diff --git a/README.md b/README.md
index 010cca8..efc67df 100644
--- a/README.md
+++ b/README.md
@@ -439,7 +439,7 @@ Available targets:
| Name | Source | Version |
|------|--------|---------|
-| [ecs\_web\_app](#module\_ecs\_web\_app) | cloudposse/ecs-web-app/aws | 0.54.0 |
+| [ecs\_web\_app](#module\_ecs\_web\_app) | cloudposse/ecs-web-app/aws | 0.60.0 |
| [github\_webhooks](#module\_github\_webhooks) | cloudposse/repository-webhooks/github | 0.12.0 |
| [ssh\_key\_pair](#module\_ssh\_key\_pair) | cloudposse/ssm-tls-ssh-key-pair/aws | 0.10.0 |
| [this](#module\_this) | cloudposse/label/null | 0.24.1 |
@@ -541,6 +541,7 @@ Available targets:
| [codepipeline\_s3\_bucket\_force\_destroy](#input\_codepipeline\_s3\_bucket\_force\_destroy) | A boolean that indicates all objects should be deleted from the CodePipeline artifact store S3 bucket so that the bucket can be destroyed without error | `bool` | `false` | no |
| [container\_cpu](#input\_container\_cpu) | Atlantis CPUs per task | `number` | `256` | no |
| [container\_memory](#input\_container\_memory) | Atlantis memory per task | `number` | `512` | no |
+| [container\_repo\_credentials](#input\_container\_repo\_credentials) | Container repository credentials; required when using a private repo. This map currently supports a single key; "credentialsParameter", which should be the ARN of a Secrets Manager's secret holding the credentials | `map(string)` | `null` | no |
| [context](#input\_context) | Single object for setting entire context at once.
See description of individual variables for details.
Leave string and numeric variables as `null` to use default value.
Individual variable settings (non-null) override settings in context object,
except for attributes, tags, and additional\_tag\_map, which are merged. | `any` | {
"additional_tag_map": {},
"attributes": [],
"delimiter": null,
"enabled": true,
"environment": null,
"id_length_limit": null,
"label_key_case": null,
"label_order": [],
"label_value_case": null,
"name": null,
"namespace": null,
"regex_replace_chars": null,
"stage": null,
"tags": {}
} | no |
| [default\_backend\_image](#input\_default\_backend\_image) | ECS default (bootstrap) image | `string` | `"cloudposse/default-backend:0.1.2"` | no |
| [delimiter](#input\_delimiter) | Delimiter to be used between `namespace`, `environment`, `stage`, `name` and `attributes`.
Defaults to `-` (hyphen). Set to `""` to use no delimiter at all. | `string` | `null` | no |
diff --git a/docs/terraform.md b/docs/terraform.md
index 5d6f0c8..6aca78d 100644
--- a/docs/terraform.md
+++ b/docs/terraform.md
@@ -18,7 +18,7 @@
| Name | Source | Version |
|------|--------|---------|
-| [ecs\_web\_app](#module\_ecs\_web\_app) | cloudposse/ecs-web-app/aws | 0.54.0 |
+| [ecs\_web\_app](#module\_ecs\_web\_app) | cloudposse/ecs-web-app/aws | 0.60.0 |
| [github\_webhooks](#module\_github\_webhooks) | cloudposse/repository-webhooks/github | 0.12.0 |
| [ssh\_key\_pair](#module\_ssh\_key\_pair) | cloudposse/ssm-tls-ssh-key-pair/aws | 0.10.0 |
| [this](#module\_this) | cloudposse/label/null | 0.24.1 |
@@ -120,6 +120,7 @@
| [codepipeline\_s3\_bucket\_force\_destroy](#input\_codepipeline\_s3\_bucket\_force\_destroy) | A boolean that indicates all objects should be deleted from the CodePipeline artifact store S3 bucket so that the bucket can be destroyed without error | `bool` | `false` | no |
| [container\_cpu](#input\_container\_cpu) | Atlantis CPUs per task | `number` | `256` | no |
| [container\_memory](#input\_container\_memory) | Atlantis memory per task | `number` | `512` | no |
+| [container\_repo\_credentials](#input\_container\_repo\_credentials) | Container repository credentials; required when using a private repo. This map currently supports a single key; "credentialsParameter", which should be the ARN of a Secrets Manager's secret holding the credentials | `map(string)` | `null` | no |
| [context](#input\_context) | Single object for setting entire context at once.
See description of individual variables for details.
Leave string and numeric variables as `null` to use default value.
Individual variable settings (non-null) override settings in context object,
except for attributes, tags, and additional\_tag\_map, which are merged. | `any` | {
"additional_tag_map": {},
"attributes": [],
"delimiter": null,
"enabled": true,
"environment": null,
"id_length_limit": null,
"label_key_case": null,
"label_order": [],
"label_value_case": null,
"name": null,
"namespace": null,
"regex_replace_chars": null,
"stage": null,
"tags": {}
} | no |
| [default\_backend\_image](#input\_default\_backend\_image) | ECS default (bootstrap) image | `string` | `"cloudposse/default-backend:0.1.2"` | no |
| [delimiter](#input\_delimiter) | Delimiter to be used between `namespace`, `environment`, `stage`, `name` and `attributes`.
Defaults to `-` (hyphen). Set to `""` to use no delimiter at all. | `string` | `null` | no |
diff --git a/main.tf b/main.tf
index 2e2868b..0954ea6 100644
--- a/main.tf
+++ b/main.tf
@@ -66,7 +66,7 @@ module "github_webhooks" {
module "ecs_web_app" {
source = "cloudposse/ecs-web-app/aws"
- version = "0.54.0"
+ version = "0.60.0"
region = var.region
vpc_id = var.vpc_id
@@ -83,6 +83,8 @@ module "ecs_web_app" {
container_cpu = var.container_cpu
container_memory = var.container_memory
+ container_repo_credentials = var.container_repo_credentials
+
container_port = var.atlantis_port
port_mappings = [
diff --git a/variables.tf b/variables.tf
index 1ec320b..755b0ee 100644
--- a/variables.tf
+++ b/variables.tf
@@ -186,6 +186,12 @@ variable "autoscaling_max_capacity" {
default = 1
}
+variable "container_repo_credentials" {
+ type = map(string)
+ default = null
+ description = "Container repository credentials; required when using a private repo. This map currently supports a single key; \"credentialsParameter\", which should be the ARN of a Secrets Manager's secret holding the credentials"
+}
+
variable "container_cpu" {
type = number
description = "Atlantis CPUs per task"