Terraform code for Leverage Reference Architecture for AWS, designed under optimal configs for the most popular modern web and mobile applications needs.
Currently the ECR approach is centralized on the Shared account. That should be changed to a per-environment (account) approach.
That way every account would be in charge of keeping ECR in control and only resources in the same account would be allowed different kinds of access to such ECR repos.
Images will be built and pushed to the dev ECR. Then, via ECR cross-account/cross-region replication, those images will be replicated to other accounts.
For instance, DEV could replicate to STG, and STG could replicate to PRD; or alternatively the replication between STG and PRD could be conditional, based on tags or on a different logic.
Describe the Feature
Currently the ECR approach is centralized on the Shared account. That should be changed to a per-environment (account) approach. That way every account would be in charge of keeping ECR in control and only resources in the same account would be allowed different kinds of access to such ECR repos. Images will be built and pushed to the dev ECR. Then, via ECR cross-account/cross-region replication, those images will be replicated to other accounts. For instance, DEV could replicate to STG, and STG could replicate to PRD; or alternatively the replication between STG and PRD could be conditional, based on tags or on a different logic.
Expected Behavior
-
Use Case
-
Describe Ideal Solution
-
Alternatives Considered
-
Additional Context
-