CreateRepository - Amazon Elastic Container Registry


Creates a repository. For more information, see Amazon ECR repositories in the Amazon Elastic Container Registry User Guide.

Request Syntax

{ "encryptionConfiguration": { "encryptionType": "string", "kmsKey": "string" }, "imageScanningConfiguration": { "scanOnPush": boolean }, "imageTagMutability": "string", "registryId": "string", "repositoryName": "string", "tags": [ { "Key": "string", "Value": "string" } ] }

Request Parameters

For information about the parameters that are common to all actions, see Common Parameters.

The request accepts the following data in JSON format.


The encryption configuration for the repository. This determines how the contents of your repository are encrypted at rest.

Type: EncryptionConfiguration object

Required: No


The image scanning configuration for the repository. This determines whether images are scanned for known vulnerabilities after being pushed to the repository.

Type: ImageScanningConfiguration object

Required: No


The tag mutability setting for the repository. If this parameter is omitted, the default setting of MUTABLE will be used which will allow image tags to be overwritten. If IMMUTABLE is specified, all image tags within the repository will be immutable which will prevent them from being overwritten.

Type: String


Required: No


The AWS account ID associated with the registry to create the repository. If you do not specify a registry, the default registry is assumed.

Type: String

Pattern: [0-9]{12}

Required: No


The name to use for the repository. The repository name may be specified on its own (such as nginx-web-app) or it can be prepended with a namespace to group the repository into a category (such as project-a/nginx-web-app).

Type: String

Length Constraints: Minimum length of 2. Maximum length of 256.

Pattern: (?:[a-z0-9]+(?:[._-][a-z0-9]+)*/)*[a-z0-9]+(?:[._-][a-z0-9]+)*

Required: Yes


The metadata that you apply to the repository to help you categorize and organize them. Each tag consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.

Type: Array of Tag objects

Required: No

Response Syntax

{ "repository": { "createdAt": number, "encryptionConfiguration": { "encryptionType": "string", "kmsKey": "string" }, "imageScanningConfiguration": { "scanOnPush": boolean }, "imageTagMutability": "string", "registryId": "string", "repositoryArn": "string", "repositoryName": "string", "repositoryUri": "string" } }

Response Elements

If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.


The repository that was created.

Type: Repository object


For information about the errors that are common to all actions, see Common Errors.


The specified parameter is invalid. Review the available parameters for the API request.

HTTP Status Code: 400


An invalid parameter has been specified. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.

HTTP Status Code: 400


The operation failed due to a KMS exception.

HTTP Status Code: 400


The operation did not succeed because it would have exceeded a service limit for your account. For more information, see Amazon ECR service quotas in the Amazon Elastic Container Registry User Guide.

HTTP Status Code: 400


The specified repository already exists in the specified registry.

HTTP Status Code: 400


These errors are usually caused by a server-side issue.

HTTP Status Code: 500


The list of tags on the repository is over the limit. The maximum number of tags that can be applied to a repository is 50.

HTTP Status Code: 400


In the following example or examples, the Authorization header contents (AUTHPARAMS) must be replaced with an AWS Signature Version 4 signature. For more information about creating these signatures, see Signature Version 4 Signing Process in the AWS General Reference.

You only need to learn how to sign HTTP requests if you intend to manually create them. When you use the AWS Command Line Interface (AWS CLI) or one of the AWS SDKs to make requests to AWS, these tools automatically sign the requests for you with the access key that you specify when you configure the tools. When you use these tools, you don't need to learn how to sign requests yourself.


This example creates a repository called sample-repo in the default registry for an account.

Sample Request

POST / HTTP/1.1 Host: Accept-Encoding: identity X-Amz-Target: AmazonEC2ContainerRegistry_V20150921.CreateRepository Content-Type: application/x-amz-json-1.1 User-Agent: aws-cli/1.16.190 Python/3.6.1 Darwin/16.7.0 botocore/1.12.180 X-Amz-Date: 20190715T204735Z Authorization: AUTHPARAMS Content-Length: 33 { "repositoryName": "sample-repo" }

Sample Response

HTTP/1.1 200 OK x-amzn-RequestId: 123a4b56-7c89-01d2-3ef4-example5678f Content-Type: application/x-amz-json-1.1 Content-Length: 339 Connection: keep-alive { "repository":{ "repositoryArn":"arn:aws:ecr:us-west-2:012345678910:repository/sample-repo", "registryId":"012345678910", "repositoryName":"sample-repo", "repositoryUri":"", "createdAt":1.563223656E9, "imageTagMutability":"MUTABLE", "imageScanningConfiguration": { "scanOnPush": false } } }

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: