How Do I Deploy an AWS ECR Lifecycle Policy?

Introduction

This tutorial demonstrates how to deploy an AWS Elastic Container Registry (ECR) lifecycle policy. The lifecycle policy helps manage the lifecycle of images in the repository, allowing automated removal of old and unused images based on specified rules.

Explanation

The code below does the following:

1. Creates an ECR repository.
2. Applies a lifecycle policy to manage the images.

Resources Used

• aws_ecr_repository: Defines an ECR repository where Docker images are stored.
• aws_ecr_lifecycle_policy: Specifies lifecycle rules for the ECR repository to automatically clean up unused images.

Example Code

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const example = new aws.ecr.Repository("example", {name: "example-repo"});
const exampleLifecyclePolicy = new aws.ecr.LifecyclePolicy("example", {
    repository: example.name,
    policy: `{
  "rules": [
    {
      "rulePriority": 1,
      "description": "Remove untagged images",
      "selection": {
        "tagStatus": "untagged",
        "countType": "imageCountMoreThan",
        "countNumber": 1
      },
      "action": {
        "type": "expire"
      }
    }
  ]
}
`,
});
export const repositoryUrl = example.repositoryUrl;
export const lifecyclePolicy = exampleLifecyclePolicy.policy;

Key Points

• ECR Repository: A storage for Docker images.
• Lifecycle Policy: Automates image cleanup based on rules such as tag status and count.
• Outputs: Include repository URL and lifecycle policy for easy reference.

Conclusion

The provided code sets up an AWS ECR repository along with a lifecycle policy to ensure that untagged images are automatically removed when more than one is present. This helps maintain the repository’s health and manage storage costs effectively.