aws-cdk-lib
Version:
Version 2 of the AWS Cloud Development Kit library
967 lines • 71.7 kB
TypeScript
import * as cdk from "../../core/lib";
import * as constructs from "constructs";
import * as cfn_parse from "../../core/lib/helpers-internal";
import { IPublicRepositoryRef, IPullThroughCacheRuleRef, IPullTimeUpdateExclusionRef, IRegistryPolicyRef, IRegistryScanningConfigurationRef, IReplicationConfigurationRef, IRepositoryCreationTemplateRef, IRepositoryRef, ISigningConfigurationRef, PublicRepositoryReference, PullThroughCacheRuleReference, PullTimeUpdateExclusionReference, RegistryPolicyReference, RegistryScanningConfigurationReference, ReplicationConfigurationReference, RepositoryCreationTemplateReference, RepositoryReference, SigningConfigurationReference } from "../../interfaces/generated/aws-ecr-interfaces.generated";
/**
* The `AWS::ECR::PublicRepository` resource specifies an Amazon Elastic Container Registry Public (Amazon ECR Public) repository, where users can push and pull Docker images, Open Container Initiative (OCI) images, and OCI compatible artifacts.
*
* For more information, see [Amazon ECR public repositories](https://docs.aws.amazon.com/AmazonECR/latest/public/public-repositories.html) in the *Amazon ECR Public User Guide* .
*
* @cloudformationResource AWS::ECR::PublicRepository
* @stability external
* @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ecr-publicrepository.html
*/
export declare class CfnPublicRepository extends cdk.CfnResource implements cdk.IInspectable, IPublicRepositoryRef, cdk.ITaggable {
/**
* The CloudFormation resource type name for this resource class.
*/
static readonly CFN_RESOURCE_TYPE_NAME: string;
/**
* Build a CfnPublicRepository from CloudFormation properties
*
* A factory method that creates a new instance of this class from an object
* containing the CloudFormation properties of this resource.
* Used in the @aws-cdk/cloudformation-include module.
*
* @internal
*/
static _fromCloudFormation(scope: constructs.Construct, id: string, resourceAttributes: any, options: cfn_parse.FromCloudFormationOptions): CfnPublicRepository;
/**
* Checks whether the given object is a CfnPublicRepository
*/
static isCfnPublicRepository(x: any): x is CfnPublicRepository;
/**
* Creates a new IPublicRepositoryRef from an ARN
*/
static fromPublicRepositoryArn(scope: constructs.Construct, id: string, arn: string): IPublicRepositoryRef;
/**
* Creates a new IPublicRepositoryRef from a repositoryName
*/
static fromRepositoryName(scope: constructs.Construct, id: string, repositoryName: string): IPublicRepositoryRef;
static arnForPublicRepository(resource: IPublicRepositoryRef): string;
/**
* Returns the Amazon Resource Name (ARN) for the specified `AWS::ECR::PublicRepository` resource. For example, `arn:aws:ecr-public:: *123456789012* :repository/ *test-repository*` .
*
* @cloudformationAttribute Arn
*/
readonly attrArn: string;
/**
* The details about the repository that are publicly visible in the Amazon ECR Public Gallery.
*/
repositoryCatalogData?: any | cdk.IResolvable;
/**
* The name to use for the public repository.
*/
repositoryName?: string;
/**
* The JSON repository policy text to apply to the public repository.
*/
repositoryPolicyText?: any | cdk.IResolvable;
/**
* Tag Manager which manages the tags for this resource
*/
readonly tags: cdk.TagManager;
/**
* An array of key-value pairs to apply to this resource.
*/
tagsRaw?: Array<cdk.CfnTag>;
/**
* Create a new `AWS::ECR::PublicRepository`.
*
* @param scope Scope in which this resource is defined
* @param id Construct identifier for this resource (unique in its scope)
* @param props Resource properties
*/
constructor(scope: constructs.Construct, id: string, props?: CfnPublicRepositoryProps);
get publicRepositoryRef(): PublicRepositoryReference;
protected get cfnProperties(): Record<string, any>;
/**
* Examines the CloudFormation resource and discloses attributes
*
* @param inspector tree inspector to collect and process attributes
*/
inspect(inspector: cdk.TreeInspector): void;
protected renderProperties(props: Record<string, any>): Record<string, any>;
}
export declare namespace CfnPublicRepository {
/**
* The details about the repository that are publicly visible in the Amazon ECR Public Gallery.
*
* For more information, see [Amazon ECR Public repository catalog data](https://docs.aws.amazon.com/AmazonECR/latest/public/public-repository-catalog-data.html) in the *Amazon ECR Public User Guide* .
*
* @struct
* @stability external
* @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ecr-publicrepository-repositorycatalogdata.html
*/
interface RepositoryCatalogDataProperty {
/**
* The longform description of the contents of the repository.
*
* This text appears in the repository details on the Amazon ECR Public Gallery.
*
* @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ecr-publicrepository-repositorycatalogdata.html#cfn-ecr-publicrepository-repositorycatalogdata-abouttext
*/
readonly aboutText?: string;
/**
* The architecture tags that are associated with the repository.
