Amazon ECR

AWSContainersFree tier available

Fully managed container image registry supporting public and private repositories, OCI artefacts (Helm charts, SBOMs), automatic image scanning with Inspector integration, lifecycle policies, cross-region and cross-account replication, and pull-through caches for upstream registries

FluffyStack tools
Add to Service BuilderAdd to CompareCompare with equivalentsExplore AWS in TreemapExplore containers in HoneycombSee AWS regions on the World MapSee containers as a networkScore jurisdiction exposure
DocumentationPricingAWS website

Jurisdictional exposure

Provider HQ
USSeattle, USA

Subject to CLOUD Act, FISA-702, DPF

Region locations
APACCNEEAEUUKUSOther40 regions across 7 jurisdictions
Sovereign option
Yes — 6 sovereign-flagged regions available
Full scorecard for this service →US lens detail →Sovereign cloud coverage map →

Attributes

SLA Uptime
99.9%
Encryption
Yes

Sub-services (4)

Private Repositories

IAM-gated image repositories with lifecycle policies and replication

ECR Public

Public gallery for distributing open-source container images worldwide

Pull-Through Cache

Transparent caching proxy for upstream registries (Docker Hub, Quay, GitHub)

Enhanced Scanning

Continuous vulnerability scanning powered by Amazon Inspector

Compliance & Certifications

This service is attested for the following frameworks. Always verify with the provider before relying on a specific compliance posture.

GDPRSOC 2ISO 27001HIPAAPCI DSSFedRAMP

Where this runs

40 regions
28 countries
6sovereign
Sovereign regions (6)
  • AWS European Sovereign Cloud (Brandenburg) · BrandenburgAWS European Sovereign Cloud
  • AWS GovCloud (US-East) · AshburnAWS GovCloud (US)
  • AWS GovCloud (US-West) · HillsboroAWS GovCloud (US)
  • AWS European Sovereign Cloud (Brandenburg) · BrandenburgAWS European Sovereign Cloud
  • China (Beijing) · BeijingAWS China (Sinnet)
  • China (Ningxia) · YinchuanAWS China (NWCD)
Commercial regions (34)

Europe (8)

  • Europe (Paris)
  • Europe (Frankfurt)
  • Europe (Ireland)
  • Europe (Milan)
  • Europe (Spain)
  • Europe (Stockholm)
  • Europe (Zurich)
  • Europe (London)

North America (7)

  • Canada West (Calgary)
  • Canada (Central)
  • Mexico (Central)
  • US East (N. Virginia)
  • US West (Oregon)
  • US East (Ohio)
  • US West (N. California)

South America (1)

  • South America (São Paulo)

Asia (11)

  • Asia Pacific (Hong Kong)
  • Asia Pacific (Hyderabad)
  • Asia Pacific (Mumbai)
  • Asia Pacific (Jakarta)
  • Asia Pacific (Osaka)
  • Asia Pacific (Tokyo)
  • Asia Pacific (Malaysia)
  • Asia Pacific (Singapore)
  • Asia Pacific (Seoul)
  • Asia Pacific (Taipei)
  • Asia Pacific (Thailand)

Oceania (3)

  • Asia Pacific (Melbourne)
  • Asia Pacific (Sydney)
  • Asia Pacific (New Zealand)

Middle East (3)

  • Middle East (Bahrain)
  • Israel (Tel Aviv)
  • Middle East (UAE)

Africa (1)

  • Africa (Cape Town)

Tags

container-registryociimage-scanningsbomcontainers

Equivalent services on other platforms

Alibaba Container RegistryAlibaba

Managed container registry supporting Docker and Helm chart artifacts with personal and enterprise editions, geo-replication, vulnerability scanning, P2P image acceleration, and integrated signing via cosign/Notary V2

Azure Container RegistryAzure

Managed private Docker and OCI container registry service with geo-replication, image scanning, signed content trust, and integration with AKS and Azure DevOps

Artifact RegistryGCP

Universal package manager for build artifacts and dependencies

Binary AuthorizationGCP

Deploy-time policy enforcement for GKE, Cloud Run, and Anthos that requires containers to be signed by trusted attestors before they can run, with break-glass bypass, continuous validation at runtime, and Cloud Build integration for automated attestation signing

Huawei Software Repository for ContainersHuawei

Managed container image registry compatible with Docker V2 and OCI Image specs, with organisations and image-access control, cross-region replication, trigger-based pipelines, and automatic CVE scanning

IBM Cloud Container RegistryIBM

Private container image registry for IBM Cloud with multi-tenant namespaces, automatic vulnerability scanning via Vulnerability Advisor, image-signing with Notary, quota management, and cross-region replication

Red Hat QuayOpenShift

Enterprise container registry with geo-replication, vulnerability scanning (Clair), build triggers, and fine-grained access control — available as Quay.io SaaS or self-managed

OCI Container Registry (OCIR)Oracle

Managed OCI-native container registry compatible with OCI Image Format 1.1 and Docker v2, with IAM-scoped repositories, image signing via OCI Vault keys, automatic vulnerability scanning, and replication across OCI regions

Tencent Container RegistryTencent

Managed OCI-compatible container registry with Personal and Enterprise editions, namespace-level IAM, cross-region replication, P2P image pull acceleration, Helm chart hosting, and automatic CVE scanning integrated with Cloud Workload Protection Platform

Pricing

Pricing model:pay-as-you-go