Document history - Amazon ECR

Document history

The following table describes the important changes to the documentation since the last release of Amazon ECR. We also update the documentation frequently to address the feedback that you send us.

Change Description Date
Docker/OCI Client-proxied operations in CloudTrail events now point to ecr.amazonaws.com The value ecr.amazonaws.com replaces AWS Internal in User Agent (userAgent) and Source IP Address (sourceIPAddress) fields for CloudTrail events associated with Docker/OCI Client endpoints. For examples, see Example: Image pull action and Example: Image push action. 1 July 2024
Added description of new Amazon ECR service-linked role for repository creation templates.

Amazon ECR uses a service-linked role named AWSServiceRoleForECRTemplate which gives permission for Amazon ECR to perform actions on your behalf to complete repository creation template actions. For more information, see Amazon ECR service-linked role for repository creation templates.

20 June 2024
Added the ECRTemplateServiceRolePolicy service-linked role. Added the ECRTemplateServiceRolePolicy service-linked role. For more information, see ECRTemplateServiceRolePolicy 20 June 2024

Added cross-Region and cross-account replication to China Regions.

Amazon ECR added support to China Region for filtering which repositories are replicated. For more information, see Private image replication in Amazon ECR

15 May 2024

Added GitLab container registry to pull through cache rules

Amazon ECR added support for creating pull through cache rules for the GitLab container registry. For more information, see Sync an upstream registry with an Amazon ECR private registry.

8 May 2024

Amazon ECR lifecycle policy update to add support for using wildcards

Amazon ECR added support for wildcards in a lifecycle policy through the use of the tagPatternList parameter in a lifecycle policy rule. For more information, see Automate the cleanup of images by using lifecycle policies in Amazon ECR.

18 December 2023

Amazon ECR repository creation templates

Amazon ECR added support for repository creation templates. For more information, see Templates to control repositories created during a pull through cache action.

15 November 2023

Amazon ECR pull through cache added supported for authenticated upstream registries

Amazon ECR added support for using upstream registries that require authentication for your pull through cache rules. For more information, see Sync an upstream registry with an Amazon ECR private registry.

15 November 2023

AWSECRPullThroughCache_ServiceRolePolicy – Update to an existing policy

Amazon ECR added new permissions to the AWSECRPullThroughCache_ServiceRolePolicy policy. These permissions allow Amazon ECR to retrieve the encrypted contents of a Secrets Manager secret. This is required when using a pull through cache rule to cache images from an upstream registry that requires authentication.

November 15, 2023

Amazon ECR image signing

Amazon ECR and AWS Signer added support for creating and pushing container image signatures using the Notary client. For more information, see Signing an image stored in an Amazon ECR private repository.

6 June 2023

Added Kubernetes container registry to pull through cache rules

Amazon ECR added support for creating pull through cache rules for the Kubernetes container registry. For more information, see Sync an upstream registry with an Amazon ECR private registry.

1 June 2023

Amazon ECR enhanced scanning duration support

Amazon Inspector added support for setting the duration that your repositories are monitored for when enhanced scanning is enabled. For more information, see Changing the enhanced scanning duration for images in Amazon Inspector.

28 June 2022

Amazon ECR sends repository pull count metrics to Amazon CloudWatch

Amazon ECR sends repository pull count metrics to Amazon CloudWatch. For more information, see Amazon ECR repository metrics.

6 January 2022

Expanded replication support

Amazon ECR added support for filtering which repositories are replicated. For more information, see Private image replication in Amazon ECR.

21 September 2021

AWS managed policies for Amazon ECR

Amazon ECR added documentation of AWS managed policies. For more information, see AWS managed policies for Amazon Elastic Container Registry.

24 June 2021

Cross-Region and cross-account replication

Amazon ECR added support for configuring replication settings for your private registry. For more information, see Private registry settings in Amazon ECR.

8 December 2020

OCI artifact support

Amazon ECR added support for pushing and pulling Open Container Initiative (OCI) artifacts. A new parameter artifactMediaType was added to the DescribeImages API response to indicate the type of artifact.

For more information, see Pushing a Helm chart to an Amazon ECR private repository.

24 August 2020

Encryption at rest

Amazon ECR added support for configuring encryption for your repositories using server-side encryption with customer managed keys stored in AWS Key Management Service (AWS KMS).

For more information, see Encryption at rest.

29 July 2020

Multi-architecture images

Amazon ECR added support for creating and pushing Docker manifest lists which are used for multi-architecture images.

For more information, see Pushing a multi-architecture image to an Amazon ECR private repository.

28 April 2020

Amazon ECR Usage Metrics

Amazon ECR added CloudWatch usage metrics which provides visiblity into your account's resource usage. You also have the ability to create CloudWatch alarms from both the CloudWatch and Service Quotas consoles to get alerts when your usage approaches your applied service quota.

For more information, see Amazon ECR usage metrics.

28 Feb 2020

Updated Amazon ECR service quotas

Updated the Amazon ECR service quotas to include per-API quotas.

For more information, see Amazon ECR service quotas.

19 Feb 2020

Added get-login-password command

Added support for get-login-password, which provides a simple and secure method for retrieving an authorization token.

For more information, see Using an authorization token.

4 Feb 2020

Image Scanning

Added support for image scanning, which helps in identifying software vulnerabilities in your container images. Amazon ECR uses the Common Vulnerabilities and Exposures (CVEs) database from the open source CoreOS Clair project and provides you with a list of scan findings.

For more information, see Scan images for software vulnerabilities in Amazon ECR.

24 Oct 2019

VPC Endpoint Policy

Added support for setting an IAM policy on the Amazon ECR interface VPC endpoints.

For more information, see Create an endpoint policy for your Amazon ECR VPC endpoints.

26 Sept 2019

Image Tag Mutability

Added support for configuring a repository to be immutable to prevent image tags from being overwritten.

For more information, see Preventing image tags from being overwritten in Amazon ECR.

25 July 2019

Interface VPC Endpoints (AWS PrivateLink)

Added support for configuring interface VPC endpoints powered by AWS PrivateLink. This allows you to create a private connection between your VPC and Amazon ECR without requiring access over the internet, through a NAT instance, a VPN connection, or AWS Direct Connect.

For more information, see Amazon ECR interface VPC endpoints (AWS PrivateLink).

25 Jan 2019

Resource tagging

Amazon ECR added support for adding metadata tags to your repositories.

For more information, see Tagging a private repository in Amazon ECR.

18 Dec 2018

Amazon ECR Name Change

Amazon Elastic Container Registry is renamed (previously Amazon EC2 Container Registry). 21 Nov 2017

Lifecycle Policies

Amazon ECR lifecycle policies enable you to specify the lifecycle management of images in a repository.

For more information, see Automate the cleanup of images by using lifecycle policies in Amazon ECR.

11 Oct 2017

Amazon ECR support for Docker image manifest 2, schema 2

Amazon ECR now supports Docker Image Manifest V2 Schema 2 (used with Docker version 1.10 and newer).

For more information, see Container image manifest format support in Amazon ECR.

27 Jan 2017

Amazon ECR General Availability

Amazon Elastic Container Registry (Amazon ECR) is a managed AWS Docker registry service that is secure, scalable, and reliable.

21 Dec 2015