Posted On: Jun 1, 2023

Amazon Elastic Container Registry (ECR) now includes, the new upstream Kubernetes container image registry, as a supported upstream for pull through cache repositories. With today's release, customers can configure a rule that is designed to automatically sync images from the upstream Kubernetes registry to their private ECR repositories.

With the release of Kubernetes 1.25, the Kubernetes project registry started a migration to a new community-owned registry solution to help distribute images more efficiently, with data layers hosted across a number of cloud providers including AWS. As of Kubernetes 1.27, releases are only published to this new registry solution and a redirect from the old registry is in place. Kubernetes project guidance suggests users mirror release images in their own repos if possible, and points to adopting managed offerings when available.

ECR customers can create pull through cache rules to sync images from non-authenticated upstream public registries automatically in ECR. Creating a pull through cache rule is done in a single operation, mapping an upstream registry to a namespace in their ECR registry. Once set, images can be pulled through ECR from the upstream, and images are kept in sync by ECR automatically.

Pull through cache rules are supported in all commercial AWS regions. To learn more about creating a pull through cache rule in ECR, please visit our user guide.