# Actions
The following actions are supported:
+ [BatchCheckLayerAvailability](API_BatchCheckLayerAvailability.md)
+ [BatchDeleteImage](API_BatchDeleteImage.md)
+ [BatchGetImage](API_BatchGetImage.md)
+ [BatchGetRepositoryScanningConfiguration](API_BatchGetRepositoryScanningConfiguration.md)
+ [CompleteLayerUpload](API_CompleteLayerUpload.md)
+ [CreatePullThroughCacheRule](API_CreatePullThroughCacheRule.md)
+ [CreateRepository](API_CreateRepository.md)
+ [CreateRepositoryCreationTemplate](API_CreateRepositoryCreationTemplate.md)
+ [DeleteLifecyclePolicy](API_DeleteLifecyclePolicy.md)
+ [DeletePullThroughCacheRule](API_DeletePullThroughCacheRule.md)
+ [DeleteRegistryPolicy](API_DeleteRegistryPolicy.md)
+ [DeleteRepository](API_DeleteRepository.md)
+ [DeleteRepositoryCreationTemplate](API_DeleteRepositoryCreationTemplate.md)
+ [DeleteRepositoryPolicy](API_DeleteRepositoryPolicy.md)
+ [DeleteSigningConfiguration](API_DeleteSigningConfiguration.md)
+ [DeregisterPullTimeUpdateExclusion](API_DeregisterPullTimeUpdateExclusion.md)
+ [DescribeImageReplicationStatus](API_DescribeImageReplicationStatus.md)
+ [DescribeImages](API_DescribeImages.md)
+ [DescribeImageScanFindings](API_DescribeImageScanFindings.md)
+ [DescribeImageSigningStatus](API_DescribeImageSigningStatus.md)
+ [DescribePullThroughCacheRules](API_DescribePullThroughCacheRules.md)
+ [DescribeRegistry](API_DescribeRegistry.md)
+ [DescribeRepositories](API_DescribeRepositories.md)
+ [DescribeRepositoryCreationTemplates](API_DescribeRepositoryCreationTemplates.md)
+ [GetAccountSetting](API_GetAccountSetting.md)
+ [GetAuthorizationToken](API_GetAuthorizationToken.md)
+ [GetDownloadUrlForLayer](API_GetDownloadUrlForLayer.md)
+ [GetLifecyclePolicy](API_GetLifecyclePolicy.md)
+ [GetLifecyclePolicyPreview](API_GetLifecyclePolicyPreview.md)
+ [GetRegistryPolicy](API_GetRegistryPolicy.md)
+ [GetRegistryScanningConfiguration](API_GetRegistryScanningConfiguration.md)
+ [GetRepositoryPolicy](API_GetRepositoryPolicy.md)
+ [GetSigningConfiguration](API_GetSigningConfiguration.md)
+ [InitiateLayerUpload](API_InitiateLayerUpload.md)
+ [ListImageReferrers](API_ListImageReferrers.md)
+ [ListImages](API_ListImages.md)
+ [ListPullTimeUpdateExclusions](API_ListPullTimeUpdateExclusions.md)
+ [ListTagsForResource](API_ListTagsForResource.md)
+ [PutAccountSetting](API_PutAccountSetting.md)
+ [PutImage](API_PutImage.md)
+ [PutImageScanningConfiguration](API_PutImageScanningConfiguration.md)
+ [PutImageTagMutability](API_PutImageTagMutability.md)
+ [PutLifecyclePolicy](API_PutLifecyclePolicy.md)
+ [PutRegistryPolicy](API_PutRegistryPolicy.md)
+ [PutRegistryScanningConfiguration](API_PutRegistryScanningConfiguration.md)
+ [PutReplicationConfiguration](API_PutReplicationConfiguration.md)
+ [PutSigningConfiguration](API_PutSigningConfiguration.md)
+ [RegisterPullTimeUpdateExclusion](API_RegisterPullTimeUpdateExclusion.md)
+ [SetRepositoryPolicy](API_SetRepositoryPolicy.md)
+ [StartImageScan](API_StartImageScan.md)
+ [StartLifecyclePolicyPreview](API_StartLifecyclePolicyPreview.md)
+ [TagResource](API_TagResource.md)
+ [UntagResource](API_UntagResource.md)
+ [UpdateImageStorageClass](API_UpdateImageStorageClass.md)
+ [UpdatePullThroughCacheRule](API_UpdatePullThroughCacheRule.md)
+ [UpdateRepositoryCreationTemplate](API_UpdateRepositoryCreationTemplate.md)
+ [UploadLayerPart](API_UploadLayerPart.md)
+ [ValidatePullThroughCacheRule](API_ValidatePullThroughCacheRule.md)
# BatchCheckLayerAvailability
Checks the availability of one or more image layers in a repository.
When an image is pushed to a repository, each image layer is checked to verify if it has been uploaded before. If it has been uploaded, then the image layer is skipped.
**Note**
This operation is used by the Amazon ECR proxy and is not generally used by customers for pulling and pushing images. In most cases, you should use the `docker` CLI to pull, tag, and push images.
## Request Syntax
```
{
"layerDigests": [ "string" ],
"registryId": "string",
"repositoryName": "string"
}
```
## Request Parameters
For information about the parameters that are common to all actions, see [Common Parameters](CommonParameters.md).
The request accepts the following data in JSON format.
** [layerDigests](#API_BatchCheckLayerAvailability_RequestSyntax) **
The digests of the image layers to check.
Type: Array of strings
Array Members: Minimum number of 1 item. Maximum number of 100 items.
Length Constraints: Minimum length of 0. Maximum length of 1000.
Required: Yes
** [registryId](#API_BatchCheckLayerAvailability_RequestSyntax) **
The AWS account ID associated with the registry that contains the image layers to check. If you do not specify a registry, the default registry is assumed.
Type: String
Pattern: `[0-9]{12}`
Required: No
** [repositoryName](#API_BatchCheckLayerAvailability_RequestSyntax) **
The name of the repository that is associated with the image layers to check.
Type: String
Length Constraints: Minimum length of 2. Maximum length of 256.
Pattern: `[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*(\/[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*)*`
Required: Yes
## Response Syntax
```
{
"failures": [
{
"failureCode": "string",
"failureReason": "string",
"layerDigest": "string"
}
],
"layers": [
{
"layerAvailability": "string",
"layerDigest": "string",
"layerSize": number,
"mediaType": "string"
}
]
}
```
## Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
** [failures](#API_BatchCheckLayerAvailability_ResponseSyntax) **
Any failures associated with the call.
Type: Array of [LayerFailure](API_LayerFailure.md) objects
** [layers](#API_BatchCheckLayerAvailability_ResponseSyntax) **
A list of image layer objects corresponding to the image layer references in the request.
Type: Array of [Layer](API_Layer.md) objects
## Errors
For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md).
** InvalidParameterException **
The specified parameter is invalid. Review the available parameters for the API request.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** RepositoryNotFoundException **
The specified repository could not be found. Check the spelling of the specified repository and ensure that you are performing operations on the correct registry.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** ServerException **
These errors are usually caused by a server-side issue.
** message **
The error message associated with the exception.
HTTP Status Code: 500
## Examples
In the following example or examples, the Authorization header contents (`AUTHPARAMS`) must be replaced with an AWS Signature Version 4 signature. For more information about creating these signatures, see [Signature Version 4 Signing Process](https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html) in the * AWS General Reference*.
You only need to learn how to sign HTTP requests if you intend to manually create them. When you use the [AWS Command Line Interface (AWS CLI)](http://aws.amazon.com/cli/) or one of the [AWS SDKs](http://aws.amazon.com/tools/) to make requests to AWS, these tools automatically sign the requests for you with the access key that you specify when you configure the tools. When you use these tools, you don't need to learn how to sign requests yourself.
### Example
This example checks the availability of an image layer in the `amazonlinux` repository.
#### Sample Request
```
POST / HTTP/1.1
Host: ecr.us-west-2.amazonaws.com
Accept-Encoding: identity
Content-Length: 126
X-Amz-Target: AmazonEC2ContainerRegistry_V20150921.BatchCheckLayerAvailability
X-Amz-Date: 20161216T195733Zc
User-Agent: aws-cli/1.11.22 Python/2.7.12 Darwin/16.3.0 botocore/1.4.79
Content-Type: application/x-amz-json-1.1
Authorization: AUTHPARAMS
{
"layerDigests": [
"sha256:8e3fa21c4cc40232e835a6761332d225c7af3235c5755f44ada2ed9d0e4ab7e8"
],
"repositoryName": "amazonlinux"
}
```
#### Sample Response
```
HTTP/1.1 200 OK
Server: Server
Date: Fri, 16 Dec 2016 19:57:33 GMT
Content-Type: application/x-amz-json-1.1
Content-Length: 233
Connection: keep-alive
x-amzn-RequestId: e2422faf-c3c9-11e6-a3ee-63b3b5dcf3b9
{
"failures": [],
"layers": [
{
"layerAvailability": "AVAILABLE",
"layerDigest": "sha256:8e3fa21c4cc40232e835a6761332d225c7af3235c5755f44ada2ed9d0e4ab7e8",
"layerSize": 91768077,
"mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip"
}
]
}
```
## See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
+ [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/ecr-2015-09-21/BatchCheckLayerAvailability)
+ [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/ecr-2015-09-21/BatchCheckLayerAvailability)
+ [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/ecr-2015-09-21/BatchCheckLayerAvailability)
+ [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/ecr-2015-09-21/BatchCheckLayerAvailability)
+ [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/ecr-2015-09-21/BatchCheckLayerAvailability)
+ [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/ecr-2015-09-21/BatchCheckLayerAvailability)
+ [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/ecr-2015-09-21/BatchCheckLayerAvailability)
+ [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/ecr-2015-09-21/BatchCheckLayerAvailability)
+ [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/ecr-2015-09-21/BatchCheckLayerAvailability)
+ [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/ecr-2015-09-21/BatchCheckLayerAvailability)
# BatchDeleteImage
Deletes a list of specified images within a repository. Images are specified with either an `imageTag` or `imageDigest`.
You can remove a tag from an image by specifying the image's tag in your request. When you remove the last tag from an image, the image is deleted from your repository.
You can completely delete an image (and all of its tags) by specifying the image's digest in your request.
## Request Syntax
```
{
"imageIds": [
{
"imageDigest": "string",
"imageTag": "string"
}
],
"registryId": "string",
"repositoryName": "string"
}
```
## Request Parameters
For information about the parameters that are common to all actions, see [Common Parameters](CommonParameters.md).
The request accepts the following data in JSON format.
** [imageIds](#API_BatchDeleteImage_RequestSyntax) **
A list of image ID references that correspond to images to delete. The format of the `imageIds` reference is `imageTag=tag` or `imageDigest=digest`.
Type: Array of [ImageIdentifier](API_ImageIdentifier.md) objects
Array Members: Minimum number of 1 item. Maximum number of 100 items.
Required: Yes
** [registryId](#API_BatchDeleteImage_RequestSyntax) **
The AWS account ID associated with the registry that contains the image to delete. If you do not specify a registry, the default registry is assumed.
Type: String
Pattern: `[0-9]{12}`
Required: No
** [repositoryName](#API_BatchDeleteImage_RequestSyntax) **
The repository that contains the image to delete.
Type: String
Length Constraints: Minimum length of 2. Maximum length of 256.
Pattern: `[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*(\/[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*)*`
Required: Yes
## Response Syntax
```
{
"failures": [
{
"failureCode": "string",
"failureReason": "string",
"imageId": {
"imageDigest": "string",
"imageTag": "string"
}
}
],
"imageIds": [
{
"imageDigest": "string",
"imageTag": "string"
}
]
}
```
## Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
** [failures](#API_BatchDeleteImage_ResponseSyntax) **
Any failures associated with the call.
Type: Array of [ImageFailure](API_ImageFailure.md) objects
** [imageIds](#API_BatchDeleteImage_ResponseSyntax) **
The image IDs of the deleted images.
Type: Array of [ImageIdentifier](API_ImageIdentifier.md) objects
Array Members: Minimum number of 1 item. Maximum number of 100 items.
## Errors
For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md).
** InvalidParameterException **
The specified parameter is invalid. Review the available parameters for the API request.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** RepositoryNotFoundException **
The specified repository could not be found. Check the spelling of the specified repository and ensure that you are performing operations on the correct registry.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** ServerException **
These errors are usually caused by a server-side issue.
** message **
The error message associated with the exception.
HTTP Status Code: 500
## Examples
In the following example or examples, the Authorization header contents (`AUTHPARAMS`) must be replaced with an AWS Signature Version 4 signature. For more information about creating these signatures, see [Signature Version 4 Signing Process](https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html) in the * AWS General Reference*.
You only need to learn how to sign HTTP requests if you intend to manually create them. When you use the [AWS Command Line Interface (AWS CLI)](http://aws.amazon.com/cli/) or one of the [AWS SDKs](http://aws.amazon.com/tools/) to make requests to AWS, these tools automatically sign the requests for you with the access key that you specify when you configure the tools. When you use these tools, you don't need to learn how to sign requests yourself.
### Example
This example deletes an image in the `ubuntu` repository with the `imageTag` value of `xenial`.
#### Sample Request
```
POST / HTTP/1.1
Host: ecr.us-west-2.amazonaws.com
Accept-Encoding: identity
Content-Length: 66
X-Amz-Target: AmazonEC2ContainerRegistry_V20150921.BatchDeleteImage
X-Amz-Date: 20161216T193711Z
User-Agent: aws-cli/1.11.22 Python/2.7.12 Darwin/16.3.0 botocore/1.4.79
Content-Type: application/x-amz-json-1.1
Authorization: AUTHPARAMS
{
"repositoryName": "ubuntu",
"imageIds": [
{
"imageTag": "xenial"
}
]
}
```
#### Sample Response
```
HTTP/1.1 200 OK
Server: Server
Date: Fri, 16 Dec 2016 19:37:11 GMT
Content-Type: application/x-amz-json-1.1
Content-Length: 138
Connection: keep-alive
x-amzn-RequestId: 09cc7023-c3c7-11e6-8acf-61b7dd8abe56
{
"failures": [],
"imageIds": [
{
"imageDigest": "sha256:7a64bc9c8843b0a8c8b8a7e4715b7615e4e1b0d8ca3c7e7a76ec8250899c397a",
"imageTag": "xenial"
}
]
}
```
### Example
This example deletes an image (and all of its tags) in the `ubuntu` repository with the `imageDigest` value of `sha256:7a64bc9c8843b0a8c8b8a7e4715b7615e4e1b0d8ca3c7e7a76ec8250899c397a`.
#### Sample Request
```
POST / HTTP/1.1
Host: ecr.us-west-2.amazonaws.com
Accept-Encoding: identity
Content-Length: 134
X-Amz-Target: AmazonEC2ContainerRegistry_V20150921.BatchDeleteImage
X-Amz-Date: 20161216T194250Z
User-Agent: aws-cli/1.11.22 Python/2.7.12 Darwin/16.3.0 botocore/1.4.79
Content-Type: application/x-amz-json-1.1
Authorization: AUTHPARAMS
{
"repositoryName": "ubuntu",
"imageIds": [
{
"imageDigest": "sha256:7a64bc9c8843b0a8c8b8a7e4715b7615e4e1b0d8ca3c7e7a76ec8250899c397a"
}
]
}
```
#### Sample Response
```
HTTP/1.1 200 OK
Server: Server
Date: Fri, 16 Dec 2016 19:42:50 GMT
Content-Type: application/x-amz-json-1.1
Content-Length: 248
Connection: keep-alive
x-amzn-RequestId: d441a9f6-c3c7-11e6-8acf-61b7dd8abe56
{
"failures": [],
"imageIds": [
{
"imageDigest": "sha256:7a64bc9c8843b0a8c8b8a7e4715b7615e4e1b0d8ca3c7e7a76ec8250899c397a",
"imageTag": "xenial"
},
{
"imageDigest": "sha256:7a64bc9c8843b0a8c8b8a7e4715b7615e4e1b0d8ca3c7e7a76ec8250899c397a",
"imageTag": "latest"
}
]
}
```
## See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
+ [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/ecr-2015-09-21/BatchDeleteImage)
+ [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/ecr-2015-09-21/BatchDeleteImage)
+ [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/ecr-2015-09-21/BatchDeleteImage)
+ [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/ecr-2015-09-21/BatchDeleteImage)
+ [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/ecr-2015-09-21/BatchDeleteImage)
+ [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/ecr-2015-09-21/BatchDeleteImage)
+ [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/ecr-2015-09-21/BatchDeleteImage)
+ [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/ecr-2015-09-21/BatchDeleteImage)
+ [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/ecr-2015-09-21/BatchDeleteImage)
+ [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/ecr-2015-09-21/BatchDeleteImage)
# BatchGetImage
Gets detailed information for an image. Images are specified with either an `imageTag` or `imageDigest`.
When an image is pulled, the BatchGetImage API is called once to retrieve the image manifest.
## Request Syntax
```
{
"acceptedMediaTypes": [ "string" ],
"imageIds": [
{
"imageDigest": "string",
"imageTag": "string"
}
],
"registryId": "string",
"repositoryName": "string"
}
```
## Request Parameters
For information about the parameters that are common to all actions, see [Common Parameters](CommonParameters.md).
The request accepts the following data in JSON format.
** [acceptedMediaTypes](#API_BatchGetImage_RequestSyntax) **
The accepted media types for the request.
Valid values: `application/vnd.docker.distribution.manifest.v1+json` \$1 `application/vnd.docker.distribution.manifest.v2+json` \$1 `application/vnd.oci.image.manifest.v1+json`
Type: Array of strings
Array Members: Minimum number of 1 item. Maximum number of 100 items.
Required: No
** [imageIds](#API_BatchGetImage_RequestSyntax) **
A list of image ID references that correspond to images to describe. The format of the `imageIds` reference is `imageTag=tag` or `imageDigest=digest`.
Type: Array of [ImageIdentifier](API_ImageIdentifier.md) objects
Array Members: Minimum number of 1 item. Maximum number of 100 items.
Required: Yes
** [registryId](#API_BatchGetImage_RequestSyntax) **
The AWS account ID associated with the registry that contains the images to describe. If you do not specify a registry, the default registry is assumed.
Type: String
Pattern: `[0-9]{12}`
Required: No
** [repositoryName](#API_BatchGetImage_RequestSyntax) **
The repository that contains the images to describe.
Type: String
Length Constraints: Minimum length of 2. Maximum length of 256.
Pattern: `[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*(\/[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*)*`
Required: Yes
## Response Syntax
```
{
"failures": [
{
"failureCode": "string",
"failureReason": "string",
"imageId": {
"imageDigest": "string",
"imageTag": "string"
}
}
],
"images": [
{
"imageId": {
"imageDigest": "string",
"imageTag": "string"
},
"imageManifest": "string",
"imageManifestMediaType": "string",
"registryId": "string",
"repositoryName": "string"
}
]
}
```
## Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
** [failures](#API_BatchGetImage_ResponseSyntax) **
Any failures associated with the call.
Type: Array of [ImageFailure](API_ImageFailure.md) objects
** [images](#API_BatchGetImage_ResponseSyntax) **
A list of image objects corresponding to the image references in the request.
Type: Array of [Image](API_Image.md) objects
## Errors
For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md).
** InvalidParameterException **
The specified parameter is invalid. Review the available parameters for the API request.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** LimitExceededException **
The operation did not succeed because it would have exceeded a service limit for your account. For more information, see [Amazon ECR service quotas](https://docs.aws.amazon.com/AmazonECR/latest/userguide/service-quotas.html) in the Amazon Elastic Container Registry User Guide.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** RepositoryNotFoundException **
The specified repository could not be found. Check the spelling of the specified repository and ensure that you are performing operations on the correct registry.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** ServerException **
These errors are usually caused by a server-side issue.
** message **
The error message associated with the exception.
HTTP Status Code: 500
** UnableToGetUpstreamImageException **
The image or images were unable to be pulled using the pull through cache rule. This is usually caused because of an issue with the Secrets Manager secret containing the credentials for the upstream registry.
HTTP Status Code: 400
## Examples
In the following example or examples, the Authorization header contents (`AUTHPARAMS`) must be replaced with an AWS Signature Version 4 signature. For more information about creating these signatures, see [Signature Version 4 Signing Process](https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html) in the * AWS General Reference*.
You only need to learn how to sign HTTP requests if you intend to manually create them. When you use the [AWS Command Line Interface (AWS CLI)](http://aws.amazon.com/cli/) or one of the [AWS SDKs](http://aws.amazon.com/tools/) to make requests to AWS, these tools automatically sign the requests for you with the access key that you specify when you configure the tools. When you use these tools, you don't need to learn how to sign requests yourself.
### Example
This example describes an image in the `amazonlinux` repository with the `imageTag` value of `latest`.
