[Python] ECR's "tag immutability" property not available?

[brainstorm]

The Question

The constructor for aws_ecr on CDK python 1.14 seems to lack the ECR tag immutability flag:

"""Define an ECR repository."""
    def __init__(self, scope: aws_cdk.core.Construct, id: str, *, lifecycle_registry_id: typing.Optional[str]=None, lifecycle_rules: typing.Optional[typing.List["LifecycleRule"]]=None, removal_policy: typing.Optional[aws_cdk.core.RemovalPolicy]=None, repository_name: typing.Optional[str]=None) -> None:
        """
        :param scope: -
        :param id: -
        :param props: -
        :param lifecycle_registry_id: The AWS account ID associated with the registry that contains the repository. Default: The default registry is assumed.
        :param lifecycle_rules: Life cycle rules to apply to this registry. Default: No life cycle rules
        :param removal_policy: Determine what happens to the repository when the resource/stack is deleted. Default: RemovalPolicy.Retain
        :param repository_name: Name for this repository. Default: Automatically generated name.
        """

Environment

• CDK CLI Version: 1.14.0 (build 261a1bf)
• Module Version: aws-cdk.aws-ecr==1.14.0
• OS: OSX Catalina 10.15
• Language: Python

[nmussy]

Hey @brainstorm,

Unfortunately, the field is currently not implemented in CloudFormation.

An issue was opened on the roadmap, aws-cloudformation-coverage-roadmap#222. Feel free to add a +1 reaction to the issue to encourage the CloudFormation team to add it.

[acceleratesage]

I just stumbled upon this, as I need to set this property and it seems to be available in CloudFormation: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ecr-repository.html#cfn-ecr-repository-imagetagmutability

So the needs-cfn tag could be removed.

[1davidmichael]

Not ideal but since this is now implemented in CloudFormation you can use the raw CFN resource to create it:

ecr_props = {
    "ImageScanningConfiguration": {
        "scanOnPush": "true"
    },
    "ImageTagMutability": "IMMUTABLE"
}

core.CfnResource(
    self,
    "ECR",
    type="AWS::ECR::Repository",
    properties=dict(ecr_props)
)

I am sure it is possible to do with an override on the higher level construct but I am not quite sure what that looks like.

[ap00rv]

I am done implementing this feature and would like to send pull request today. cc @SomayaB

[melnikalex]

I am sure it is possible to do with an override on the higher level construct but I am not quite sure what that looks like.

Anyone have any suggestions on what the override will look like?

[vsetka]

So, this was shipped in November in CF. Any idea where this will be implemented in the CDK?

[github-actions]

⚠️COMMENT VISIBILITY WARNING⚠️

Comments on closed issues are hard for our team to see.
If you need more assistance, please either tag a team member or open a new issue that references this one.
If you wish to keep having a conversation with other community members under this issue feel free to do so.