CfnRepositoryPropsMixin

class aws_cdk.mixins_preview.aws_ecr.mixins.CfnRepositoryPropsMixin(props, *, strategy=None)

Bases: Mixin

The AWS::ECR::Repository resource specifies an Amazon Elastic Container Registry (Amazon ECR) repository, where users can push and pull Docker images, Open Container Initiative (OCI) images, and OCI compatible artifacts.

For more information, see Amazon ECR private repositories in the Amazon ECR User Guide .

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ecr-repository.html

CloudformationResource:

AWS::ECR::Repository

Mixin:

true

ExampleMetadata:

fixture=_generated

Example:

from aws_cdk import CfnTag
# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
from aws_cdk.mixins_preview import mixins
from aws_cdk.mixins_preview.aws_ecr import mixins as ecr_mixins

# repository_policy_text: Any

cfn_repository_props_mixin = ecr_mixins.CfnRepositoryPropsMixin(ecr_mixins.CfnRepositoryMixinProps(
    empty_on_delete=False,
    encryption_configuration=ecr_mixins.CfnRepositoryPropsMixin.EncryptionConfigurationProperty(
        encryption_type="encryptionType",
        kms_key="kmsKey"
    ),
    image_scanning_configuration=ecr_mixins.CfnRepositoryPropsMixin.ImageScanningConfigurationProperty(
        scan_on_push=False
    ),
    image_tag_mutability="imageTagMutability",
    image_tag_mutability_exclusion_filters=[ecr_mixins.CfnRepositoryPropsMixin.ImageTagMutabilityExclusionFilterProperty(
        image_tag_mutability_exclusion_filter_type="imageTagMutabilityExclusionFilterType",
        image_tag_mutability_exclusion_filter_value="imageTagMutabilityExclusionFilterValue"
    )],
    lifecycle_policy=ecr_mixins.CfnRepositoryPropsMixin.LifecyclePolicyProperty(
        lifecycle_policy_text="lifecyclePolicyText",
        registry_id="registryId"
    ),
    repository_name="repositoryName",
    repository_policy_text=repository_policy_text,
    tags=[CfnTag(
        key="key",
        value="value"
    )]
),
    strategy=mixins.PropertyMergeStrategy.OVERRIDE
)

Create a mixin to apply properties to AWS::ECR::Repository.

Parameters:

• props (Union[CfnRepositoryMixinProps, Dict[str, Any]]) – L1 properties to apply.

• strategy (Optional[PropertyMergeStrategy]) – (experimental) Strategy for merging nested properties. Default: - PropertyMergeStrategy.MERGE

Methods

apply_to(construct)

Apply the mixin properties to the construct.

Parameters:

construct (IConstruct)

Return type:

IConstruct

supports(construct)

Check if this mixin supports the given construct.

Parameters:

construct (IConstruct)

Return type:

bool

Attributes

CFN_PROPERTY_KEYS = ['emptyOnDelete', 'encryptionConfiguration', 'imageScanningConfiguration', 'imageTagMutability', 'imageTagMutabilityExclusionFilters', 'lifecyclePolicy', 'repositoryName', 'repositoryPolicyText', 'tags']

Static Methods

classmethod is_mixin(x)

(experimental) Checks if x is a Mixin.

Parameters:

x (Any) – Any object.

Return type:

bool

Returns:

true if x is an object created from a class which extends Mixin.

Stability:

experimental

EncryptionConfigurationProperty

class CfnRepositoryPropsMixin.EncryptionConfigurationProperty(*, encryption_type=None, kms_key=None)

Bases: object

The encryption configuration for the repository. This determines how the contents of your repository are encrypted at rest.

By default, when no encryption configuration is set or the AES256 encryption type is used, Amazon ECR uses server-side encryption with Amazon S3-managed encryption keys which encrypts your data at rest using an AES256 encryption algorithm. This does not require any action on your part.

For more control over the encryption of the contents of your repository, you can use server-side encryption with AWS Key Management Service key stored in AWS Key Management Service ( AWS ) to encrypt your images. For more information, see Amazon ECR encryption at rest in the Amazon Elastic Container Registry User Guide .

Parameters:

• encryption_type (Optional[str]) –

  The encryption type to use. If you use the KMS encryption type, the contents of the repository will be encrypted using server-side encryption with AWS Key Management Service key stored in AWS . When you use AWS to encrypt your data, you can either use the default AWS managed AWS key for Amazon ECR, or specify your own AWS key, which you already created. If you use the KMS_DSSE encryption type, the contents of the repository will be encrypted with two layers of encryption using server-side encryption with the AWS Management Service key stored in AWS . Similar to the KMS encryption type, you can either use the default AWS managed AWS key for Amazon ECR, or specify your own AWS key, which you’ve already created. If you use the AES256 encryption type, Amazon ECR uses server-side encryption with Amazon S3-managed encryption keys which encrypts the images in the repository using an AES256 encryption algorithm. For more information, see Amazon ECR encryption at rest in the Amazon Elastic Container Registry User Guide .

• kms_key (Optional[str]) – If you use the KMS encryption type, specify the AWS key to use for encryption. The alias, key ID, or full ARN of the AWS key can be specified. The key must exist in the same Region as the repository. If no key is specified, the default AWS managed AWS key for Amazon ECR will be used.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ecr-repository-encryptionconfiguration.html

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
from aws_cdk.mixins_preview.aws_ecr import mixins as ecr_mixins

encryption_configuration_property = ecr_mixins.CfnRepositoryPropsMixin.EncryptionConfigurationProperty(
    encryption_type="encryptionType",
    kms_key="kmsKey"
)

Attributes

encryption_type

The encryption type to use.