#### Sample Request
```
POST / HTTP/1.1
Host: ecr.us-west-2.amazonaws.com
Accept-Encoding: identity
Content-Length: 71
X-Amz-Target: AmazonEC2ContainerRegistry_V20150921.BatchGetImage
X-Amz-Date: 20161216T195356Z
User-Agent: aws-cli/1.11.22 Python/2.7.12 Darwin/16.3.0 botocore/1.4.79
Content-Type: application/x-amz-json-1.1
Authorization: AUTHPARAMS
{
"repositoryName": "amazonlinux",
"imageIds": [
{
"imageTag": "latest"
}
]
}
```
#### Sample Response
```
HTTP/1.1 200 OK
Server: Server
Date: Fri, 16 Dec 2016 19:53:56 GMT
Content-Type: application/x-amz-json-1.1
Content-Length: 800
Connection: keep-alive
x-amzn-RequestId: 60dc1ea1-c3c9-11e6-aa04-25c3a5fb1b54
{
"failures": [],
"images": [
{
"imageId": {
"imageDigest": "sha256:f1d4ae3f7261a72e98c6ebefe9985cf10a0ea5bd762585a43e0700ed99863807",
"imageTag": "latest"
},
"imageManifest": "{\n \"schemaVersion\": 2,\n \"mediaType\": \"application/vnd.docker.distribution.manifest.v2+json\",\n \"config\": {\n \"mediaType\": \"application/vnd.docker.container.image.v1+json\",\n \"size\": 1486,\n \"digest\": \"sha256:5b52b314511a611975c2c65e695d920acdf8ae8848fe0ef00b7d018d1f118b64\"\n },\n \"layers\": [\n {\n \"mediaType\": \"application/vnd.docker.image.rootfs.diff.tar.gzip\",\n \"size\": 91768077,\n \"digest\": \"sha256:8e3fa21c4cc40232e835a6761332d225c7af3235c5755f44ada2ed9d0e4ab7e8\"\n }\n ]\n}",
"registryId": "012345678910",
"repositoryName": "amazonlinux"
}
]
}
```
## See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
+ [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/ecr-2015-09-21/BatchGetImage)
+ [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/ecr-2015-09-21/BatchGetImage)
+ [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/ecr-2015-09-21/BatchGetImage)
+ [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/ecr-2015-09-21/BatchGetImage)
+ [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/ecr-2015-09-21/BatchGetImage)
+ [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/ecr-2015-09-21/BatchGetImage)
+ [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/ecr-2015-09-21/BatchGetImage)
+ [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/ecr-2015-09-21/BatchGetImage)
+ [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/ecr-2015-09-21/BatchGetImage)
+ [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/ecr-2015-09-21/BatchGetImage)
# BatchGetRepositoryScanningConfiguration
Gets the scanning configuration for one or more repositories.
## Request Syntax
```
{
"repositoryNames": [ "string" ]
}
```
## Request Parameters
For information about the parameters that are common to all actions, see [Common Parameters](CommonParameters.md).
The request accepts the following data in JSON format.
** [repositoryNames](#API_BatchGetRepositoryScanningConfiguration_RequestSyntax) **
One or more repository names to get the scanning configuration for.
Type: Array of strings
Array Members: Minimum number of 1 item. Maximum number of 25 items.
Length Constraints: Minimum length of 2. Maximum length of 256.
Pattern: `[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*(\/[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*)*`
Required: Yes
## Response Syntax
```
{
"failures": [
{
"failureCode": "string",
"failureReason": "string",
"repositoryName": "string"
}
],
"scanningConfigurations": [
{
"appliedScanFilters": [
{
"filter": "string",
"filterType": "string"
}
],
"repositoryArn": "string",
"repositoryName": "string",
"scanFrequency": "string",
"scanOnPush": boolean
}
]
}
```
## Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
** [failures](#API_BatchGetRepositoryScanningConfiguration_ResponseSyntax) **
Any failures associated with the call.
Type: Array of [RepositoryScanningConfigurationFailure](API_RepositoryScanningConfigurationFailure.md) objects
** [scanningConfigurations](#API_BatchGetRepositoryScanningConfiguration_ResponseSyntax) **
The scanning configuration for the requested repositories.
Type: Array of [RepositoryScanningConfiguration](API_RepositoryScanningConfiguration.md) objects
## Errors
For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md).
** InvalidParameterException **
The specified parameter is invalid. Review the available parameters for the API request.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** RepositoryNotFoundException **
The specified repository could not be found. Check the spelling of the specified repository and ensure that you are performing operations on the correct registry.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** ServerException **
These errors are usually caused by a server-side issue.
** message **
The error message associated with the exception.
HTTP Status Code: 500
** ValidationException **
There was an exception validating this request.
HTTP Status Code: 400
## See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
+ [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/ecr-2015-09-21/BatchGetRepositoryScanningConfiguration)
+ [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/ecr-2015-09-21/BatchGetRepositoryScanningConfiguration)
+ [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/ecr-2015-09-21/BatchGetRepositoryScanningConfiguration)
+ [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/ecr-2015-09-21/BatchGetRepositoryScanningConfiguration)
+ [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/ecr-2015-09-21/BatchGetRepositoryScanningConfiguration)
+ [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/ecr-2015-09-21/BatchGetRepositoryScanningConfiguration)
+ [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/ecr-2015-09-21/BatchGetRepositoryScanningConfiguration)
+ [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/ecr-2015-09-21/BatchGetRepositoryScanningConfiguration)
+ [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/ecr-2015-09-21/BatchGetRepositoryScanningConfiguration)
+ [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/ecr-2015-09-21/BatchGetRepositoryScanningConfiguration)
# CompleteLayerUpload
Informs Amazon ECR that the image layer upload has completed for a specified registry, repository name, and upload ID. You can optionally provide a `sha256` digest of the image layer for data validation purposes.
When an image is pushed, the CompleteLayerUpload API is called once per each new image layer to verify that the upload has completed.
**Note**
This operation is used by the Amazon ECR proxy and is not generally used by customers for pulling and pushing images. In most cases, you should use the `docker` CLI to pull, tag, and push images.
## Request Syntax
```
{
"layerDigests": [ "string" ],
"registryId": "string",
"repositoryName": "string",
"uploadId": "string"
}
```
## Request Parameters
For information about the parameters that are common to all actions, see [Common Parameters](CommonParameters.md).
The request accepts the following data in JSON format.
** [layerDigests](#API_CompleteLayerUpload_RequestSyntax) **
The `sha256` digest of the image layer.
Type: Array of strings
Array Members: Minimum number of 1 item. Maximum number of 100 items.
Pattern: `[a-zA-Z0-9-_+.]+:[a-fA-F0-9]+`
Required: Yes
** [registryId](#API_CompleteLayerUpload_RequestSyntax) **
The AWS account ID associated with the registry to which to upload layers. If you do not specify a registry, the default registry is assumed.
Type: String
Pattern: `[0-9]{12}`
Required: No
** [repositoryName](#API_CompleteLayerUpload_RequestSyntax) **
The name of the repository to associate with the image layer.
Type: String
Length Constraints: Minimum length of 2. Maximum length of 256.
Pattern: `[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*(\/[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*)*`
Required: Yes
** [uploadId](#API_CompleteLayerUpload_RequestSyntax) **
The upload ID from a previous [InitiateLayerUpload](API_InitiateLayerUpload.md) operation to associate with the image layer.
Type: String
Pattern: `[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}`
Required: Yes
## Response Syntax
```
{
"layerDigest": "string",
"registryId": "string",
"repositoryName": "string",
"uploadId": "string"
}
```
## Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
** [layerDigest](#API_CompleteLayerUpload_ResponseSyntax) **
The `sha256` digest of the image layer.
Type: String
Pattern: `[a-zA-Z0-9-_+.]+:[a-fA-F0-9]+`
** [registryId](#API_CompleteLayerUpload_ResponseSyntax) **
The registry ID associated with the request.
Type: String
Pattern: `[0-9]{12}`
** [repositoryName](#API_CompleteLayerUpload_ResponseSyntax) **
The repository name associated with the request.
Type: String
Length Constraints: Minimum length of 2. Maximum length of 256.
Pattern: `[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*(\/[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*)*`
** [uploadId](#API_CompleteLayerUpload_ResponseSyntax) **
The upload ID associated with the layer.
Type: String
Pattern: `[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}`
## Errors
For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md).
** EmptyUploadException **
The specified layer upload does not contain any layer parts.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** InvalidLayerException **
The layer digest calculation performed by Amazon ECR upon receipt of the image layer does not match the digest specified.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** InvalidParameterException **
The specified parameter is invalid. Review the available parameters for the API request.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** KmsException **
The operation failed due to a KMS exception.
** kmsError **
The error code returned by AWS KMS.
HTTP Status Code: 400
** LayerAlreadyExistsException **
The image layer already exists in the associated repository.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** LayerPartTooSmallException **
Layer parts must be at least 5 MiB in size.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** RepositoryNotFoundException **
The specified repository could not be found. Check the spelling of the specified repository and ensure that you are performing operations on the correct registry.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** ServerException **
These errors are usually caused by a server-side issue.
** message **
The error message associated with the exception.
HTTP Status Code: 500
** UploadNotFoundException **
The upload could not be found, or the specified upload ID is not valid for this repository.
** message **
The error message associated with the exception.
HTTP Status Code: 400
## See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
+ [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/ecr-2015-09-21/CompleteLayerUpload)
+ [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/ecr-2015-09-21/CompleteLayerUpload)
+ [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/ecr-2015-09-21/CompleteLayerUpload)
+ [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/ecr-2015-09-21/CompleteLayerUpload)
+ [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/ecr-2015-09-21/CompleteLayerUpload)
+ [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/ecr-2015-09-21/CompleteLayerUpload)
+ [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/ecr-2015-09-21/CompleteLayerUpload)
+ [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/ecr-2015-09-21/CompleteLayerUpload)
+ [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/ecr-2015-09-21/CompleteLayerUpload)
+ [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/ecr-2015-09-21/CompleteLayerUpload)
# CreatePullThroughCacheRule
Creates a pull through cache rule. A pull through cache rule provides a way to cache images from an upstream registry source in your Amazon ECR private registry. For more information, see [Using pull through cache rules](https://docs.aws.amazon.com/AmazonECR/latest/userguide/pull-through-cache.html) in the *Amazon Elastic Container Registry User Guide*.
## Request Syntax
```
{
"credentialArn": "string",
"customRoleArn": "string",
"ecrRepositoryPrefix": "string",
"registryId": "string",
"upstreamRegistry": "string",
"upstreamRegistryUrl": "string",
"upstreamRepositoryPrefix": "string"
}
```
## Request Parameters
For information about the parameters that are common to all actions, see [Common Parameters](CommonParameters.md).
The request accepts the following data in JSON format.
** [credentialArn](#API_CreatePullThroughCacheRule_RequestSyntax) **
The Amazon Resource Name (ARN) of the AWS Secrets Manager secret that identifies the credentials to authenticate to the upstream registry.
Type: String
Length Constraints: Minimum length of 50. Maximum length of 612.
Pattern: `^arn:aws(-\w+)*:secretsmanager:[a-zA-Z0-9-:]+:secret:ecr\-pullthroughcache\/[a-zA-Z0-9\/_+=.@-]+$`
Required: No
** [customRoleArn](#API_CreatePullThroughCacheRule_RequestSyntax) **
Amazon Resource Name (ARN) of the IAM role to be assumed by Amazon ECR to authenticate to the ECR upstream registry. This role must be in the same account as the registry that you are configuring.
Type: String
Length Constraints: Maximum length of 2048.
Required: No
** [ecrRepositoryPrefix](#API_CreatePullThroughCacheRule_RequestSyntax) **
The repository name prefix to use when caching images from the source registry.
There is always an assumed `/` applied to the end of the prefix. If you specify `ecr-public` as the prefix, Amazon ECR treats that as `ecr-public/`.
Type: String
Length Constraints: Minimum length of 2. Maximum length of 30.
Pattern: `^([a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*(\/[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*)*\/?|ROOT)$`
Required: Yes
** [registryId](#API_CreatePullThroughCacheRule_RequestSyntax) **
The AWS account ID associated with the registry to create the pull through cache rule for. If you do not specify a registry, the default registry is assumed.
Type: String
Pattern: `[0-9]{12}`
Required: No
** [upstreamRegistry](#API_CreatePullThroughCacheRule_RequestSyntax) **
The name of the upstream registry.
Type: String
Valid Values: `ecr | ecr-public | quay | k8s | docker-hub | github-container-registry | azure-container-registry | gitlab-container-registry`
Required: No
** [upstreamRegistryUrl](#API_CreatePullThroughCacheRule_RequestSyntax) **
The registry URL of the upstream public registry to use as the source for the pull through cache rule. The following is the syntax to use for each supported upstream registry.
+ Amazon ECR (`ecr`) – `.dkr.ecr..amazonaws.com`
+ Amazon ECR Public (`ecr-public`) – `public.ecr.aws`
+ Docker Hub (`docker-hub`) – `registry-1.docker.io`
+ GitHub Container Registry (`github-container-registry`) – `ghcr.io`
+ GitLab Container Registry (`gitlab-container-registry`) – `registry.gitlab.com`
+ Kubernetes (`k8s`) – `registry.k8s.io`
+ Microsoft Azure Container Registry (`azure-container-registry`) – `.azurecr.io`
+ Quay (`quay`) – `quay.io`
Type: String
Required: Yes
** [upstreamRepositoryPrefix](#API_CreatePullThroughCacheRule_RequestSyntax) **
The repository name prefix of the upstream registry to match with the upstream repository name. When this field isn't specified, Amazon ECR will use the `ROOT`.
Type: String
Length Constraints: Minimum length of 2. Maximum length of 30.
Pattern: `^([a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*(\/[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*)*\/?|ROOT)$`
Required: No
## Response Syntax
```
{
"createdAt": number,
"credentialArn": "string",
"customRoleArn": "string",
"ecrRepositoryPrefix": "string",
"registryId": "string",
"upstreamRegistry": "string",
"upstreamRegistryUrl": "string",
"upstreamRepositoryPrefix": "string"
}
```
## Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
** [createdAt](#API_CreatePullThroughCacheRule_ResponseSyntax) **
The date and time, in JavaScript date format, when the pull through cache rule was created.
Type: Timestamp
** [credentialArn](#API_CreatePullThroughCacheRule_ResponseSyntax) **
The Amazon Resource Name (ARN) of the AWS Secrets Manager secret associated with the pull through cache rule.
Type: String
Length Constraints: Minimum length of 50. Maximum length of 612.
Pattern: `^arn:aws(-\w+)*:secretsmanager:[a-zA-Z0-9-:]+:secret:ecr\-pullthroughcache\/[a-zA-Z0-9\/_+=.@-]+$`
** [customRoleArn](#API_CreatePullThroughCacheRule_ResponseSyntax) **
The ARN of the IAM role associated with the pull through cache rule.
Type: String
Length Constraints: Maximum length of 2048.
** [ecrRepositoryPrefix](#API_CreatePullThroughCacheRule_ResponseSyntax) **
The Amazon ECR repository prefix associated with the pull through cache rule.
Type: String
Length Constraints: Minimum length of 2. Maximum length of 30.
Pattern: `^([a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*(\/[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*)*\/?|ROOT)$`
** [registryId](#API_CreatePullThroughCacheRule_ResponseSyntax) **
The registry ID associated with the request.
Type: String
Pattern: `[0-9]{12}`
** [upstreamRegistry](#API_CreatePullThroughCacheRule_ResponseSyntax) **
The name of the upstream registry associated with the pull through cache rule.
Type: String
Valid Values: `ecr | ecr-public | quay | k8s | docker-hub | github-container-registry | azure-container-registry | gitlab-container-registry`
** [upstreamRegistryUrl](#API_CreatePullThroughCacheRule_ResponseSyntax) **
The upstream registry URL associated with the pull through cache rule.
Type: String
** [upstreamRepositoryPrefix](#API_CreatePullThroughCacheRule_ResponseSyntax) **
The upstream repository prefix associated with the pull through cache rule.
Type: String
Length Constraints: Minimum length of 2. Maximum length of 30.
Pattern: `^([a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*(\/[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*)*\/?|ROOT)$`
## Errors
For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md).
** InvalidParameterException **
The specified parameter is invalid. Review the available parameters for the API request.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** LimitExceededException **
The operation did not succeed because it would have exceeded a service limit for your account. For more information, see [Amazon ECR service quotas](https://docs.aws.amazon.com/AmazonECR/latest/userguide/service-quotas.html) in the Amazon Elastic Container Registry User Guide.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** PullThroughCacheRuleAlreadyExistsException **
A pull through cache rule with these settings already exists for the private registry.
HTTP Status Code: 400
** SecretNotFoundException **
The ARN of the secret specified in the pull through cache rule was not found. Update the pull through cache rule with a valid secret ARN and try again.
HTTP Status Code: 400
** ServerException **
These errors are usually caused by a server-side issue.
** message **
The error message associated with the exception.
HTTP Status Code: 500
** UnableToAccessSecretException **
The secret is unable to be accessed. Verify the resource permissions for the secret and try again.
HTTP Status Code: 400
** UnableToDecryptSecretValueException **
The secret is accessible but is unable to be decrypted. Verify the resource permisisons and try again.
HTTP Status Code: 400
** UnsupportedUpstreamRegistryException **
The specified upstream registry isn't supported.
HTTP Status Code: 400
** ValidationException **
There was an exception validating this request.
HTTP Status Code: 400
## Examples
In the following example or examples, the Authorization header contents (`AUTHPARAMS`) must be replaced with an AWS Signature Version 4 signature. For more information about creating these signatures, see [Signature Version 4 Signing Process](https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html) in the * AWS General Reference*.
You only need to learn how to sign HTTP requests if you intend to manually create them. When you use the [AWS Command Line Interface (AWS CLI)](http://aws.amazon.com/cli/) or one of the [AWS SDKs](http://aws.amazon.com/tools/) to make requests to AWS, these tools automatically sign the requests for you with the access key that you specify when you configure the tools. When you use these tools, you don't need to learn how to sign requests yourself.
### Example
This example creates a pull through cache rule for Docker Hub in the default registry for an account.
#### Sample Request
```
POST / HTTP/1.1
Host: api.ecr.us-west-2.amazonaws.com
Accept-Encoding: identity
X-Amz-Target: AmazonEC2ContainerRegistry_V20150921.CreatePullThroughCacheRule
Content-Type: application/x-amz-json-1.1
User-Agent: aws-cli/2.13.22 Python/3.11.5 Darwin/16.7.0 botocore/1.12.180
X-Amz-Date: 20231003T155747Z
Authorization: AUTHPARAMS
Content-Length: 268
{
"ecrRepositoryPrefix":"docker_hub",
"upstreamRegistryUrl":"registry-1.docker.io",
"credentialArn":"arn:aws:secretsmanager:us-west-2:012345678910:secret:ECRPTCDockerHub-EXAMPLE"
}
```
#### Sample Response
```
HTTP/1.1 200 OK
x-amzn-RequestId: 123a4b56-7c89-01d2-3ef4-example5678f
Content-Type: application/x-amz-json-1.1
Content-Length: 180
Connection: keep-alive
{
"ecrRepositoryPrefix": "docker_hub",
"upstreamRegistryUrl": "registry-1.docker.io",
"createdAt": "2023-10-03T15:57:48.411000+00:00",
"registryId": "012345678910",
"upstreamRegistry": "docker-hub",
"credentialArn": "arn:aws:secretsmanager:us-west-2:012345678910:secret:ECRPTCDockerHub-EXAMPLE"
}
```
## See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
+ [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/ecr-2015-09-21/CreatePullThroughCacheRule)
+ [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/ecr-2015-09-21/CreatePullThroughCacheRule)
+ [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/ecr-2015-09-21/CreatePullThroughCacheRule)
+ [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/ecr-2015-09-21/CreatePullThroughCacheRule)
+ [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/ecr-2015-09-21/CreatePullThroughCacheRule)
+ [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/ecr-2015-09-21/CreatePullThroughCacheRule)
+ [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/ecr-2015-09-21/CreatePullThroughCacheRule)
+ [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/ecr-2015-09-21/CreatePullThroughCacheRule)
+ [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/ecr-2015-09-21/CreatePullThroughCacheRule)
+ [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/ecr-2015-09-21/CreatePullThroughCacheRule)
# CreateRepository
Creates a repository. For more information, see [Amazon ECR repositories](https://docs.aws.amazon.com/AmazonECR/latest/userguide/Repositories.html) in the *Amazon Elastic Container Registry User Guide*.
## Request Syntax
```
{
"encryptionConfiguration": {
"encryptionType": "string",
"kmsKey": "string"
},
"imageScanningConfiguration": {
"scanOnPush": boolean
},
"imageTagMutability": "string",
"imageTagMutabilityExclusionFilters": [
{
"filter": "string",
"filterType": "string"
}
],
"registryId": "string",
"repositoryName": "string",
"tags": [
{
"Key": "string",
"Value": "string"
}
]
}
```
## Request Parameters
For information about the parameters that are common to all actions, see [Common Parameters](CommonParameters.md).
The request accepts the following data in JSON format.
** [encryptionConfiguration](#API_CreateRepository_RequestSyntax) **
The encryption configuration for the repository. This determines how the contents of your repository are encrypted at rest.
Type: [EncryptionConfiguration](API_EncryptionConfiguration.md) object
Required: No
** [imageScanningConfiguration](#API_CreateRepository_RequestSyntax) **
The `imageScanningConfiguration` parameter is being deprecated, in favor of specifying the image scanning configuration at the registry level. For more information, see `PutRegistryScanningConfiguration`.
The image scanning configuration for the repository. This determines whether images are scanned for known vulnerabilities after being pushed to the repository.
Type: [ImageScanningConfiguration](API_ImageScanningConfiguration.md) object
Required: No
** [imageTagMutability](#API_CreateRepository_RequestSyntax) **
The tag mutability setting for the repository. If this parameter is omitted, the default setting of `MUTABLE` will be used which will allow image tags to be overwritten. If `IMMUTABLE` is specified, all image tags within the repository will be immutable which will prevent them from being overwritten.
Type: String
Valid Values: `MUTABLE | IMMUTABLE | IMMUTABLE_WITH_EXCLUSION | MUTABLE_WITH_EXCLUSION`
Required: No
** [imageTagMutabilityExclusionFilters](#API_CreateRepository_RequestSyntax) **
A list of filters that specify which image tags should be excluded from the repository's image tag mutability setting.
