terraform-aws-ecr icon indicating copy to clipboard operation
terraform-aws-ecr copied to clipboard

Published 20 hours ago verified publisher icon cloudposse

Allow other principals

Open Ikana opened this issue 4 years ago • 2 comments

Describe the Feature

Allow for other principals other than AWS for access control.

Expected Behavior

Allow Service or other values in principals_readonly_access.

Use Case

For letting services like lambda pull from the repository.

Describe Ideal Solution

To specify the type of principals when the value is not AWS, you could also specify the whole access policy.

Alternatives Considered

Using other modules.

Ikana avatar Aug 31 '21 13:08 Ikana

@Ikana lambda is a bit strange - that it requires the permissions to be embedded in the resource (the ECR-repo) - have you found any workaround to that? It seems it's not possible to place the permission in a separate iam-role? CC @kjetiloen

davidkarlsen avatar Oct 25 '21 10:10 davidkarlsen

#88 will allow for cross-account lambda access.

dsme94 avatar Dec 07 '21 09:12 dsme94