*
* @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ecr-publicrepository-repositorycatalogdata.html#cfn-ecr-publicrepository-repositorycatalogdata-architectures
*/
readonly architectures?: Array<string>;
/**
* The operating system tags that are associated with the repository.
*
* @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ecr-publicrepository-repositorycatalogdata.html#cfn-ecr-publicrepository-repositorycatalogdata-operatingsystems
*/
readonly operatingSystems?: Array<string>;
/**
* The short description of the repository.
*
* @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ecr-publicrepository-repositorycatalogdata.html#cfn-ecr-publicrepository-repositorycatalogdata-repositorydescription
*/
readonly repositoryDescription?: string;
/**
* The longform usage details of the contents of the repository.
*
* The usage text provides context for users of the repository.
*
* @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ecr-publicrepository-repositorycatalogdata.html#cfn-ecr-publicrepository-repositorycatalogdata-usagetext
*/
readonly usageText?: string;
}
}
/**
* Properties for defining a `CfnPublicRepository`
*
* @struct
* @stability external
* @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ecr-publicrepository.html
*/
export interface CfnPublicRepositoryProps {
/**
* The details about the repository that are publicly visible in the Amazon ECR Public Gallery.
*
* For more information, see [Amazon ECR Public repository catalog data](https://docs.aws.amazon.com/AmazonECR/latest/public/public-repository-catalog-data.html) in the *Amazon ECR Public User Guide* .
*
* @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ecr-publicrepository.html#cfn-ecr-publicrepository-repositorycatalogdata
*/
readonly repositoryCatalogData?: any | cdk.IResolvable;
/**
* The name to use for the public repository.
*
* The repository name may be specified on its own (such as `nginx-web-app` ) or it can be prepended with a namespace to group the repository into a category (such as `project-a/nginx-web-app` ). If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the repository name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .
*
* > If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.
*
* @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ecr-publicrepository.html#cfn-ecr-publicrepository-repositoryname
*/
readonly repositoryName?: string;
/**
* The JSON repository policy text to apply to the public repository.
*
* For more information, see [Amazon ECR Public repository policies](https://docs.aws.amazon.com/AmazonECR/latest/public/public-repository-policies.html) in the *Amazon ECR Public User Guide* .
*
* @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ecr-publicrepository.html#cfn-ecr-publicrepository-repositorypolicytext
*/
readonly repositoryPolicyText?: any | cdk.IResolvable;
/**
* An array of key-value pairs to apply to this resource.
*
* @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ecr-publicrepository.html#cfn-ecr-publicrepository-tags
*/
readonly tags?: Array<cdk.CfnTag>;
}
/**
* The `AWS::ECR::PullThroughCacheRule` resource creates or updates a pull through cache rule.
*
* A pull through cache rule provides a way to cache images from an upstream registry in your Amazon ECR private registry.
*
* @cloudformationResource AWS::ECR::PullThroughCacheRule
* @stability external
* @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ecr-pullthroughcacherule.html
*/
export declare class CfnPullThroughCacheRule extends cdk.CfnResource implements cdk.IInspectable, IPullThroughCacheRuleRef {
/**
* The CloudFormation resource type name for this resource class.
*/
static readonly CFN_RESOURCE_TYPE_NAME: string;
/**
* Build a CfnPullThroughCacheRule from CloudFormation properties
*
* A factory method that creates a new instance of this class from an object
* containing the CloudFormation properties of this resource.
* Used in the @aws-cdk/cloudformation-include module.
*
* @internal
*/
static _fromCloudFormation(scope: constructs.Construct, id: string, resourceAttributes: any, options: cfn_parse.FromCloudFormationOptions): CfnPullThroughCacheRule;
/**
* Checks whether the given object is a CfnPullThroughCacheRule
*/
static isCfnPullThroughCacheRule(x: any): x is CfnPullThroughCacheRule;
/**
* The ARN of the Secrets Manager secret associated with the pull through cache rule.
*/
credentialArn?: string;
/**
* The ARN of the IAM role associated with the pull through cache rule.
*/
customRoleArn?: string;
/**
* The Amazon ECR repository prefix associated with the pull through cache rule.
*/
ecrRepositoryPrefix?: string;
/**
* The name of the upstream source registry associated with the pull through cache rule.
*/
upstreamRegistry?: string;
/**
* The upstream registry URL associated with the pull through cache rule.
*/
upstreamRegistryUrl?: string;
/**
* The upstream repository prefix associated with the pull through cache rule.
*/
upstreamRepositoryPrefix?: string;
/**
* Create a new `AWS::ECR::PullThroughCacheRule`.
