

A Terraform Module to integrate Amazon Container Registries (ECR) with Lacework.

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

2 stars

Watchers

45 watching

Forks

10 forks
Report repository

Releases 18

v0.9.3 Latest
Nov 7, 2024
+ 17 releases

Packages

No packages published

Contributors 11

Languages