Type: Array of [ImageTagMutabilityExclusionFilter](API_ImageTagMutabilityExclusionFilter.md) objects
Array Members: Minimum number of 1 item. Maximum number of 5 items.
Required: No
** [registryId](#API_CreateRepository_RequestSyntax) **
The AWS account ID associated with the registry to create the repository. If you do not specify a registry, the default registry is assumed.
Type: String
Pattern: `[0-9]{12}`
Required: No
** [repositoryName](#API_CreateRepository_RequestSyntax) **
The name to use for the repository. The repository name may be specified on its own (such as `nginx-web-app`) or it can be prepended with a namespace to group the repository into a category (such as `project-a/nginx-web-app`).
The repository name must start with a letter and can only contain lowercase letters, numbers, hyphens, underscores, and forward slashes.
Type: String
Length Constraints: Minimum length of 2. Maximum length of 256.
Pattern: `[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*(\/[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*)*`
Required: Yes
** [tags](#API_CreateRepository_RequestSyntax) **
The metadata that you apply to the repository to help you categorize and organize them. Each tag consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.
Type: Array of [Tag](API_Tag.md) objects
Required: No
## Response Syntax
```
{
"repository": {
"createdAt": number,
"encryptionConfiguration": {
"encryptionType": "string",
"kmsKey": "string"
},
"imageScanningConfiguration": {
"scanOnPush": boolean
},
"imageTagMutability": "string",
"imageTagMutabilityExclusionFilters": [
{
"filter": "string",
"filterType": "string"
}
],
"registryId": "string",
"repositoryArn": "string",
"repositoryName": "string",
"repositoryUri": "string"
}
}
```
## Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
** [repository](#API_CreateRepository_ResponseSyntax) **
The repository that was created.
Type: [Repository](API_Repository.md) object
## Errors
For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md).
** InvalidParameterException **
The specified parameter is invalid. Review the available parameters for the API request.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** InvalidTagParameterException **
An invalid parameter has been specified. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.
HTTP Status Code: 400
** KmsException **
The operation failed due to a KMS exception.
** kmsError **
The error code returned by AWS KMS.
HTTP Status Code: 400
** LimitExceededException **
The operation did not succeed because it would have exceeded a service limit for your account. For more information, see [Amazon ECR service quotas](https://docs.aws.amazon.com/AmazonECR/latest/userguide/service-quotas.html) in the Amazon Elastic Container Registry User Guide.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** RepositoryAlreadyExistsException **
The specified repository already exists in the specified registry.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** ServerException **
These errors are usually caused by a server-side issue.
** message **
The error message associated with the exception.
HTTP Status Code: 500
** TooManyTagsException **
The list of tags on the repository is over the limit. The maximum number of tags that can be applied to a repository is 50.
HTTP Status Code: 400
## Examples
In the following example or examples, the Authorization header contents (`AUTHPARAMS`) must be replaced with an AWS Signature Version 4 signature. For more information about creating these signatures, see [Signature Version 4 Signing Process](https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html) in the * AWS General Reference*.
You only need to learn how to sign HTTP requests if you intend to manually create them. When you use the [AWS Command Line Interface (AWS CLI)](http://aws.amazon.com/cli/) or one of the [AWS SDKs](http://aws.amazon.com/tools/) to make requests to AWS, these tools automatically sign the requests for you with the access key that you specify when you configure the tools. When you use these tools, you don't need to learn how to sign requests yourself.
### Example
This example creates a repository called `sample-repo` in the default registry for an account.
#### Sample Request
```
POST / HTTP/1.1
Host: api.ecr.us-west-2.amazonaws.com
Accept-Encoding: identity
X-Amz-Target: AmazonEC2ContainerRegistry_V20150921.CreateRepository
Content-Type: application/x-amz-json-1.1
User-Agent: aws-cli/1.16.190 Python/3.6.1 Darwin/16.7.0 botocore/1.12.180
X-Amz-Date: 20190715T204735Z
Authorization: AUTHPARAMS
Content-Length: 33
{
"repositoryName": "sample-repo"
}
```
#### Sample Response
```
HTTP/1.1 200 OK
x-amzn-RequestId: 123a4b56-7c89-01d2-3ef4-example5678f
Content-Type: application/x-amz-json-1.1
Content-Length: 339
Connection: keep-alive
{
"repository":{
"repositoryArn":"arn:aws:ecr:us-west-2:012345678910:repository/sample-repo",
"registryId":"012345678910",
"repositoryName":"sample-repo",
"repositoryUri":"012345678910.dkr.ecr.us-west-2.amazonaws.com/sample-repo",
"createdAt":1.563223656E9,
"imageTagMutability":"MUTABLE",
"imageScanningConfiguration": {
"scanOnPush": false
}
}
}
```
## See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
+ [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/ecr-2015-09-21/CreateRepository)
+ [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/ecr-2015-09-21/CreateRepository)
+ [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/ecr-2015-09-21/CreateRepository)
+ [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/ecr-2015-09-21/CreateRepository)
+ [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/ecr-2015-09-21/CreateRepository)
+ [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/ecr-2015-09-21/CreateRepository)
+ [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/ecr-2015-09-21/CreateRepository)
+ [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/ecr-2015-09-21/CreateRepository)
+ [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/ecr-2015-09-21/CreateRepository)
+ [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/ecr-2015-09-21/CreateRepository)
# CreateRepositoryCreationTemplate
Creates a repository creation template. This template is used to define the settings for repositories created by Amazon ECR on your behalf. For example, repositories created through pull through cache actions. For more information, see [Private repository creation templates](https://docs.aws.amazon.com/AmazonECR/latest/userguide/repository-creation-templates.html) in the *Amazon Elastic Container Registry User Guide*.
## Request Syntax
```
{
"appliedFor": [ "string" ],
"customRoleArn": "string",
"description": "string",
"encryptionConfiguration": {
"encryptionType": "string",
"kmsKey": "string"
},
"imageTagMutability": "string",
"imageTagMutabilityExclusionFilters": [
{
"filter": "string",
"filterType": "string"
}
],
"lifecyclePolicy": "string",
"prefix": "string",
"repositoryPolicy": "string",
"resourceTags": [
{
"Key": "string",
"Value": "string"
}
]
}
```
## Request Parameters
For information about the parameters that are common to all actions, see [Common Parameters](CommonParameters.md).
The request accepts the following data in JSON format.
** [appliedFor](#API_CreateRepositoryCreationTemplate_RequestSyntax) **
A list of enumerable strings representing the Amazon ECR repository creation scenarios that this template will apply towards. The supported scenarios are `PULL_THROUGH_CACHE`, `REPLICATION`, and `CREATE_ON_PUSH`
Type: Array of strings
Valid Values: `REPLICATION | PULL_THROUGH_CACHE | CREATE_ON_PUSH`
Required: Yes
** [customRoleArn](#API_CreateRepositoryCreationTemplate_RequestSyntax) **
The ARN of the role to be assumed by Amazon ECR. This role must be in the same account as the registry that you are configuring. Amazon ECR will assume your supplied role when the customRoleArn is specified. When this field isn't specified, Amazon ECR will use the service-linked role for the repository creation template.
Type: String
Length Constraints: Maximum length of 2048.
Required: No
** [description](#API_CreateRepositoryCreationTemplate_RequestSyntax) **
A description for the repository creation template.
Type: String
Length Constraints: Maximum length of 256.
Required: No
** [encryptionConfiguration](#API_CreateRepositoryCreationTemplate_RequestSyntax) **
The encryption configuration to use for repositories created using the template.
Type: [EncryptionConfigurationForRepositoryCreationTemplate](API_EncryptionConfigurationForRepositoryCreationTemplate.md) object
Required: No
** [imageTagMutability](#API_CreateRepositoryCreationTemplate_RequestSyntax) **
The tag mutability setting for the repository. If this parameter is omitted, the default setting of `MUTABLE` will be used which will allow image tags to be overwritten. If `IMMUTABLE` is specified, all image tags within the repository will be immutable which will prevent them from being overwritten.
Type: String
Valid Values: `MUTABLE | IMMUTABLE | IMMUTABLE_WITH_EXCLUSION | MUTABLE_WITH_EXCLUSION`
Required: No
** [imageTagMutabilityExclusionFilters](#API_CreateRepositoryCreationTemplate_RequestSyntax) **
A list of filters that specify which image tags should be excluded from the repository creation template's image tag mutability setting.
Type: Array of [ImageTagMutabilityExclusionFilter](API_ImageTagMutabilityExclusionFilter.md) objects
Array Members: Minimum number of 1 item. Maximum number of 5 items.
Required: No
** [lifecyclePolicy](#API_CreateRepositoryCreationTemplate_RequestSyntax) **
The lifecycle policy to use for repositories created using the template.
Type: String
Length Constraints: Minimum length of 0. Maximum length of 30720.
Required: No
** [prefix](#API_CreateRepositoryCreationTemplate_RequestSyntax) **
The repository namespace prefix to associate with the template. All repositories created using this namespace prefix will have the settings defined in this template applied. For example, a prefix of `prod` would apply to all repositories beginning with `prod/`. Similarly, a prefix of `prod/team` would apply to all repositories beginning with `prod/team/`.
To apply a template to all repositories in your registry that don't have an associated creation template, you can use `ROOT` as the prefix.
There is always an assumed `/` applied to the end of the prefix. If you specify `ecr-public` as the prefix, Amazon ECR treats that as `ecr-public/`. When using a pull through cache rule, the repository prefix you specify during rule creation is what you should specify as your repository creation template prefix as well.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 256.
Pattern: `^([a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*(\/[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*)*\/?|ROOT)$`
Required: Yes
** [repositoryPolicy](#API_CreateRepositoryCreationTemplate_RequestSyntax) **
The repository policy to apply to repositories created using the template. A repository policy is a permissions policy associated with a repository to control access permissions.
Type: String
Length Constraints: Minimum length of 0. Maximum length of 10240.
Required: No
** [resourceTags](#API_CreateRepositoryCreationTemplate_RequestSyntax) **
The metadata to apply to the repository to help you categorize and organize. Each tag consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.
Type: Array of [Tag](API_Tag.md) objects
Required: No
## Response Syntax
```
{
"registryId": "string",
"repositoryCreationTemplate": {
"appliedFor": [ "string" ],
"createdAt": number,
"customRoleArn": "string",
"description": "string",
"encryptionConfiguration": {
"encryptionType": "string",
"kmsKey": "string"
},
"imageTagMutability": "string",
"imageTagMutabilityExclusionFilters": [
{
"filter": "string",
"filterType": "string"
}
],
"lifecyclePolicy": "string",
"prefix": "string",
"repositoryPolicy": "string",
"resourceTags": [
{
"Key": "string",
"Value": "string"
}
],
"updatedAt": number
}
}
```
## Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
** [registryId](#API_CreateRepositoryCreationTemplate_ResponseSyntax) **
The registry ID associated with the request.
Type: String
Pattern: `[0-9]{12}`
** [repositoryCreationTemplate](#API_CreateRepositoryCreationTemplate_ResponseSyntax) **
The details of the repository creation template associated with the request.
Type: [RepositoryCreationTemplate](API_RepositoryCreationTemplate.md) object
## Errors
For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md).
** InvalidParameterException **
The specified parameter is invalid. Review the available parameters for the API request.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** LimitExceededException **
The operation did not succeed because it would have exceeded a service limit for your account. For more information, see [Amazon ECR service quotas](https://docs.aws.amazon.com/AmazonECR/latest/userguide/service-quotas.html) in the Amazon Elastic Container Registry User Guide.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** ServerException **
These errors are usually caused by a server-side issue.
** message **
The error message associated with the exception.
HTTP Status Code: 500
** TemplateAlreadyExistsException **
The repository creation template already exists. Specify a unique prefix and try again.
HTTP Status Code: 400
** ValidationException **
There was an exception validating this request.
HTTP Status Code: 400
## Examples
In the following example or examples, the Authorization header contents (`AUTHPARAMS`) must be replaced with an AWS Signature Version 4 signature. For more information about creating these signatures, see [Signature Version 4 Signing Process](https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html) in the * AWS General Reference*.
You only need to learn how to sign HTTP requests if you intend to manually create them. When you use the [AWS Command Line Interface (AWS CLI)](http://aws.amazon.com/cli/) or one of the [AWS SDKs](http://aws.amazon.com/tools/) to make requests to AWS, these tools automatically sign the requests for you with the access key that you specify when you configure the tools. When you use these tools, you don't need to learn how to sign requests yourself.
### Example
This example creates a repository creation template in the default registry for an account.
#### Sample Request
```
POST / HTTP/1.1
Host: ecr.us-west-2.amazonaws.com
Accept-Encoding: identity
Content-Length: 1134
X-Amz-Target: AmazonEC2ContainerRegistry_V20150921.CreateRepositoryCreationTemplate
X-Amz-Date: 20231216T195356Z
User-Agent: aws-cli/1.11.22 Python/2.7.12 Darwin/16.3.0 botocore/1.4.79
Content-Type: application/x-amz-json-1.1
Authorization: AUTHPARAMS
{
"prefix": "eng/test",
"description": "Repos for testing images",
"encryptionConfiguration":
{"encryptionType": "AES256"},
"resourceTags":
[
{"Key": "environment",
"Value": "test"}
],
"imageTagMutability": "MUTABLE",
"repositoryPolicy": "{\r\n \"Version\": \"2012-10-17\",\r\n \"Statement\": [\r\n {\r\n \"Sid\": \"LambdaECRPullPolicy\",\r\n \"Effect\": \"Allow\",\r\n \"Principal\": {\r\n \"Service\": \"lambda.amazonaws.com\"\r\n },\r\n \"Action\": \"ecr:BatchGetImage\"\r\n }\r\n ]\r\n}",
"lifecyclePolicy": "{\r\n \"rules\": [\r\n {\r\n \"rulePriority\": 1,\r\n \"description\": \"Expire images older than 14 days\",\r\n \"selection\": {\r\n \"tagStatus\": \"untagged\",\r\n \"countType\": \"sinceImagePushed\",\r\n \"countUnit\": \"days\",\r\n \"countNumber\": 14\r\n },\r\n \"action\": {\r\n \"type\": \"expire\"\r\n }\r\n }\r\n ]\r\n}",
"appliedFor":
["REPLICATION", "PULL_THROUGH_CACHE", "CREATE_ON_PUSH"]
}
```
#### Sample Response
```
HTTP/1.1 200 OK
Server: Server
Date: Sat, 16 Dec 2023 19:53:56 GMT
Content-Type: application/x-amz-json-1.1
Content-Length: 963
Connection: keep-alive
x-amzn-RequestId: 60dc1ea1-c3c9-11e6-aa04-25c3a5fb1b54
{
"registryId": "012345678901",
"repositoryCreationTemplate":
{
"appliedFor":
["REPLICATION", "PULL_THROUGH_CACHE", "CREATE_ON_PUSH"],
"description": "Repos for testing images",
"encryptionConfiguration":
{
"encryptionType": "AES256"
},
"imageTagMutability": "MUTABLE",
"lifecyclePolicy": "{\r\n \"rules\": [\r\n {\r\n \"rulePriority\": 1,\r\n \"description\": \"Expire images older than 14 days\",\r\n \"selection\": {\r\n \"tagStatus\": \"untagged\",\r\n \"countType\": \"sinceImagePushed\",\r\n \"countUnit\": \"days\",\r\n \"countNumber\": 14\r\n },\r\n \"action\": {\r\n \"type\": \"expire\"\r\n }\r\n }\r\n ]\r\n}",
"prefix": "eng/test",
"repositoryPolicy": "{\n \"Version\" : \"2012-10-17\",\n \"Statement\" : [ {\n \"Sid\" : \"LambdaECRPullPolicy\",\n \"Effect\" : \"Allow\",\n \"Principal\" : {\n \"Service\" : \"lambda.amazonaws.com\"\n },\n \"Action\" : \"ecr:BatchGetImage\"\n } ]\n}",
"resourceTags":
[
{"Key": "environment",
"Value": "test"}
],
"createdAt": "2023-12-16T17:29:02-07:00",
"updatedAt": "2023-12-16T17:29:02-07:00"
}
}
```
## See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
+ [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/ecr-2015-09-21/CreateRepositoryCreationTemplate)
+ [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/ecr-2015-09-21/CreateRepositoryCreationTemplate)
+ [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/ecr-2015-09-21/CreateRepositoryCreationTemplate)
+ [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/ecr-2015-09-21/CreateRepositoryCreationTemplate)
+ [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/ecr-2015-09-21/CreateRepositoryCreationTemplate)
+ [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/ecr-2015-09-21/CreateRepositoryCreationTemplate)
+ [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/ecr-2015-09-21/CreateRepositoryCreationTemplate)
+ [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/ecr-2015-09-21/CreateRepositoryCreationTemplate)
+ [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/ecr-2015-09-21/CreateRepositoryCreationTemplate)
+ [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/ecr-2015-09-21/CreateRepositoryCreationTemplate)
# DeleteLifecyclePolicy
Deletes the lifecycle policy associated with the specified repository.
## Request Syntax
```
{
"registryId": "string",
"repositoryName": "string"
}
```
## Request Parameters
For information about the parameters that are common to all actions, see [Common Parameters](CommonParameters.md).
The request accepts the following data in JSON format.
** [registryId](#API_DeleteLifecyclePolicy_RequestSyntax) **
The AWS account ID associated with the registry that contains the repository. If you do not specify a registry, the default registry is assumed.
Type: String
Pattern: `[0-9]{12}`
Required: No
** [repositoryName](#API_DeleteLifecyclePolicy_RequestSyntax) **
The name of the repository.
Type: String
Length Constraints: Minimum length of 2. Maximum length of 256.
Pattern: `[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*(\/[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*)*`
Required: Yes
## Response Syntax
```
{
"lastEvaluatedAt": number,
"lifecyclePolicyText": "string",
"registryId": "string",
"repositoryName": "string"
}
```
## Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
** [lastEvaluatedAt](#API_DeleteLifecyclePolicy_ResponseSyntax) **
The time stamp of the last time that the lifecycle policy was run.
Type: Timestamp
** [lifecyclePolicyText](#API_DeleteLifecyclePolicy_ResponseSyntax) **
The JSON lifecycle policy text.
Type: String
Length Constraints: Minimum length of 100. Maximum length of 30720.
** [registryId](#API_DeleteLifecyclePolicy_ResponseSyntax) **
The registry ID associated with the request.
Type: String
Pattern: `[0-9]{12}`
** [repositoryName](#API_DeleteLifecyclePolicy_ResponseSyntax) **
The repository name associated with the request.
Type: String
Length Constraints: Minimum length of 2. Maximum length of 256.
Pattern: `[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*(\/[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*)*`
## Errors
For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md).
** InvalidParameterException **
The specified parameter is invalid. Review the available parameters for the API request.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** LifecyclePolicyNotFoundException **
The lifecycle policy could not be found, and no policy is set to the repository.
HTTP Status Code: 400
** RepositoryNotFoundException **
The specified repository could not be found. Check the spelling of the specified repository and ensure that you are performing operations on the correct registry.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** ServerException **
These errors are usually caused by a server-side issue.
** message **
The error message associated with the exception.
HTTP Status Code: 500
** ValidationException **
There was an exception validating this request.
HTTP Status Code: 400
## Examples
In the following example or examples, the Authorization header contents (`AUTHPARAMS`) must be replaced with an AWS Signature Version 4 signature. For more information about creating these signatures, see [Signature Version 4 Signing Process](https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html) in the * AWS General Reference*.
You only need to learn how to sign HTTP requests if you intend to manually create them. When you use the [AWS Command Line Interface (AWS CLI)](http://aws.amazon.com/cli/) or one of the [AWS SDKs](http://aws.amazon.com/tools/) to make requests to AWS, these tools automatically sign the requests for you with the access key that you specify when you configure the tools. When you use these tools, you don't need to learn how to sign requests yourself.
### Example
This example deletes a lifecycle policy for a repository called `project-a/amazon-ecs-sample` in the default registry for an account.
#### Sample Request
```
POST / HTTP/1.1
Host: ecr.us-west-2.amazonaws.com
Accept-Encoding: identity
X-Amz-Target: AmazonEC2ContainerRegistry_V20150921.DeleteLifecyclePolicy
Content-Type: application/x-amz-json-1.1
User-Agent: aws-cli/1.11.144 Python/3.6.1 Darwin/16.6.0 botocore/1.7.2
X-Amz-Date: 20170901T223937Z
Authorization: AUTHPARAMS
Content-Length: 48
{
"repositoryName": "project-a/amazon-ecs-sample",
}
```
#### Sample Response
```
HTTP/1.1 200 OK
Server: Server
Date: Fri, 01 Sep 2017 19:42:18 GMT
Content-Type: application/x-amz-json-1.1
Content-Length: 340
Connection: keep-alive
x-amzn-RequestId: 123a4b56-7c89-01d2-3ef4-example5678f
{
"lastEvaluatedAt":1.504295007E9,
"lifecyclePolicyText":"{\"rules\":[{\"rulePriority\":1,\"description\":\"Expire images older than 14 days\",\"selection\":{\"tagStatus\":\"untagged\",\"countType\":\"sinceImagePushed\",\"countUnit\":\"days\",\"countNumber\":14},\"action\":{\"type\":\"expire\"}}]}",
"registryId":"012345678910",
"repositoryName":"project-a/amazon-ecs-sample"
}
```
## See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
+ [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/ecr-2015-09-21/DeleteLifecyclePolicy)
+ [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/ecr-2015-09-21/DeleteLifecyclePolicy)
+ [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/ecr-2015-09-21/DeleteLifecyclePolicy)
+ [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/ecr-2015-09-21/DeleteLifecyclePolicy)
+ [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/ecr-2015-09-21/DeleteLifecyclePolicy)
+ [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/ecr-2015-09-21/DeleteLifecyclePolicy)
+ [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/ecr-2015-09-21/DeleteLifecyclePolicy)
+ [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/ecr-2015-09-21/DeleteLifecyclePolicy)
+ [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/ecr-2015-09-21/DeleteLifecyclePolicy)
+ [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/ecr-2015-09-21/DeleteLifecyclePolicy)
# DeletePullThroughCacheRule
Deletes a pull through cache rule.
