feat: Add KMS functionality

geekcell · Jul 2, 2024 · 43617e2 · 43617e2
1 parent 922201d
commit 43617e2
Show file tree

Hide file tree

Showing 3 changed files with 12 additions and 12 deletions.
diff --git a/README.md b/README.md
@@ -55,8 +55,10 @@ benefits of a lifecycle policy, all with just a few simple commands. Try it out
 
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
+| <a name="input_encryption_type"></a> [encryption\_type](#input\_encryption\_type) | The encryption type to use for the repository. | `string` | `"AES256"` | no |
 | <a name="input_force_delete"></a> [force\_delete](#input\_force\_delete) | Delete the repository even if it contains images. | `bool` | `false` | no |
 | <a name="input_image_tag_mutability"></a> [image\_tag\_mutability](#input\_image\_tag\_mutability) | The tag mutability setting for the repository. | `string` | `"MUTABLE"` | no |
+| <a name="input_kms_key"></a> [kms\_key](#input\_kms\_key) | The ARN of the KMS key to use for encryption. | `string` | `null` | no |
 | <a name="input_lifecycle_rules"></a> [lifecycle\_rules](#input\_lifecycle\_rules) | Lifecycle policy rules for expiring images. | <pre>list(object({<br>    description     = optional(string)<br>    tag_status      = optional(string)<br>    tag_prefix_list = optional(list(string))<br>    count_type      = string<br>    count_unit      = optional(string)<br>    count_number    = number<br>  }))</pre> | <pre>[<br>  {<br>    "count_number": 30,<br>    "count_type": "imageCountMoreThan",<br>    "description": "Keep the last 30 tagged images",<br>    "tag_prefix_list": [<br>      "sha"<br>    ],<br>    "tag_status": "tagged"<br>  },<br>  {<br>    "count_number": 10,<br>    "count_type": "sinceImagePushed",<br>    "count_unit": "days",<br>    "description": "Expire untagged images older than 10 days",<br>    "tag_status": "untagged"<br>  }<br>]</pre> | no |
 | <a name="input_name"></a> [name](#input\_name) | Name of the ECR repository. | `string` | n/a | yes |
 | <a name="input_policy"></a> [policy](#input\_policy) | Repository policy document in JSON format. | `string` | `null` | no |
@@ -80,18 +82,18 @@ benefits of a lifecycle policy, all with just a few simple commands. Try it out
 
 ## Resources
 
-- resource.aws_ecr_lifecycle_policy.main (main.tf#38)
+- resource.aws_ecr_lifecycle_policy.main (main.tf#43)
 - resource.aws_ecr_repository.main (main.tf#19)
-- resource.aws_ecr_repository_policy.main (main.tf#31)
-- data source.jq_query.main (main.tf#47)
+- resource.aws_ecr_repository_policy.main (main.tf#36)
+- data source.jq_query.main (main.tf#52)
 
 # Examples
-### Full
-```hcl
-module "basic_example" {
-  source = "../../"
+  ### Full
+  ```hcl
+  module "basic_example" {
+  source = "../.."
 
   name = var.name
 }
-```
+  ```
 <!-- END_TF_DOCS -->
diff --git a/main.tf b/main.tf
@@ -51,7 +51,7 @@ resource "aws_ecr_lifecycle_policy" "main" {
 # to remove any null values from the JSON before sending it to AWS.
 data "jq_query" "main" {
   query = "del(..|nulls)"
-  data  = jsonencode({
+  data = jsonencode({
     rules = [
       for index, rule in var.lifecycle_rules : {
         rulePriority = index + 1

diff --git a/variables.tf b/variables.tf
@@ -37,7 +37,7 @@ variable "kms_key" {
 
 variable "lifecycle_rules" {
   description = "Lifecycle policy rules for expiring images."
-  default     = [
+  default = [
     {
       description     = "Keep the last 30 tagged images"
       tag_status      = "tagged"
@@ -74,5 +74,3 @@ variable "scan_on_push" {
   default     = true
   type        = bool
 }
-
-