pull_through_cache_rules
Creates, updates, deletes or gets a pull_through_cache_rule resource or lists pull_through_cache_rules in a region
Overview
| Name | pull_through_cache_rules |
| Type | Resource |
| Description | The ``AWS::ECR::PullThroughCacheRule`` resource creates or updates a pull through cache rule. A pull through cache rule provides a way to cache images from an upstream registry in your Amazon ECR private registry. |
| Id | awscc.ecr.pull_through_cache_rules |
Fields
- get (all properties)
- list (identifiers only)
| Name | Datatype | Description |
|---|---|---|
ecr_repository_prefix | string | The Amazon ECR repository prefix associated with the pull through cache rule. |
upstream_registry_url | string | The upstream registry URL associated with the pull through cache rule. |
credential_arn | string | The ARN of the Secrets Manager secret associated with the pull through cache rule. |
upstream_registry | string | The name of the upstream source registry associated with the pull through cache rule. |
custom_role_arn | string | The ARN of the IAM role associated with the pull through cache rule. |
upstream_repository_prefix | string | The upstream repository prefix associated with the pull through cache rule. |
region | string | AWS region. |
| Name | Datatype | Description |
|---|---|---|
ecr_repository_prefix | string | The Amazon ECR repository prefix associated with the pull through cache rule. |
region | string | AWS region. |
For more information, see AWS::ECR::PullThroughCacheRule.
Methods
| Name | Resource | Accessible by | Required Params |
|---|---|---|---|
create_resource | pull_through_cache_rules | INSERT | region |
delete_resource | pull_through_cache_rules | DELETE | Identifier, region |
update_resource | pull_through_cache_rules | UPDATE | Identifier, PatchDocument, region |
list_resources | pull_through_cache_rules_list_only | SELECT | region |
get_resource | pull_through_cache_rules | SELECT | Identifier, region |
SELECT examples
- get (all properties)
- list (identifiers only)
Gets all properties from an individual pull_through_cache_rule.
SELECT
region,
ecr_repository_prefix,
upstream_registry_url,
credential_arn,
upstream_registry,
custom_role_arn,
upstream_repository_prefix
FROM awscc.ecr.pull_through_cache_rules
WHERE
region = 'us-east-1' AND
Identifier = '{{ ecr_repository_prefix }}';
Lists all pull_through_cache_rules in a region.
SELECT
region,
ecr_repository_prefix
FROM awscc.ecr.pull_through_cache_rules_list_only
WHERE
region = 'us-east-1';
INSERT example
Use the following StackQL query and manifest file to create a new pull_through_cache_rule resource, using stack-deploy.
- Required Properties
- All Properties
- Manifest
/*+ create */
INSERT INTO awscc.ecr.pull_through_cache_rules (
EcrRepositoryPrefix,
UpstreamRegistryUrl,
CredentialArn,
UpstreamRegistry,
CustomRoleArn,
UpstreamRepositoryPrefix,
region
)
SELECT
'{{ ecr_repository_prefix }}',
'{{ upstream_registry_url }}',
'{{ credential_arn }}',
'{{ upstream_registry }}',
'{{ custom_role_arn }}',
'{{ upstream_repository_prefix }}',
'{{ region }}';
/*+ create */
INSERT INTO awscc.ecr.pull_through_cache_rules (
EcrRepositoryPrefix,
UpstreamRegistryUrl,
CredentialArn,
UpstreamRegistry,
CustomRoleArn,
UpstreamRepositoryPrefix,
region
)
SELECT
'{{ ecr_repository_prefix }}',
'{{ upstream_registry_url }}',
'{{ credential_arn }}',
'{{ upstream_registry }}',
'{{ custom_role_arn }}',
'{{ upstream_repository_prefix }}',
'{{ region }}';
version: 1
name: stack name
description: stack description
providers:
- aws
globals:
- name: region
value: '{{ vars.AWS_REGION }}'
resources:
- name: pull_through_cache_rule
props:
- name: ecr_repository_prefix
value: '{{ ecr_repository_prefix }}'
- name: upstream_registry_url
value: '{{ upstream_registry_url }}'
- name: credential_arn
value: '{{ credential_arn }}'
- name: upstream_registry
value: '{{ upstream_registry }}'
- name: custom_role_arn
value: '{{ custom_role_arn }}'
- name: upstream_repository_prefix
value: '{{ upstream_repository_prefix }}'
DELETE example
/*+ delete */
DELETE FROM awscc.ecr.pull_through_cache_rules
WHERE
Identifier = '{{ ecr_repository_prefix }}' AND
region = 'us-east-1';
Permissions
To operate on the pull_through_cache_rules resource, the following permissions are required:
- Create
- Read
- Update
- Delete
- List
ecr:DescribePullThroughCacheRules,
ecr:CreatePullThroughCacheRule,
ecr:DeletePullThroughCacheRule,
iam:CreateServiceLinkedRole,
secretsmanager:GetSecretValue,
iam:PassRole
ecr:DescribePullThroughCacheRules
ecr:DescribePullThroughCacheRules,
ecr:CreatePullThroughCacheRule,
ecr:DeletePullThroughCacheRule,
iam:CreateServiceLinkedRole,
secretsmanager:GetSecretValue,
iam:PassRole
ecr:DescribePullThroughCacheRules,
ecr:DeletePullThroughCacheRule
ecr:DescribePullThroughCacheRules