Resource: aws_ecr_registry_scanning_configuration

Provides an Elastic Container Registry Scanning Configuration. Can't be completely deleted, instead reverts to the default BASIC scanning configuration without rules.

Example Usage

Basic example

resource "aws_ecr_registry_scanning_configuration" "configuration" {
  scan_type = "ENHANCED"

  rule {
    scan_frequency = "CONTINUOUS_SCAN"
    repository_filter {
      filter      = "example"
      filter_type = "WILDCARD"
    }
  }
}

Multiple rules

resource "aws_ecr_registry_scanning_configuration" "test" {
  scan_type = "ENHANCED"

  rule {
    scan_frequency = "SCAN_ON_PUSH"
    repository_filter {
      filter      = "*"
      filter_type = "WILDCARD"
    }
  }

  rule {
    scan_frequency = "CONTINUOUS_SCAN"
    repository_filter {
      filter      = "example"
      filter_type = "WILDCARD"
    }
  }
}

Argument Reference

This resource supports the following arguments:

rule

Attribute Reference

This resource exports the following attributes in addition to the arguments above:

Import

In Terraform v1.5.0 and later, use an import block to import ECR Scanning Configurations using the registry_id. For example:

import {
  to = aws_ecr_registry_scanning_configuration.example
  id = "012345678901"
}

Using terraform import, import ECR Scanning Configurations using the registry_id. For example:

% terraform import aws_ecr_registry_scanning_configuration.example 012345678901