*
* @param scope Scope in which this resource is defined
* @param id Construct identifier for this resource (unique in its scope)
* @param props Resource properties
*/
constructor(scope: constructs.Construct, id: string, props?: CfnPullThroughCacheRuleProps);
get pullThroughCacheRuleRef(): PullThroughCacheRuleReference;
protected get cfnProperties(): Record<string, any>;
/**
* Examines the CloudFormation resource and discloses attributes
*
* @param inspector tree inspector to collect and process attributes
*/
inspect(inspector: cdk.TreeInspector): void;
protected renderProperties(props: Record<string, any>): Record<string, any>;
}
/**
* Properties for defining a `CfnPullThroughCacheRule`
*
* @struct
* @stability external
* @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ecr-pullthroughcacherule.html
*/
export interface CfnPullThroughCacheRuleProps {
/**
* The ARN of the Secrets Manager secret associated with the pull through cache rule.
*
* @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ecr-pullthroughcacherule.html#cfn-ecr-pullthroughcacherule-credentialarn
*/
readonly credentialArn?: string;
/**
* The ARN of the IAM role associated with the pull through cache rule.
*
* @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ecr-pullthroughcacherule.html#cfn-ecr-pullthroughcacherule-customrolearn
*/
readonly customRoleArn?: string;
/**
* The Amazon ECR repository prefix associated with the pull through cache rule.
*
* @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ecr-pullthroughcacherule.html#cfn-ecr-pullthroughcacherule-ecrrepositoryprefix
*/
readonly ecrRepositoryPrefix?: string;
/**
* The name of the upstream source registry associated with the pull through cache rule.
*
* @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ecr-pullthroughcacherule.html#cfn-ecr-pullthroughcacherule-upstreamregistry
*/
readonly upstreamRegistry?: string;
/**
* The upstream registry URL associated with the pull through cache rule.
*
* @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ecr-pullthroughcacherule.html#cfn-ecr-pullthroughcacherule-upstreamregistryurl
*/
readonly upstreamRegistryUrl?: string;
/**
* The upstream repository prefix associated with the pull through cache rule.
*
* @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ecr-pullthroughcacherule.html#cfn-ecr-pullthroughcacherule-upstreamrepositoryprefix
*/
readonly upstreamRepositoryPrefix?: string;
}
/**
* The `AWS::ECR::RegistryPolicy` resource creates or updates the permissions policy for a private registry.
*
* A private registry policy is used to specify permissions for another AWS account and is used when configuring cross-account replication. For more information, see [Registry permissions](https://docs.aws.amazon.com/AmazonECR/latest/userguide/registry-permissions.html) in the *Amazon Elastic Container Registry User Guide* .
*
* @cloudformationResource AWS::ECR::RegistryPolicy
* @stability external
* @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ecr-registrypolicy.html
*/
export declare class CfnRegistryPolicy extends cdk.CfnResource implements cdk.IInspectable, IRegistryPolicyRef {
/**
* The CloudFormation resource type name for this resource class.
*/
static readonly CFN_RESOURCE_TYPE_NAME: string;
/**
* Build a CfnRegistryPolicy from CloudFormation properties
*
* A factory method that creates a new instance of this class from an object
* containing the CloudFormation properties of this resource.
* Used in the @aws-cdk/cloudformation-include module.
*
* @internal
*/
static _fromCloudFormation(scope: constructs.Construct, id: string, resourceAttributes: any, options: cfn_parse.FromCloudFormationOptions): CfnRegistryPolicy;
/**
* Checks whether the given object is a CfnRegistryPolicy
*/
static isCfnRegistryPolicy(x: any): x is CfnRegistryPolicy;
/**
* The account ID of the private registry the policy is associated with.
*
* @cloudformationAttribute RegistryId
*/
readonly attrRegistryId: string;
/**
* The JSON policy text for your registry.
*/
policyText: any | cdk.IResolvable;
/**
* Create a new `AWS::ECR::RegistryPolicy`.
*
* @param scope Scope in which this resource is defined
* @param id Construct identifier for this resource (unique in its scope)
* @param props Resource properties
*/
constructor(scope: constructs.Construct, id: string, props: CfnRegistryPolicyProps);
get registryPolicyRef(): RegistryPolicyReference;
protected get cfnProperties(): Record<string, any>;
/**
* Examines the CloudFormation resource and discloses attributes
*
* @param inspector tree inspector to collect and process attributes
*/
inspect(inspector: cdk.TreeInspector): void;
protected renderProperties(props: Record<string, any>): Record<string, any>;
}
/**
* Properties for defining a `CfnRegistryPolicy`
*
* @struct
* @stability external
* @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ecr-registrypolicy.html
*/
export interface CfnRegistryPolicyProps {
/**
* The JSON policy text for your registry.
*
* @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ecr-registrypolicy.html#cfn-ecr-registrypolicy-policytext
*/
readonly policyText: any | cdk.IResolvable;
}
/**
* The `AWS::ECR::ReplicationConfiguration` resource creates or updates the replication configuration for a private registry.
*
* The first time a replication configuration is applied to a private registry, a service-linked IAM role is created in your account for the replication process. For more information, see [Using Service-Linked Roles for Amazon ECR](https://docs.aws.amazon.com/AmazonECR/latest/userguide/using-service-linked-roles.html) in the *Amazon Elastic Container Registry User Guide* .
