Amazon EC2 Container Registry (ECR) is a product from Amazon Web Services (AWS). ECR is an AWS Docker registry service to stores, manages and move images of Docker containers. It is also secure, scalable, and reliable which helps to manage clusters of Amazon EC2 instances. Amazon ECR also supports resource-based permissions for Docker containers to give users to access containers and images. This product makes it easy for developers to store, manage, and quickly move Docker container images. There are no extra fees for use Amazon ECR other than the amount of data you store in your containers and data transferred to the Internet.
Note that, users need to set up and install the AWS Command Line Interface and Docker to use Amazon ECR.
Features of Amazon ECR
Amazon ECR contains the following elements:
- Registry – Each AWS account contains an Amazon ECR registry. Users can use it to create image containers in their registry and store images into them. Users can also use Amazon ECR registries to host images in a scalable architecture which allow deploying repositories for applications.
- Authorization token – Users need to authenticate Docker client to Amazon ECR registries before it can push and pull images. Users can apply the AWS Management Console to verify credentials to pass to Docker.
- Repository – Amazon ECR image repository holds images of Docker. By default, users have read and write access to the repositories in their default registry. Amazon ECR image repository also support namespaces, which helps to group similar containers.
- Repository policy – Repository policy helps users to control access to their repositories and the images. By default, only the owner can access their repository. However, users can apply a policy document to allows others to access their repository.
- Image – AWS users can push and pull Docker images to their containers. Users can either use these images locally on their development system or can use them in Amazon ECS task definitions.
Benefits of Amazon ECR
- Fully Managed – AWS fully manages Amazon EC2 Container Registry. There is no need to set up any software to manage, operate or scale the infrastructure. Just shift your container images to Amazon ECR and draw the images when you need.
- Total Secure – Amazon EC2 Container Registry conveys container images over an encrypted HTTPS connection to secure images. By default, only the owner can access the container. Although, users can configure policies to manage permissions and control access to their images.
- Highly Available – Amazon EC2 Container Registry has a remarkably scalable, constant, and uninterrupted server. Container images are always highly available and accessible so users can use containers for their applications reliably.
- Simplified Workflow – Amazon EC2 Container Registry merges with Amazon ECS and the Docker CLI to easier the development and production workflows. Users can quickly push container images to Amazon ECR using the Docker CLI from development machine. Users also can pull them directly to Amazon ECS for production deployments.
Amazon ECR presents a command-line interface and APIs to manage containers and integrated others AWS services. A developer can use the Amazon ECR interface to shift or draw container images to or from an AWS region. Amazon ECR also sends container images over secure HTTPS for automatically encrypts container images.