[英]Error in AWS CDK V2 construct for AWS ECR
我已经编写了代码来创建一个 repo 和一些属性。 尽管我将reponame
作为接口的一部分作为字符串“testing”传递,但我的代码正在通过 else 条件并将reponame
创建为 undefined+date。
第二个问题:你能帮我找到权限策略中校长的问题吗? 我收到一条错误消息,指出props.accountIds.map
错误:我正在将一个数组传递给 accountIds。
import * as ecr from 'aws-cdk-lib/aws-ecr';
import { Duration, RemovalPolicy, Stack } from 'aws-cdk-lib';
import { Repository, RepositoryEncryption, TagMutability } from 'aws-cdk-lib/aws-ecr';
import {AWSAccountDetails} from '../lib/utils/definition';
import * as cdk from 'aws-cdk-lib';
export class ecrStack extends cdk.Stack {
constructor(scope: cdk.App, id: string, props: any ){
super(scope, id);
const repository = this.createEcr(props);
this.createAdditionalProperty(repository,props);
}
//Method to check and create the AWS ECR REPO
private createEcr( props: AWSAccountDetails): any {
let imageTagMutability : ecr.TagMutability = ecr.TagMutability.IMMUTABLE;
let imageScanOnPush : Boolean =true;
let encryption : ecr.RepositoryEncryption =ecr.RepositoryEncryption.KMS;
if ( props.imageTagMutability in ecr.TagMutability ) {
imageTagMutability =props.imageTagMutability;
}
if (typeof props.imageScanOnPush ! == 'boolean'){
imageScanOnPush =props.imageScanOnPush;
}
if (typeof props.encryption ! == 'undefined'){
encryption =props.encryption;
}
if (!props.repositoryName) {
throw Error('No repository name provided');
}
let repository = ecr.Repository.fromRepositoryName(this, 'ecrRepo', props.repositoryName);
if (!repository.repositoryArn) {
// Repository does not exist, create a new one with the original name
repository=new ecr.Repository(this, props.repositoryName, {
repositoryName: props.repositoryName,
imageTagMutability: props.imageTagMutability,
encryption: RepositoryEncryption.KMS,
imageScanOnPush: props.imageScanOnPush,
removalPolicy: RemovalPolicy.DESTROY
});
} else {
const modifiedRepositoryName = `${props.repositoryName}-${Date.now()}`;
repository= new ecr.Repository(this, modifiedRepositoryName, {
repositoryName: modifiedRepositoryName,
imageTagMutability: props.imageTagMutability,
encryption: RepositoryEncryption.KMS,
imageScanOnPush: props.imageScanOnPush,
removalPolicy: RemovalPolicy.DESTROY
});
}return repository;
}
//Method to add the lifecycle policy,Tags and create aws account permissions.
private createAdditionalProperty(repository: any, props:AWSAccountDetails) {
let AgeOfImage :number =180;
if (typeof props.ImageAge ! == 'undefined'){
repository.addLifecycleRule({
rulePriority: 1,
maxImageAge:Duration.days(AgeOfImage)
});
} else {
repository.addLifecycleRule({
rulePriority: 1,
maxImageAge:Duration.days(props.ImageAge)
});
}
//Tags
const Tags:{[key:string]:string}={
Name: props.repositoryName,
}
//Permission to external aws account to grant permission for ECR pull and push
// const policy = new iam.PolicyDocument();
//policy.addStatements(new iam.PolicyStatement({
// actions: ['ecr:*'],
//actions: ['ecr:BatchCheckLayerAvailability', 'ecr:GetDownloadUrlForLayer', 'ecr:BatchGetImage', 'ecr:PutImage']
// resources: [repository.repositoryArn],
// principals: props.accountIds.map(id => new iam.AccountPrincipal(id))
// }));
}
addLifecycleRule(arg0: { rulePriority: number; maxImageAge: Duration; }) {
throw new Error('Method not implemented.');
}
}
接口文件:
import * as ecr from 'aws-cdk-lib/aws-ecr';
import { ecrStack } from '../ecrstack-stack';
export interface AWSAccountDetails {
ImageCount: any;
readonly repositoryName :'abcd'; /* Repo Name */
readonly ImageAge:110; //Number of days before image is deleted.i.e 90. need to change to imageAge
readonly imageTagMutability : ecr.TagMutability.IMMUTABLE; /* If the Repo should enable Tag Immutability or not; Default setting is Enabled */
readonly imageScanOnPush : true; /* If the Repo should enable ScanonPush or not ; Default setting is Enabled */
readonly encryption : 'KMS'; /* If the Repo should KMS or not ; Default setting is Enabled for AWS managed KMS Key*/
readonly accountIds : string //Account number to grant access to pull and push.
readonly encruptionproperty: 'KMS';
}
我必须将道具作为对象传递,然后导出到主堆栈。 这解决了这个问题。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.