*
* > When configuring cross-account replication, the destination account must grant the source account permission to replicate. This permission is controlled using a private registry permissions policy. For more information, see `AWS::ECR::RegistryPolicy` .
*
* @cloudformationResource AWS::ECR::ReplicationConfiguration
* @stability external
* @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ecr-replicationconfiguration.html
*/
export declare class CfnReplicationConfiguration extends cdk.CfnResource implements cdk.IInspectable, IReplicationConfigurationRef {
/**
* The CloudFormation resource type name for this resource class.
*/
static readonly CFN_RESOURCE_TYPE_NAME: string;
/**
* Build a CfnReplicationConfiguration from CloudFormation properties
*
* A factory method that creates a new instance of this class from an object
* containing the CloudFormation properties of this resource.
* Used in the @aws-cdk/cloudformation-include module.
*
* @internal
*/
static _fromCloudFormation(scope: constructs.Construct, id: string, resourceAttributes: any, options: cfn_parse.FromCloudFormationOptions): CfnReplicationConfiguration;
/**
* Checks whether the given object is a CfnReplicationConfiguration
*/
static isCfnReplicationConfiguration(x: any): x is CfnReplicationConfiguration;
/**
* The account ID of the destination registry.
*
* @cloudformationAttribute RegistryId
*/
readonly attrRegistryId: string;
/**
* The replication configuration for a registry.
*/
replicationConfiguration: cdk.IResolvable | CfnReplicationConfiguration.ReplicationConfigurationProperty;
/**
* Create a new `AWS::ECR::ReplicationConfiguration`.
*
* @param scope Scope in which this resource is defined
* @param id Construct identifier for this resource (unique in its scope)
* @param props Resource properties
*/
constructor(scope: constructs.Construct, id: string, props: CfnReplicationConfigurationProps);
get replicationConfigurationRef(): ReplicationConfigurationReference;
protected get cfnProperties(): Record<string, any>;
/**
* Examines the CloudFormation resource and discloses attributes
*
* @param inspector tree inspector to collect and process attributes
*/
inspect(inspector: cdk.TreeInspector): void;
protected renderProperties(props: Record<string, any>): Record<string, any>;
}
export declare namespace CfnReplicationConfiguration {
/**
* The replication configuration for a registry.
*
* @struct
* @stability external
* @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ecr-replicationconfiguration-replicationconfiguration.html
*/
interface ReplicationConfigurationProperty {
/**
* An array of objects representing the replication destinations and repository filters for a replication configuration.
*
* @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ecr-replicationconfiguration-replicationconfiguration.html#cfn-ecr-replicationconfiguration-replicationconfiguration-rules
*/
readonly rules: Array<cdk.IResolvable | CfnReplicationConfiguration.ReplicationRuleProperty> | cdk.IResolvable;
}
/**
* An array of objects representing the replication destinations and repository filters for a replication configuration.
*
* @struct
* @stability external
* @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ecr-replicationconfiguration-replicationrule.html
*/
interface ReplicationRuleProperty {
/**
* An array of objects representing the destination for a replication rule.
*
* @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ecr-replicationconfiguration-replicationrule.html#cfn-ecr-replicationconfiguration-replicationrule-destinations
*/
readonly destinations: Array<cdk.IResolvable | CfnReplicationConfiguration.ReplicationDestinationProperty> | cdk.IResolvable;
/**
* An array of objects representing the filters for a replication rule.
*
* Specifying a repository filter for a replication rule provides a method for controlling which repositories in a private registry are replicated.
*
* @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ecr-replicationconfiguration-replicationrule.html#cfn-ecr-replicationconfiguration-replicationrule-repositoryfilters
*/
readonly repositoryFilters?: Array<cdk.IResolvable | CfnReplicationConfiguration.RepositoryFilterProperty> | cdk.IResolvable;
}
/**
* The filter settings used with image replication.
*
* Specifying a repository filter to a replication rule provides a method for controlling which repositories in a private registry are replicated. If no filters are added, the contents of all repositories are replicated.
*
* @struct
* @stability external
* @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ecr-replicationconfiguration-repositoryfilter.html
*/
interface RepositoryFilterProperty {
/**
* The repository filter details.
*
* When the `PREFIX_MATCH` filter type is specified, this value is required and should be the repository name prefix to configure replication for.
*
* @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ecr-replicationconfiguration-repositoryfilter.html#cfn-ecr-replicationconfiguration-repositoryfilter-filter
*/
readonly filter: string;
/**
* The repository filter type.
*
* The only supported value is `PREFIX_MATCH` , which is a repository name prefix specified with the `filter` parameter.
*
* @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ecr-replicationconfiguration-repositoryfilter.html#cfn-ecr-replicationconfiguration-repositoryfilter-filtertype
*/
readonly filterType: string;
}
/**
* An array of objects representing the destination for a replication rule.
*
* @struct
* @stability external
* @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ecr-replicationconfiguration-replicationdestination.html
*/
interface ReplicationDestinationProperty {
/**
* The Region to replicate to.
