How to define an ECR Lifecycle Policy with CloudFormation

| will allow you to add text inline.

AWSTemplateFormatVersion: "2010-09-09"
Resources:
    ECRRepo: 
      Type: AWS::ECR::Repository
      Properties: 
        RepositoryName: "images"
        LifecyclePolicy:
          LifecyclePolicyText: |
            {
                "rules": [
                    {
                        "rulePriority": 2,
                        "description": "Keep only one untagged image, expire all others",
                        "selection": {
                            "tagStatus": "untagged",
                            "countType": "imageCountMoreThan",
                            "countNumber": 1
                        },
                        "action": {
                            "type": "expire"
                        }
                    }
                ]
            }

The solution was pretty easy, but since I could not find any example or similar questions (ECR is not mainstream, I know), let me post here the easy solution that I found, which simply requires to insert the policy as JSON into the CloudFormation definition:

MyRepository:
  Type: AWS::ECR::Repository
  Properties:
    LifecyclePolicy:
      LifecyclePolicyText: |
        {
          "rules": [
          {
            "rulePriority": 1,
            "description": "Only keep 8 images",
            "selection": {
              "tagStatus": "any",
              "countType": "imageCountMoreThan",
              "countNumber": 8
            },
            "action": { "type": "expire" }
          }]
        }

Of course this is very simplistic, but it's the starting point that I was looking for


You can also define a reference to your PolicyText and later on your parameters.json stringify your policy.

It would look like something like this:

template.yml

Parameters:    
  lifecyclePolicyText:
    Description: Lifecycle policy content (JSON), the policy content the pre-fixes for the microservices and the kind of policy (CountMoreThan).  
    Type: String
  repositoryName:
    Description: ECR Repository Name to which we will apply the lifecycle policies. 
    Type: String
  registryId:
    Description: AWS account identification number (12 digits)
    Type: String
    Default: xxxxx
Resources:
  Repository:
    Type: AWS::ECR::Repository
    Properties:
      LifecyclePolicy:
        LifecyclePolicyText: !Ref lifecyclePolicyText
        RegistryId: !Ref registryId
      RepositoryName: !Ref repositoryName
Outputs:    
  Arn:
    Value: !GetAtt Repository.Arn

parameters.json

[
    {
      "ParameterKey": "lifecyclePolicyText",
      "ParameterValue": "{'rules':[{'rulePriority':1,'description':'Only keep 8 images','selection':{'tagStatus':'any','countType':'imageCountMoreThan','countNumber':8},'action':{'type':'expire'}}]}"
    }, 
    {
      "ParameterKey": "repositoryName",
      "ParameterValue": "xxxx"
    }
  ]

Tags:

Amazon Cloudformation

Amazon Ecr

Recent Posts