Skip to main content

Create A Shared ECR Repository

This runbook describes how to create an ECR repository in the AWS Shared Services account. Images then created in the repository can then be pulled and deployed in other AWS accounts.

Creating the Repository

To create a new repository, it is simply a matter of adding the desired name of the repository to the exising list in ecr.tf in the staff-device-shared-services-infrastructure github repo.

  1. Clone the existing repo locally if needed.

  2. Create a new branch from main

    $ git checkout -b new_branch_name

  3. Navigate to and open the file ecr.tf and add the new repository to the list.

   module "ci-ecr" {
   source = "./modules/ci-ecr"
   #List of repositories to create
   repositories = [
      "mojo-nac",
      "mojo-nac-nginx"
   ]
   #Account ID's for dev, pre-prod and prod
   accounts = [
      "111111111111",
      "222222222222",
      "333333333333"
   ]
   tags = module.label.tags
   }

  1. Run a terraform plan to confirm that the expected changes will be applied. Each new repository should create 3 resources. The repo itself, a permissions policy and a lifecycle policy.

    $ make plan

  2. If the output looks as expected, commit and push the changes back into github, then raise a PR to merge into main.

  3. Currently there are no working CI pipelines to deploy the changes, so they need to be deployed manually.

    $ make apply
This page was last reviewed on 27 January 2026. It needs to be reviewed again on 27 July 2026 by the page owner #nvvs-devops .