*
* @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ecr-replicationconfiguration-replicationdestination.html#cfn-ecr-replicationconfiguration-replicationdestination-region
*/
readonly region: string;
/**
* The AWS account ID of the Amazon ECR private registry to replicate to.
*
* When configuring cross-Region replication within your own registry, specify your own account ID.
*
* @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ecr-replicationconfiguration-replicationdestination.html#cfn-ecr-replicationconfiguration-replicationdestination-registryid
*/
readonly registryId: string;
}
}
/**
* Properties for defining a `CfnReplicationConfiguration`
*
* @struct
* @stability external
* @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ecr-replicationconfiguration.html
*/
export interface CfnReplicationConfigurationProps {
/**
* The replication configuration for a registry.
*
* @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ecr-replicationconfiguration.html#cfn-ecr-replicationconfiguration-replicationconfiguration
*/
readonly replicationConfiguration: cdk.IResolvable | CfnReplicationConfiguration.ReplicationConfigurationProperty;
}
/**
* The `AWS::ECR::Repository` resource specifies an Amazon Elastic Container Registry (Amazon ECR) repository, where users can push and pull Docker images, Open Container Initiative (OCI) images, and OCI compatible artifacts.
*
* For more information, see [Amazon ECR private repositories](https://docs.aws.amazon.com/AmazonECR/latest/userguide/Repositories.html) in the *Amazon ECR User Guide* .
*
* @cloudformationResource AWS::ECR::Repository
* @stability external
* @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ecr-repository.html
*/
export declare class CfnRepository extends cdk.CfnResource implements cdk.IInspectable, IRepositoryRef, cdk.ITaggable {
/**
* The CloudFormation resource type name for this resource class.
*/
static readonly CFN_RESOURCE_TYPE_NAME: string;
/**
* Build a CfnRepository from CloudFormation properties
*
* A factory method that creates a new instance of this class from an object
* containing the CloudFormation properties of this resource.
* Used in the @aws-cdk/cloudformation-include module.
*
* @internal
*/
static _fromCloudFormation(scope: constructs.Construct, id: string, resourceAttributes: any, options: cfn_parse.FromCloudFormationOptions): CfnRepository;
/**
* Checks whether the given object is a CfnRepository
*/
static isCfnRepository(x: any): x is CfnRepository;
/**
* Creates a new IRepositoryRef from an ARN
*/
static fromRepositoryArn(scope: constructs.Construct, id: string, arn: string): IRepositoryRef;
/**
* Creates a new IRepositoryRef from a repositoryName
*/
static fromRepositoryName(scope: constructs.Construct, id: string, repositoryName: string): IRepositoryRef;
static arnForRepository(resource: IRepositoryRef): string;
/**
* Returns the Amazon Resource Name (ARN) for the specified `AWS::ECR::Repository` resource. For example, `arn:aws:ecr: *eu-west-1* : *123456789012* :repository/ *test-repository*` .
*
* @cloudformationAttribute Arn
*/
readonly attrArn: string;
/**
* Returns the URI for the specified `AWS::ECR::Repository` resource. For example, `*123456789012* .dkr.ecr. *us-west-2* .amazonaws.com/repository` .
*
* @cloudformationAttribute RepositoryUri
*/
readonly attrRepositoryUri: string;
/**
* If true, deleting the repository force deletes the contents of the repository.
*/
emptyOnDelete?: boolean | cdk.IResolvable;
/**
* The encryption configuration for the repository.
*/
encryptionConfiguration?: CfnRepository.EncryptionConfigurationProperty | cdk.IResolvable;
/**
* > The `imageScanningConfiguration` parameter is being deprecated, in favor of specifying the image scanning configuration at the registry level.
*/
imageScanningConfiguration?: CfnRepository.ImageScanningConfigurationProperty | cdk.IResolvable;
/**
* The tag mutability setting for the repository.
*/
imageTagMutability?: string;
/**
* A list of filters that specify which image tags are excluded from the repository's image tag mutability setting.
*/
imageTagMutabilityExclusionFilters?: Array<CfnRepository.ImageTagMutabilityExclusionFilterProperty | cdk.IResolvable> | cdk.IResolvable;
/**
* Creates or updates a lifecycle policy.
*/
lifecyclePolicy?: cdk.IResolvable | CfnRepository.LifecyclePolicyProperty;
/**
* The name to use for the repository.
*/
repositoryName?: string;
/**
* The JSON repository policy text to apply to the repository.
*/
repositoryPolicyText?: any | cdk.IResolvable;
/**
* Tag Manager which manages the tags for this resource
*/
readonly tags: cdk.TagManager;
/**
* An array of key-value pairs to apply to this resource.
*/
tagsRaw?: Array<cdk.CfnTag>;
/**
* Create a new `AWS::ECR::Repository`.
*
* @param scope Scope in which this resource is defined
* @param id Construct identifier for this resource (unique in its scope)
* @param props Resource properties
*/
constructor(scope: constructs.Construct, id: string, props?: CfnRepositoryProps);
get repositoryRef(): RepositoryReference;
protected get cfnProperties(): Record<string, any>;
/**
* Examines the CloudFormation resource and discloses attributes
*
* @param inspector tree inspector to collect and process attributes
*/
inspect(inspector: cdk.TreeInspector): void;
protected renderProperties(props: Record<string, any>): Record<string, any>;
}
export declare namespace CfnRepository {
/**
* The image scanning configuration for a repository.
