Aws-cdk: aws-ecr: support create ECR repository with scanOnPush enabled
The scanOnPush is not supported in cloudformation yet. We probably can use custom-resources construct lib to enable it when creating the ECR repository.
Use Case
It's very helpful if aws-ecr can create the repository with the scanOnPush activated.
Proposed Solution
As cloudformation has yet to support this in AWS::ECR::Repository, I was thinking mayabe we can implement it with custom-resources so we can eventually create the repo like this
const repo = new ecr.Repository(stack, 'Repo');
repo.addScanOnPush();
or just
const repo = new ecr.Repository(stack, 'Repo', {
scanOnPush: true
});
However, custom-resources/lib/aws-custom-resource/runtime is running on Lambda NodeJS runtime with current AWS SDK VERSION: 2.488.0 while this feature requires aws-sdk-js >= 2.557.0.
I think we should enable this before the cloudformation native support but I am not sure what we can do.
Other
- [x] :wave: I may be able to implement this feature request
- [ ] :warning: This feature might incur a breaking change
This is a :rocket: Feature Request
pahud
All 4 comments
Any updates?
Lasim
on 27 Feb 2020
Cfn still doesn't support this out of the box. There is no one on the core team working on the custom resource currently. Add a 馃憤 to the issue if this is important to you as that helps us to prioritize. PRs are always welcome as well.
MrArnoldPalmer
on 27 Feb 2020
I think this Issue can be closed by #7471.
winky
on 5 May 2020
@winky Yes it's already been shipped.
pahud
on 5 May 2020
Related issues
kawamoto
路
3Comments
abelmokadem
路
3Comments
eladb
路
3Comments
v-do
路
3Comments
PaulMaddox
路
3Comments
Most helpful comment
Cfn still doesn't support this out of the box. There is no one on the core team working on the custom resource currently. Add a 馃憤 to the issue if this is important to you as that helps us to prioritize. PRs are always welcome as well.