Reduce context-switching for engineers

Self-Hosted AI Code Reviewer

Hexmos LiveReview AI-Powered Code Review
Live Review
AI-Powered Code Review

ECR CLI Cheatsheet - Manage Docker Images on AWS

Manage your Docker images on AWS ECR with this CLI cheatsheet. Learn to login, create repositories, and manage lifecycle policies.

ECR CLI Cheatsheet

Docker Login

Get the docker login token:

$(aws --profile dev ecr get-login --region eu-west-1 --no-include-email | tr -d '\r')

One liner to login:

$ aws --profile prod ecr get-login-password --region eu-west-1 | docker login --username AWS --password-stdin $ACCOUNT_ID.dkr.ecr.eu-west-1.amazonaws.com

Create Repository

Create a ECR Repository:

$ aws --profile dev ecr create-repository --repository-name my-ecr-repo

Lifecycle Policy

To keep the last 5 tags of the following prefixes: - dev- - staging- - production-*

And then to keep the last 10 untagged images, we can use a policy:

{
  "rules": [
    {
      "rulePriority": 1,
      "description": "Keep last 5 production images",
      "selection": {
        "tagStatus": "tagged",
        "tagPrefixList": ["production-"],
        "countType": "imageCountMoreThan",
        "countNumber": 5
      },
      "action": { "type": "expire" }
    },
    {
      "rulePriority": 2,
      "description": "Keep last 5 staging images",
      "selection": {
        "tagStatus": "tagged",
        "tagPrefixList": ["staging-"],
        "countType": "imageCountMoreThan",
        "countNumber": 5
      },
      "action": { "type": "expire" }
    },
    {
      "rulePriority": 3,
      "description": "Keep last 5 sandbox images",
      "selection": {
        "tagStatus": "tagged",
        "tagPrefixList": ["dev-"],
        "countType": "imageCountMoreThan",
        "countNumber": 5
      },
      "action": { "type": "expire" }
    },
    {
      "rulePriority": 4,
      "description": "Keep last 10 untagged images",
      "selection": {
        "tagStatus": "untagged",
        "countType": "imageCountMoreThan",
        "countNumber": 10
      },
      "action": { "type": "expire" }
    }
  ]
}

To apply this policy to your ECR repository, define the policy:

LIFECYCLE_POLICY_TEXT='{"rules": [{"rulePriority": 1, "description": "Keep last 5 production images", "selection": {"tagStatus": "tagged", "tagPrefixList": ["production-"], "countType": "imageCountMoreThan","countNumber": 5}, "action": {"type": "expire"}}, {"rulePriority": 2, "description": "Keep last 5 staging images", "selection": {"tagStatus": "tagged", "tagPrefixList": ["staging-"], "countType": "imageCountMoreThan", "countNumber": 5}, "action": {"type": "expire"}}, {"rulePriority": 3, "description": "Keep last 5 dev images", "selection": {"tagStatus": "tagged", "tagPrefixList": ["dev-"],"countType": "imageCountMoreThan", "countNumber": 5}, "action": {"type": "expire"}}, {"rulePriority": 4, "description": "Keep last 10 untagged images", "selection": {"tagStatus": "untagged", "countType": "imageCountMoreThan","countNumber": 10}, "action": {"type": "expire"}}]}'

Then apply the policy:

aws ecr put-lifecycle-policy --registry-id <your-aws-account-id> --repository-name your-ecr-repo-name --lifecycle-policy-text $LIFECYCLE_POLICY_TEXT
← Back to aws-cli cheatsheets All cheatsheets 🙏  Credits & Acknowledgments