*
* @struct
* @stability external
* @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ecr-repository-imagescanningconfiguration.html
*/
interface ImageScanningConfigurationProperty {
/**
* The setting that determines whether images are scanned after being pushed to a repository.
*
* If set to `true` , images will be scanned after being pushed. If this parameter is not specified, it will default to `false` and images will not be scanned unless a scan is manually started.
*
* @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ecr-repository-imagescanningconfiguration.html#cfn-ecr-repository-imagescanningconfiguration-scanonpush
*/
readonly scanOnPush?: boolean | cdk.IResolvable;
}
/**
* The encryption configuration for the repository. This determines how the contents of your repository are encrypted at rest.
*
* By default, when no encryption configuration is set or the `AES256` encryption type is used, Amazon ECR uses server-side encryption with Amazon S3-managed encryption keys which encrypts your data at rest using an AES256 encryption algorithm. This does not require any action on your part.
*
* For more control over the encryption of the contents of your repository, you can use server-side encryption with AWS Key Management Service key stored in AWS Key Management Service ( AWS ) to encrypt your images. For more information, see [Amazon ECR encryption at rest](https://docs.aws.amazon.com/AmazonECR/latest/userguide/encryption-at-rest.html) in the *Amazon Elastic Container Registry User Guide* .
*
* @struct
* @stability external
* @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ecr-repository-encryptionconfiguration.html
*/
interface EncryptionConfigurationProperty {
/**
* The encryption type to use.
*
* If you use the `KMS` encryption type, the contents of the repository will be encrypted using server-side encryption with AWS Key Management Service key stored in AWS . When you use AWS to encrypt your data, you can either use the default AWS managed AWS key for Amazon ECR, or specify your own AWS key, which you already created.
*
* If you use the `KMS_DSSE` encryption type, the contents of the repository will be encrypted with two layers of encryption using server-side encryption with the AWS Management Service key stored in AWS . Similar to the `KMS` encryption type, you can either use the default AWS managed AWS key for Amazon ECR, or specify your own AWS key, which you've already created.
*
* If you use the `AES256` encryption type, Amazon ECR uses server-side encryption with Amazon S3-managed encryption keys which encrypts the images in the repository using an AES256 encryption algorithm.
*
* For more information, see [Amazon ECR encryption at rest](https://docs.aws.amazon.com/AmazonECR/latest/userguide/encryption-at-rest.html) in the *Amazon Elastic Container Registry User Guide* .
*
* @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ecr-repository-encryptionconfiguration.html#cfn-ecr-repository-encryptionconfiguration-encryptiontype
*/
readonly encryptionType: string;
/**
* If you use the `KMS` encryption type, specify the AWS key to use for encryption.
*
* The alias, key ID, or full ARN of the AWS key can be specified. The key must exist in the same Region as the repository. If no key is specified, the default AWS managed AWS key for Amazon ECR will be used.
*
* @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ecr-repository-encryptionconfiguration.html#cfn-ecr-repository-encryptionconfiguration-kmskey
*/
readonly kmsKey?: string;
}
/**
* The `LifecyclePolicy` property type specifies a lifecycle policy.
*
* For information about lifecycle policy syntax, see [Lifecycle policy template](https://docs.aws.amazon.com/AmazonECR/latest/userguide/LifecyclePolicies.html) in the *Amazon ECR User Guide* .
*
* @struct
* @stability external
* @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ecr-repository-lifecyclepolicy.html
*/
interface LifecyclePolicyProperty {
/**
* The JSON repository policy text to apply to the repository.
*
* @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ecr-repository-lifecyclepolicy.html#cfn-ecr-repository-lifecyclepolicy-lifecyclepolicytext
*/
readonly lifecyclePolicyText?: string;
/**
* The AWS account ID associated with the registry that contains the repository.
*
* If you do not specify a registry, the default registry is assumed.
*
* @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ecr-repository-lifecyclepolicy.html#cfn-ecr-repository-lifecyclepolicy-registryid
*/
readonly registryId?: string;
}
/**
* A filter that specifies which image tags should be excluded from the repository's image tag mutability setting.
*
* @struct
* @stability external
* @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ecr-repository-imagetagmutabilityexclusionfilter.html
*/
interface ImageTagMutabilityExclusionFilterProperty {
/**
* Specifies the type of filter to use for excluding image tags from the repository's mutability setting.
*
* @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ecr-repository-imagetagmutabilityexclusionfilter.html#cfn-ecr-repository-imagetagmutabilityexclusionfilter-imagetagmutabilityexclusionfiltertype
*/
readonly imageTagMutabilityExclusionFilterType: string;
/**
* The value to use when filtering image tags.
