@cloudcomponents/cdk-container-registry
@cloudcomponents/cdk-container-registry / ImageRepository
-
Repository↳
ImageRepository
- _enableCrossEnvironment
- addLifecycleRule
- addToResourcePolicy
- applyRemovalPolicy
- generatePhysicalName
- getResourceArnAttribute
- getResourceNameAttribute
- grant
- grantPull
- grantPullPush
- onCloudTrailEvent
- onCloudTrailImagePushed
- onEvent
- onFinding
- onImageScanCompleted
- onPrepare
- onSynthesize
- onValidate
- prepare
- repositoryUriForDigest
- repositoryUriForTag
- synthesize
- toString
- validate
- arnForLocalRepository
- fromRepositoryArn
- fromRepositoryAttributes
- fromRepositoryName
- isConstruct
- isResource
• new ImageRepository(scope, id, props?)
| Name | Type |
|---|---|
scope |
Construct |
id |
string |
props? |
ImageRepositoryProps |
Repository.constructor
• Readonly env: ResourceEnvironment
The environment this resource belongs to.
For resources that are created and managed by the CDK (generally, those created by creating new class instances like Role, Bucket, etc.), this is always the same as the environment of the stack they belong to; however, for imported resources (those obtained from static methods like fromRoleArn, fromBucketName, etc.), that might be different than the stack they were imported into.
stability stable
Repository.env
• Readonly node: ConstructNode
The construct tree node associated with this construct.
stability stable
Repository.node
• Protected Readonly physicalName: string
Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource.
This value will resolve to one of the following:
- a concrete value (e.g.
"my-awesome-bucket") undefined, when a name should be generated by CloudFormation- a concrete name generated automatically during synthesis, in cross-environment scenarios.
stability stable
Repository.physicalName
• Readonly repositoryArn: string
The ARN of the repository.
stability stable
Repository.repositoryArn
• Readonly repositoryName: string
The name of the repository.
stability stable
Repository.repositoryName
• Readonly stack: Stack
The stack in which this resource is defined.
stability stable
Repository.stack
• get repositoryUri(): string
The URI of this repository (represents the latest image):.
ACCOUNT.dkr.ecr.REGION.amazonaws.com/REPOSITORY
stability stable
string
Repository.repositoryUri
▸ _enableCrossEnvironment(): void
Called when this resource is referenced across environments (account/region) to order to request that a physical name will be generated for this resource during synthesis, so the resource can be referenced through it's absolute name/arn.
internal
void
Repository._enableCrossEnvironment
▸ addLifecycleRule(rule): void
Add a life cycle rule to the repository.
Life cycle rules automatically expire images from the repository that match certain conditions.
stability stable
| Name | Type |
|---|---|
rule |
LifecycleRule |
void
Repository.addLifecycleRule
▸ addToResourcePolicy(statement): AddToResourcePolicyResult
Add a policy statement to the repository's resource policy.
stability stable
| Name | Type |
|---|---|
statement |
PolicyStatement |
AddToResourcePolicyResult
Repository.addToResourcePolicy
▸ applyRemovalPolicy(policy): void
Apply the given removal policy to this resource.
The Removal Policy controls what happens to this resource when it stops being managed by CloudFormation, either because you've removed it from the CDK application or because you've made a change that requires the resource to be replaced.
The resource can be deleted (RemovalPolicy.DESTROY), or left in your AWS
account for data recovery and cleanup later (RemovalPolicy.RETAIN).
stability stable
| Name | Type |
|---|---|
policy |
RemovalPolicy |
void
Repository.applyRemovalPolicy
▸ Protected generatePhysicalName(): string
stability stable
string
Repository.generatePhysicalName
▸ Protected getResourceArnAttribute(arnAttr, arnComponents): string
Returns an environment-sensitive token that should be used for the resource's "ARN" attribute (e.g. bucket.bucketArn).
Normally, this token will resolve to arnAttr, but if the resource is
referenced across environments, arnComponents will be used to synthesize
a concrete ARN with the resource's physical name. Make sure to reference
this.physicalName in arnComponents.
stability stable
| Name | Type | Description |
|---|---|---|
arnAttr |
string |
The CFN attribute which resolves to the ARN of the resource. |
arnComponents |
ArnComponents |
The format of the ARN of this resource. |
string
Repository.getResourceArnAttribute
▸ Protected getResourceNameAttribute(nameAttr): string
Returns an environment-sensitive token that should be used for the resource's "name" attribute (e.g. bucket.bucketName).