## Request Syntax
```
{
"ecrRepositoryPrefix": "string",
"registryId": "string"
}
```
## Request Parameters
For information about the parameters that are common to all actions, see [Common Parameters](CommonParameters.md).
The request accepts the following data in JSON format.
** [ecrRepositoryPrefix](#API_DeletePullThroughCacheRule_RequestSyntax) **
The Amazon ECR repository prefix associated with the pull through cache rule to delete.
Type: String
Length Constraints: Minimum length of 2. Maximum length of 30.
Pattern: `^([a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*(\/[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*)*\/?|ROOT)$`
Required: Yes
** [registryId](#API_DeletePullThroughCacheRule_RequestSyntax) **
The AWS account ID associated with the registry that contains the pull through cache rule. If you do not specify a registry, the default registry is assumed.
Type: String
Pattern: `[0-9]{12}`
Required: No
## Response Syntax
```
{
"createdAt": number,
"credentialArn": "string",
"customRoleArn": "string",
"ecrRepositoryPrefix": "string",
"registryId": "string",
"upstreamRegistryUrl": "string",
"upstreamRepositoryPrefix": "string"
}
```
## Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
** [createdAt](#API_DeletePullThroughCacheRule_ResponseSyntax) **
The timestamp associated with the pull through cache rule.
Type: Timestamp
** [credentialArn](#API_DeletePullThroughCacheRule_ResponseSyntax) **
The Amazon Resource Name (ARN) of the AWS Secrets Manager secret associated with the pull through cache rule.
Type: String
Length Constraints: Minimum length of 50. Maximum length of 612.
Pattern: `^arn:aws(-\w+)*:secretsmanager:[a-zA-Z0-9-:]+:secret:ecr\-pullthroughcache\/[a-zA-Z0-9\/_+=.@-]+$`
** [customRoleArn](#API_DeletePullThroughCacheRule_ResponseSyntax) **
The ARN of the IAM role associated with the pull through cache rule.
Type: String
Length Constraints: Maximum length of 2048.
** [ecrRepositoryPrefix](#API_DeletePullThroughCacheRule_ResponseSyntax) **
The Amazon ECR repository prefix associated with the request.
Type: String
Length Constraints: Minimum length of 2. Maximum length of 30.
Pattern: `^([a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*(\/[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*)*\/?|ROOT)$`
** [registryId](#API_DeletePullThroughCacheRule_ResponseSyntax) **
The registry ID associated with the request.
Type: String
Pattern: `[0-9]{12}`
** [upstreamRegistryUrl](#API_DeletePullThroughCacheRule_ResponseSyntax) **
The upstream registry URL associated with the pull through cache rule.
Type: String
** [upstreamRepositoryPrefix](#API_DeletePullThroughCacheRule_ResponseSyntax) **
The upstream repository prefix associated with the pull through cache rule.
Type: String
Length Constraints: Minimum length of 2. Maximum length of 30.
Pattern: `^([a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*(\/[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*)*\/?|ROOT)$`
## Errors
For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md).
** InvalidParameterException **
The specified parameter is invalid. Review the available parameters for the API request.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** PullThroughCacheRuleNotFoundException **
The pull through cache rule was not found. Specify a valid pull through cache rule and try again.
HTTP Status Code: 400
** ServerException **
These errors are usually caused by a server-side issue.
** message **
The error message associated with the exception.
HTTP Status Code: 500
** ValidationException **
There was an exception validating this request.
HTTP Status Code: 400
## See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
+ [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/ecr-2015-09-21/DeletePullThroughCacheRule)
+ [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/ecr-2015-09-21/DeletePullThroughCacheRule)
+ [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/ecr-2015-09-21/DeletePullThroughCacheRule)
+ [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/ecr-2015-09-21/DeletePullThroughCacheRule)
+ [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/ecr-2015-09-21/DeletePullThroughCacheRule)
+ [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/ecr-2015-09-21/DeletePullThroughCacheRule)
+ [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/ecr-2015-09-21/DeletePullThroughCacheRule)
+ [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/ecr-2015-09-21/DeletePullThroughCacheRule)
+ [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/ecr-2015-09-21/DeletePullThroughCacheRule)
+ [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/ecr-2015-09-21/DeletePullThroughCacheRule)
# DeleteRegistryPolicy
Deletes the registry permissions policy.
## Response Syntax
```
{
"policyText": "string",
"registryId": "string"
}
```
## Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
** [policyText](#API_DeleteRegistryPolicy_ResponseSyntax) **
The contents of the registry permissions policy that was deleted.
Type: String
Length Constraints: Minimum length of 0. Maximum length of 10240.
** [registryId](#API_DeleteRegistryPolicy_ResponseSyntax) **
The registry ID associated with the request.
Type: String
Pattern: `[0-9]{12}`
## Errors
For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md).
** InvalidParameterException **
The specified parameter is invalid. Review the available parameters for the API request.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** RegistryPolicyNotFoundException **
The registry doesn't have an associated registry policy.
HTTP Status Code: 400
** ServerException **
These errors are usually caused by a server-side issue.
** message **
The error message associated with the exception.
HTTP Status Code: 500
** ValidationException **
There was an exception validating this request.
HTTP Status Code: 400
## See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
+ [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/ecr-2015-09-21/DeleteRegistryPolicy)
+ [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/ecr-2015-09-21/DeleteRegistryPolicy)
+ [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/ecr-2015-09-21/DeleteRegistryPolicy)
+ [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/ecr-2015-09-21/DeleteRegistryPolicy)
+ [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/ecr-2015-09-21/DeleteRegistryPolicy)
+ [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/ecr-2015-09-21/DeleteRegistryPolicy)
+ [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/ecr-2015-09-21/DeleteRegistryPolicy)
+ [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/ecr-2015-09-21/DeleteRegistryPolicy)
+ [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/ecr-2015-09-21/DeleteRegistryPolicy)
+ [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/ecr-2015-09-21/DeleteRegistryPolicy)
# DeleteRepository
Deletes a repository. If the repository isn't empty, you must either delete the contents of the repository or use the `force` option to delete the repository and have Amazon ECR delete all of its contents on your behalf.
## Request Syntax
```
{
"force": boolean,
"registryId": "string",
"repositoryName": "string"
}
```
## Request Parameters
For information about the parameters that are common to all actions, see [Common Parameters](CommonParameters.md).
The request accepts the following data in JSON format.
** [force](#API_DeleteRepository_RequestSyntax) **
If true, deleting the repository force deletes the contents of the repository. If false, the repository must be empty before attempting to delete it.
Type: Boolean
Required: No
** [registryId](#API_DeleteRepository_RequestSyntax) **
The AWS account ID associated with the registry that contains the repository to delete. If you do not specify a registry, the default registry is assumed.
Type: String
Pattern: `[0-9]{12}`
Required: No
** [repositoryName](#API_DeleteRepository_RequestSyntax) **
The name of the repository to delete.
Type: String
Length Constraints: Minimum length of 2. Maximum length of 256.
Pattern: `[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*(\/[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*)*`
Required: Yes
## Response Syntax
```
{
"repository": {
"createdAt": number,
"encryptionConfiguration": {
"encryptionType": "string",
"kmsKey": "string"
},
"imageScanningConfiguration": {
"scanOnPush": boolean
},
"imageTagMutability": "string",
"imageTagMutabilityExclusionFilters": [
{
"filter": "string",
"filterType": "string"
}
],
"registryId": "string",
"repositoryArn": "string",
"repositoryName": "string",
"repositoryUri": "string"
}
}
```
## Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
** [repository](#API_DeleteRepository_ResponseSyntax) **
The repository that was deleted.
Type: [Repository](API_Repository.md) object
## Errors
For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md).
** InvalidParameterException **
The specified parameter is invalid. Review the available parameters for the API request.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** KmsException **
The operation failed due to a KMS exception.
** kmsError **
The error code returned by AWS KMS.
HTTP Status Code: 400
** RepositoryNotEmptyException **
The specified repository contains images. To delete a repository that contains images, you must force the deletion with the `force` parameter.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** RepositoryNotFoundException **
The specified repository could not be found. Check the spelling of the specified repository and ensure that you are performing operations on the correct registry.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** ServerException **
These errors are usually caused by a server-side issue.
** message **
The error message associated with the exception.
HTTP Status Code: 500
## Examples
In the following example or examples, the Authorization header contents (`AUTHPARAMS`) must be replaced with an AWS Signature Version 4 signature. For more information about creating these signatures, see [Signature Version 4 Signing Process](https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html) in the * AWS General Reference*.
You only need to learn how to sign HTTP requests if you intend to manually create them. When you use the [AWS Command Line Interface (AWS CLI)](http://aws.amazon.com/cli/) or one of the [AWS SDKs](http://aws.amazon.com/tools/) to make requests to AWS, these tools automatically sign the requests for you with the access key that you specify when you configure the tools. When you use these tools, you don't need to learn how to sign requests yourself.
### Example
This example deletes a repository named `ubuntu` in the default registry for an account.
#### Sample Request
```
POST / HTTP/1.1
Host: api.ecr.us-west-2.amazonaws.com
Accept-Encoding: identity
X-Amz-Target: AmazonEC2ContainerRegistry_V20150921.DeleteRepository
Content-Type: application/x-amz-json-1.1
User-Agent: aws-cli/1.16.190 Python/3.6.1 Darwin/16.7.0 botocore/1.12.180
X-Amz-Date: 20190715T205933Z
Authorization: AUTHPARAMS
Content-Length: 33
{
"repositoryName":"sample-repo"
}
```
#### Sample Response
```
HTTP/1.1 200 OK
x-amzn-RequestId: 123a4b56-7c89-01d2-3ef4-example5678f
Content-Type: application/x-amz-json-1.1
Content-Length: 252
Connection: keep-alive
{
"repository":{
"createdAt":1.563223656E9,
"registryId":"012345678910",
"repositoryArn":"arn:aws:ecr:us-west-2:012345678910:repository/sample-repo",
"repositoryName":"sample-repo",
"repositoryUri":"012345678910.dkr.ecr.us-west-2.amazonaws.com/sample-repo"
}
}
```
## See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
+ [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/ecr-2015-09-21/DeleteRepository)
+ [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/ecr-2015-09-21/DeleteRepository)
+ [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/ecr-2015-09-21/DeleteRepository)
+ [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/ecr-2015-09-21/DeleteRepository)
+ [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/ecr-2015-09-21/DeleteRepository)
+ [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/ecr-2015-09-21/DeleteRepository)
+ [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/ecr-2015-09-21/DeleteRepository)
+ [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/ecr-2015-09-21/DeleteRepository)
+ [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/ecr-2015-09-21/DeleteRepository)
+ [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/ecr-2015-09-21/DeleteRepository)
# DeleteRepositoryCreationTemplate
Deletes a repository creation template.
## Request Syntax
```
{
"prefix": "string"
}
```
## Request Parameters
For information about the parameters that are common to all actions, see [Common Parameters](CommonParameters.md).
The request accepts the following data in JSON format.
** [prefix](#API_DeleteRepositoryCreationTemplate_RequestSyntax) **
The repository namespace prefix associated with the repository creation template.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 256.
Pattern: `^([a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*(\/[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*)*\/?|ROOT)$`
Required: Yes
## Response Syntax
```
{
"registryId": "string",
"repositoryCreationTemplate": {
"appliedFor": [ "string" ],
"createdAt": number,
"customRoleArn": "string",
"description": "string",
"encryptionConfiguration": {
"encryptionType": "string",
"kmsKey": "string"
},
"imageTagMutability": "string",
"imageTagMutabilityExclusionFilters": [
{
"filter": "string",
"filterType": "string"
}
],
"lifecyclePolicy": "string",
"prefix": "string",
"repositoryPolicy": "string",
"resourceTags": [
{
"Key": "string",
"Value": "string"
}
],
"updatedAt": number
}
}
```
## Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
** [registryId](#API_DeleteRepositoryCreationTemplate_ResponseSyntax) **
The registry ID associated with the request.
Type: String
Pattern: `[0-9]{12}`
** [repositoryCreationTemplate](#API_DeleteRepositoryCreationTemplate_ResponseSyntax) **
The details of the repository creation template that was deleted.
Type: [RepositoryCreationTemplate](API_RepositoryCreationTemplate.md) object
## Errors
For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md).
** InvalidParameterException **
The specified parameter is invalid. Review the available parameters for the API request.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** ServerException **
These errors are usually caused by a server-side issue.
** message **
The error message associated with the exception.
HTTP Status Code: 500
** TemplateNotFoundException **
The specified repository creation template can't be found. Verify the registry ID and prefix and try again.
HTTP Status Code: 400
** ValidationException **
There was an exception validating this request.
HTTP Status Code: 400
## Examples
In the following example or examples, the Authorization header contents (`AUTHPARAMS`) must be replaced with an AWS Signature Version 4 signature. For more information about creating these signatures, see [Signature Version 4 Signing Process](https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html) in the * AWS General Reference*.
You only need to learn how to sign HTTP requests if you intend to manually create them. When you use the [AWS Command Line Interface (AWS CLI)](http://aws.amazon.com/cli/) or one of the [AWS SDKs](http://aws.amazon.com/tools/) to make requests to AWS, these tools automatically sign the requests for you with the access key that you specify when you configure the tools. When you use these tools, you don't need to learn how to sign requests yourself.
### Example
This example deletes a repository creation template in the default registry for an account.
#### Sample Request
```
POST / HTTP/1.1
Host: ecr.us-west-2.amazonaws.com
Accept-Encoding: identity
Content-Length: 88
X-Amz-Target: AmazonEC2ContainerRegistry_V20150921.DescribeRepositoryCreationTemplates
X-Amz-Date: 20231216T195356Z
User-Agent: aws-cli/1.11.22 Python/2.7.12 Darwin/16.3.0 botocore/1.4.79
Content-Type: application/x-amz-json-1.1
Authorization: AUTHPARAMS
{
"prefix": "eng"
}
```
#### Sample Response
```
HTTP/1.1 200 OK
Server: Server
Date: Sat, 16 Dec 2023 19:54:56 GMT
Content-Type: application/x-amz-json-1.1
Content-Length: 666
Connection: keep-alive
x-amzn-RequestId: 60dc1ea1-c3c9-11e6-aa04-25c3a5fb1b54
{
"registryId": "012345678901",
"repositoryCreationTemplate": {
"prefix": "eng",
"encryptionConfiguration": {
"encryptionType": "AES256"
},
"imageTagMutability": "MUTABLE"
"createdAt": "2023-12-03T16:27:57.933000-08:00",
"updatedAt": "2023-12-03T16:27:57.933000-08:00"
}
}
```
## See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
+ [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/ecr-2015-09-21/DeleteRepositoryCreationTemplate)
+ [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/ecr-2015-09-21/DeleteRepositoryCreationTemplate)
+ [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/ecr-2015-09-21/DeleteRepositoryCreationTemplate)
+ [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/ecr-2015-09-21/DeleteRepositoryCreationTemplate)
+ [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/ecr-2015-09-21/DeleteRepositoryCreationTemplate)
+ [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/ecr-2015-09-21/DeleteRepositoryCreationTemplate)
+ [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/ecr-2015-09-21/DeleteRepositoryCreationTemplate)
+ [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/ecr-2015-09-21/DeleteRepositoryCreationTemplate)
+ [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/ecr-2015-09-21/DeleteRepositoryCreationTemplate)
+ [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/ecr-2015-09-21/DeleteRepositoryCreationTemplate)
# DeleteRepositoryPolicy
Deletes the repository policy associated with the specified repository.
## Request Syntax
```
{
"registryId": "string",
"repositoryName": "string"
}
```
## Request Parameters
For information about the parameters that are common to all actions, see [Common Parameters](CommonParameters.md).
The request accepts the following data in JSON format.
** [registryId](#API_DeleteRepositoryPolicy_RequestSyntax) **
The AWS account ID associated with the registry that contains the repository policy to delete. If you do not specify a registry, the default registry is assumed.
Type: String
Pattern: `[0-9]{12}`
Required: No
** [repositoryName](#API_DeleteRepositoryPolicy_RequestSyntax) **
The name of the repository that is associated with the repository policy to delete.
Type: String
Length Constraints: Minimum length of 2. Maximum length of 256.
Pattern: `[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*(\/[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*)*`
Required: Yes
## Response Syntax
```
{
"policyText": "string",
"registryId": "string",
"repositoryName": "string"
}
```
## Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
** [policyText](#API_DeleteRepositoryPolicy_ResponseSyntax) **
The JSON repository policy that was deleted from the repository.
Type: String
Length Constraints: Minimum length of 0. Maximum length of 10240.
** [registryId](#API_DeleteRepositoryPolicy_ResponseSyntax) **
The registry ID associated with the request.
Type: String
Pattern: `[0-9]{12}`
** [repositoryName](#API_DeleteRepositoryPolicy_ResponseSyntax) **
The repository name associated with the request.
Type: String
Length Constraints: Minimum length of 2. Maximum length of 256.
Pattern: `[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*(\/[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*)*`
## Errors
For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md).
** InvalidParameterException **
The specified parameter is invalid. Review the available parameters for the API request.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** RepositoryNotFoundException **
The specified repository could not be found. Check the spelling of the specified repository and ensure that you are performing operations on the correct registry.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** RepositoryPolicyNotFoundException **
The specified repository and registry combination does not have an associated repository policy.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** ServerException **
These errors are usually caused by a server-side issue.
** message **
The error message associated with the exception.
HTTP Status Code: 500
## Examples
In the following example or examples, the Authorization header contents (`AUTHPARAMS`) must be replaced with an AWS Signature Version 4 signature. For more information about creating these signatures, see [Signature Version 4 Signing Process](https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html) in the * AWS General Reference*.
You only need to learn how to sign HTTP requests if you intend to manually create them. When you use the [AWS Command Line Interface (AWS CLI)](http://aws.amazon.com/cli/) or one of the [AWS SDKs](http://aws.amazon.com/tools/) to make requests to AWS, these tools automatically sign the requests for you with the access key that you specify when you configure the tools. When you use these tools, you don't need to learn how to sign requests yourself.
### Example
This example deletes the repository policy from the `ubuntu` repository.
#### Sample Request
```
POST / HTTP/1.1
Host: ecr.us-east-1.amazonaws.com
Accept-Encoding: identity
Content-Length: 28
X-Amz-Target: AmazonEC2ContainerRegistry_V20150921.DeleteRepositoryPolicy
X-Amz-Date: 20151215T003722Z
User-Agent: aws-cli/1.9.10 Python/2.7.10 Darwin/14.5.0 botocore/1.3.10
Content-Type: application/x-amz-json-1.1
Authorization: AUTHPARAMS
{
"repositoryName": "ubuntu"
}
```
#### Sample Response
```
HTTP/1.1 200 OK
Server: Server
Date: Tue, 15 Dec 2015 00:37:22 GMT
Content-Type: application/x-amz-json-1.1
Content-Length: 301
Connection: keep-alive
x-amzn-RequestId: 01817918-a2c4-11e5-a19f-014c7a9aad99
{
"policyText": "{\n \"Version\" : \"2012-10-17\",\n \"Statement\" : [ {\n \"Sid\" : \"AllowPull\",\n \"Effect\" : \"Allow\",\n \"Principal\" : \"*\",\n \"Action\" : [ \"ecr:BatchGetImage\", \"ecr:GetDownloadUrlForLayer\" ]\n } ]\n}",
"registryId": "012345678910",
"repositoryName": "ubuntu"
}
```
## See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
+ [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/ecr-2015-09-21/DeleteRepositoryPolicy)
+ [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/ecr-2015-09-21/DeleteRepositoryPolicy)
+ [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/ecr-2015-09-21/DeleteRepositoryPolicy)
+ [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/ecr-2015-09-21/DeleteRepositoryPolicy)
+ [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/ecr-2015-09-21/DeleteRepositoryPolicy)
+ [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/ecr-2015-09-21/DeleteRepositoryPolicy)
+ [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/ecr-2015-09-21/DeleteRepositoryPolicy)
+ [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/ecr-2015-09-21/DeleteRepositoryPolicy)
+ [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/ecr-2015-09-21/DeleteRepositoryPolicy)
+ [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/ecr-2015-09-21/DeleteRepositoryPolicy)
# DeleteSigningConfiguration
Deletes the registry's signing configuration. Images pushed after deletion of the signing configuration will no longer be automatically signed.
For more information, see [Managed signing](https://docs.aws.amazon.com/AmazonECR/latest/userguide/managed-signing.html) in the *Amazon Elastic Container Registry User Guide*.
**Note**
Deleting the signing configuration does not affect existing image signatures.
## Response Syntax
```
{
"registryId": "string",
"signingConfiguration": {
"rules": [
{
"repositoryFilters": [
{
"filter": "string",
"filterType": "string"
}
],
"signingProfileArn": "string"
}
]
}
}
```
## Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
** [registryId](#API_DeleteSigningConfiguration_ResponseSyntax) **
The AWS account ID associated with the registry.
