aws-native.ecr.RegistryPolicy

Explore with Pulumi AI

AWS Native is in preview. AWS Classic is fully supported.

AWS Native v0.109.0 published on Wednesday, Jun 26, 2024 by Pulumi

pulumi/pulumi-aws-native

The AWS::ECR::RegistryPolicy resource creates or updates the permissions policy for a private registry. A private registry policy is used to specify permissions for another AWS-account and is used when configuring cross-account replication. For more information, see Registry permissions in the Amazon Elastic Container Registry User Guide.

Example Usage

Example

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AwsNative = Pulumi.AwsNative;

return await Deployment.RunAsync(() => 
{
    var testRegistryPolicy = new AwsNative.Ecr.RegistryPolicy("testRegistryPolicy", new()
    {
        PolicyText = new Dictionary<string, object?>
        {
            ["version"] = "2012-10-17",
            ["statement"] = new[]
            {
                new Dictionary<string, object?>
                {
                    ["sid"] = "UpdatedRegistryPolicy",
                    ["effect"] = "Allow",
                    ["principal"] = new Dictionary<string, object?>
                    {
                        ["aws"] = "arn:aws:iam::210987654321:root",
                    },
                    ["action"] = new[]
                    {
                        "ecr:CreateRepository",
                        "ecr:ReplicateImage",
                    },
                    ["resource"] = "arn:aws:ecr:us-west-2:123456789012:repository/*",
                },
            },
        },
    });

});

package main

import (
	"github.com/pulumi/pulumi-aws-native/sdk/go/aws/ecr"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := ecr.NewRegistryPolicy(ctx, "testRegistryPolicy", &ecr.RegistryPolicyArgs{
			PolicyText: pulumi.Any(map[string]interface{}{
				"version": "2012-10-17",
				"statement": []map[string]interface{}{
					map[string]interface{}{
						"sid":    "UpdatedRegistryPolicy",
						"effect": "Allow",
						"principal": map[string]interface{}{
							"aws": "arn:aws:iam::210987654321:root",
						},
						"action": []string{
							"ecr:CreateRepository",
							"ecr:ReplicateImage",
						},
						"resource": "arn:aws:ecr:us-west-2:123456789012:repository/*",
					},
				},
			}),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

Coming soon!

import pulumi
import pulumi_aws_native as aws_native

test_registry_policy = aws_native.ecr.RegistryPolicy("testRegistryPolicy", policy_text={
    "version": "2012-10-17",
    "statement": [{
        "sid": "UpdatedRegistryPolicy",
        "effect": "Allow",
        "principal": {
            "aws": "arn:aws:iam::210987654321:root",
        },
        "action": [
            "ecr:CreateRepository",
            "ecr:ReplicateImage",
        ],
        "resource": "arn:aws:ecr:us-west-2:123456789012:repository/*",
    }],
})

import * as pulumi from "@pulumi/pulumi";
import * as aws_native from "@pulumi/aws-native";

const testRegistryPolicy = new aws_native.ecr.RegistryPolicy("testRegistryPolicy", {policyText: {
    version: "2012-10-17",
    statement: [{
        sid: "UpdatedRegistryPolicy",
        effect: "Allow",
        principal: {
            aws: "arn:aws:iam::210987654321:root",
        },
        action: [
            "ecr:CreateRepository",
            "ecr:ReplicateImage",
        ],
        resource: "arn:aws:ecr:us-west-2:123456789012:repository/*",
    }],
}});

Coming soon!

Create RegistryPolicy Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new RegistryPolicy(name: string, args: RegistryPolicyArgs, opts?: CustomResourceOptions);

@overload
def RegistryPolicy(resource_name: str,
                   args: RegistryPolicyArgs,
                   opts: Optional[ResourceOptions] = None)

@overload
def RegistryPolicy(resource_name: str,
                   opts: Optional[ResourceOptions] = None,
                   policy_text: Optional[Any] = None)

func NewRegistryPolicy(ctx *Context, name string, args RegistryPolicyArgs, opts ...ResourceOption) (*RegistryPolicy, error)

public RegistryPolicy(string name, RegistryPolicyArgs args, CustomResourceOptions? opts = null)

public RegistryPolicy(String name, RegistryPolicyArgs args)
public RegistryPolicy(String name, RegistryPolicyArgs args, CustomResourceOptions options)

type: aws-native:ecr:RegistryPolicy
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args RegistryPolicyArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args RegistryPolicyArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args RegistryPolicyArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args RegistryPolicyArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args RegistryPolicyArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

RegistryPolicy Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.