diff --git a/README.md b/README.md
index 2917130..73ff920 100644
--- a/README.md
+++ b/README.md
@@ -87,7 +87,8 @@ have a istio proxy configured, prevent communication with that pod.)
| Name | Version |
|------|---------|
-| [aws](#provider\_aws) | 5.89.0 |
+| [aws](#provider\_aws) | 5.94.1 |
+| [aws.eecr](#provider\_aws.eecr) | 5.94.1 |
| [helm](#provider\_helm) | 2.17.0 |
| [kubernetes](#provider\_kubernetes) | 2.36.0 |
@@ -106,6 +107,8 @@ have a istio proxy configured, prevent communication with that pod.)
| [helm_release.ingress](https://registry.terraform.io/providers/hashicorp/helm/latest/docs/resources/release) | resource |
| [helm_release.istiod](https://registry.terraform.io/providers/hashicorp/helm/latest/docs/resources/release) | resource |
| [kubernetes_namespace.ns](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/namespace) | resource |
+| [aws_ecr_authorization_token.ecr_token](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/ecr_authorization_token) | data source |
+| [aws_ecr_authorization_token.token](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/ecr_authorization_token) | data source |
| [aws_lb.lb](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/lb) | data source |
| [kubernetes_service.istio_ingressgateway](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/data-sources/service) | data source |
@@ -113,7 +116,9 @@ have a istio proxy configured, prevent communication with that pod.)
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
+| [account\_id](#input\_account\_id) | aws account number | `string` | `""` | no |
| [cluster\_name](#input\_cluster\_name) | The name of the cluster into which istio will be installed. | `string` | n/a | yes |
+| [eecr\_account\_id](#input\_eecr\_account\_id) | enterpirse ecr source aws account number | `string` | `""` | no |
| [enable\_egress\_gateway](#input\_enable\_egress\_gateway) | Enable Istio to control outbound traffic from the cluster. | `bool` | `true` | no |
| [enable\_telemetry](#input\_enable\_telemetry) | Enable Istio's stracing, monitoring, and logging features. | `string` | `"true"` | no |
| [extra\_listener\_ports](#input\_extra\_listener\_ports) | A list of additional ports that the ingress load balancer should listen to, 9094 for kafka as an example. | list(object({
name = string
port = string
})) | `[]` | no |
diff --git a/copy_images.tf b/copy_images.tf
index 2003852..b356aca 100644
--- a/copy_images.tf
+++ b/copy_images.tf
@@ -1,7 +1,7 @@
locals {
pilot_key = format("%v#%v", "istio/pilot", var.istio_version)
proxy_key = format("%v#%v", "istio/proxyv2", var.istio_version)
- ent_ecr_source = format("%v.%v.%v.%v", var.account_id, "dkr.ecr", var.region, "amazonaws.com/ent-images")
+ ent_ecr_source = format("%v.%v.%v.%v", var.eecr_account_id, "dkr.ecr", var.region, "amazonaws.com/ent-images")
image_config = [
{
@@ -46,7 +46,8 @@ module "images" {
}
data "aws_ecr_authorization_token" "ecr_token" {
- registry_id = var.account_id
+ provider = aws.eecr
+ registry_id = var.eecr_account_id
}
data "aws_ecr_authorization_token" "token" {
diff --git a/variables.tf b/variables.tf
index d174d3d..49e788a 100644
--- a/variables.tf
+++ b/variables.tf
@@ -15,6 +15,12 @@ variable "cluster_name" {
type = string
}
+variable "eecr_account_id" {
+ description = "enterpirse ecr source aws account number"
+ type = string
+ default = ""
+}
+
# tflint-ignore: terraform_unused_declarations
variable "region" {
description = "The region in which the cluster is running."