» Resource: aws_ecr_lifecycle_policy

Manages an ECR repository lifecycle policy.

NOTE: Only one aws_ecr_lifecycle_policy resource can be used with the same ECR repository. To apply multiple rules, they must be combined in the policy JSON.

NOTE: The AWS ECR API seems to reorder rules based on rulePriority. If you define multiple rules that are not sorted in ascending rulePriority order in the Terraform code, the resource will be flagged for recreation every terraform plan.

» Example Usage

» Policy on untagged image

resource "aws_ecr_repository" "foo" {
  name = "bar"
}

resource "aws_ecr_lifecycle_policy" "foopolicy" {
  repository = "${aws_ecr_repository.foo.name}"

  policy = <<EOF
{
    "rules": [
        {
            "rulePriority": 1,
            "description": "Expire images older than 14 days",
            "selection": {
                "tagStatus": "untagged",
                "countType": "sinceImagePushed",
                "countUnit": "days",
                "countNumber": 14
            },
            "action": {
                "type": "expire"
            }
        }
    ]
}
EOF
}

» Policy on tagged image

resource "aws_ecr_repository" "foo" {
  name = "bar"
}

resource "aws_ecr_lifecycle_policy" "foopolicy" {
  repository = "${aws_ecr_repository.foo.name}"

  policy = <<EOF
{
    "rules": [
        {
            "rulePriority": 1,
            "description": "Keep last 30 images",
            "selection": {
                "tagStatus": "tagged",
                "tagPrefixList": ["v"],
                "countType": "imageCountMoreThan",
                "countNumber": 30
            },
            "action": {
                "type": "expire"
            }
        }
    ]
}
EOF
}

» Argument Reference

The following arguments are supported:

repository - (Required) Name of the repository to apply the policy.
policy - (Required) The policy document. This is a JSON formatted string. See more details about Policy Parameters in the official AWS docs. For more information about building IAM policy documents with Terraform, see the AWS IAM Policy Document Guide.

» Attributes Reference

In addition to all arguments above, the following attributes are exported:

repository - The name of the repository.
registry_id - The registry ID where the repository was created.

» Import

ECR Lifecycle Policy can be imported using the name of the repository, e.g.

$ terraform import aws_ecr_lifecycle_policy.example tf-example