If you use the KMS encryption type, the contents of the repository will be encrypted using server-side encryption with AWS Key Management Service key stored in AWS . When you use AWS to encrypt your data, you can either use the default AWS managed AWS key for Amazon ECR, or specify your own AWS key, which you already created.

If you use the KMS_DSSE encryption type, the contents of the repository will be encrypted with two layers of encryption using server-side encryption with the AWS Management Service key stored in AWS . Similar to the KMS encryption type, you can either use the default AWS managed AWS key for Amazon ECR, or specify your own AWS key, which you’ve already created.

If you use the AES256 encryption type, Amazon ECR uses server-side encryption with Amazon S3-managed encryption keys which encrypts the images in the repository using an AES256 encryption algorithm.

For more information, see Amazon ECR encryption at rest in the Amazon Elastic Container Registry User Guide .

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ecr-repository-encryptionconfiguration.html#cfn-ecr-repository-encryptionconfiguration-encryptiontype

kms_key

If you use the KMS encryption type, specify the AWS key to use for encryption.

The alias, key ID, or full ARN of the AWS key can be specified. The key must exist in the same Region as the repository. If no key is specified, the default AWS managed AWS key for Amazon ECR will be used.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ecr-repository-encryptionconfiguration.html#cfn-ecr-repository-encryptionconfiguration-kmskey

ImageScanningConfigurationProperty

class CfnRepositoryPropsMixin.ImageScanningConfigurationProperty(*, scan_on_push=None)

Bases: object

The image scanning configuration for a repository.

Parameters:

scan_on_push (Union[bool, IResolvable, None]) – The setting that determines whether images are scanned after being pushed to a repository. If set to true , images will be scanned after being pushed. If this parameter is not specified, it will default to false and images will not be scanned unless a scan is manually started.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ecr-repository-imagescanningconfiguration.html

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
from aws_cdk.mixins_preview.aws_ecr import mixins as ecr_mixins

image_scanning_configuration_property = ecr_mixins.CfnRepositoryPropsMixin.ImageScanningConfigurationProperty(
    scan_on_push=False
)

Attributes

scan_on_push

The setting that determines whether images are scanned after being pushed to a repository.

If set to true , images will be scanned after being pushed. If this parameter is not specified, it will default to false and images will not be scanned unless a scan is manually started.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ecr-repository-imagescanningconfiguration.html#cfn-ecr-repository-imagescanningconfiguration-scanonpush

ImageTagMutabilityExclusionFilterProperty

class CfnRepositoryPropsMixin.ImageTagMutabilityExclusionFilterProperty(*, image_tag_mutability_exclusion_filter_type=None, image_tag_mutability_exclusion_filter_value=None)

Bases: object

A filter that specifies which image tags should be excluded from the repository’s image tag mutability setting.

Parameters:

• image_tag_mutability_exclusion_filter_type (Optional[str]) – Specifies the type of filter to use for excluding image tags from the repository’s mutability setting.

• image_tag_mutability_exclusion_filter_value (Optional[str]) – The value to use when filtering image tags.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ecr-repository-imagetagmutabilityexclusionfilter.html

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
from aws_cdk.mixins_preview.aws_ecr import mixins as ecr_mixins

image_tag_mutability_exclusion_filter_property = ecr_mixins.CfnRepositoryPropsMixin.ImageTagMutabilityExclusionFilterProperty(
    image_tag_mutability_exclusion_filter_type="imageTagMutabilityExclusionFilterType",
    image_tag_mutability_exclusion_filter_value="imageTagMutabilityExclusionFilterValue"
)

Attributes

image_tag_mutability_exclusion_filter_type

Specifies the type of filter to use for excluding image tags from the repository’s mutability setting.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ecr-repository-imagetagmutabilityexclusionfilter.html#cfn-ecr-repository-imagetagmutabilityexclusionfilter-imagetagmutabilityexclusionfiltertype

image_tag_mutability_exclusion_filter_value

The value to use when filtering image tags.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ecr-repository-imagetagmutabilityexclusionfilter.html#cfn-ecr-repository-imagetagmutabilityexclusionfilter-imagetagmutabilityexclusionfiltervalue

LifecyclePolicyProperty

class CfnRepositoryPropsMixin.LifecyclePolicyProperty(*, lifecycle_policy_text=None, registry_id=None)

Bases: object

The LifecyclePolicy property type specifies a lifecycle policy.

For information about lifecycle policy syntax, see Lifecycle policy template in the Amazon ECR User Guide .

Parameters:

• lifecycle_policy_text (Optional[str]) – The JSON repository policy text to apply to the repository.

• registry_id (Optional[str]) – The AWS account ID associated with the registry that contains the repository. If you do not specify a registry, the default registry is assumed.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ecr-repository-lifecyclepolicy.html

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
from aws_cdk.mixins_preview.aws_ecr import mixins as ecr_mixins

lifecycle_policy_property = ecr_mixins.CfnRepositoryPropsMixin.LifecyclePolicyProperty(
    lifecycle_policy_text="lifecyclePolicyText",
    registry_id="registryId"
)

Attributes

lifecycle_policy_text

The JSON repository policy text to apply to the repository.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ecr-repository-lifecyclepolicy.html#cfn-ecr-repository-lifecyclepolicy-lifecyclepolicytext

registry_id

The AWS account ID associated with the registry that contains the repository.

If you do not specify a registry, the default registry is assumed.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ecr-repository-lifecyclepolicy.html#cfn-ecr-repository-lifecyclepolicy-registryid