Type: String
Pattern: `[0-9]{12}`
** [signingConfiguration](#API_DeleteSigningConfiguration_ResponseSyntax) **
The registry's deleted signing configuration.
Type: [SigningConfiguration](API_SigningConfiguration.md) object
## Errors
For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md).
** ServerException **
These errors are usually caused by a server-side issue.
** message **
The error message associated with the exception.
HTTP Status Code: 500
** SigningConfigurationNotFoundException **
The specified signing configuration was not found. This occurs when attempting to retrieve or delete a signing configuration that does not exist.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** ValidationException **
There was an exception validating this request.
HTTP Status Code: 400
## See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
+ [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/ecr-2015-09-21/DeleteSigningConfiguration)
+ [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/ecr-2015-09-21/DeleteSigningConfiguration)
+ [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/ecr-2015-09-21/DeleteSigningConfiguration)
+ [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/ecr-2015-09-21/DeleteSigningConfiguration)
+ [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/ecr-2015-09-21/DeleteSigningConfiguration)
+ [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/ecr-2015-09-21/DeleteSigningConfiguration)
+ [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/ecr-2015-09-21/DeleteSigningConfiguration)
+ [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/ecr-2015-09-21/DeleteSigningConfiguration)
+ [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/ecr-2015-09-21/DeleteSigningConfiguration)
+ [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/ecr-2015-09-21/DeleteSigningConfiguration)
# DeregisterPullTimeUpdateExclusion
Removes a principal from the pull time update exclusion list for a registry. Once removed, Amazon ECR will resume updating the pull time if the specified principal pulls an image.
## Request Syntax
```
{
"principalArn": "string"
}
```
## Request Parameters
For information about the parameters that are common to all actions, see [Common Parameters](CommonParameters.md).
The request accepts the following data in JSON format.
** [principalArn](#API_DeregisterPullTimeUpdateExclusion_RequestSyntax) **
The ARN of the IAM principal to remove from the pull time update exclusion list.
Type: String
Length Constraints: Maximum length of 200.
Pattern: `^arn:aws(-[a-z]+)*:iam::[0-9]{12}:(role|user)/[\w+=,.@-]+(/[\w+=,.@-]+)*$`
Required: Yes
## Response Syntax
```
{
"principalArn": "string"
}
```
## Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
** [principalArn](#API_DeregisterPullTimeUpdateExclusion_ResponseSyntax) **
The ARN of the IAM principal that was removed from the pull time update exclusion list.
Type: String
Length Constraints: Maximum length of 200.
Pattern: `^arn:aws(-[a-z]+)*:iam::[0-9]{12}:(role|user)/[\w+=,.@-]+(/[\w+=,.@-]+)*$`
## Errors
For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md).
** ExclusionNotFoundException **
The specified pull time update exclusion was not found.
HTTP Status Code: 400
** InvalidParameterException **
The specified parameter is invalid. Review the available parameters for the API request.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** LimitExceededException **
The operation did not succeed because it would have exceeded a service limit for your account. For more information, see [Amazon ECR service quotas](https://docs.aws.amazon.com/AmazonECR/latest/userguide/service-quotas.html) in the Amazon Elastic Container Registry User Guide.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** ServerException **
These errors are usually caused by a server-side issue.
** message **
The error message associated with the exception.
HTTP Status Code: 500
** ValidationException **
There was an exception validating this request.
HTTP Status Code: 400
## Examples
In the following example or examples, the Authorization header contents (`AUTHPARAMS`) must be replaced with an AWS Signature Version 4 signature. For more information about creating these signatures, see [Signature Version 4 Signing Process](https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html) in the * AWS General Reference*.
You only need to learn how to sign HTTP requests if you intend to manually create them. When you use the [AWS Command Line Interface (AWS CLI)](http://aws.amazon.com/cli/) or one of the [AWS SDKs](http://aws.amazon.com/tools/) to make requests to AWS, these tools automatically sign the requests for you with the access key that you specify when you configure the tools. When you use these tools, you don't need to learn how to sign requests yourself.
### To remove a principal from the pull time exclusion list
This example removes an IAM role from the pull time update exclusion list.
#### Sample Request
```
POST / HTTP/1.1
Host: api.ecr.us-west-2.amazonaws.com
Accept-Encoding: identity
X-Amz-Target: AmazonEC2ContainerRegistry_V20150921.DeregisterPullTimeUpdateExclusion
Content-Type: application/x-amz-json-1.1
User-Agent: aws-cli/2.0 Python/3.8.0 Darwin/20.0.0 botocore/2.0.0
X-Amz-Date: 20251117T220830Z
Authorization: AUTHPARAMS
Content-Length: 73
{
"principalArn": "arn:aws:iam::012345678910:role/ECRAccess"
}
```
#### Sample Response
```
HTTP/1.1 200 OK
x-amzn-RequestId: 123a4b56-7c89-01d2-3ef4-example5678f
Content-Type: application/x-amz-json-1.1
Content-Length: 73
Connection: keep-alive
{
"principalArn": "arn:aws:iam::012345678910:role/ECRAccess"
}
```
## See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
+ [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/ecr-2015-09-21/DeregisterPullTimeUpdateExclusion)
+ [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/ecr-2015-09-21/DeregisterPullTimeUpdateExclusion)
+ [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/ecr-2015-09-21/DeregisterPullTimeUpdateExclusion)
+ [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/ecr-2015-09-21/DeregisterPullTimeUpdateExclusion)
+ [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/ecr-2015-09-21/DeregisterPullTimeUpdateExclusion)
+ [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/ecr-2015-09-21/DeregisterPullTimeUpdateExclusion)
+ [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/ecr-2015-09-21/DeregisterPullTimeUpdateExclusion)
+ [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/ecr-2015-09-21/DeregisterPullTimeUpdateExclusion)
+ [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/ecr-2015-09-21/DeregisterPullTimeUpdateExclusion)
+ [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/ecr-2015-09-21/DeregisterPullTimeUpdateExclusion)
# DescribeImageReplicationStatus
Returns the replication status for a specified image.
## Request Syntax
```
{
"imageId": {
"imageDigest": "string",
"imageTag": "string"
},
"registryId": "string",
"repositoryName": "string"
}
```
## Request Parameters
For information about the parameters that are common to all actions, see [Common Parameters](CommonParameters.md).
The request accepts the following data in JSON format.
** [imageId](#API_DescribeImageReplicationStatus_RequestSyntax) **
An object with identifying information for an image in an Amazon ECR repository.
Type: [ImageIdentifier](API_ImageIdentifier.md) object
Required: Yes
** [registryId](#API_DescribeImageReplicationStatus_RequestSyntax) **
The AWS account ID associated with the registry. If you do not specify a registry, the default registry is assumed.
Type: String
Pattern: `[0-9]{12}`
Required: No
** [repositoryName](#API_DescribeImageReplicationStatus_RequestSyntax) **
The name of the repository that the image is in.
Type: String
Length Constraints: Minimum length of 2. Maximum length of 256.
Pattern: `[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*(\/[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*)*`
Required: Yes
## Response Syntax
```
{
"imageId": {
"imageDigest": "string",
"imageTag": "string"
},
"replicationStatuses": [
{
"failureCode": "string",
"region": "string",
"registryId": "string",
"status": "string"
}
],
"repositoryName": "string"
}
```
## Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
** [imageId](#API_DescribeImageReplicationStatus_ResponseSyntax) **
An object with identifying information for an image in an Amazon ECR repository.
Type: [ImageIdentifier](API_ImageIdentifier.md) object
** [replicationStatuses](#API_DescribeImageReplicationStatus_ResponseSyntax) **
The replication status details for the images in the specified repository.
Type: Array of [ImageReplicationStatus](API_ImageReplicationStatus.md) objects
** [repositoryName](#API_DescribeImageReplicationStatus_ResponseSyntax) **
The repository name associated with the request.
Type: String
Length Constraints: Minimum length of 2. Maximum length of 256.
Pattern: `[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*(\/[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*)*`
## Errors
For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md).
** ImageNotFoundException **
The image requested does not exist in the specified repository.
HTTP Status Code: 400
** InvalidParameterException **
The specified parameter is invalid. Review the available parameters for the API request.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** RepositoryNotFoundException **
The specified repository could not be found. Check the spelling of the specified repository and ensure that you are performing operations on the correct registry.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** ServerException **
These errors are usually caused by a server-side issue.
** message **
The error message associated with the exception.
HTTP Status Code: 500
** ValidationException **
There was an exception validating this request.
HTTP Status Code: 400
## See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
+ [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/ecr-2015-09-21/DescribeImageReplicationStatus)
+ [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/ecr-2015-09-21/DescribeImageReplicationStatus)
+ [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/ecr-2015-09-21/DescribeImageReplicationStatus)
+ [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/ecr-2015-09-21/DescribeImageReplicationStatus)
+ [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/ecr-2015-09-21/DescribeImageReplicationStatus)
+ [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/ecr-2015-09-21/DescribeImageReplicationStatus)
+ [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/ecr-2015-09-21/DescribeImageReplicationStatus)
+ [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/ecr-2015-09-21/DescribeImageReplicationStatus)
+ [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/ecr-2015-09-21/DescribeImageReplicationStatus)
+ [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/ecr-2015-09-21/DescribeImageReplicationStatus)
# DescribeImages
Returns metadata about the images in a repository.
**Note**
Starting with Docker version 1.9, the Docker client compresses image layers before pushing them to a V2 Docker registry. The output of the `docker images` command shows the uncompressed image size. Therefore, Docker might return a larger image than the image shown in the AWS Management Console.
**Important**
The new version of Amazon ECR *Basic Scanning* doesn't use the [ImageDetail:imageScanFindingsSummary](API_ImageDetail.md#ECR-Type-ImageDetail-imageScanFindingsSummary) and [ImageDetail:imageScanStatus](API_ImageDetail.md#ECR-Type-ImageDetail-imageScanStatus) attributes from the API response to return scan results. Use the [DescribeImageScanFindings](API_DescribeImageScanFindings.md) API instead. For more information about AWS native basic scanning, see [ Scan images for software vulnerabilities in Amazon ECR](https://docs.aws.amazon.com/AmazonECR/latest/userguide/image-scanning.html).
## Request Syntax
```
{
"filter": {
"imageStatus": "string",
"tagStatus": "string"
},
"imageIds": [
{
"imageDigest": "string",
"imageTag": "string"
}
],
"maxResults": number,
"nextToken": "string",
"registryId": "string",
"repositoryName": "string"
}
```
## Request Parameters
For information about the parameters that are common to all actions, see [Common Parameters](CommonParameters.md).
The request accepts the following data in JSON format.
** [filter](#API_DescribeImages_RequestSyntax) **
The filter key and value with which to filter your `DescribeImages` results.
Type: [DescribeImagesFilter](API_DescribeImagesFilter.md) object
Required: No
** [imageIds](#API_DescribeImages_RequestSyntax) **
The list of image IDs for the requested repository.
Type: Array of [ImageIdentifier](API_ImageIdentifier.md) objects
Array Members: Minimum number of 1 item. Maximum number of 100 items.
Required: No
** [maxResults](#API_DescribeImages_RequestSyntax) **
The maximum number of repository results returned by `DescribeImages` in paginated output. When this parameter is used, `DescribeImages` only returns `maxResults` results in a single page along with a `nextToken` response element. The remaining results of the initial request can be seen by sending another `DescribeImages` request with the returned `nextToken` value. This value can be between 1 and 1000. If this parameter is not used, then `DescribeImages` returns up to 100 results and a `nextToken` value, if applicable. This option cannot be used when you specify images with `imageIds`.
Type: Integer
Valid Range: Minimum value of 1. Maximum value of 1000.
Required: No
** [nextToken](#API_DescribeImages_RequestSyntax) **
The `nextToken` value returned from a previous paginated `DescribeImages` request where `maxResults` was used and the results exceeded the value of that parameter. Pagination continues from the end of the previous results that returned the `nextToken` value. This value is `null` when there are no more results to return. This option cannot be used when you specify images with `imageIds`.
Type: String
Required: No
** [registryId](#API_DescribeImages_RequestSyntax) **
The AWS account ID associated with the registry that contains the repository in which to describe images. If you do not specify a registry, the default registry is assumed.
Type: String
Pattern: `[0-9]{12}`
Required: No
** [repositoryName](#API_DescribeImages_RequestSyntax) **
The repository that contains the images to describe.
Type: String
Length Constraints: Minimum length of 2. Maximum length of 256.
Pattern: `[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*(\/[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*)*`
Required: Yes
## Response Syntax
```
{
"imageDetails": [
{
"artifactMediaType": "string",
"imageDigest": "string",
"imageManifestMediaType": "string",
"imagePushedAt": number,
"imageScanFindingsSummary": {
"findingSeverityCounts": {
"string" : number
},
"imageScanCompletedAt": number,
"vulnerabilitySourceUpdatedAt": number
},
"imageScanStatus": {
"description": "string",
"status": "string"
},
"imageSizeInBytes": number,
"imageStatus": "string",
"imageTags": [ "string" ],
"lastActivatedAt": number,
"lastArchivedAt": number,
"lastRecordedPullTime": number,
"registryId": "string",
"repositoryName": "string",
"subjectManifestDigest": "string"
}
],
"nextToken": "string"
}
```
## Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
** [imageDetails](#API_DescribeImages_ResponseSyntax) **
A list of [ImageDetail](API_ImageDetail.md) objects that contain data about the image.
Type: Array of [ImageDetail](API_ImageDetail.md) objects
** [nextToken](#API_DescribeImages_ResponseSyntax) **
The `nextToken` value to include in a future `DescribeImages` request. When the results of a `DescribeImages` request exceed `maxResults`, this value can be used to retrieve the next page of results. This value is `null` when there are no more results to return.
Type: String
## Errors
For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md).
** ImageNotFoundException **
The image requested does not exist in the specified repository.
HTTP Status Code: 400
** InvalidParameterException **
The specified parameter is invalid. Review the available parameters for the API request.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** RepositoryNotFoundException **
The specified repository could not be found. Check the spelling of the specified repository and ensure that you are performing operations on the correct registry.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** ServerException **
These errors are usually caused by a server-side issue.
** message **
The error message associated with the exception.
HTTP Status Code: 500
## Examples
In the following example or examples, the Authorization header contents (`AUTHPARAMS`) must be replaced with an AWS Signature Version 4 signature. For more information about creating these signatures, see [Signature Version 4 Signing Process](https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html) in the * AWS General Reference*.
You only need to learn how to sign HTTP requests if you intend to manually create them. When you use the [AWS Command Line Interface (AWS CLI)](http://aws.amazon.com/cli/) or one of the [AWS SDKs](http://aws.amazon.com/tools/) to make requests to AWS, these tools automatically sign the requests for you with the access key that you specify when you configure the tools. When you use these tools, you don't need to learn how to sign requests yourself.
### Example
This example describes the images in a repository named `hello-repository` in the default account. Note that the image with the digest `sha256:7a64bc9c8843b0a8c8b8a7e4715b7615e4e1b0d8ca3c7e7a76ecEXAMPLE` is tagged as `latest` and `tagtest`.
#### Sample Request
```
POST / HTTP/1.1
Host: ecr.us-west-2.amazonaws.com
Accept-Encoding: identity
Content-Length: 38
X-Amz-Target: AmazonEC2ContainerRegistry_V20150921.DescribeImages
X-Amz-Date: 20220301T194641Z
User-Agent: aws-cli/1.11.22 Python/2.7.12 Darwin/16.3.0 botocore/1.4.79
Content-Type: application/x-amz-json-1.1
Authorization: AUTHPARAMS
{
"repositoryName": "hello-repository"
}
```
#### Sample Response
```
HTTP/1.1 200 OK
Server: Server
Date: Fri, 16 Dec 2016 19:31:33 GMT
Content-Type: application/x-amz-json-1.1
Content-Length: 1107
Connection: keep-alive
x-amzn-RequestId: 404826b1-c3c6-11e6-a9e5-e3c203a2f07f
{
"imageDetails": [
{
"registryId": "012345678910",
"repositoryName": "hello-repository",
"imageDigest": "sha256:7a64bc9c8843b0a8c8b8a7e4715b7615e4e1b0d8ca3c7e7a76ecEXAMPLE",
"imageTags": [
"tagtest"
],
"imageSizeInBytes": 78447648,
"imagePushedAt": "2021-12-03T20:36:09+00:00",
"imageScanStatus": {
"status": "COMPLETE",
"description": "The scan was completed successfully."
},
"imageScanFindingsSummary": {
"imageScanCompletedAt": "2021-12-03T20:36:14+00:00",
"vulnerabilitySourceUpdatedAt": "2021-11-24T16:11:37+00:00",
"findingSeverityCounts": {
"HIGH": 4,
"MEDIUM": 76,
"INFORMATIONAL": 9,
"LOW": 50
}
},
"imageManifestMediaType": "application/vnd.docker.distribution.manifest.v2+json",
"artifactMediaType": "application/vnd.docker.container.image.v1+json",
"lastRecordedPullTime": "2022-02-23T05:06:01.514000+00:00"
},
{
"registryId": "012345678910",
"repositoryName": "hello-repository",
"imageDigest": "sha256:7a64bc9c8843b0a8c8b8a7e4715b7615e4e1b0d8ca3c7e7a76ecEXAMPLE",
"imageTags": [
"latest"
],
"imageSizeInBytes": 78447648,
"imagePushedAt": "2020-01-23T17:56:13+00:00",
"imageScanStatus": {
"status": "COMPLETE",
"description": "The scan was completed successfully."
},
"imageScanFindingsSummary": {
"imageScanCompletedAt": "2020-01-24T04:11:45+00:00",
"vulnerabilitySourceUpdatedAt": "2020-01-23T20:25:17+00:00",
"findingSeverityCounts": {
"MEDIUM": 14,
"INFORMATIONAL": 11,
"LOW": 27
}
},
"imageManifestMediaType": "application/vnd.docker.distribution.manifest.v2+json",
"lastRecordedPullTime": "2022-02-24T07:35:16.530000+00:00"
}
]
}
```
## See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
+ [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/ecr-2015-09-21/DescribeImages)
+ [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/ecr-2015-09-21/DescribeImages)
+ [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/ecr-2015-09-21/DescribeImages)
+ [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/ecr-2015-09-21/DescribeImages)
+ [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/ecr-2015-09-21/DescribeImages)
+ [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/ecr-2015-09-21/DescribeImages)
+ [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/ecr-2015-09-21/DescribeImages)
+ [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/ecr-2015-09-21/DescribeImages)
+ [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/ecr-2015-09-21/DescribeImages)
+ [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/ecr-2015-09-21/DescribeImages)
# DescribeImageScanFindings
Returns the scan findings for the specified image.
## Request Syntax
```
{
"imageId": {
"imageDigest": "string",
"imageTag": "string"
},
"maxResults": number,
"nextToken": "string",
"registryId": "string",
"repositoryName": "string"
}
```
## Request Parameters
For information about the parameters that are common to all actions, see [Common Parameters](CommonParameters.md).
The request accepts the following data in JSON format.
** [imageId](#API_DescribeImageScanFindings_RequestSyntax) **
An object with identifying information for an image in an Amazon ECR repository.
Type: [ImageIdentifier](API_ImageIdentifier.md) object
Required: Yes
** [maxResults](#API_DescribeImageScanFindings_RequestSyntax) **
The maximum number of image scan results returned by `DescribeImageScanFindings` in paginated output. When this parameter is used, `DescribeImageScanFindings` only returns `maxResults` results in a single page along with a `nextToken` response element. The remaining results of the initial request can be seen by sending another `DescribeImageScanFindings` request with the returned `nextToken` value. This value can be between 1 and 1000. If this parameter is not used, then `DescribeImageScanFindings` returns up to 100 results and a `nextToken` value, if applicable.
Type: Integer
Valid Range: Minimum value of 1. Maximum value of 1000.
Required: No
** [nextToken](#API_DescribeImageScanFindings_RequestSyntax) **
The `nextToken` value returned from a previous paginated `DescribeImageScanFindings` request where `maxResults` was used and the results exceeded the value of that parameter. Pagination continues from the end of the previous results that returned the `nextToken` value. This value is null when there are no more results to return.
Type: String
Required: No
** [registryId](#API_DescribeImageScanFindings_RequestSyntax) **
The AWS account ID associated with the registry that contains the repository in which to describe the image scan findings for. If you do not specify a registry, the default registry is assumed.
Type: String
Pattern: `[0-9]{12}`
Required: No
** [repositoryName](#API_DescribeImageScanFindings_RequestSyntax) **
The repository for the image for which to describe the scan findings.
Type: String
Length Constraints: Minimum length of 2. Maximum length of 256.