*
* @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ecr-repository-imagetagmutabilityexclusionfilter.html#cfn-ecr-repository-imagetagmutabilityexclusionfilter-imagetagmutabilityexclusionfiltervalue
*/
readonly imageTagMutabilityExclusionFilterValue: string;
}
}
/**
* Properties for defining a `CfnRepository`
*
* @struct
* @stability external
* @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ecr-repository.html
*/
export interface CfnRepositoryProps {
/**
* If true, deleting the repository force deletes the contents of the repository.
*
* If false, the repository must be empty before attempting to delete it.
*
* @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ecr-repository.html#cfn-ecr-repository-emptyondelete
*/
readonly emptyOnDelete?: boolean | cdk.IResolvable;
/**
* The encryption configuration for the repository.
*
* This determines how the contents of your repository are encrypted at rest.
*
* @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ecr-repository.html#cfn-ecr-repository-encryptionconfiguration
*/
readonly encryptionConfiguration?: CfnRepository.EncryptionConfigurationProperty | cdk.IResolvable;
/**
* > The `imageScanningConfiguration` parameter is being deprecated, in favor of specifying the image scanning configuration at the registry level.
*
* For more information, see `PutRegistryScanningConfiguration` .
*
* The image scanning configuration for the repository. This determines whether images are scanned for known vulnerabilities after being pushed to the repository.
*
* @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ecr-repository.html#cfn-ecr-repository-imagescanningconfiguration
*/
readonly imageScanningConfiguration?: CfnRepository.ImageScanningConfigurationProperty | cdk.IResolvable;
/**
* The tag mutability setting for the repository.
*
* If this parameter is omitted, the default setting of `MUTABLE` will be used which will allow image tags to be overwritten. If `IMMUTABLE` is specified, all image tags within the repository will be immutable which will prevent them from being overwritten.
*
* @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ecr-repository.html#cfn-ecr-repository-imagetagmutability
*/
readonly imageTagMutability?: string;
/**
* A list of filters that specify which image tags are excluded from the repository's image tag mutability setting.
*
* @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ecr-repository.html#cfn-ecr-repository-imagetagmutabilityexclusionfilters
*/
readonly imageTagMutabilityExclusionFilters?: Array<CfnRepository.ImageTagMutabilityExclusionFilterProperty | cdk.IResolvable> | cdk.IResolvable;
/**
* Creates or updates a lifecycle policy.
*
* For information about lifecycle policy syntax, see [Lifecycle policy template](https://docs.aws.amazon.com/AmazonECR/latest/userguide/LifecyclePolicies.html) .
*
* @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ecr-repository.html#cfn-ecr-repository-lifecyclepolicy
*/
readonly lifecyclePolicy?: cdk.IResolvable | CfnRepository.LifecyclePolicyProperty;
/**
* The name to use for the repository.
*
* The repository name may be specified on its own (such as `nginx-web-app` ) or it can be prepended with a namespace to group the repository into a category (such as `project-a/nginx-web-app` ). If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the repository name. For more information, see [Name type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .
*
* The repository name must start with a letter and can only contain lowercase letters, numbers, hyphens, underscores, and forward slashes.
*
* > If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.
*
* @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ecr-repository.html#cfn-ecr-repository-repositoryname
*/
readonly repositoryName?: string;
/**
* The JSON repository policy text to apply to the repository.
*
* For more information, see [Amazon ECR repository policies](https://docs.aws.amazon.com/AmazonECR/latest/userguide/repository-policy-examples.html) in the *Amazon Elastic Container Registry User Guide* .
*
* @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ecr-repository.html#cfn-ecr-repository-repositorypolicytext
*/
readonly repositoryPolicyText?: any | cdk.IResolvable;
/**
* An array of key-value pairs to apply to this resource.
*
* @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ecr-repository.html#cfn-ecr-repository-tags
*/
readonly tags?: Array<cdk.CfnTag>;
}
/**
* Resource Type definition for AWS::ECR::PullTimeUpdateExclusion controls the exclusion configuration for ecr image pull time update.
*
* @cloudformationResource AWS::ECR::PullTimeUpdateExclusion
* @stability external
* @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ecr-pulltimeupdateexclusion.html
*/
export declare class CfnPullTimeUpdateExclusion extends cdk.CfnResource implements cdk.IInspectable, IPullTimeUpdateExclusionRef {
/**
* The CloudFormation resource type name for this resource class.
*/
static readonly CFN_RESOURCE_TYPE_NAME: string;
/**
* Build a CfnPullTimeUpdateExclusion from CloudFormation properties
*
* A factory method that creates a new instance of this class from an object
* containing the CloudFormation properties of this resource.
* Used in the @aws-cdk/cloudformation-include module.
*
* @internal
*/
static _fromCloudFormation(scope: constructs.Construct, id: string, resourceAttributes: any, options: cfn_parse.FromCloudFormationOptions): CfnPullTimeUpdateExclusion;
/**
* Checks whether the given object is a CfnPullTimeUpdateExclusion
*/
static isCfnPullTimeUpdateExclusion(x: any): x is CfnPullTimeUpdateExclusion;
/**
* The ARN of the IAM principal to remove from the pull time update exclusion list.
