Provision AWS Elastic Container Registry Repository using Terraform

ninyhorlah

Esther Ninyo

Posted on July 21, 2022

Provision AWS Elastic Container Registry Repository using Terraform

Automation is very crucial in development which eliminates/reduces human error during manual provisioning. Automation enables teams to focus on work that adds value to the business which in turn increases revenue.
In this article, I will walk you through how to set up AWS elastic container registry repository using terraform.

Terms and Technologies
Terraform : Terraform is an open-source iac (infrastructure as code) tool that is used to provision, change and improve infrastructure on any environment. To read more on terraform, visit here

Terraform backend config: The terraform backend defines where terraform stores its state data files.

Terraform provider: In terraform, infrastructures are provisioned across public cloud providers such as amazon web services, google cloud, azure etc. The provider block is used to state the cloud provider you want to use and in this tutorial, we will be making use of amazon web service.

Prerequisite:

  • Download and install AWS CLI so you can interact with aws services from your command line interface
  • Configure your AWS credentials via your cli using aws configure command. To do that, you need to create a user using IAM on AWS.
  • Download and install terraform

Project Structure
Terraform-ecr

  • Backend.tf
  • Main.tf
  • Provider.tf
  • Variable.auto.tfvars
  • Variables.tf

project folder structure

Project Configuration
The first thing we will be doing is to create an s3 bucket that will hold the state files. Then, add the terraform configuration block that stores state data files for this project inside the s3 bucket created.

s3 bucket created

Open up your backend.tf file and add the following line of code

terraform {
 backend "s3" {
   bucket = "myawspracticebucket12"
   key = "~/.aws/config"
   region = "us-east-1"
 }
}
Enter fullscreen mode Exit fullscreen mode

terraform block using s3 as backend

Line 1: This is the terraform block needed to create our backend config
Line 2: describes the backend block which contains the information of where the backend will stored
Line 3: The name of the bucket we created
Line 4: The path to your credential file. This is available when you do aws configure. You can also decide to use a different credential. All you need to do is to specify the path.
Line 5: Region of the s3 bucket
Before we move on, let’s initialize the backend using the terminal to see if we’ve not made any mistake by using this command:
Terraform init
This will be the output if everything is done correctly

terraform init result

If you do not have that, crosscheck the path to your credential file and also your bucket name if they are correct.

Step 2: In this step, i add the terraform provider which is “hashicorp/aws” with its version, i also added the aws region declared in the variable.tf Open up your provider.tf file and add the following lines of code

terraform {
 required_providers {
     aws = {
         source = "hashicorp/aws"
         version = "~>4.19.0"
     }
 }
}

provider "aws" {
 region = var.region
}
Enter fullscreen mode Exit fullscreen mode

terraform providers block

Step 3: In this step, I added the resource block that creates the elastic container registry (ecr) on aws. Open up your main.tf file and add the following lines of code

resource "aws_ecr_repository" "ecr_repo" {
 name                 = var.ecr
 image_tag_mutability = "IMMUTABLE"

 image_scanning_configuration {
   scan_on_push = true
 }
}
Enter fullscreen mode Exit fullscreen mode

ecr resource block

Line 1: This is the resource block that holds information used in creating the elastic container registry
Line 2: The name of the repository stored in the variable file
Line 3: This prevents image tags from being overwritten
Line 6: This scans images for vulnerabilities

Step 3: In this step, I will declare the variables used in the previous files such as the region and repository name. Open up your variables.tf file and add the following code

variable "region" {
 description = "AWS region"
 type = string
}

variable "ecr" {
 description = "Repository name"
 type = string
}
Enter fullscreen mode Exit fullscreen mode

variable block

You will notice that we do not have any default value in the variables.tf file, the values will be stored in the variables.auto.tfvars file.
Open up your variables.auto.tfvars file and add the following code

region = "us-east-1"
ecr = "web"
Enter fullscreen mode Exit fullscreen mode

variable values

Step 4: In this step, i will use terraform command to spin up our infrastructure
Terraform init

terraform init result

Terraform plan to see the resources we’re creating

terraform plan result

Terraform apply to spin up the resource

terraform apply result

Let’s head over to the console to see what we created

created repositoryRepository created

You have successfully created an elastic container registry repository and you can safely publish your container images to it.

Thank you for reading to the end. Kindly reach out to me in the comment section if you have any question or on linkedin and twitter on ways to improve.

Till next time, cheers.

💖 💪 🙅 🚩
ninyhorlah
Esther Ninyo

Posted on July 21, 2022

Join Our Newsletter. No Spam, Only the good stuff.

Sign up to receive the latest update from our blog.

Related