Pattern: `[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*(\/[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*)*`
Required: Yes
## Response Syntax
```
{
"imageId": {
"imageDigest": "string",
"imageTag": "string"
},
"imageScanFindings": {
"enhancedFindings": [
{
"awsAccountId": "string",
"description": "string",
"exploitAvailable": "string",
"findingArn": "string",
"firstObservedAt": number,
"fixAvailable": "string",
"lastObservedAt": number,
"packageVulnerabilityDetails": {
"cvss": [
{
"baseScore": number,
"scoringVector": "string",
"source": "string",
"version": "string"
}
],
"referenceUrls": [ "string" ],
"relatedVulnerabilities": [ "string" ],
"source": "string",
"sourceUrl": "string",
"vendorCreatedAt": number,
"vendorSeverity": "string",
"vendorUpdatedAt": number,
"vulnerabilityId": "string",
"vulnerablePackages": [
{
"arch": "string",
"epoch": number,
"filePath": "string",
"fixedInVersion": "string",
"name": "string",
"packageManager": "string",
"release": "string",
"sourceLayerHash": "string",
"version": "string"
}
]
},
"remediation": {
"recommendation": {
"text": "string",
"url": "string"
}
},
"resources": [
{
"details": {
"awsEcrContainerImage": {
"architecture": "string",
"author": "string",
"imageHash": "string",
"imageTags": [ "string" ],
"inUseCount": number,
"lastInUseAt": number,
"platform": "string",
"pushedAt": number,
"registry": "string",
"repositoryName": "string"
}
},
"id": "string",
"tags": {
"string" : "string"
},
"type": "string"
}
],
"score": number,
"scoreDetails": {
"cvss": {
"adjustments": [
{
"metric": "string",
"reason": "string"
}
],
"score": number,
"scoreSource": "string",
"scoringVector": "string",
"version": "string"
}
},
"severity": "string",
"status": "string",
"title": "string",
"type": "string",
"updatedAt": number
}
],
"findings": [
{
"attributes": [
{
"key": "string",
"value": "string"
}
],
"description": "string",
"name": "string",
"severity": "string",
"uri": "string"
}
],
"findingSeverityCounts": {
"string" : number
},
"imageScanCompletedAt": number,
"vulnerabilitySourceUpdatedAt": number
},
"imageScanStatus": {
"description": "string",
"status": "string"
},
"nextToken": "string",
"registryId": "string",
"repositoryName": "string"
}
```
## Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
** [imageId](#API_DescribeImageScanFindings_ResponseSyntax) **
An object with identifying information for an image in an Amazon ECR repository.
Type: [ImageIdentifier](API_ImageIdentifier.md) object
** [imageScanFindings](#API_DescribeImageScanFindings_ResponseSyntax) **
The information contained in the image scan findings.
Type: [ImageScanFindings](API_ImageScanFindings.md) object
** [imageScanStatus](#API_DescribeImageScanFindings_ResponseSyntax) **
The current state of the scan.
Type: [ImageScanStatus](API_ImageScanStatus.md) object
** [nextToken](#API_DescribeImageScanFindings_ResponseSyntax) **
The `nextToken` value to include in a future `DescribeImageScanFindings` request. When the results of a `DescribeImageScanFindings` request exceed `maxResults`, this value can be used to retrieve the next page of results. This value is null when there are no more results to return.
Type: String
** [registryId](#API_DescribeImageScanFindings_ResponseSyntax) **
The registry ID associated with the request.
Type: String
Pattern: `[0-9]{12}`
** [repositoryName](#API_DescribeImageScanFindings_ResponseSyntax) **
The repository name associated with the request.
Type: String
Length Constraints: Minimum length of 2. Maximum length of 256.
Pattern: `[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*(\/[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*)*`
## Errors
For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md).
** ImageNotFoundException **
The image requested does not exist in the specified repository.
HTTP Status Code: 400
** InvalidParameterException **
The specified parameter is invalid. Review the available parameters for the API request.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** RepositoryNotFoundException **
The specified repository could not be found. Check the spelling of the specified repository and ensure that you are performing operations on the correct registry.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** ScanNotFoundException **
The specified image scan could not be found. Ensure that image scanning is enabled on the repository and try again.
HTTP Status Code: 400
** ServerException **
These errors are usually caused by a server-side issue.
** message **
The error message associated with the exception.
HTTP Status Code: 500
** ValidationException **
There was an exception validating this request.
HTTP Status Code: 400
## Examples
In the following example or examples, the Authorization header contents (`AUTHPARAMS`) must be replaced with an AWS Signature Version 4 signature. For more information about creating these signatures, see [Signature Version 4 Signing Process](https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html) in the * AWS General Reference*.
You only need to learn how to sign HTTP requests if you intend to manually create them. When you use the [AWS Command Line Interface (AWS CLI)](http://aws.amazon.com/cli/) or one of the [AWS SDKs](http://aws.amazon.com/tools/) to make requests to AWS, these tools automatically sign the requests for you with the access key that you specify when you configure the tools. When you use these tools, you don't need to learn how to sign requests yourself.
### Example for basic image scanning
This example returns the image scan findings for an image using the image digest in a repository named `sample-repo` in the default registry for an account.
#### Sample Request
```
POST / HTTP/1.1
Host: ecr.us-west-2.amazonaws.com
Accept-Encoding: identity
Content-Length: 141
X-Amz-Target: AmazonEC2ContainerRegistry_V20150921.DescribeImageScanFindings
X-Amz-Date: 20200124T034807Z
User-Agent: aws-cli/1.16.310 Python/3.6.1 Darwin/18.7.0 botocore/1.13.46
Content-Type: application/x-amz-json-1.1
Authorization: AUTHPARAMS
{
"repositoryName": "sample-repo",
"imageId": {
"imageDigest": "sha256:74b2c688c700ec95a93e478cdb959737c148df3fbf5ea706abe0318726e885e6"
}
}
```
#### Sample Response
```
HTTP/1.1 200 OK
Server: Server
Date: Fri, 24 Jan 2020 03:48:07 GMT
Content-Type: application/x-amz-json-1.1
Content-Length: 33967
Connection: keep-alive
x-amzn-RequestId: 3081a92b-2066-41f8-8a47-0580288ada9e
{
"imageScanFindings": {
"findings": [
{
"name": "CVE-2019-5188",
"description": "A code execution vulnerability exists in the directory rehashing functionality of E2fsprogs e2fsck 1.45.4. A specially crafted ext4 directory can cause an out-of-bounds write on the stack, resulting in code execution. An attacker can corrupt a partition to trigger this vulnerability.",
"uri": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2019-5188",
"severity": "MEDIUM",
"attributes": [
{
"key": "package_version",
"value": "1.44.1-1ubuntu1.1"
},
{
"key": "package_name",
"value": "e2fsprogs"
},
{
"key": "CVSS2_VECTOR",
"value": "AV:L/AC:L/Au:N/C:P/I:P/A:P"
},
{
"key": "CVSS2_SCORE",
"value": "4.6"
}
]
}
],
"imageScanCompletedAt": 1579839105.0,
"vulnerabilitySourceUpdatedAt": 1579811117.0,
"findingSeverityCounts": {
"MEDIUM": 1
}
},
"registryId": "012345678910",
"repositoryName": "sample-repo",
"imageId": {
"imageDigest": "sha256:74b2c688c700ec95a93e478cdb959737c148df3fbf5ea706abe0318726e885e6"
},
"imageScanStatus": {
"status": "COMPLETE",
"description": "The scan was completed successfully."
}
}
```
### Example for enhanced image scanning
This example illustrates one usage of DescribeImageScanFindings.
#### Sample Request
```
POST / HTTP/1.1
Host: ecr.us-west-2.amazonaws.com
Accept-Encoding: identity
Content-Length: 141
X-Amz-Target: AmazonEC2ContainerRegistry_V20150921.DescribeImageScanFindings
X-Amz-Date: 20250610T201255Z
User-Agent: aws-cli/1.16.310 Python/3.6.1 Darwin/18.7.0 botocore/1.13.46
Content-Type: application/x-amz-json-1.1
Authorization: AUTHPARAMS
{
"registryId": "123456789012",
"repositoryName": "sample-repo",
"imageId": {
"imageDigest": "sha256:74b2c688c700ec95a93e478cdb959737c148df3fbf5ea706abe0318726e885e6"
}
}
```
#### Sample Response
```
HTTP/1.1 200 OK
Server: Server
Date: Mon, 10 Jun 2025 20:12:55 GMT
Content-Type: application/x-amz-json-1.1
Content-Length: 33967
Connection: keep-alive
x-amzn-RequestId: 3081a92b-2066-41f8-8a47-0580288ada9e
{
"imageScanFindings": {
"enhancedFindings": [
{
"awsAccountId": "123456789012",
"description": "xmlXIncludeAddNode in xinclude.c in libxml2 before 2.11.0 has a use-after-free.",
"findingArn": "arn:aws:inspector2:us-west-2:123456789012:finding/123456789012123456789012",
"firstObservedAt": "2025-05-27T17:54:07.765000+00:00",
"lastObservedAt": "2025-06-09T07:08:40.144000+00:00",
"packageVulnerabilityDetails": {
"cvss": [
{
"baseScore": 8.1,
"scoringVector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"source": "NVD",
"version": "3.1"
}
],
"referenceUrls": [
"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1094238",
"https://security-tracker.debian.org/tracker/CVE-2022-49043"
],
"relatedVulnerabilities": [],
"source": "DEBIAN_CVE",
"sourceUrl": "https://security-tracker.debian.org/tracker/CVE-2022-49043",
"vendorSeverity": "not yet assigned",
"vulnerabilityId": "CVE-2022-49043",
"vulnerablePackages": [
{
"arch": "AMD64",
"epoch": 0,
"name": "libxml2",
"packageManager": "OS",
"release": "1.3~deb12u1",
"sourceLayerHash": "sha256:deb7d8874f38d4ec281d990aac2c7badbfcd5b97d602a388056e3f918a3f8cc7",
"version": "2.9.14+dfsg",
"fixedInVersion": "NotAvailable"
}
]
},
"remediation": {
"recommendation": {
"text": "None Provided"
}
},
"resources": [
{
"details": {
"awsEcrContainerImage": {
"architecture": "amd64",
"imageHash": "sha256:74b2c688c700ec95a93e478cdb959737c148df3fbf5ea706abe0318726e885e6",
"imageTags": [
"latest"
],
"platform": "DEBIAN_12",
"pushedAt": "2025-05-27T17:53:50.554000+00:00",
"lastInUseAt": "2025-06-09T04:43:20.427000+00:00",
"inUseCount": 1,
"registry": "123456789012",
"repositoryName": "sample-repo"
}
},
"id": "arn:aws:ecr:us-west-2:123456789012:repository/sample-repo/sha256:74b2c688c700ec95a93e478cdb959737c148df3fbf5ea706abe0318726e885e6",
"tags": {},
"type": "AWS_ECR_CONTAINER_IMAGE"
}
],
"score": 8.1,
"scoreDetails": {
"cvss": {
"adjustments": [],
"score": 8.1,
"scoreSource": "NVD",
"scoringVector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
"severity": "HIGH",
"status": "ACTIVE",
"title": "CVE-2022-49043 - libxml2",
"type": "PACKAGE_VULNERABILITY",
"updatedAt": "2025-06-09T07:08:40.144000+00:00",
"fixAvailable": "NO",
"exploitAvailable": "NO"
},
],
"imageScanCompletedAt": "2025-06-09T07:08:40.144000+00:00",
"vulnerabilitySourceUpdatedAt": "2025-06-09T07:08:40.144000+00:00",
"findingSeverityCounts": {
"HIGH": 1,
}
},
"registryId": "123456789012",
"repositoryName": "sample-repo",
"imageId": {
"imageDigest": "sha256:74b2c688c700ec95a93e478cdb959737c148df3fbf5ea706abe0318726e885e6"
},
"imageScanStatus": {
"status": "ACTIVE",
"description": "Continuous scan is selected for image."
}
}
```
## See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
+ [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/ecr-2015-09-21/DescribeImageScanFindings)
+ [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/ecr-2015-09-21/DescribeImageScanFindings)
+ [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/ecr-2015-09-21/DescribeImageScanFindings)
+ [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/ecr-2015-09-21/DescribeImageScanFindings)
+ [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/ecr-2015-09-21/DescribeImageScanFindings)
+ [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/ecr-2015-09-21/DescribeImageScanFindings)
+ [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/ecr-2015-09-21/DescribeImageScanFindings)
+ [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/ecr-2015-09-21/DescribeImageScanFindings)
+ [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/ecr-2015-09-21/DescribeImageScanFindings)
+ [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/ecr-2015-09-21/DescribeImageScanFindings)
# DescribeImageSigningStatus
Returns the signing status for a specified image. If the image matched signing rules that reference different signing profiles, a status is returned for each profile.
For more information, see [Managed signing](https://docs.aws.amazon.com/AmazonECR/latest/userguide/managed-signing.html) in the *Amazon Elastic Container Registry User Guide*.
## Request Syntax
```
{
"imageId": {
"imageDigest": "string",
"imageTag": "string"
},
"registryId": "string",
"repositoryName": "string"
}
```
## Request Parameters
For information about the parameters that are common to all actions, see [Common Parameters](CommonParameters.md).
The request accepts the following data in JSON format.
** [imageId](#API_DescribeImageSigningStatus_RequestSyntax) **
An object containing identifying information for an image.
Type: [ImageIdentifier](API_ImageIdentifier.md) object
Required: Yes
** [registryId](#API_DescribeImageSigningStatus_RequestSyntax) **
The AWS account ID associated with the registry that contains the repository. If you do not specify a registry, the default registry is assumed.
Type: String
Pattern: `[0-9]{12}`
Required: No
** [repositoryName](#API_DescribeImageSigningStatus_RequestSyntax) **
The name of the repository that contains the image.
Type: String
Length Constraints: Minimum length of 2. Maximum length of 256.
Pattern: `[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*(\/[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*)*`
Required: Yes
## Response Syntax
```
{
"imageId": {
"imageDigest": "string",
"imageTag": "string"
},
"registryId": "string",
"repositoryName": "string",
"signingStatuses": [
{
"failureCode": "string",
"failureReason": "string",
"signingProfileArn": "string",
"status": "string"
}
]
}
```
## Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
** [imageId](#API_DescribeImageSigningStatus_ResponseSyntax) **
An object with identifying information for the image.
Type: [ImageIdentifier](API_ImageIdentifier.md) object
** [registryId](#API_DescribeImageSigningStatus_ResponseSyntax) **
The AWS account ID associated with the registry.
Type: String
Pattern: `[0-9]{12}`
** [repositoryName](#API_DescribeImageSigningStatus_ResponseSyntax) **
The name of the repository.
Type: String
Length Constraints: Minimum length of 2. Maximum length of 256.
Pattern: `[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*(\/[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*)*`
** [signingStatuses](#API_DescribeImageSigningStatus_ResponseSyntax) **
A list of signing statuses for the specified image. Each status corresponds to a signing profile.
Type: Array of [ImageSigningStatus](API_ImageSigningStatus.md) objects
## Errors
For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md).
** ImageNotFoundException **
The image requested does not exist in the specified repository.
HTTP Status Code: 400
** InvalidParameterException **
The specified parameter is invalid. Review the available parameters for the API request.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** RepositoryNotFoundException **
The specified repository could not be found. Check the spelling of the specified repository and ensure that you are performing operations on the correct registry.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** ServerException **
These errors are usually caused by a server-side issue.
** message **
The error message associated with the exception.
HTTP Status Code: 500
** ValidationException **
There was an exception validating this request.
HTTP Status Code: 400
## See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
+ [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/ecr-2015-09-21/DescribeImageSigningStatus)
+ [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/ecr-2015-09-21/DescribeImageSigningStatus)
+ [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/ecr-2015-09-21/DescribeImageSigningStatus)
+ [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/ecr-2015-09-21/DescribeImageSigningStatus)
+ [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/ecr-2015-09-21/DescribeImageSigningStatus)
+ [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/ecr-2015-09-21/DescribeImageSigningStatus)
+ [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/ecr-2015-09-21/DescribeImageSigningStatus)
+ [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/ecr-2015-09-21/DescribeImageSigningStatus)
+ [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/ecr-2015-09-21/DescribeImageSigningStatus)
+ [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/ecr-2015-09-21/DescribeImageSigningStatus)
# DescribePullThroughCacheRules
Returns the pull through cache rules for a registry.
## Request Syntax
```
{
"ecrRepositoryPrefixes": [ "string" ],
"maxResults": number,
"nextToken": "string",
"registryId": "string"
}
```
## Request Parameters
For information about the parameters that are common to all actions, see [Common Parameters](CommonParameters.md).
The request accepts the following data in JSON format.
** [ecrRepositoryPrefixes](#API_DescribePullThroughCacheRules_RequestSyntax) **
The Amazon ECR repository prefixes associated with the pull through cache rules to return. If no repository prefix value is specified, all pull through cache rules are returned.
Type: Array of strings
Array Members: Minimum number of 1 item. Maximum number of 100 items.
Length Constraints: Minimum length of 2. Maximum length of 30.
Pattern: `^([a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*(\/[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*)*\/?|ROOT)$`
Required: No
** [maxResults](#API_DescribePullThroughCacheRules_RequestSyntax) **
The maximum number of pull through cache rules returned by `DescribePullThroughCacheRulesRequest` in paginated output. When this parameter is used, `DescribePullThroughCacheRulesRequest` only returns `maxResults` results in a single page along with a `nextToken` response element. The remaining results of the initial request can be seen by sending another `DescribePullThroughCacheRulesRequest` request with the returned `nextToken` value. This value can be between 1 and 1000. If this parameter is not used, then `DescribePullThroughCacheRulesRequest` returns up to 100 results and a `nextToken` value, if applicable.
Type: Integer
Valid Range: Minimum value of 1. Maximum value of 1000.
Required: No
** [nextToken](#API_DescribePullThroughCacheRules_RequestSyntax) **
The `nextToken` value returned from a previous paginated `DescribePullThroughCacheRulesRequest` request where `maxResults` was used and the results exceeded the value of that parameter. Pagination continues from the end of the previous results that returned the `nextToken` value. This value is null when there are no more results to return.
Type: String
Required: No
** [registryId](#API_DescribePullThroughCacheRules_RequestSyntax) **
The AWS account ID associated with the registry to return the pull through cache rules for. If you do not specify a registry, the default registry is assumed.
Type: String
Pattern: `[0-9]{12}`
Required: No
## Response Syntax
```
{
"nextToken": "string",
"pullThroughCacheRules": [
{
"createdAt": number,
"credentialArn": "string",
"customRoleArn": "string",
"ecrRepositoryPrefix": "string",
"registryId": "string",
"updatedAt": number,
"upstreamRegistry": "string",
"upstreamRegistryUrl": "string",
"upstreamRepositoryPrefix": "string"
}
]
}
```
## Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
** [nextToken](#API_DescribePullThroughCacheRules_ResponseSyntax) **
The `nextToken` value to include in a future `DescribePullThroughCacheRulesRequest` request. When the results of a `DescribePullThroughCacheRulesRequest` request exceed `maxResults`, this value can be used to retrieve the next page of results. This value is null when there are no more results to return.
Type: String
** [pullThroughCacheRules](#API_DescribePullThroughCacheRules_ResponseSyntax) **
The details of the pull through cache rules.
Type: Array of [PullThroughCacheRule](API_PullThroughCacheRule.md) objects
## Errors
For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md).
** InvalidParameterException **
The specified parameter is invalid. Review the available parameters for the API request.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** PullThroughCacheRuleNotFoundException **
The pull through cache rule was not found. Specify a valid pull through cache rule and try again.
HTTP Status Code: 400
** ServerException **
These errors are usually caused by a server-side issue.
** message **
The error message associated with the exception.
HTTP Status Code: 500
** ValidationException **
There was an exception validating this request.
HTTP Status Code: 400
## See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
+ [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/ecr-2015-09-21/DescribePullThroughCacheRules)
+ [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/ecr-2015-09-21/DescribePullThroughCacheRules)
+ [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/ecr-2015-09-21/DescribePullThroughCacheRules)
+ [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/ecr-2015-09-21/DescribePullThroughCacheRules)
+ [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/ecr-2015-09-21/DescribePullThroughCacheRules)
+ [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/ecr-2015-09-21/DescribePullThroughCacheRules)
+ [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/ecr-2015-09-21/DescribePullThroughCacheRules)
+ [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/ecr-2015-09-21/DescribePullThroughCacheRules)
+ [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/ecr-2015-09-21/DescribePullThroughCacheRules)
+ [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/ecr-2015-09-21/DescribePullThroughCacheRules)
# DescribeRegistry
Describes the settings for a registry. The replication configuration for a repository can be created or updated with the [PutReplicationConfiguration](API_PutReplicationConfiguration.md) API action.
## Response Syntax
```
{
"registryId": "string",
"replicationConfiguration": {
"rules": [
{
"destinations": [
{
"region": "string",
"registryId": "string"
}
],
"repositoryFilters": [
{
"filter": "string",
"filterType": "string"
}
]
}
]
}
}
```
## Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
** [registryId](#API_DescribeRegistry_ResponseSyntax) **
The registry ID associated with the request.
Type: String
Pattern: `[0-9]{12}`
** [replicationConfiguration](#API_DescribeRegistry_ResponseSyntax) **
The replication configuration for the registry.
Type: [ReplicationConfiguration](API_ReplicationConfiguration.md) object
## Errors
For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md).
** InvalidParameterException **
The specified parameter is invalid. Review the available parameters for the API request.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** ServerException **
These errors are usually caused by a server-side issue.
** message **
The error message associated with the exception.
HTTP Status Code: 500
** ValidationException **
There was an exception validating this request.
HTTP Status Code: 400
## See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
+ [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/ecr-2015-09-21/DescribeRegistry)
+ [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/ecr-2015-09-21/DescribeRegistry)
+ [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/ecr-2015-09-21/DescribeRegistry)
+ [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/ecr-2015-09-21/DescribeRegistry)
+ [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/ecr-2015-09-21/DescribeRegistry)
+ [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/ecr-2015-09-21/DescribeRegistry)
+ [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/ecr-2015-09-21/DescribeRegistry)
+ [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/ecr-2015-09-21/DescribeRegistry)
+ [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/ecr-2015-09-21/DescribeRegistry)
+ [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/ecr-2015-09-21/DescribeRegistry)
# DescribeRepositories
Describes image repositories in a registry.
