Merge pull request #462 from mdr-engineering/feature/jc_MSOCI-2182_tfsec_ECR_enforce_immutable_repo

Updates ECR repo tags as 'immutable' for Customer portal

base/codebuild_ecr_customer_portal/main.tf

@@ -40,7 +40,8 @@ resource "aws_codebuild_project" "this_no_artifact" {
 }
 
 resource "aws_ecr_repository" "this-server" {
-  name = "portal_server"
+  name                 = "portal_server"
+  image_tag_mutability = "IMMUTABLE"
 
   image_scanning_configuration {
     scan_on_push = true
@@ -48,7 +49,8 @@ resource "aws_ecr_repository" "this-server" {
 }
 
 resource "aws_ecr_repository" "this-nginx" {
-  name = "django_nginx"
+  name                 = "django_nginx"
+  image_tag_mutability = "IMMUTABLE"
 
   image_scanning_configuration {
     scan_on_push = true