Amazon ECR supports Open Container Initiative Image and Distribution specification version 1.1
Today, Amazon Elastic Container Registry (ECR) announced that it supports Open Container Initiative (OCI) Image and Distribution specification version 1.1, which includes support for Reference Types, simplifying the storage, discovery, and retrieval of artifacts related to a container image. AWS Container Services customers can now easily store, discover, and retrieve artifacts such as image signatures and Software bill of materials (SBOMs) as defined by OCI 1.1 for a variety of supply chain security use cases such as image signing and vulnerability auditing. Through ECR’s support of Reference types, customers now have a simple user experience for distributing and managing artifacts related to these use cases, consistent with how they manage container images today.
OCI Reference Types support in ECR allows customers to distribute artifacts in their repositories alongside their respective images. Artifacts for a specific image are discovered through their reference relationship, and can be pulled the same way images are pulled. In addition, ECR’s replication feature supports referrers, copying artifacts to destination regions and accounts so they are ready to use alongside replicated images. ECR Lifecycle Policies also supports referring artifacts by deleting references when a subject image is deleted as a result of a lifecycle policy rule expire action, making management of referring artifacts simple with no additional configuration.
OCI 1.1 is now supported in ECR in all AWS commercial regions and the AWS GovCloud (US) Regions. OCI 1.1 is also supported in Amazon ECR Public registry. To learn more, please visit our documentation.