ecr
Manage your Docker images on AWS ECR with this CLI cheatsheet. Learn to login, create repositories, and manage lifecycle policies.
ECR CLI Cheatsheet
Docker Login
Get the docker login token:
$(aws --profile dev ecr get-login --region eu-west-1 --no-include-email | tr -d '\r')
One liner to login:
$ aws --profile prod ecr get-login-password --region eu-west-1 | docker login --username AWS --password-stdin $ACCOUNT_ID.dkr.ecr.eu-west-1.amazonaws.com
Create Repository
Create a ECR Repository:
$ aws --profile dev ecr create-repository --repository-name my-ecr-repo
Lifecycle Policy
To keep the last 5 tags of the following prefixes: - dev- - staging- - production-*
And then to keep the last 10 untagged images, we can use a policy:
{
"rules": [
{
"rulePriority": 1,
"description": "Keep last 5 production images",
"selection": {
"tagStatus": "tagged",
"tagPrefixList": ["production-"],
"countType": "imageCountMoreThan",
"countNumber": 5
},
"action": { "type": "expire" }
},
{
"rulePriority": 2,
"description": "Keep last 5 staging images",
"selection": {
"tagStatus": "tagged",
"tagPrefixList": ["staging-"],
"countType": "imageCountMoreThan",
"countNumber": 5
},
"action": { "type": "expire" }
},
{
"rulePriority": 3,
"description": "Keep last 5 sandbox images",
"selection": {
"tagStatus": "tagged",
"tagPrefixList": ["dev-"],
"countType": "imageCountMoreThan",
"countNumber": 5
},
"action": { "type": "expire" }
},
{
"rulePriority": 4,
"description": "Keep last 10 untagged images",
"selection": {
"tagStatus": "untagged",
"countType": "imageCountMoreThan",
"countNumber": 10
},
"action": { "type": "expire" }
}
]
}
To apply this policy to your ECR repository, define the policy:
LIFECYCLE_POLICY_TEXT='{"rules": [{"rulePriority": 1, "description": "Keep last 5 production images", "selection": {"tagStatus": "tagged", "tagPrefixList": ["production-"], "countType": "imageCountMoreThan","countNumber": 5}, "action": {"type": "expire"}}, {"rulePriority": 2, "description": "Keep last 5 staging images", "selection": {"tagStatus": "tagged", "tagPrefixList": ["staging-"], "countType": "imageCountMoreThan", "countNumber": 5}, "action": {"type": "expire"}}, {"rulePriority": 3, "description": "Keep last 5 dev images", "selection": {"tagStatus": "tagged", "tagPrefixList": ["dev-"],"countType": "imageCountMoreThan", "countNumber": 5}, "action": {"type": "expire"}}, {"rulePriority": 4, "description": "Keep last 10 untagged images", "selection": {"tagStatus": "untagged", "countType": "imageCountMoreThan","countNumber": 10}, "action": {"type": "expire"}}]}'
Then apply the policy:
aws ecr put-lifecycle-policy --registry-id <your-aws-account-id> --repository-name your-ecr-repo-name --lifecycle-policy-text $LIFECYCLE_POLICY_TEXT