How to Apply an ECR Lifecycle Policy From CI
An ECR lifecycle policy expires old images automatically so the registry does not grow unbounded.
Write the policy JSON and apply it with aws ecr put-lifecycle-policy. Rules can expire untagged images and cap the count of tagged images.
Steps
- Author a lifecycle policy JSON with expiration rules.
- Apply it with
aws ecr put-lifecycle-policy. - Rerun in CI so policy changes are version-controlled.
Policy JSON
lifecycle-policy.json
{
"rules": [
{
"rulePriority": 1,
"description": "Expire untagged after 14 days",
"selection": {
"tagStatus": "untagged",
"countType": "sinceImagePushed",
"countUnit": "days",
"countNumber": 14
},
"action": { "type": "expire" }
}
]
}Terminal
Terminal
aws ecr put-lifecycle-policy \
--repository-name myapp \
--lifecycle-policy-text file://lifecycle-policy.jsonRelated guides
How to Delete Untagged Image Versions in a Registry From CIPrune old and untagged container image versions from GHCR in GitHub Actions with actions/delete-package-versi…
How to Log In to Amazon ECR From CIAuthenticate to Amazon Elastic Container Registry from GitHub Actions with aws-actions/amazon-ecr-login, usin…