All news with #amazon ecr tag

Amazon ECR Adds Managed Container Image Signing Capability

🔐 Amazon ECR now offers managed container image signing to simplify and standardize container provenance. Using a few clicks in the ECR Console or a single API call, you create a signing rule that references an AWS Signer signing profile (signature validity, target repositories), and ECR automatically signs images when they are pushed using the pusher's identity. AWS Signer handles key and certificate lifecycle, and all signing operations are logged to CloudTrail. The feature is available in all Regions where AWS Signer is offered.

ECR Dual-Stack Endpoints Gain AWS PrivateLink Support

🔒 Amazon Elastic Container Registry (ECR) now supports AWS PrivateLink for its dual-stack endpoints. This enables customers to standardize on IPv6 while continuing to accept IPv4 traffic, and to keep API and Docker/OCI request traffic confined to the Amazon network. By routing dual-stack endpoint traffic over PrivateLink, organizations can reduce exposure to the public internet and improve their security posture. The feature is generally available in all AWS commercial and GovCloud (US) regions at no additional cost.

Amazon ECR adds Archive storage class and lifecycle rules

📦 Amazon Web Services announced a new Amazon ECR Archive storage class to lower costs for large volumes of rarely accessed container images. Lifecycle policies can now archive images by last pull time, age, or count, and archived images are excluded from repository image limits. Archived images are inaccessible for pulls but can be restored via Console, CLI, or API within about 20 minutes, and all operations are logged to CloudTrail; the feature is available in AWS Commercial and GovCloud (US) Regions.

Amazon ECR Adds PrivateLink Support for FIPS Endpoints

🔒 Amazon Web Services announced that Amazon ECR now supports PrivateLink endpoints validated under FIPS 140-3. This allows customers with security and compliance requirements to use FIPS-validated cryptographic modules while keeping traffic private within their Amazon VPCs. The enhancement helps organizations meet regulatory obligations without exposing container registry traffic to the public internet. Availability includes several commercial and AWS GovCloud regions.

Amazon ECR Repository Templates Now in AWS GovCloud

📦 Amazon ECR now supports repository creation templates in AWS GovCloud (US) Regions. Templates let you preconfigure encryption, lifecycle policies, access permissions, and tag immutability for repositories that ECR creates during pull-through cache and replication operations. Templates use a prefix to automatically match and apply settings to new repositories, reducing manual setup and helping enforce consistent registry governance across environments.