Normally, this token will resolve to nameAttr, but if the resource is
referenced across environments, it will be resolved to this.physicalName,
which will be a concrete name.
stability stable
| Name | Type | Description |
|---|---|---|
nameAttr |
string |
The CFN attribute which resolves to the resource's name. |
string
Repository.getResourceNameAttribute
▸ grant(grantee, ...actions): Grant
Grant the given principal identity permissions to perform the actions on this repository.
stability stable
| Name | Type |
|---|---|
grantee |
IGrantable |
...actions |
string[] |
Grant
Repository.grant
▸ grantPull(grantee): Grant
Grant the given identity permissions to use the images in this repository.
stability stable
| Name | Type |
|---|---|
grantee |
IGrantable |
Grant
Repository.grantPull
▸ grantPullPush(grantee): Grant
Grant the given identity permissions to pull and push images to this repository.
stability stable
| Name | Type |
|---|---|
grantee |
IGrantable |
Grant
Repository.grantPullPush
▸ onCloudTrailEvent(id, options?): Rule
Define a CloudWatch event that triggers when something happens to this repository.
Requires that there exists at least one CloudTrail Trail in your account that captures the event. This method will not create the Trail.
stability stable
| Name | Type | Description |
|---|---|---|
id |
string |
The id of the rule. |
options? |
OnEventOptions |
Options for adding the rule. |
Rule
Repository.onCloudTrailEvent
▸ onCloudTrailImagePushed(id, options?): Rule
Defines an AWS CloudWatch event rule that can trigger a target when an image is pushed to this repository.
Requires that there exists at least one CloudTrail Trail in your account that captures the event. This method will not create the Trail.
stability stable
| Name | Type | Description |
|---|---|---|
id |
string |
The id of the rule. |
options? |
OnCloudTrailImagePushedOptions |
Options for adding the rule. |
Rule
Repository.onCloudTrailImagePushed
▸ onEvent(id, options?): Rule
Defines a CloudWatch event rule which triggers for repository events.
Use
rule.addEventPattern(pattern) to specify a filter.
stability stable
| Name | Type |
|---|---|
id |
string |
options? |
OnEventOptions |
Rule
Repository.onEvent
▸ onFinding(id, options): Rule
| Name | Type |
|---|---|
id |
string |
options |
OnFindingOptions |
Rule
▸ onImageScanCompleted(id, options?): Rule
Defines an AWS CloudWatch event rule that can trigger a target when an image scan is completed.
stability stable
| Name | Type | Description |
|---|---|---|
id |
string |
The id of the rule. |
options? |
OnImageScanCompletedOptions |
Options for adding the rule. |
Rule
Repository.onImageScanCompleted
▸ Protected onPrepare(): void
Perform final modifications before synthesis.
This method can be implemented by derived constructs in order to perform final changes before synthesis. prepare() will be called after child constructs have been prepared.
This is an advanced framework feature. Only use this if you understand the implications.
stability stable
void
Repository.onPrepare
▸ Protected onSynthesize(session): void
Allows this construct to emit artifacts into the cloud assembly during synthesis.
This method is usually implemented by framework-level constructs such as Stack and Asset
as they participate in synthesizing the cloud assembly.
stability stable
| Name | Type | Description |
|---|---|---|
session |
ISynthesisSession |
The synthesis session. |
void
Repository.onSynthesize
▸ Protected onValidate(): string[]
Validate the current construct.
This method can be implemented by derived constructs in order to perform validation logic. It is called on all constructs before synthesis.
stability stable
string[]
An array of validation error messages, or an empty array if the construct is valid.
Repository.onValidate
▸ Protected prepare(): void
Perform final modifications before synthesis.
This method can be implemented by derived constructs in order to perform final changes before synthesis. prepare() will be called after child constructs have been prepared.
This is an advanced framework feature. Only use this if you understand the implications.
stability stable
void
Repository.prepare
▸ repositoryUriForDigest(digest?): string
Returns the URL of the repository. Can be used in docker push/pull.
ACCOUNT.dkr.ecr.REGION.amazonaws.com/REPOSITORY[@DIGEST]
stability stable
| Name | Type | Description |
|---|---|---|
digest? |
string |
Optional image digest. |
string
Repository.repositoryUriForDigest
▸ repositoryUriForTag(tag?): string
Returns the URL of the repository. Can be used in docker push/pull.
