Skip to content

Commit

Permalink
feat: lacework_integration_ecr support for IAM Roles
Browse files Browse the repository at this point in the history
We now support integrating ECR using IAM Roles instead of keys, though,
we will continue to support access keys.

To create an ECR integration with the new IAM role authenticatino method
```
provider "lacework" {}

resource "lacework_integration_ecr" "iam_role" {
  name            = "ECR using IAM Role"
  registry_domain = "YourAWSAccount.dkr.ecr.YourRegion.amazonaws.com"
  credentials {
    role_arn    = "arn:aws:iam::1234567890:role/lacework_iam_example_role"
    external_id = "12345"
  }
}
```

To create an ECR integration with the old authentication method, using
Access Keys:
```
provider "lacework" {}

resource "lacework_integration_ecr" "access_key" {
  name            = "ECR using Access Keys"
  registry_domain = "YourAWSAccount.dkr.ecr.YourRegion.amazonaws.com"
  credentials {
    access_key_id     = "AWS123abcAccessKeyID"
    secret_access_key = "AWS123abc123abcSecretAccessKey0000000000"
  }
}
```

Signed-off-by: Salim Afiune Maya <afiune@lacework.net>
  • Loading branch information
afiune committed Mar 15, 2021
1 parent b86e6c7 commit 42bfbae
Show file tree
Hide file tree
Showing 3 changed files with 524 additions and 75 deletions.
30 changes: 21 additions & 9 deletions examples/resource_lacework_integration_ecr/main.tf
Original file line number Diff line number Diff line change
@@ -1,12 +1,24 @@
provider "lacework" {}

resource "lacework_integration_ecr" "example" {
name = "ERC Example"
registry_domain = "YourAWSAccount.dkr.ecr.YourRegion.amazonaws.com"
access_key_id = "AWS123abcAccessKeyID"
secret_access_key = "AWS123abc123abcSecretAccessKey0000000000"
limit_by_tag = "dev*"
limit_by_label = "*label"
limit_by_repos = "my-repo,other-repo"
limit_num_imgs = 10
resource "lacework_integration_ecr" "iam_role" {
name = "ECR using IAM Role"
registry_domain = "YourAWSAccount.dkr.ecr.YourRegion.amazonaws.com"
credentials {
role_arn = "arn:aws:iam::1234567890:role/lacework_iam_example_role"
external_id = "12345"
}
}

resource "lacework_integration_ecr" "access_key" {
name = "ECR using Access Keys"
registry_domain = "YourAWSAccount.dkr.ecr.YourRegion.amazonaws.com"
credentials {
access_key_id = "AWS123abcAccessKeyID"
secret_access_key = "AWS123abc123abcSecretAccessKey0000000000"
}

limit_by_tag = "dev*"
limit_by_label = "*label"
limit_by_repos = "my-repo,other-repo"
limit_num_imgs = 10
}
Loading

0 comments on commit 42bfbae

Please sign in to comment.