Terraform module that builds Docker image from Dockerfile and pushes it to ECR repository. Lambda can deploy container images from private ECR.
If you need to create ECR resources in flexible way, you should use terraform-aws-ecr module. See examples/container-image for related examples.
This Terraform module is the part of serverless.tf framework, which aims to simplify all operations when working with the serverless in Terraform.
data "aws_ecr_authorization_token" "token" {}
provider "docker" {
registry_auth {
address = "835367859852.dkr.ecr.eu-west-1.amazonaws.com"
username = data.aws_ecr_authorization_token.token.user_name
password = data.aws_ecr_authorization_token.token.password
}
}
module "lambda_function" {
source = "terraform-aws-modules/lambda/aws"
function_name = "my-lambda1"
create_package = false
image_uri = module.docker_image.image_uri
package_type = "Image"
}
module "docker_image" {
source = "terraform-aws-modules/lambda/aws//modules/docker-build"
create_ecr_repo = true
ecr_repo = "my-cool-ecr-repo"
use_image_tag = true
image_tag = "1.0"
source_path = "context"
build_args = {
FOO = "bar"
}
}- Container Image - Creates Docker Image, ECR resository and deploys it Lambda Function.
| Name | Version |
|---|---|
| terraform | >= 1.0 |
| aws | >= 4.22 |
| docker | >= 3.0 |
| external | >= 2.3 |
| null | >= 2.0 |
| Name | Version |
|---|---|
| aws | >= 4.22 |
| docker | >= 3.0 |
| external | >= 2.3 |
| null | >= 2.0 |
No modules.
| Name | Type |
|---|---|
| aws_ecr_lifecycle_policy.this | resource |
| aws_ecr_repository.this | resource |
| docker_image.this | resource |
| docker_registry_image.this | resource |
| null_resource.sam_metadata_docker_registry_image | resource |
| aws_caller_identity.this | data source |
| aws_region.current | data source |
| external_external.latest_ecr_image | data source |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| build_args | A map of Docker build arguments. | map(string) |
{} |
no |
| cache_from | List of images to consider as cache sources when building the image. | list(string) |
[] |
no |
| create_ecr_repo | Controls whether ECR repository for Lambda image should be created | bool |
false |
no |
| create_sam_metadata | Controls whether the SAM metadata null resource should be created | bool |
false |
no |
| docker_file_path | Path to Dockerfile in source package | string |
"Dockerfile" |
no |
| ecr_address | Address of ECR repository for cross-account container image pulling (optional). Option create_ecr_repo must be false |
string |
null |
no |
| ecr_force_delete | If true, will delete the repository even if it contains images. | bool |
true |
no |
| ecr_repo | Name of ECR repository to use or to create | string |
null |
no |
| ecr_repo_lifecycle_policy | A JSON formatted ECR lifecycle policy to automate the cleaning up of unused images. | string |
null |
no |
| ecr_repo_tags | A map of tags to assign to ECR repository | map(string) |
{} |
no |
| force_remove | Whether to remove image forcibly when the resource is destroyed. | bool |
false |
no |
| image_tag | Image tag to use. If not specified current timestamp in format 'YYYYMMDDhhmmss' will be used. This can lead to unnecessary rebuilds. | string |
null |
no |
| image_tag_mutability | The tag mutability setting for the repository. Must be one of: MUTABLE or IMMUTABLE |
string |
"MUTABLE" |
no |
| keep_locally | Whether to delete the Docker image locally on destroy operation. | bool |
false |
no |
| keep_remotely | Whether to keep Docker image in the remote registry on destroy operation. | bool |
false |
no |
| platform | The target architecture platform to build the image for. | string |
null |
no |
| scan_on_push | Indicates whether images are scanned after being pushed to the repository | bool |
false |
no |
| source_path | Path to folder containing application code | string |
null |
no |
| triggers | A map of arbitrary strings that, when changed, will force the docker_image resource to be replaced. This can be used to rebuild an image when contents of source code folders change | map(string) |
{} |
no |
| use_cache_from_previous_image | If true, use the most recently pushed image in ECR as Docker cache source (cache_from). Requires an existing ECR repo. | bool |
false |
no |
| use_image_tag | Controls whether to use image tag in ECR repository URI or not. Disable this to deploy latest image using ID (sha256:...) | bool |
true |
no |
| Name | Description |
|---|---|
| image_id | The ID of the Docker image |
| image_uri | The ECR image URI for deploying lambda |
Module managed by Anton Babenko. Check out serverless.tf to learn more about doing serverless with Terraform.
Please reach out to Betajob if you are looking for commercial support for your Terraform, AWS, or serverless project.
Apache 2 Licensed. See LICENSE for full details.