Posted On: Nov 17, 2023

Amazon Elastic Container Registry (ECR) now includes Docker Hub, Azure Container Registry, and GitHub Container Registry as supported upstream registries for ECR’s pull through cache feature. With today's release, customers can configure a rule that is designed to automatically sync images from the newly supported upstream registries to their private ECR repositories. 

ECR customers can create a pull through cache rule that maps an upstream registry to a namespace in their ECR registry. For upstream registries that require authentication, customers can provide credentials that are stored in AWS Secrets Manager and are used to authenticate to the upstream registry. Once set, images can be pulled through ECR from the upstream, and images are kept in sync by ECR automatically. In addition, customers can use repository creation templates (in preview) to specify initial configurations for new repositories created via pull through cache. By caching artifacts such as container images from these other registries in ECR, customers can be assured of having the latest images from these upstream sources while also benefiting from the global scale, reliability, and security of ECR. 

Pull through cache rules are supported in all AWS regions, excluding AWS GovCloud (US) Regions and AWS China Regions. To learn more about creating a pull through cache rule in ECR, please visit our user guide.