*/
principalArn: string;
/**
* Create a new `AWS::ECR::PullTimeUpdateExclusion`.
*
* @param scope Scope in which this resource is defined
* @param id Construct identifier for this resource (unique in its scope)
* @param props Resource properties
*/
constructor(scope: constructs.Construct, id: string, props: CfnPullTimeUpdateExclusionProps);
get pullTimeUpdateExclusionRef(): PullTimeUpdateExclusionReference;
protected get cfnProperties(): Record<string, any>;
/**
* Examines the CloudFormation resource and discloses attributes
*
* @param inspector tree inspector to collect and process attributes
*/
inspect(inspector: cdk.TreeInspector): void;
protected renderProperties(props: Record<string, any>): Record<string, any>;
}
/**
* Properties for defining a `CfnPullTimeUpdateExclusion`
*
* @struct
* @stability external
* @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ecr-pulltimeupdateexclusion.html
*/
export interface CfnPullTimeUpdateExclusionProps {
/**
* The ARN of the IAM principal to remove from the pull time update exclusion list.
*
* @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ecr-pulltimeupdateexclusion.html#cfn-ecr-pulltimeupdateexclusion-principalarn
*/
readonly principalArn: string;
}
/**
* The scanning configuration for a private registry.
*
* @cloudformationResource AWS::ECR::RegistryScanningConfiguration
* @stability external
* @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ecr-registryscanningconfiguration.html
*/
export declare class CfnRegistryScanningConfiguration extends cdk.CfnResource implements cdk.IInspectable, IRegistryScanningConfigurationRef {
/**
* The CloudFormation resource type name for this resource class.
*/
static readonly CFN_RESOURCE_TYPE_NAME: string;
/**
* Build a CfnRegistryScanningConfiguration from CloudFormation properties
*
* A factory method that creates a new instance of this class from an object
* containing the CloudFormation properties of this resource.
* Used in the @aws-cdk/cloudformation-include module.
*
* @internal
*/
static _fromCloudFormation(scope: constructs.Construct, id: string, resourceAttributes: any, options: cfn_parse.FromCloudFormationOptions): CfnRegistryScanningConfiguration;
/**
* Checks whether the given object is a CfnRegistryScanningConfiguration
*/
static isCfnRegistryScanningConfiguration(x: any): x is CfnRegistryScanningConfiguration;
/**
* The account ID of the destination registry.
*
* @cloudformationAttribute RegistryId
*/
readonly attrRegistryId: string;
/**
* The scanning rules associated with the registry.
*/
rules: Array<cdk.IResolvable | CfnRegistryScanningConfiguration.ScanningRuleProperty> | cdk.IResolvable;
/**
* The type of scanning configured for the registry.
*/
scanType: string;
/**
* Create a new `AWS::ECR::RegistryScanningConfiguration`.
*
* @param scope Scope in which this resource is defined
* @param id Construct identifier for this resource (unique in its scope)
* @param props Resource properties
*/
constructor(scope: constructs.Construct, id: string, props: CfnRegistryScanningConfigurationProps);
get registryScanningConfigurationRef(): RegistryScanningConfigurationReference;
protected get cfnProperties(): Record<string, any>;
/**
* Examines the CloudFormation resource and discloses attributes
*
* @param inspector tree inspector to collect and process attributes
*/
inspect(inspector: cdk.TreeInspector): void;
protected renderProperties(props: Record<string, any>): Record<string, any>;
}
export declare namespace CfnRegistryScanningConfiguration {
/**
* The scanning rules associated with the registry.
*
* @struct
* @stability external
* @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ecr-registryscanningconfiguration-scanningrule.html
*/
interface ScanningRuleProperty {
/**
* The details of a scanning repository filter.
*
* For more information on how to use filters, see [Using filters](https://docs.aws.amazon.com/AmazonECR/latest/userguide/image-scanning.html#image-scanning-filters) in the *Amazon Elastic Container Registry User Guide* .
*
* @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ecr-registryscanningconfiguration-scanningrule.html#cfn-ecr-registryscanningconfiguration-scanningrule-repositoryfilters
*/
readonly repositoryFilters: Array<cdk.IResolvable | CfnRegistryScanningConfiguration.RepositoryFilterProperty> | cdk.IResolvable;
/**
* The frequency that scans are performed at for a private registry.
*
* When the `ENHANCED` scan type is specified, the supported scan frequencies are `CONTINUOUS_SCAN` and `SCAN_ON_PUSH` . When the `BASIC` scan type is specified, the `SCAN_ON_PUSH` scan frequency is supported. If scan on push is not specified, then the `MANUAL` scan frequency is set by default.
*
* @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ecr-registryscanningconfiguration-scanningrule.html#cfn-ecr-registryscanningconfiguration-scanningrule-scanfrequency
*/
readonly scanFrequency: string;
}
/**
* The filter settings used with image replication.
*
* Specifying a repository filter to a replication rule provides a method for controlling which repositories in a private registry are replicated. If no filters are added, the contents of all repositories are replicated.
*
* @struct
* @stability external
* @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-pr