-
Notifications
You must be signed in to change notification settings - Fork 4
/
Copy pathecr.yaml
54 lines (53 loc) · 1.91 KB
/
ecr.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
AWSTemplateFormatVersion: "2010-09-09"
Description: ECR repositories for MSS notification worker lambdas
Parameters:
RepositoryName:
Description: Name of the ECR repository
Type: String
Default: notificationworker-lambda-images
Resources:
NotificationLambdaRepository:
Type: AWS::ECR::Repository
Properties:
RepositoryName: !Ref RepositoryName
RepositoryPolicyText:
Version: 2012-10-17
Statement:
- Sid: AllowPushPull
Effect: Allow
Principal:
# this is the developer tools account which allows
# teamcity to upload the images that it builds
AWS: "arn:aws:iam::095768028460:root"
Action:
- "ecr:GetAuthorizationToken"
- "ecr:BatchCheckLayerAvailability"
- "ecr:GetDownloadUrlForLayer"
- "ecr:GetRepositoryPolicy"
- "ecr:SetRepositoryPolicy"
- "ecr:DescribeRepositories"
- "ecr:ListImages"
- "ecr:DescribeImages"
- "ecr:BatchGetImage"
- "ecr:InitiateLayerUpload"
- "ecr:UploadLayerPart"
- "ecr:CompleteLayerUpload"
- "ecr:PutImage"
Outputs:
NotificationLambdaRepositoryUri:
Description: >
URI for the notification lambda image repository, which should
be inserted into the CodeImage configuration to use an image
from this repository as the basis for a Lambda
Value: !GetAtt NotificationLambdaRepository.RepositoryUri
Export:
Name: NotificationLambdaRepositoryUri
NotificationLambdaRepositoryArn:
Description: The ARN of the code image repository
Value: !GetAtt NotificationLambdaRepository.Arn
Export:
Name: NotificationLambdaRepositoryArn
NotificationLambdaRepositoryName:
Value: !Ref RepositoryName
Export:
Name: NotificationLambdaRepositoryName