Creating an AWS ECR Service with Pulumi

This reference shows how to use Pulumi to define an AWS ECR resource using pure code which can then be deployed to AWS and managed as infrastructure as code.

What is AWS ECR?


AWS ECR is a fully-managed Docker container registry that makes it easy for developers to store, manage, and deploy Docker container images. Find out more at AWS here.

Create an AWS ECR resource using @pulumi/aws

The @pulumi/aws library enables fine-grained control over the AWS ECR resource meaning it can be coded, deployed, and managed entirely in code.

const aws = require("@pulumi/aws");

const repository = new aws.ecr.Repository("myrepository");

const repositoryPolicy = new aws.ecr.RepositoryPolicy("myrepositorypolicy", {
    policy: JSON.stringify({
        Version: "2012-10-17",
        Statement: [{
            Sid: "new policy",
            Effect: "Allow",
            Principal: "*",
            Action: [

const lifecyclePolicy = new aws.ecr.LifecyclePolicy("mylifecyclepolicy", {
    policy: JSON.stringify({
        rules: [{
            rulePriority: 1,
            description: "Expire images older than 14 days",
            selection: {
                tagStatus: "untagged",
                countType: "sinceImagePushed",
                countUnit: "days",
                countNumber: 14
            action: {
                type: "expire"
Pulumi Deployments: the fastest way to go from code to cloud. Join the Preview