Amazon Elastic Container Registry (ECR)

  • A managed AWS Docker registry service.
  • Amazon ECR is a regional service.


  • ECR supports Docker Registry HTTP API V2 allowing you to use Docker CLI commands or your preferred Docker tools in maintaining your existing development workflow.
  • ECR stores both the containers you create and any container software you buy through AWS Marketplace.
  • ECR stores your container images in Amazon S3.
  • ECR supports the ability to define and organize repositories in your registry using namespaces.
  • You can transfer your container images to and from Amazon ECR via HTTPS.
  • IT Certification Category (English)728x90


  • Registry
    • A registry is provided to each AWS account; you can create image repositories in your registry and store images in them.
    • The URL for your default registry is
    • You must be authenticated before you can use your registry.
  • Authorization token
    • Your Docker client needs to authenticate to ECR registries as an AWS user before it can push and pull images. The AWS CLI get-login command provides you with authentication credentials to pass to Docker.
  • Repository
    • An image repository contains your Docker images.
    • ECR uses resource-based permissions to let you specify who has access to a repository and what actions they can perform on it.
    • ECR lifecycle policies enable you to specify the lifecycle management of images in a repository.
  • Repository policy
    • You can control access to your repositories and the images within them with repository policies.
  • Image
    • You can push and pull Docker images to your repositories. You can use these images locally on your development system, or you can use them in ECS task definitions.
    • You can replicate images in your private repositories across AWS regions.


  • By default, IAM users don’t have permission to create or modify Amazon ECR resources, or perform tasks using the Amazon ECR API.
  • Use IAM policies to grant or deny permission to use ECR resources and operations.
  • ECR partially supports resource-level permissions.
  • ECR supports the use of customer master keys (CMK) managed by AWS Key Management Service (KMS) to encrypt container images stored in your ECR repositories.


  • You pay only for the amount of data you store in your repositories and data transferred to the Internet.


Pass your AWS and Azure Certifications with the Tutorials Dojo Portal

Tutorials Dojo portal

Our Bestselling AWS Certified Solutions Architect Associate Practice Exams

AWS Certified Solutions Architect Associate Practice Exams

Enroll Now – Our AWS Practice Exams with 95% Passing Rate

AWS Practice Exams Tutorials Dojo

Enroll Now – Our Azure Certification Exam Reviewers

azure reviewers tutorials dojo

Tutorials Dojo Study Guide and Cheat Sheets eBooks

Tutorials Dojo Study Guide and Cheat Sheets-2

FREE Intro to Cloud Computing for Beginners

FREE AWS Practice Test Samplers

Browse Other Courses

Generic Category (English)300x250

Recent Posts