Posted On: May 9, 2024

Amazon Elastic Container Registry (ECR) now includes GitLab Container Registry as a supported upstream registry for ECR’s pull through cache feature. With today’s release, customers using GitLab’s software-as-a-subscription offering,, can automatically sync images from the newly supported upstream registry to their private ECR repositories.

ECR customers can create a pull through cache rule that maps an upstream registry to a namespace in their private ECR registry. Using Amazon ECR Pull through cache support with GitLab Container Registry requires authentication. Customers can provide credentials that are stored in AWS Secrets Manager and are used to authenticate to the upstream registry. Once rule is configured, images can be pulled through ECR from GitLab Container Registry. ECR automatically creates new repositories for cached images and keeps them in-sync with the upstream registry. Additionally, customers can use repository creation templates (in preview) to specify initial configurations for the new repositories created via pull through cache. Using pull through cache with other registries, customers can be assured of having the latest images from upstream sources in ECR, while also benefiting from the availability, performance, and security of ECR. 

Pull through cache rules are supported in all AWS regions, excluding AWS GovCloud (US) Regions and AWS China Regions. To learn more about creating a pull through cache rule in ECR, please visit our user guide.