Package com.pulumi.aws.ecr

Class RegistryPolicy

  • public class RegistryPolicy
extends com.pulumi.resources.CustomResource
    Provides an Elastic Container Registry Policy. > **NOTE on ECR Registry Policies:** While the AWS Management Console interface may suggest the ability to define multiple policies by creating multiple statements, ECR registry policies are effectively managed as singular entities at the regional level by the AWS APIs. Therefore, the `aws.ecr.RegistryPolicy` resource should be configured only once per region with all necessary statements defined in the same policy. Attempting to define multiple `aws.ecr.RegistryPolicy` resources may result in perpetual differences, with one policy overriding another. ## Example Usage <!--Start PulumiCodeChooser --> 
     
 package generated_program;
 
 import com.pulumi.Context;
 import com.pulumi.Pulumi;
 import com.pulumi.core.Output;
 import com.pulumi.aws.AwsFunctions;
 import com.pulumi.aws.inputs.GetCallerIdentityArgs;
 import com.pulumi.aws.inputs.GetRegionArgs;
 import com.pulumi.aws.inputs.GetPartitionArgs;
 import com.pulumi.aws.ecr.RegistryPolicy;
 import com.pulumi.aws.ecr.RegistryPolicyArgs;
 import static com.pulumi.codegen.internal.Serialization.*;
 import java.util.List;
 import java.util.ArrayList;
 import java.util.Map;
 import java.io.File;
 import java.nio.file.Files;
 import java.nio.file.Paths;
 
 public class App {
     public static void main(String[] args) {
         Pulumi.run(App::stack);
     }
 
     public static void stack(Context ctx) {
         final var current = AwsFunctions.getCallerIdentity();
 
         final var currentGetRegion = AwsFunctions.getRegion();
 
         final var currentGetPartition = AwsFunctions.getPartition();
 
         var example = new RegistryPolicy("example", RegistryPolicyArgs.builder()
             .policy(serializeJson(
                 jsonObject(
                     jsonProperty("Version", "2012-10-17"),
                     jsonProperty("Statement", jsonArray(jsonObject(
                         jsonProperty("Sid", "testpolicy"),
                         jsonProperty("Effect", "Allow"),
                         jsonProperty("Principal", jsonObject(
                             jsonProperty("AWS", String.format("arn:%s:iam::%s:root", currentGetPartition.applyValue(getPartitionResult -> getPartitionResult.partition()),current.applyValue(getCallerIdentityResult -> getCallerIdentityResult.accountId())))
                         )),
                         jsonProperty("Action", jsonArray("ecr:ReplicateImage")),
                         jsonProperty("Resource", jsonArray(String.format("arn:%s:ecr:%s:%s:repository/*", currentGetPartition.applyValue(getPartitionResult -> getPartitionResult.partition()),currentGetRegion.applyValue(getRegionResult -> getRegionResult.name()),current.applyValue(getCallerIdentityResult -> getCallerIdentityResult.accountId()))))
                     )))
                 )))
             .build());
 
     }
 }
    <!--End PulumiCodeChooser --> ## Import Using `pulumi import`, import ECR Registry Policy using the registry id. For example: ```sh $ pulumi import aws:ecr/registryPolicy:RegistryPolicy example 123456789012 ```

    • Nested Class Summary

      • Nested classes/interfaces inherited from class com.pulumi.resources.CustomResource

        com.pulumi.resources.CustomResource.CustomResourceInternal

      • Nested classes/interfaces inherited from class com.pulumi.resources.Resource

        com.pulumi.resources.Resource.LazyField<T extends java.lang.Object>, com.pulumi.resources.Resource.LazyFields, com.pulumi.resources.Resource.ResourceInternal

    • Field Summary

      • Fields inherited from class com.pulumi.resources.Resource

        childResources, remote

    • Method Summary

      All Methods Static Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      static RegistryPolicy get​(java.lang.String name, com.pulumi.core.Output<java.lang.String> id, RegistryPolicyState state, com.pulumi.resources.CustomResourceOptions options)
      Get an existing Host resource's state with the given name, ID, and optional extra properties used to qualify the lookup.
      com.pulumi.core.Output<java.lang.String> policy()  
      com.pulumi.core.Output<java.lang.String> registryId()  

      • Methods inherited from class com.pulumi.resources.CustomResource

        getId, id, idFuture

      • Methods inherited from class com.pulumi.resources.Resource

        getChildResources, getResourceName, getResourceType, getUrn, pulumiChildResources, pulumiResourceName, pulumiResourceType, urn

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    • Constructor Detail

      • RegistryPolicy

        public RegistryPolicy​(java.lang.String name)
        Parameters:
        name - The _unique_ name of the resulting resource.

      • RegistryPolicy

        public RegistryPolicy​(java.lang.String name,
                      RegistryPolicyArgs args)
        Parameters:
        name - The _unique_ name of the resulting resource.
        args - The arguments to use to populate this resource's properties.

      • RegistryPolicy

        public RegistryPolicy​(java.lang.String name,
                      RegistryPolicyArgs args,
                      @Nullable
                      com.pulumi.resources.CustomResourceOptions options)
        Parameters:
        name - The _unique_ name of the resulting resource.
        args - The arguments to use to populate this resource's properties.
        options - A bag of options that control this resource's behavior.

    • Method Detail

      • policy

        public com.pulumi.core.Output<java.lang.String> policy()
        Returns:
        The policy document. This is a JSON formatted string.

      • registryId

        public com.pulumi.core.Output<java.lang.String> registryId()
        Returns:
        The registry ID where the registry was created.

      • get

        public static RegistryPolicy get​(java.lang.String name,
                                 com.pulumi.core.Output<java.lang.String> id,
                                 @Nullable
                                 RegistryPolicyState state,
                                 @Nullable
                                 com.pulumi.resources.CustomResourceOptions options)
        Get an existing Host resource's state with the given name, ID, and optional extra properties used to qualify the lookup.
        Parameters:
        name - The _unique_ name of the resulting resource.
        id - The _unique_ provider ID of the resource to lookup.
        state -
        options - Optional settings to control the behavior of the CustomResource.