Skip to main content

aws_ecrpublic_repository Resource

Use the aws_ecrpublic_repository InSpec audit resource to test the properties of a single AWS Elastic Container Registry (ECR) public repository.


This resource is available in the Chef InSpec AWS resource pack.

For information on configuring your AWS environment for Chef InSpec and creating an InSpec profile that uses the InSpec AWS resource pack, see the Chef InSpec documentation on the AWS cloud platform.


An aws_ecrpublic_repository resource block declares the tests for a single AWS ECR repository by repository name.

describe aws_ecrpublic_repository(repository_name: 'my-repo') do
  it { should exist }

The value of the repository_name can be provided as a string.

describe aws_ecrpublic_repository('my-repo') do
  it { should exist }


The repository name must be provided. The registry id is optional.

repository_name (required)

The name of the ECR repository must satisfy the following constraints:

  • It must match the following regular expression: (?:[a-z0-9]+(?:[._-][a-z0-9]+)*/)*[a-z0-9]+(?:[._-][a-z0-9]+)*.
  • It must be between 2 and 256 characters long.

The repository_name can be passed as a string or as a repository_name: 'value' key-value entry in a hash.

registry_id (optional)

The 12-digit ID of the AWS Elastic Container Registry. If not provided, this resource will use the default public registry.


The name of the repository.
The AWS account ID associated with the registry that contains the repository.

There are also additional properties available. For a comprehensive list, see the API reference documentation


Test that ecr public repository ‘public-repo’ exists.

describe aws_ecrpublic_repository('public-repo') do
  it { should exist }


For a full list of available matchers, see our Universal Matchers page.

AWS Permissions

Your Principal will need the ECRPublic:Client:DescribeRepositoriesResponse action with Effect set to Allow.

You can find detailed documentation at Actions, Resources, and Condition Keys for Amazon ECR Public, and Actions, Resources, and Condition Keys for Identity And Access Management.

Edit this page on GitHub

Thank you for your feedback!


Search Results