## Request Syntax
```
{
"maxResults": number,
"nextToken": "string",
"registryId": "string",
"repositoryNames": [ "string" ]
}
```
## Request Parameters
For information about the parameters that are common to all actions, see [Common Parameters](CommonParameters.md).
The request accepts the following data in JSON format.
** [maxResults](#API_DescribeRepositories_RequestSyntax) **
The maximum number of repository results returned by `DescribeRepositories` in paginated output. When this parameter is used, `DescribeRepositories` only returns `maxResults` results in a single page along with a `nextToken` response element. The remaining results of the initial request can be seen by sending another `DescribeRepositories` request with the returned `nextToken` value. This value can be between 1 and 1000. If this parameter is not used, then `DescribeRepositories` returns up to 100 results and a `nextToken` value, if applicable. This option cannot be used when you specify repositories with `repositoryNames`.
Type: Integer
Valid Range: Minimum value of 1. Maximum value of 1000.
Required: No
** [nextToken](#API_DescribeRepositories_RequestSyntax) **
The `nextToken` value returned from a previous paginated `DescribeRepositories` request where `maxResults` was used and the results exceeded the value of that parameter. Pagination continues from the end of the previous results that returned the `nextToken` value. This value is `null` when there are no more results to return. This option cannot be used when you specify repositories with `repositoryNames`.
This token should be treated as an opaque identifier that is only used to retrieve the next items in a list and not for other programmatic purposes.
Type: String
Required: No
** [registryId](#API_DescribeRepositories_RequestSyntax) **
The AWS account ID associated with the registry that contains the repositories to be described. If you do not specify a registry, the default registry is assumed.
Type: String
Pattern: `[0-9]{12}`
Required: No
** [repositoryNames](#API_DescribeRepositories_RequestSyntax) **
A list of repositories to describe. If this parameter is omitted, then all repositories in a registry are described.
Type: Array of strings
Array Members: Minimum number of 1 item. Maximum number of 100 items.
Length Constraints: Minimum length of 2. Maximum length of 256.
Pattern: `[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*(\/[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*)*`
Required: No
## Response Syntax
```
{
"nextToken": "string",
"repositories": [
{
"createdAt": number,
"encryptionConfiguration": {
"encryptionType": "string",
"kmsKey": "string"
},
"imageScanningConfiguration": {
"scanOnPush": boolean
},
"imageTagMutability": "string",
"imageTagMutabilityExclusionFilters": [
{
"filter": "string",
"filterType": "string"
}
],
"registryId": "string",
"repositoryArn": "string",
"repositoryName": "string",
"repositoryUri": "string"
}
]
}
```
## Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
** [nextToken](#API_DescribeRepositories_ResponseSyntax) **
The `nextToken` value to include in a future `DescribeRepositories` request. When the results of a `DescribeRepositories` request exceed `maxResults`, this value can be used to retrieve the next page of results. This value is `null` when there are no more results to return.
Type: String
** [repositories](#API_DescribeRepositories_ResponseSyntax) **
A list of repository objects corresponding to valid repositories.
Type: Array of [Repository](API_Repository.md) objects
## Errors
For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md).
** InvalidParameterException **
The specified parameter is invalid. Review the available parameters for the API request.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** RepositoryNotFoundException **
The specified repository could not be found. Check the spelling of the specified repository and ensure that you are performing operations on the correct registry.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** ServerException **
These errors are usually caused by a server-side issue.
** message **
The error message associated with the exception.
HTTP Status Code: 500
## Examples
In the following example or examples, the Authorization header contents (`AUTHPARAMS`) must be replaced with an AWS Signature Version 4 signature. For more information about creating these signatures, see [Signature Version 4 Signing Process](https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html) in the * AWS General Reference*.
You only need to learn how to sign HTTP requests if you intend to manually create them. When you use the [AWS Command Line Interface (AWS CLI)](http://aws.amazon.com/cli/) or one of the [AWS SDKs](http://aws.amazon.com/tools/) to make requests to AWS, these tools automatically sign the requests for you with the access key that you specify when you configure the tools. When you use these tools, you don't need to learn how to sign requests yourself.
### Example
This example describes the repositories in the default registry for an account.
#### Sample Request
```
POST / HTTP/1.1
Host: api.ecr.us-west-2.amazonaws.com
Accept-Encoding: identity
X-Amz-Target: AmazonEC2ContainerRegistry_V20150921.DescribeRepositories
Content-Type: application/x-amz-json-1.1
User-Agent: aws-cli/1.16.190 Python/3.6.1 Darwin/16.7.0 botocore/1.12.180
X-Amz-Date: 20190715T205400Z
Authorization: AUTHPARAMS
Content-Length: 2
{}
```
#### Sample Response
```
HTTP/1.1 200 OK
x-amzn-RequestId: 123a4b56-7c89-01d2-3ef4-example5678f
Content-Type: application/x-amz-json-1.1
Content-Length: 1061
Connection: keep-alive
{
"repositories":[
{
"createdAt":1.563223656E9,
"imageTagMutability":"MUTABLE",
"registryId":"012345678910",
"repositoryArn":"arn:aws:ecr:us-west-2:012345678910:repository/sample-repo",
"repositoryName":"sample-repo",
"repositoryUri":"012345678910.dkr.ecr.us-west-2.amazonaws.com/sample-repo"
},
{
"createdAt":1.554824595E9,
"imageTagMutability":"IMMUTABLE",
"registryId":"012345678910",
"repositoryArn":"arn:aws:ecr:us-west-2:012345678910:repository/tagging-test",
"repositoryName":"tagging-test",
"repositoryUri":"012345678910.dkr.ecr.us-west-2.amazonaws.com/tagging-test"
}
]
}
```
## See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
+ [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/ecr-2015-09-21/DescribeRepositories)
+ [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/ecr-2015-09-21/DescribeRepositories)
+ [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/ecr-2015-09-21/DescribeRepositories)
+ [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/ecr-2015-09-21/DescribeRepositories)
+ [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/ecr-2015-09-21/DescribeRepositories)
+ [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/ecr-2015-09-21/DescribeRepositories)
+ [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/ecr-2015-09-21/DescribeRepositories)
+ [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/ecr-2015-09-21/DescribeRepositories)
+ [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/ecr-2015-09-21/DescribeRepositories)
+ [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/ecr-2015-09-21/DescribeRepositories)
# DescribeRepositoryCreationTemplates
Returns details about the repository creation templates in a registry. The `prefixes` request parameter can be used to return the details for a specific repository creation template.
## Request Syntax
```
{
"maxResults": number,
"nextToken": "string",
"prefixes": [ "string" ]
}
```
## Request Parameters
For information about the parameters that are common to all actions, see [Common Parameters](CommonParameters.md).
The request accepts the following data in JSON format.
** [maxResults](#API_DescribeRepositoryCreationTemplates_RequestSyntax) **
The maximum number of repository results returned by `DescribeRepositoryCreationTemplatesRequest` in paginated output. When this parameter is used, `DescribeRepositoryCreationTemplatesRequest` only returns `maxResults` results in a single page along with a `nextToken` response element. The remaining results of the initial request can be seen by sending another `DescribeRepositoryCreationTemplatesRequest` request with the returned `nextToken` value. This value can be between 1 and 1000. If this parameter is not used, then `DescribeRepositoryCreationTemplatesRequest` returns up to 100 results and a `nextToken` value, if applicable.
Type: Integer
Valid Range: Minimum value of 1. Maximum value of 1000.
Required: No
** [nextToken](#API_DescribeRepositoryCreationTemplates_RequestSyntax) **
The `nextToken` value returned from a previous paginated `DescribeRepositoryCreationTemplates` request where `maxResults` was used and the results exceeded the value of that parameter. Pagination continues from the end of the previous results that returned the `nextToken` value. This value is `null` when there are no more results to return.
This token should be treated as an opaque identifier that is only used to retrieve the next items in a list and not for other programmatic purposes.
Type: String
Required: No
** [prefixes](#API_DescribeRepositoryCreationTemplates_RequestSyntax) **
The repository namespace prefixes associated with the repository creation templates to describe. If this value is not specified, all repository creation templates are returned.
Type: Array of strings
Length Constraints: Minimum length of 1. Maximum length of 256.
Pattern: `^([a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*(\/[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*)*\/?|ROOT)$`
Required: No
## Response Syntax
```
{
"nextToken": "string",
"registryId": "string",
"repositoryCreationTemplates": [
{
"appliedFor": [ "string" ],
"createdAt": number,
"customRoleArn": "string",
"description": "string",
"encryptionConfiguration": {
"encryptionType": "string",
"kmsKey": "string"
},
"imageTagMutability": "string",
"imageTagMutabilityExclusionFilters": [
{
"filter": "string",
"filterType": "string"
}
],
"lifecyclePolicy": "string",
"prefix": "string",
"repositoryPolicy": "string",
"resourceTags": [
{
"Key": "string",
"Value": "string"
}
],
"updatedAt": number
}
]
}
```
## Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
** [nextToken](#API_DescribeRepositoryCreationTemplates_ResponseSyntax) **
The `nextToken` value to include in a future `DescribeRepositoryCreationTemplates` request. When the results of a `DescribeRepositoryCreationTemplates` request exceed `maxResults`, this value can be used to retrieve the next page of results. This value is `null` when there are no more results to return.
Type: String
** [registryId](#API_DescribeRepositoryCreationTemplates_ResponseSyntax) **
The registry ID associated with the request.
Type: String
Pattern: `[0-9]{12}`
** [repositoryCreationTemplates](#API_DescribeRepositoryCreationTemplates_ResponseSyntax) **
The details of the repository creation templates.
Type: Array of [RepositoryCreationTemplate](API_RepositoryCreationTemplate.md) objects
## Errors
For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md).
** InvalidParameterException **
The specified parameter is invalid. Review the available parameters for the API request.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** ServerException **
These errors are usually caused by a server-side issue.
** message **
The error message associated with the exception.
HTTP Status Code: 500
** ValidationException **
There was an exception validating this request.
HTTP Status Code: 400
## Examples
In the following example or examples, the Authorization header contents (`AUTHPARAMS`) must be replaced with an AWS Signature Version 4 signature. For more information about creating these signatures, see [Signature Version 4 Signing Process](https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html) in the * AWS General Reference*.
You only need to learn how to sign HTTP requests if you intend to manually create them. When you use the [AWS Command Line Interface (AWS CLI)](http://aws.amazon.com/cli/) or one of the [AWS SDKs](http://aws.amazon.com/tools/) to make requests to AWS, these tools automatically sign the requests for you with the access key that you specify when you configure the tools. When you use these tools, you don't need to learn how to sign requests yourself.
### Example
This example describes a repository creation template in the default registry for an account.
#### Sample Request
```
PPOST / HTTP/1.1
Host: ecr.us-west-2.amazonaws.com
Accept-Encoding: identity
Content-Length:240
X-Amz-Target: AmazonEC2ContainerRegistry_V20150921.DescribeRepositoryCreationTemplates
X-Amz-Date: 20231216T195356Z
User-Agent: aws-cli/1.11.22 Python/2.7.12 Darwin/16.3.0 botocore/1.4.79
Content-Type: application/x-amz-json-1.1
Authorization: AUTHPARAMS
{
"prefixes":
[
"eng"
]
}
```
#### Sample Response
```
HTTP/1.1 200 OK
Server: Server
Date: Sat, 16 Dec 2023 19:54:56 GMT
Content-Type: application/x-amz-json-1.1
Content-Length: 1590
Connection: keep-alive
x-amzn-RequestId: 60dc1ea1-c3c9-11e6-aa04-25c3a5fb1b54
{
"registryId": "012345678901",
"repositoryCreationTemplates": [{
"prefix": "eng/test",
"appliedFor": ["PULL_THROUGH_CACHE", "REPLICATION", "CREATE_ON_PUSH"],
"encryptionConfiguration": {
"encryptionType": "AES256"
},
"imageTagMutability": "MUTABLE",
"createdAt": "2023-12-16T17:29:02-07:00",
"updatedAt": "2023-12-16T19:55:02-07:00"
}, {
"prefix": "eng/replication-test",
"appliedFor": ["REPLICATION"],
"encryptionConfiguration": {
"encryptionType": "AES256"
},
"imageTagMutability": "IMMUTABLE",
"createdAt": "2023-12-14T17:29:02-07:00",
"updatedAt": "2023-12-14T19:55:02-07:00"
}]
}
```
## See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
+ [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/ecr-2015-09-21/DescribeRepositoryCreationTemplates)
+ [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/ecr-2015-09-21/DescribeRepositoryCreationTemplates)
+ [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/ecr-2015-09-21/DescribeRepositoryCreationTemplates)
+ [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/ecr-2015-09-21/DescribeRepositoryCreationTemplates)
+ [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/ecr-2015-09-21/DescribeRepositoryCreationTemplates)
+ [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/ecr-2015-09-21/DescribeRepositoryCreationTemplates)
+ [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/ecr-2015-09-21/DescribeRepositoryCreationTemplates)
+ [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/ecr-2015-09-21/DescribeRepositoryCreationTemplates)
+ [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/ecr-2015-09-21/DescribeRepositoryCreationTemplates)
+ [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/ecr-2015-09-21/DescribeRepositoryCreationTemplates)
# GetAccountSetting
Retrieves the account setting value for the specified setting name.
## Request Syntax
```
{
"name": "string"
}
```
## Request Parameters
For information about the parameters that are common to all actions, see [Common Parameters](CommonParameters.md).
The request accepts the following data in JSON format.
** [name](#API_GetAccountSetting_RequestSyntax) **
The name of the account setting, such as `BASIC_SCAN_TYPE_VERSION`, `REGISTRY_POLICY_SCOPE`, or `BLOB_MOUNTING`.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 64.
Required: Yes
## Response Syntax
```
{
"name": "string",
"value": "string"
}
```
## Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
** [name](#API_GetAccountSetting_ResponseSyntax) **
Retrieves the name of the account setting.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 64.
** [value](#API_GetAccountSetting_ResponseSyntax) **
The setting value for the setting name. Valid value for basic scan type: `AWS_NATIVE`. Valid values for registry policy scope: `V1` or `V2`. Valid values for blob mounting: `ENABLED` or `DISABLED`.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 64.
## Errors
For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md).
** InvalidParameterException **
The specified parameter is invalid. Review the available parameters for the API request.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** ServerException **
These errors are usually caused by a server-side issue.
** message **
The error message associated with the exception.
HTTP Status Code: 500
** ValidationException **
There was an exception validating this request.
HTTP Status Code: 400
## Examples
In the following example or examples, the Authorization header contents (`AUTHPARAMS`) must be replaced with an AWS Signature Version 4 signature. For more information about creating these signatures, see [Signature Version 4 Signing Process](https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html) in the * AWS General Reference*.
You only need to learn how to sign HTTP requests if you intend to manually create them. When you use the [AWS Command Line Interface (AWS CLI)](http://aws.amazon.com/cli/) or one of the [AWS SDKs](http://aws.amazon.com/tools/) to make requests to AWS, these tools automatically sign the requests for you with the access key that you specify when you configure the tools. When you use these tools, you don't need to learn how to sign requests yourself.
### Example
This example calls the `BASIC_SCAN_TYPE_VERSION` being used in the registry.
#### Sample Request
```
POST / HTTP/1.1
Host: ecr.us-west-2.amazonaws.com
Accept-Encoding: identity
X-Amz-Target: AmazonEC2ContainerRegistry_V20150921.GetAccountSetting
Content-Type: application/x-amz-json-1.1
User-Agent: aws-cli/1.11.144 Python/3.6.1 Darwin/16.6.0 botocore/1.7.2
X-Amz-Date: 20170901T223937Z
Authorization: AUTHPARAMS
Content-Length: 48
{
aws ecr get-account-setting --name BASIC_SCAN_TYPE_VERSION,
}
```
#### Sample Response
```
HTTP/1.1 200 OK
Server: Server
Date: Fri, 01 Sep 2017 19:42:18 GMT
Content-Type: application/x-amz-json-1.1
Content-Length: 340
Connection: keep-alive
x-amzn-RequestId: 123a4b56-7c89-01d2-3ef4-example5678f
{
"name": "BASIC_SCAN_TYPE_VERSION",
"value": "AWS_NATIVE"
}
```
## See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
+ [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/ecr-2015-09-21/GetAccountSetting)
+ [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/ecr-2015-09-21/GetAccountSetting)
+ [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/ecr-2015-09-21/GetAccountSetting)
+ [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/ecr-2015-09-21/GetAccountSetting)
+ [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/ecr-2015-09-21/GetAccountSetting)
+ [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/ecr-2015-09-21/GetAccountSetting)
+ [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/ecr-2015-09-21/GetAccountSetting)
+ [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/ecr-2015-09-21/GetAccountSetting)
+ [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/ecr-2015-09-21/GetAccountSetting)
+ [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/ecr-2015-09-21/GetAccountSetting)
# GetAuthorizationToken
Retrieves an authorization token. An authorization token represents your IAM authentication credentials and can be used to access any Amazon ECR registry that your IAM principal has access to. The authorization token is valid for 12 hours.
The `authorizationToken` returned is a base64 encoded string that can be decoded and used in a `docker login` command to authenticate to a registry. The AWS CLI offers an `get-login-password` command that simplifies the login process. For more information, see [Registry authentication](https://docs.aws.amazon.com/AmazonECR/latest/userguide/Registries.html#registry_auth) in the *Amazon Elastic Container Registry User Guide*.
## Request Syntax
```
{
"registryIds": [ "string" ]
}
```
## Request Parameters
For information about the parameters that are common to all actions, see [Common Parameters](CommonParameters.md).
The request accepts the following data in JSON format.
** [registryIds](#API_GetAuthorizationToken_RequestSyntax) **
*This parameter has been deprecated.*
A list of AWS account IDs that are associated with the registries for which to get AuthorizationData objects. If you do not specify a registry, the default registry is assumed.
Type: Array of strings
Array Members: Minimum number of 1 item. Maximum number of 10 items.
Pattern: `[0-9]{12}`
Required: No
## Response Syntax
```
{
"authorizationData": [
{
"authorizationToken": "string",
"expiresAt": number,
"proxyEndpoint": "string"
}
]
}
```
## Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
** [authorizationData](#API_GetAuthorizationToken_ResponseSyntax) **
A list of authorization token data objects that correspond to the `registryIds` values in the request.
The size of the authorization token returned by Amazon ECR is not fixed. We recommend that you don't make assumptions about the maximum size.
Type: Array of [AuthorizationData](API_AuthorizationData.md) objects
## Errors
For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md).
** InvalidParameterException **
The specified parameter is invalid. Review the available parameters for the API request.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** ServerException **
These errors are usually caused by a server-side issue.
** message **
The error message associated with the exception.
HTTP Status Code: 500
## Examples
In the following example or examples, the Authorization header contents (`AUTHPARAMS`) must be replaced with an AWS Signature Version 4 signature. For more information about creating these signatures, see [Signature Version 4 Signing Process](https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html) in the * AWS General Reference*.
You only need to learn how to sign HTTP requests if you intend to manually create them. When you use the [AWS Command Line Interface (AWS CLI)](http://aws.amazon.com/cli/) or one of the [AWS SDKs](http://aws.amazon.com/tools/) to make requests to AWS, these tools automatically sign the requests for you with the access key that you specify when you configure the tools. When you use these tools, you don't need to learn how to sign requests yourself.
### Example
This example gets an authorization token for your default registry.
#### Sample Request
```
POST / HTTP/1.1
Host: ecr.us-east-1.amazonaws.com
Accept-Encoding: identity
Content-Length: 2
X-Amz-Target: AmazonEC2ContainerRegistry_V20150921.GetAuthorizationToken
X-Amz-Date: 20220516T185613Z
User-Agent: aws-cli/1.9.9 Python/2.7.10 Darwin/14.5.0 botocore/1.3.9
Content-Type: application/x-amz-json-1.1
Authorization: AUTHPARAMS
{}
```
#### Sample Response
```
HTTP/1.1 200 OK
Server: Server
Date: Sun, 17 May 2022 06:56:13 GMT
Content-Type: application/x-amz-json-1.1
Content-Length: 1590
Connection: keep-alive
x-amzn-RequestId: 123a4b56-7c89-01d2-3ef4-example5678f
{
"authorizationData": [
{
"authorizationToken": "QVdTOkNpQzErSHF1ZXZPcUR...",
"expiresAt": "2022-05-17T06:56:13.652000+00:00",
"proxyEndpoint": "https://012345678910.dkr.ecr.us-east-1.amazonaws.com"
}
]
}
```
## See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
+ [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/ecr-2015-09-21/GetAuthorizationToken)
+ [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/ecr-2015-09-21/GetAuthorizationToken)
+ [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/ecr-2015-09-21/GetAuthorizationToken)
+ [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/ecr-2015-09-21/GetAuthorizationToken)
+ [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/ecr-2015-09-21/GetAuthorizationToken)
+ [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/ecr-2015-09-21/GetAuthorizationToken)
+ [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/ecr-2015-09-21/GetAuthorizationToken)
+ [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/ecr-2015-09-21/GetAuthorizationToken)
+ [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/ecr-2015-09-21/GetAuthorizationToken)
+ [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/ecr-2015-09-21/GetAuthorizationToken)
# GetDownloadUrlForLayer
Retrieves the pre-signed Amazon S3 download URL corresponding to an image layer. You can only get URLs for image layers that are referenced in an image.
When an image is pulled, the GetDownloadUrlForLayer API is called once per image layer that is not already cached.
