Photo by Samuel Wölfl: https://www.pexels.com/photo/intermodal-container-stacked-on-port-1427541/

Automated Container Image Cleanup in Amazon ECR to Save Costs

by
Spread the love

Amazon Elastic Container Registry (ECR) is a fully managed Docker container registry that makes storing, sharing, and deploying container images easy. However, unused or outdated images can pile up quickly, leading to unnecessary storage costs and cluttered repositories.

In this guide, we’ll walk through automated image cleanup in ECR using lifecycle policies, helping you save on costs and stay organized.

🧠 Why Should You Clean Up ECR Images?

  • Reduces ECR storage costs (charged per GB/month)
  • Keeps repositories clean and manageable
  • Avoids confusion with old or deprecated versions
  • Enforces DevOps best practices in CI/CD

🛠️ Step-by-Step Guide: Automate ECR Image Cleanup

🔹 Step 1: Open the Amazon ECR Console

  1. Go to the AWS Console
  2. Navigate to Elastic Container Registry
  3. Choose Repositories from the left menu
  4. Click on your target repository (e.g., my-app-backend)

🔹 Step 2: Define Your Cleanup Strategy

Decide your image retention policy, for example:

  • Keep only the last 10 images
  • Delete images older than 30 days
  • Remove untagged images

🔹 Step 3: Create a Lifecycle Policy

  1. Inside your repository, click on the Lifecycle Policy tab
  2. Click Edit Policy
  3. Paste a JSON lifecycle rule (see below)

✅ Example 1: Keep only the last 10 images

[
  {
    "rulePriority": 1,
    "description": "Remove untagged images after 1 day",
    "selection": {
      "tagStatus": "untagged",
      "countType": "sinceImagePushed",
      "countUnit": "days",
      "countNumber": 1
    },
    "action": {
      "type": "expire"
    }
  },
  {
    "rulePriority": 2,
    "description": "Keep last 10 images",
    "selection": {
      "tagStatus": "tagged",
      "countType": "imageCountMoreThan",
      "countNumber": 10
    },
    "action": {
      "type": "expire"
    }
  }
]

✅ Example 2: Delete images older than 30 days

[
  {
    "rulePriority": 1,
    "description": "Expire images older than 30 days",
    "selection": {
      "tagStatus": "tagged",
      "countType": "sinceImagePushed",
      "countUnit": "days",
      "countNumber": 30
    },
    "action": {
      "type": "expire"
    }
  }
]

🔹 Step 4: Save the Policy

Click Save. AWS will now automatically delete images based on your rules.

See also  How to Fix TLS 1.3 Connection Issues with AWS Load Balancer and ACM

🔍 Optional: Use AWS CLI to Apply Policy

aws ecr put-lifecycle-policy \
  --repository-name my-app-backend \
  --lifecycle-policy-text file://policy.json

Make sure policy.json contains one of the lifecycle rules shown above.

✅ Verify Cleanup

  • Go to the Images tab in ECR
  • Watch over time as older or untagged images are removed
  • Use CloudWatch metrics to observe ECR usage drop

💡 Best Practices

  • Use v1.0.0 tags instead of latest for better version control
  • Automate policy setup with IaC tools like Terraform or CloudFormation
  • Monitor ECR usage with AWS Budgets alerts
  • Ensure CI/CD pipelines push only required tags

🧾 Conclusion

Automating image cleanup in Amazon ECR is a smart move to:

  • Save money
  • Improve performance
  • Maintain a clean CI/CD pipeline

Use ECR lifecycle policies to clean your container registry with zero manual effort.

Have you tried this in production? Share your experience in the comments or let me know what other DevOps issues you’d like covered!

Related posts:

  1. Copy S3 bucket objects across AWS accounts
  2. AWS S3 Sync – How To Synchronize Data In AWS S3
  3. ERROR: unable to select packages
  4. Common EC2 connection errors and how to resolve them

Leave a Comment

PHP Code Snippets Powered By : XYZScripts.com