Amazon Elastic Container Registry (Amazon ECR) is a fully managed container registry that makes it easy to store, manage, share, and deploy your container images and artifacts anywhere. Amazon ECR eliminates the need to operate your own container repositories or worry about scaling the underlying infrastructure. Amazon ECR hosts your images in a highly available and high-performance architecture, allowing you to deploy images for your container applications reliably. You can share container software privately within your organization or publicly worldwide for anyone to discover and download. For example, developers can search the Amazon ECR public gallery for an operating system image that is geo-replicated for high availability and faster downloads. Amazon ECR works with Amazon Elastic Kubernetes Service (Amazon EKS), Amazon Elastic Container Service (Amazon ECS), and AWS Lambda, simplifying your development to production workflow, and AWS Fargate for one-click deployments. Or you can use Amazon ECR with your own containers environment. Integration with AWS Identity and Access Management (IAM) provides resource-level control of each repository. With Amazon ECR, there are no upfront fees or commitments. You pay only for the amount of data you store in your repositories and data transferred to the internet.
Reduce your effort with a fully managed registry
Amazon ECR eliminates the need to operate and scale the infrastructure required to power your container registry. There is no software to install and manage or infrastructure to scale. Just push your container images to Amazon ECR and pull the images using any container management tool when you need to deploy.
Securely share and download container images
Amazon ECR transfers your container images over HTTPS and automatically encrypts your images at rest. You can configure policies to manage permissions and control access to your images using AWS Identity and Access Management (IAM) users and roles without having to manage credentials directly on your EC2 instances.
Provide fast and highly available access
Amazon ECR has a highly scalable, redundant, and durable architecture. Your container images are highly available and accessible, allowing you to deploy new containers for your applications reliably. You can distribute public container images as well as related files, such as Helm charts and policy configurations, for use by any developer. Amazon ECR automatically replicates container software to multiple AWS Regions to reduce download times and improve availability.
Simplify your deployment workflow
Amazon ECR integrates with Amazon EKS, Amazon ECS, AWS Lambda, and the Docker CLI, allowing you to simplify your development and production workflows. You can easily push your container images to Amazon ECR using the Docker CLI from your development machine, and integrated AWS services can pull them directly for production deployments. Publishing container software is as easy as a single command from CI/CD workflows used in the software development process.
How it works
"At Pinterest we use Amazon Elastic Container Registry (Amazon ECR) for managing our Docker container images. We use Amazon ECR’s image scanning feature to help us improve security of our container images. Amazon ECR scans images for a broad range of operating system vulnerabilities and lets us build tools to act on the results.”
Cedric Staub, Engineering Manager, Pinterest
At Blackboard, our mission is to advance learning for students, educators, and institutions around the globe. In order to best serve clients, we use Amazon ECR because it provides a stable and secure container registry for Blackboard to host first and third-party images. Amazon ECR provides the high availability and uptime other registries fail to maintain, while providing a fully managed solution that has streamlined our workflows at Blackboard.”
Joel Snook, Director, DevOps Engineering
“Snowflake decided to replicate images to Amazon ECR, a fully managed Docker container registry, providing a reliable local registry to store images. Additional benefits for the local registry are that it’s not exclusive to Joshua; all platform components required for Snowflake clusters can be cached in the local Amazon ECR registry. For additional security and performance Snowflake uses AWS PrivateLink to keep all network traffic from Amazon ECR to the workers nodes within the AWS network. It also resolved rate-limiting issues from pulling images from a public registry with unauthenticated requests, unblocking other cluster nodes from pulling critical images for operation.”
Brian Nutt, Senior Software Engineer, Snowflake