How to Create ECR in AWS using Terraform [2 Steps]

Updated:

In this article we are going to cover How to Create ECR in AWS using Terraform | Terraform with AWS Tutorial

What is Elastic Container Registry in AWS?

Amazon Elastic Container Registry (ECR) is a fully managed container registry service provided by Amazon Web Services (AWS). It allows you to store, manage, and deploy Docker container images. Here are the key features and concepts related to ECR:

Amazon Elastic Container Registry (ECR) is a fully managed container registry service provided by Amazon Web Services (AWS). It allows you to store, manage, and deploy Docker container images. Here are the key features and concepts related to ECR:

Key Features:

Private Container Registry:

  • ECR provides a secure and private container registry to store your Docker images. Images stored in ECR can only be accessed by authenticated users with the appropriate permissions.

Integration with AWS Services:

  • ECR seamlessly integrates with other AWS services like Amazon ECS (Elastic Container Service) and AWS Fargate, making it easy to deploy and manage containers.

Built-in Image Scanning:

  • ECR offers built-in image scanning that checks Docker images for vulnerabilities. It helps you identify and address security issues in your container images.

Lifecycle Policies:

  • ECR supports lifecycle policies to automate the cleanup of unused or outdated images. This helps in optimizing storage and managing image versions.

Fine-Grained Access Control:

  • You can control access to your container images using AWS Identity and Access Management (IAM). This allows you to define who can push, pull, or manage images in your registry.

Cross-Region Replication:

  • ECR supports cross-region replication, allowing you to replicate your container images to different AWS regions for improved availability and redundancy.

Basic Concepts:

1. Repository:

  • An ECR repository is like a folder where you store your Docker images. Each repository has a unique name within an AWS account and region.

2. Image:

  • An image is a lightweight, stand-alone, and executable package that includes everything needed to run a piece of software, including the code, a runtime, libraries, environment variables, and config files.

3. Registry URI:

  • The registry URI is the unique URL that points to your ECR repository. It is used when pulling or pushing images to and from ECR.

ECR simplifies the process of managing Docker images, providing a secure and scalable solution for containerized applications on AWS.

How to Create ECR in AWS using Terraform

Below are the example Terraform files to create an Amazon Elastic Container Registry (ECR) using Terraform. These files include main.tf, variables.tf, provider.tf, and variables.auto.tfvars.

main.tf

provider "aws" {
  region = var.aws_region
}

resource "aws_ecr_repository" "example_ecr_repo" {
  name = var.ecr_repo_name

  image_scanning_configuration {
    scan_on_push = true
  }
}

output "ecr_repo_url" {
  value = aws_ecr_repository.example_ecr_repo.repository_url
}

variables.tf

variable "aws_region" {
  description = "The AWS region where the ECR repository will be created."
  type        = string
}

variable "ecr_repo_name" {
  description = "The name of the ECR repository."
  type        = string
}

provider.tf

provider "aws" {
  # You can specify your AWS credentials or use other authentication methods here.
  region = var.aws_region
}

variables.auto.tfvars

# variables.auto.tfvars

aws_region   = "us-west-2"  # Change this to your preferred region
ecr_repo_name = "demo-ecr-repo"  # Change this to your preferred repository name

In this example:

  • main.tf contains the primary Terraform configuration, creating an ECR repository named example_ecr_repo. The output block outputs the repository URL.
  • variables.tf defines variables for the AWS region and the ECR repository name.
  • provider.tf specifies the AWS provider with the region defined in the variables.
  • variables.auto.tfvars contains the values for the variables. Adjust the region and repository name according to your preferences.

Step 2:

To use these files, follow these steps:

  1. Save the contents of each file into separate files with the corresponding names (e.g., main.tf, variables.tf, provider.tf, variables.auto.tfvars).
  2. Run terraform init to initialize your Terraform configuration.
  3. Run terraform apply to create the ECR repository. Enter “yes” when prompted.

These files assume you have AWS credentials configured (either through environment variables, AWS CLI, or other methods). Adjust the authentication method in provider.tf based on your needs.

Step 3:

Verify in console

step 1 10

Step 4:

Apply terraform destroy command to destroy above created ECR.

Conclusion:

In this article we have covered What is Elastic Container Registry in AWS, How to Create ECR in AWS using Terraform | Terraform with AWS Tutorial

Related Articles:

Create Secret Manager in AWS using Terraform

Reference:

Amazon Elastic Container Registry official page

About Monica Mahire

Working as DevOps Intern, Likes to explore new tools and share knowledge.

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Share via
Facebook
X (Twitter)
LinkedIn
Mix
Email
Print
Copy Link
Copy link
CopyCopied