ACCOUNT.dkr.ecr.REGION.amazonaws.com/REPOSITORY[:TAG]
stability stable
| Name | Type | Description |
|---|---|---|
tag? |
string |
Optional image tag. |
string
Repository.repositoryUriForTag
▸ Protected synthesize(session): void
Allows this construct to emit artifacts into the cloud assembly during synthesis.
This method is usually implemented by framework-level constructs such as Stack and Asset
as they participate in synthesizing the cloud assembly.
stability stable
| Name | Type | Description |
|---|---|---|
session |
ISynthesisSession |
The synthesis session. |
void
Repository.synthesize
▸ toString(): string
Returns a string representation of this construct.
stability stable
string
Repository.toString
▸ Protected validate(): string[]
Validate the current construct.
This method can be implemented by derived constructs in order to perform validation logic. It is called on all constructs before synthesis.
stability stable
string[]
Repository.validate
▸ Static arnForLocalRepository(repositoryName, scope, account?): string
Returns an ECR ARN for a repository that resides in the same account/region as the current stack.
stability stable
| Name | Type |
|---|---|
repositoryName |
string |
scope |
IConstruct |
account? |
string |
string
Repository.arnForLocalRepository
▸ Static fromRepositoryArn(scope, id, repositoryArn): IRepository
stability stable
| Name | Type |
|---|---|
scope |
Construct |
id |
string |
repositoryArn |
string |
IRepository
Repository.fromRepositoryArn
▸ Static fromRepositoryAttributes(scope, id, attrs): IRepository
Import a repository.
stability stable
| Name | Type |
|---|---|
scope |
Construct |
id |
string |
attrs |
RepositoryAttributes |
IRepository
Repository.fromRepositoryAttributes
▸ Static fromRepositoryName(scope, id, repositoryName): IRepository
stability stable
| Name | Type |
|---|---|
scope |
Construct |
id |
string |
repositoryName |
string |
IRepository
Repository.fromRepositoryName
▸ Static isConstruct(x): x is Construct
Return whether the given object is a Construct.
stability stable
| Name | Type |
|---|---|
x |
any |
x is Construct
Repository.isConstruct
▸ Static isResource(construct): construct is CfnResource
Check whether the given construct is a Resource.
stability stable
| Name | Type |
|---|---|
construct |
IConstruct |
construct is CfnResource
Repository.isResource
@cloudcomponents/cdk-container-registry / Severity
• CRITICAL = "CRITICAL"
• HIGH = "HIGH"
• INFORMATIONAL = "INFORMATIONAL"
• LOW = "LOW"
• MEDIUM = "MEDIUM"
• UNDEFINED = "UNDEFINED"
@cloudcomponents/cdk-container-registry / ImageRepositoryProps
-
RepositoryProps↳
ImageRepositoryProps
- forceDelete
- imageScanOnPush
- imageTagMutability
- lifecycleRegistryId
- lifecycleRules
- removalPolicy
- repositoryName
• Optional Readonly forceDelete: boolean
If a repository contains images, forces the deletion during stack deletion.
default false
• Optional Readonly imageScanOnPush: boolean
Enable the scan on push when creating the repository.
default false
stability stable
RepositoryProps.imageScanOnPush
• Optional Readonly imageTagMutability: TagMutability
The tag mutability setting for the repository.
If this parameter is omitted, the default setting of MUTABLE will be used which will allow image tags to be overwritten.
default TagMutability.MUTABLE
stability stable
RepositoryProps.imageTagMutability
• Optional Readonly lifecycleRegistryId: string
The AWS account ID associated with the registry that contains the repository.
default The default registry is assumed.
see https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_PutLifecyclePolicy.html
stability stable
RepositoryProps.lifecycleRegistryId
• Optional Readonly lifecycleRules: LifecycleRule[]
Life cycle rules to apply to this registry.
default No life cycle rules
stability stable
RepositoryProps.lifecycleRules
• Optional Readonly removalPolicy: RemovalPolicy
Determine what happens to the repository when the resource/stack is deleted.
default RemovalPolicy.Retain
stability stable
RepositoryProps.removalPolicy
• Optional Readonly repositoryName: string
Name for this repository.
default Automatically generated name.
stability stable
RepositoryProps.repositoryName
@cloudcomponents/cdk-container-registry / OnFindingOptions
• Readonly alarmTopic: ITopic
• Optional Readonly imageTags: string[]
Only watch changes to the image tags specified. Leave it undefined to watch the full repository.
default - Watch the changes to the repository with all image tags
• Readonly severity: Severity