BACKGROUND IMAGE: iSTOCK/GETTY IMAGES
Amazon EC2 Container Registry (Amazon ECR) is an AWS product that stores, manages and deploys private images of Docker containers, which are managed clusters of Elastic Compute Cloud (EC2) instances. Amazon ECR allows a developer to save configurations and quickly move them into a production environment.
Amazon ECR provides a command-line interface and APIs to manage repositories and integrated services, such as Amazon EC2 Container Service, which installs and manages the infrastructure for these containers. A developer can use the Docker command line interface to push or pull container images to or from an AWS region. Amazon ECR can be used wherever a Docker container service is running, including on-premises environments. AWS Elastic Beanstalk also supports Amazon ECR for multi-container environments.
Amazon ECR automatically encrypts container images at rest with Amazon Simple Storage Service (S3) server-side encryption and allows administrators place restrictions on Amazon Identity and Access Management users or roles to limit access to each repository. The container registry stores container images in S3 for high availability. Amazon ECR also transfers container images over HTTPS for additional protection.