Skip to content

sterliakov/terraform-aws-ecr-image

BranchesTags

Repository files navigation

Temporary ECR image

AWS Terraform

License Release

PURPOSE

When AWS Lambda is deployed with container image source, that image must already exist. This makes deployment of such a function with terraform complicated: first terraform apply should create a ECR repository, then some other CI pipeline should build and push an image, and only then a lambda can be created.

This module streamlines this process by pushing some tiny image as a placeholder.

Idea and the initial code was borrowed from this StackOverflow answer, but the implementation was significantly rewritten.

USAGE

Push a dummy Alpine image to a newly created ECR repository:

provider "aws" {
  region = "us-east-2"
}
provider "aws" {
  region = "us-east-1"
  alias = "aws.virginia"
}

resource "aws_ecr_repository" "example" {
  name = "example"
}

module "ecr_repo_image" {
  source  = "sterliakov/ecr-image/aws"
  version = "0.2.0"
  providers = {
    aws.main = aws
    aws.virginia = aws.virginia
  }

  push_ecr_is_public = false
  push_repo_fqdn     = replace(aws_ecr_repository.example.repository_url, "//.*$/", "") # remove everything after first slash
  push_repo_name     = aws_ecr_repository.example.name
  push_image_tag     = "deployed"
}

NOTES

  • This module needs two provider aliases: aws.main and aws.virginia. They may refer to the same provider. aws.virginia must be in us-east-1 region. aws.main should be the provider for region where your repository is located.
  • This module only works under Linux.
  • Destroying this module does not remove the pushed image from the repository. Consider setting force_delete = True on the aws_ecr_repository resource if you want to remove the repository with terraform later.
  • This module needs curl and jq on PATH. If jq are missing, it will fetch and install jq 1.7.1 locally for the appropriate architecture.

EXAMPLES

  • Lambda - Deploy a dummy image for Lambda (5 MB alpine by default)

Inputs

Name Description Type Default Required
pull_ecr_is_public If the ECR repo we're pulling from is public (vs. private) bool true no
pull_image_arch The arch of the image we're pulling, e.g. amd64 string "amd64" no
pull_image_tag The tag of the image we're pulling, e.g. latest string "3.20.3" no
pull_repo_fqdn The FQDN of the ECR repo we're pulling from, e.g. public.ecr.aws string "public.ecr.aws" no
pull_repo_name The name of the ECR repo we're pulling from, e.g. my-repo string "docker/library/alpine" no
push_ecr_is_public If the ECR repo we're pushing to is public (vs. private) bool false no
push_image_tag The tag of the image we're pushing, e.g. latest string n/a yes
push_repo_fqdn The FQDN of the ECR repo we're pushing to, e.g. 012345678910.dkr.ecr..amazonaws.com string n/a yes
push_repo_name The name of the ECR repo we're pushing to, e.g. my-repo string n/a yes

Modules

No modules.

Outputs

No outputs.

Providers

Name Version
aws.main >= 5.40.0
aws.virginia >= 5.40.0
terraform n/a

Requirements

Name Version
terraform >= 1.7.0
aws >= 5.40.0

Resources

Name Type
terraform_data.ecr_repo_image resource
aws_ecr_authorization_token.token data source
aws_ecrpublic_authorization_token.token data source

CONTRIBUTING

Contributions are very welcomed!

Start by reviewing contribution guide and our code of conduct. After that, start coding and ship your changes by creating a new PR.

LICENSE

Apache 2 Licensed. See LICENSE for full details.

About

Simple curl-based terraform module to push a dummy ECR image to streamline ECR+Lambda terraform deployments

Topics

aws aws-lambda terraform aws-ecr terraform-module

Resources

Readme

License

Apache-2.0 license

Code of conduct

Code of conduct

Contributing

Contributing
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases 2

v0.2.0 Latest
Mar 10, 2025
+ 1 release

Contributors 3

  •  
  •  
  •  

Languages