AWScloud~30 mins

ECR for container image registry in AWS - Mini Project: Build & Apply

Choose your learning style9 modes available

Learn Why Deep Visual Try Challenge Project Recall Time

ECR for container image registry

📖 Scenario: You are working on a cloud project where you need a place to store your container images securely. AWS Elastic Container Registry (ECR) is a service that lets you store and manage Docker container images easily.Think of ECR as a private photo album but for your container images. You want to create this album, set some rules, and then upload your images to it.

🎯 Goal: Create an AWS ECR repository named my-app-repo to store container images. Configure it with basic settings to keep your images safe and ready for deployment.

📋 What You'll Learn

Create an ECR repository named my-app-repo

Set the repository to have image scanning on push enabled

Configure the repository to have a lifecycle policy to keep only the last 5 images

Add a tag to the repository with key Environment and value Development

💡 Why This Matters

🌍 Real World

ECR is widely used to store container images securely in AWS environments, enabling smooth deployment pipelines.

💼 Career

Knowing how to configure ECR repositories is essential for cloud engineers and DevOps professionals managing containerized applications.

Progress0 / 4 steps

Create the ECR repository resource

Write the AWS CloudFormation resource code to create an ECR repository named my-app-repo. Use the resource type AWS::ECR::Repository and set the RepositoryName property exactly to my-app-repo.

AWS

# Write the AWS::ECR::Repository resource with RepositoryName 'my-app-repo'
# Your code here

Need a hint?

Use the Resources section and define a resource with Type as AWS::ECR::Repository. Set RepositoryName to my-app-repo.

Enable image scanning on push

Add the property ImageScanningConfiguration to the my-app-repo repository resource. Set ScanOnPush to true to enable automatic scanning of images when they are pushed.

AWS

Resources:
  MyAppRepo:
    Type: AWS::ECR::Repository
    Properties:
      RepositoryName: my-app-repo
      # Add ImageScanningConfiguration with ScanOnPush true below
      # Your code here

Need a hint?

Inside Properties, add ImageScanningConfiguration with ScanOnPush set to true.

Add lifecycle policy to keep last 5 images

Add the property LifecyclePolicy to the my-app-repo resource. Set LifecyclePolicyText to a JSON string that keeps only the last 5 images by tag count. Use the rule type expire with tagStatus set to any and countType set to tagCount with countNumber 5.

AWS

Resources:
  MyAppRepo:
    Type: AWS::ECR::Repository
    Properties:
      RepositoryName: my-app-repo
      ImageScanningConfiguration:
        ScanOnPush: true
      # Add LifecyclePolicy with rule to keep last 5 images
      # Your code here

Need a hint?

Use LifecyclePolicy with LifecyclePolicyText as a JSON string defining a rule to expire images keeping only the last 5.

Add a tag to the repository

Add the Tags property to the my-app-repo resource. Add a tag with Key set to Environment and Value set to Development.

AWS

Resources:
  MyAppRepo:
    Type: AWS::ECR::Repository
    Properties:
      RepositoryName: my-app-repo
      ImageScanningConfiguration:
        ScanOnPush: true
      LifecyclePolicy:
        LifecyclePolicyText: |
          {
            "rules": [
              {
                "rulePriority": 1,
                "description": "Keep last 5 images",
                "selection": {
                  "tagStatus": "any",
                  "countType": "tagCount",
                  "countNumber": 5
                },
                "action": {
                  "type": "expire"
                }
              }
            ]
          }
      # Add Tags property with Environment: Development
      # Your code here

Need a hint?

Add the Tags property as a list with one tag having Key and Value as specified.