**Note**
This operation is used by the Amazon ECR proxy and is not generally used by customers for pulling and pushing images. In most cases, you should use the `docker` CLI to pull, tag, and push images.
## Request Syntax
```
{
"layerDigest": "string",
"registryId": "string",
"repositoryName": "string"
}
```
## Request Parameters
For information about the parameters that are common to all actions, see [Common Parameters](CommonParameters.md).
The request accepts the following data in JSON format.
** [layerDigest](#API_GetDownloadUrlForLayer_RequestSyntax) **
The digest of the image layer to download.
Type: String
Pattern: `[a-zA-Z0-9-_+.]+:[a-fA-F0-9]+`
Required: Yes
** [registryId](#API_GetDownloadUrlForLayer_RequestSyntax) **
The AWS account ID associated with the registry that contains the image layer to download. If you do not specify a registry, the default registry is assumed.
Type: String
Pattern: `[0-9]{12}`
Required: No
** [repositoryName](#API_GetDownloadUrlForLayer_RequestSyntax) **
The name of the repository that is associated with the image layer to download.
Type: String
Length Constraints: Minimum length of 2. Maximum length of 256.
Pattern: `[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*(\/[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*)*`
Required: Yes
## Response Syntax
```
{
"downloadUrl": "string",
"layerDigest": "string"
}
```
## Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
** [downloadUrl](#API_GetDownloadUrlForLayer_ResponseSyntax) **
The pre-signed Amazon S3 download URL for the requested layer.
Type: String
** [layerDigest](#API_GetDownloadUrlForLayer_ResponseSyntax) **
The digest of the image layer to download.
Type: String
Pattern: `[a-zA-Z0-9-_+.]+:[a-fA-F0-9]+`
## Errors
For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md).
** InvalidParameterException **
The specified parameter is invalid. Review the available parameters for the API request.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** LayerInaccessibleException **
The specified layer is not available because it is not associated with an image. Unassociated image layers may be cleaned up at any time.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** LayersNotFoundException **
The specified layers could not be found, or the specified layer is not valid for this repository.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** RepositoryNotFoundException **
The specified repository could not be found. Check the spelling of the specified repository and ensure that you are performing operations on the correct registry.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** ServerException **
These errors are usually caused by a server-side issue.
** message **
The error message associated with the exception.
HTTP Status Code: 500
** UnableToGetUpstreamLayerException **
There was an issue getting the upstream layer matching the pull through cache rule.
HTTP Status Code: 400
## See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
+ [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/ecr-2015-09-21/GetDownloadUrlForLayer)
+ [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/ecr-2015-09-21/GetDownloadUrlForLayer)
+ [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/ecr-2015-09-21/GetDownloadUrlForLayer)
+ [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/ecr-2015-09-21/GetDownloadUrlForLayer)
+ [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/ecr-2015-09-21/GetDownloadUrlForLayer)
+ [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/ecr-2015-09-21/GetDownloadUrlForLayer)
+ [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/ecr-2015-09-21/GetDownloadUrlForLayer)
+ [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/ecr-2015-09-21/GetDownloadUrlForLayer)
+ [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/ecr-2015-09-21/GetDownloadUrlForLayer)
+ [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/ecr-2015-09-21/GetDownloadUrlForLayer)
# GetLifecyclePolicy
Retrieves the lifecycle policy for the specified repository.
## Request Syntax
```
{
"registryId": "string",
"repositoryName": "string"
}
```
## Request Parameters
For information about the parameters that are common to all actions, see [Common Parameters](CommonParameters.md).
The request accepts the following data in JSON format.
** [registryId](#API_GetLifecyclePolicy_RequestSyntax) **
The AWS account ID associated with the registry that contains the repository. If you do not specify a registry, the default registry is assumed.
Type: String
Pattern: `[0-9]{12}`
Required: No
** [repositoryName](#API_GetLifecyclePolicy_RequestSyntax) **
The name of the repository.
Type: String
Length Constraints: Minimum length of 2. Maximum length of 256.
Pattern: `[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*(\/[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*)*`
Required: Yes
## Response Syntax
```
{
"lastEvaluatedAt": number,
"lifecyclePolicyText": "string",
"registryId": "string",
"repositoryName": "string"
}
```
## Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
** [lastEvaluatedAt](#API_GetLifecyclePolicy_ResponseSyntax) **
The time stamp of the last time that the lifecycle policy was run.
Type: Timestamp
** [lifecyclePolicyText](#API_GetLifecyclePolicy_ResponseSyntax) **
The JSON lifecycle policy text.
Type: String
Length Constraints: Minimum length of 100. Maximum length of 30720.
** [registryId](#API_GetLifecyclePolicy_ResponseSyntax) **
The registry ID associated with the request.
Type: String
Pattern: `[0-9]{12}`
** [repositoryName](#API_GetLifecyclePolicy_ResponseSyntax) **
The repository name associated with the request.
Type: String
Length Constraints: Minimum length of 2. Maximum length of 256.
Pattern: `[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*(\/[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*)*`
## Errors
For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md).
** InvalidParameterException **
The specified parameter is invalid. Review the available parameters for the API request.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** LifecyclePolicyNotFoundException **
The lifecycle policy could not be found, and no policy is set to the repository.
HTTP Status Code: 400
** RepositoryNotFoundException **
The specified repository could not be found. Check the spelling of the specified repository and ensure that you are performing operations on the correct registry.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** ServerException **
These errors are usually caused by a server-side issue.
** message **
The error message associated with the exception.
HTTP Status Code: 500
** ValidationException **
There was an exception validating this request.
HTTP Status Code: 400
## Examples
In the following example or examples, the Authorization header contents (`AUTHPARAMS`) must be replaced with an AWS Signature Version 4 signature. For more information about creating these signatures, see [Signature Version 4 Signing Process](https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html) in the * AWS General Reference*.
You only need to learn how to sign HTTP requests if you intend to manually create them. When you use the [AWS Command Line Interface (AWS CLI)](http://aws.amazon.com/cli/) or one of the [AWS SDKs](http://aws.amazon.com/tools/) to make requests to AWS, these tools automatically sign the requests for you with the access key that you specify when you configure the tools. When you use these tools, you don't need to learn how to sign requests yourself.
### Example
This example retrieves the lifecycle policy for a repository called `project-a/amazon-ecs-sample` in the default registry for an account.
#### Sample Request
```
POST / HTTP/1.1
Host: ecr.us-west-2.amazonaws.com
Accept-Encoding: identity
X-Amz-Target: AmazonEC2ContainerRegistry_V20150921.GetLifecyclePolicy
Content-Type: application/x-amz-json-1.1
User-Agent: aws-cli/1.11.144 Python/3.6.1 Darwin/16.6.0 botocore/1.7.2
X-Amz-Date: 20170901T210647Z
Authorization: AUTHPARAMS
Content-Length: 48
{
"repositoryName": "project-a/amazon-ecs-sample"
}
```
#### Sample Response
```
HTTP/1.1 200 OK
Server: Server
Date: Fri, 01 Sep 2017 21:06:48 GMT
Content-Type: application/x-amz-json-1.1
Content-Length: 372
Connection: keep-alive
x-amzn-RequestId: 123a4b56-7c89-01d2-3ef4-example5678f
{
"lastEvaluatedAt":1.504295007E9,
"lifecyclePolicyText":"{\"rules\":[{\"rulePriority\":1,\"description\":\"Expire images older than 14 days\",\"selection\":{\"tagStatus\":\"untagged\",\"countType\":\"sinceImagePushed\",\"countUnit\":\"days\",\"countNumber\":14},\"action\":{\"type\":\"expire\"}}]}",
"registryId":"012345678910",
"repositoryName":"project-a/amazon-ecs-sample"
}
```
## See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
+ [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/ecr-2015-09-21/GetLifecyclePolicy)
+ [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/ecr-2015-09-21/GetLifecyclePolicy)
+ [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/ecr-2015-09-21/GetLifecyclePolicy)
+ [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/ecr-2015-09-21/GetLifecyclePolicy)
+ [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/ecr-2015-09-21/GetLifecyclePolicy)
+ [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/ecr-2015-09-21/GetLifecyclePolicy)
+ [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/ecr-2015-09-21/GetLifecyclePolicy)
+ [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/ecr-2015-09-21/GetLifecyclePolicy)
+ [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/ecr-2015-09-21/GetLifecyclePolicy)
+ [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/ecr-2015-09-21/GetLifecyclePolicy)
# GetLifecyclePolicyPreview
Retrieves the results of the lifecycle policy preview request for the specified repository.
## Request Syntax
```
{
"filter": {
"tagStatus": "string"
},
"imageIds": [
{
"imageDigest": "string",
"imageTag": "string"
}
],
"maxResults": number,
"nextToken": "string",
"registryId": "string",
"repositoryName": "string"
}
```
## Request Parameters
For information about the parameters that are common to all actions, see [Common Parameters](CommonParameters.md).
The request accepts the following data in JSON format.
** [filter](#API_GetLifecyclePolicyPreview_RequestSyntax) **
An optional parameter that filters results based on image tag status and all tags, if tagged.
Type: [LifecyclePolicyPreviewFilter](API_LifecyclePolicyPreviewFilter.md) object
Required: No
** [imageIds](#API_GetLifecyclePolicyPreview_RequestSyntax) **
The list of imageIDs to be included.
Type: Array of [ImageIdentifier](API_ImageIdentifier.md) objects
Array Members: Minimum number of 1 item. Maximum number of 100 items.
Required: No
** [maxResults](#API_GetLifecyclePolicyPreview_RequestSyntax) **
The maximum number of repository results returned by `GetLifecyclePolicyPreviewRequest` in
paginated output. When this parameter is used, `GetLifecyclePolicyPreviewRequest` only returns
`maxResults` results in a single page along with a `nextToken`
response element. The remaining results of the initial request can be seen by sending
another `GetLifecyclePolicyPreviewRequest` request with the returned `nextToken`
value. This value can be between 1 and 100. If this
parameter is not used, then `GetLifecyclePolicyPreviewRequest` returns up to
100 results and a `nextToken` value, if
applicable. This option cannot be used when you specify images with `imageIds`.
Type: Integer
Valid Range: Minimum value of 1. Maximum value of 100.
Required: No
** [nextToken](#API_GetLifecyclePolicyPreview_RequestSyntax) **
The `nextToken` value returned from a previous paginated
`GetLifecyclePolicyPreviewRequest` request where `maxResults` was used and the
results exceeded the value of that parameter. Pagination continues from the end of the
previous results that returned the `nextToken` value. This value is
`null` when there are no more results to return. This option cannot be used when you specify images with `imageIds`.
Type: String
Required: No
** [registryId](#API_GetLifecyclePolicyPreview_RequestSyntax) **
The AWS account ID associated with the registry that contains the repository. If you do not specify a registry, the default registry is assumed.
Type: String
Pattern: `[0-9]{12}`
Required: No
** [repositoryName](#API_GetLifecyclePolicyPreview_RequestSyntax) **
The name of the repository.
Type: String
Length Constraints: Minimum length of 2. Maximum length of 256.
Pattern: `[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*(\/[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*)*`
Required: Yes
## Response Syntax
```
{
"lifecyclePolicyText": "string",
"nextToken": "string",
"previewResults": [
{
"action": {
"targetStorageClass": "string",
"type": "string"
},
"appliedRulePriority": number,
"imageDigest": "string",
"imagePushedAt": number,
"imageTags": [ "string" ],
"storageClass": "string"
}
],
"registryId": "string",
"repositoryName": "string",
"status": "string",
"summary": {
"expiringImageTotalCount": number,
"transitioningImageTotalCounts": [
{
"imageTotalCount": number,
"targetStorageClass": "string"
}
]
}
}
```
## Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
** [lifecyclePolicyText](#API_GetLifecyclePolicyPreview_ResponseSyntax) **
The JSON lifecycle policy text.
Type: String
Length Constraints: Minimum length of 100. Maximum length of 30720.
** [nextToken](#API_GetLifecyclePolicyPreview_ResponseSyntax) **
The `nextToken` value to include in a future `GetLifecyclePolicyPreview` request. When the results of a `GetLifecyclePolicyPreview` request exceed `maxResults`, this value can be used to retrieve the next page of results. This value is `null` when there are no more results to return.
Type: String
** [previewResults](#API_GetLifecyclePolicyPreview_ResponseSyntax) **
The results of the lifecycle policy preview request.
Type: Array of [LifecyclePolicyPreviewResult](API_LifecyclePolicyPreviewResult.md) objects
** [registryId](#API_GetLifecyclePolicyPreview_ResponseSyntax) **
The registry ID associated with the request.
Type: String
Pattern: `[0-9]{12}`
** [repositoryName](#API_GetLifecyclePolicyPreview_ResponseSyntax) **
The repository name associated with the request.
Type: String
Length Constraints: Minimum length of 2. Maximum length of 256.
Pattern: `[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*(\/[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*)*`
** [status](#API_GetLifecyclePolicyPreview_ResponseSyntax) **
The status of the lifecycle policy preview request.
Type: String
Valid Values: `IN_PROGRESS | COMPLETE | EXPIRED | FAILED`
** [summary](#API_GetLifecyclePolicyPreview_ResponseSyntax) **
The list of images that is returned as a result of the action.
Type: [LifecyclePolicyPreviewSummary](API_LifecyclePolicyPreviewSummary.md) object
## Errors
For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md).
** InvalidParameterException **
The specified parameter is invalid. Review the available parameters for the API request.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** LifecyclePolicyPreviewNotFoundException **
There is no dry run for this repository.
HTTP Status Code: 400
** RepositoryNotFoundException **
The specified repository could not be found. Check the spelling of the specified repository and ensure that you are performing operations on the correct registry.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** ServerException **
These errors are usually caused by a server-side issue.
** message **
The error message associated with the exception.
HTTP Status Code: 500
** ValidationException **
There was an exception validating this request.
HTTP Status Code: 400
## Examples
In the following example or examples, the Authorization header contents (`AUTHPARAMS`) must be replaced with an AWS Signature Version 4 signature. For more information about creating these signatures, see [Signature Version 4 Signing Process](https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html) in the * AWS General Reference*.
You only need to learn how to sign HTTP requests if you intend to manually create them. When you use the [AWS Command Line Interface (AWS CLI)](http://aws.amazon.com/cli/) or one of the [AWS SDKs](http://aws.amazon.com/tools/) to make requests to AWS, these tools automatically sign the requests for you with the access key that you specify when you configure the tools. When you use these tools, you don't need to learn how to sign requests yourself.
### Example
This example retrieves the result of a lifecycle policy preview for a repository called `project-a/amazon-ecs-sample` in the default registry for an account.
#### Sample Request
```
POST / HTTP/1.1
Host: ecr.us-west-2.amazonaws.com
Accept-Encoding: identity
X-Amz-Target: AmazonEC2ContainerRegistry_V20150921.GetLifecyclePolicyPreview
Content-Type: application/x-amz-json-1.1
User-Agent: aws-cli/1.11.144 Python/3.6.1 Darwin/16.6.0 botocore/1.7.2
X-Amz-Date: 20170901T222304Z
Authorization: AUTHPARAMS
Content-Length: 48
{
"repositoryName": "project-a/amazon-ecs-sample"
}
```
#### Sample Response
```
HTTP/1.1 200 OK
Server: Server
Date: Fri, 01 Sep 2017 22:23:06 GMT
Content-Type: application/x-amz-json-1.1
Content-Length: 640
Connection: keep-alive
x-amzn-RequestId: 123a4b56-7c89-01d2-3ef4-example5678f
{
"lifecyclePolicyText":"{\n \"rules\": [\n {\n \"rulePriority\": 1,\n \"description\": \"Expire images older than 14 days\",\n \"selection\": {\n \"tagStatus\": \"untagged\",\n \"countType\": \"sinceImagePushed\",\n \"countUnit\": \"days\",\n \"countNumber\": 14\n },\n \"action\": {\n \"type\": \"expire\"\n }\n }\n ]\n}\n",
"previewResults":[],
"registryId":"012345678910",
"repositoryName":"project-a/amazon-ecs-sample",
"status":"COMPLETE",
"summary":{"expiringImageTotalCount":0}
}
```
## See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
+ [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/ecr-2015-09-21/GetLifecyclePolicyPreview)
+ [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/ecr-2015-09-21/GetLifecyclePolicyPreview)
+ [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/ecr-2015-09-21/GetLifecyclePolicyPreview)
+ [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/ecr-2015-09-21/GetLifecyclePolicyPreview)
+ [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/ecr-2015-09-21/GetLifecyclePolicyPreview)
+ [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/ecr-2015-09-21/GetLifecyclePolicyPreview)
+ [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/ecr-2015-09-21/GetLifecyclePolicyPreview)
+ [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/ecr-2015-09-21/GetLifecyclePolicyPreview)
+ [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/ecr-2015-09-21/GetLifecyclePolicyPreview)
+ [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/ecr-2015-09-21/GetLifecyclePolicyPreview)
# GetRegistryPolicy
Retrieves the permissions policy for a registry.
## Response Syntax
```
{
"policyText": "string",
"registryId": "string"
}
```
## Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
** [policyText](#API_GetRegistryPolicy_ResponseSyntax) **
The JSON text of the permissions policy for a registry.
Type: String
Length Constraints: Minimum length of 0. Maximum length of 10240.
** [registryId](#API_GetRegistryPolicy_ResponseSyntax) **
The registry ID associated with the request.
Type: String
Pattern: `[0-9]{12}`
## Errors
For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md).
** InvalidParameterException **
The specified parameter is invalid. Review the available parameters for the API request.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** RegistryPolicyNotFoundException **
The registry doesn't have an associated registry policy.
HTTP Status Code: 400
** ServerException **
These errors are usually caused by a server-side issue.
** message **
The error message associated with the exception.
HTTP Status Code: 500
** ValidationException **
There was an exception validating this request.
HTTP Status Code: 400
## See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
+ [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/ecr-2015-09-21/GetRegistryPolicy)
+ [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/ecr-2015-09-21/GetRegistryPolicy)
+ [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/ecr-2015-09-21/GetRegistryPolicy)
+ [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/ecr-2015-09-21/GetRegistryPolicy)
+ [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/ecr-2015-09-21/GetRegistryPolicy)
+ [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/ecr-2015-09-21/GetRegistryPolicy)
+ [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/ecr-2015-09-21/GetRegistryPolicy)
+ [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/ecr-2015-09-21/GetRegistryPolicy)
+ [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/ecr-2015-09-21/GetRegistryPolicy)
+ [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/ecr-2015-09-21/GetRegistryPolicy)
# GetRegistryScanningConfiguration
Retrieves the scanning configuration for a registry.
## Response Syntax
```
{
"registryId": "string",
"scanningConfiguration": {
"rules": [
{
"repositoryFilters": [
{
"filter": "string",
"filterType": "string"
}
],
"scanFrequency": "string"
}
],
"scanType": "string"
}
}
```
## Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
** [registryId](#API_GetRegistryScanningConfiguration_ResponseSyntax) **
The registry ID associated with the request.
Type: String
Pattern: `[0-9]{12}`
** [scanningConfiguration](#API_GetRegistryScanningConfiguration_ResponseSyntax) **
The scanning configuration for the registry.
Type: [RegistryScanningConfiguration](API_RegistryScanningConfiguration.md) object
## Errors
For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md).
** InvalidParameterException **
The specified parameter is invalid. Review the available parameters for the API request.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** ServerException **
These errors are usually caused by a server-side issue.
** message **
The error message associated with the exception.
HTTP Status Code: 500
** ValidationException **
There was an exception validating this request.
HTTP Status Code: 400
## See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
+ [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/ecr-2015-09-21/GetRegistryScanningConfiguration)
+ [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/ecr-2015-09-21/GetRegistryScanningConfiguration)
+ [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/ecr-2015-09-21/GetRegistryScanningConfiguration)
+ [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/ecr-2015-09-21/GetRegistryScanningConfiguration)
+ [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/ecr-2015-09-21/GetRegistryScanningConfiguration)
+ [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/ecr-2015-09-21/GetRegistryScanningConfiguration)
+ [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/ecr-2015-09-21/GetRegistryScanningConfiguration)
+ [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/ecr-2015-09-21/GetRegistryScanningConfiguration)
+ [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/ecr-2015-09-21/GetRegistryScanningConfiguration)
+ [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/ecr-2015-09-21/GetRegistryScanningConfiguration)
# GetRepositoryPolicy
Retrieves the repository policy for the specified repository.
## Request Syntax
```
{
"registryId": "string",
"repositoryName": "string"
}
```
## Request Parameters
For information about the parameters that are common to all actions, see [Common Parameters](CommonParameters.md).
The request accepts the following data in JSON format.
** [registryId](#API_GetRepositoryPolicy_RequestSyntax) **
The AWS account ID associated with the registry that contains the repository. If you do not specify a registry, the default registry is assumed.
Type: String
Pattern: `[0-9]{12}`
Required: No
** [repositoryName](#API_GetRepositoryPolicy_RequestSyntax) **
The name of the repository with the policy to retrieve.
Type: String
Length Constraints: Minimum length of 2. Maximum length of 256.
Pattern: `[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*(\/[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*)*`
Required: Yes
## Response Syntax
```
{
"policyText": "string",
"registryId": "string",
"repositoryName": "string"
}
```
## Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
** [policyText](#API_GetRepositoryPolicy_ResponseSyntax) **
The JSON repository policy text associated with the repository.
Type: String
Length Constraints: Minimum length of 0. Maximum length of 10240.
** [registryId](#API_GetRepositoryPolicy_ResponseSyntax) **
The registry ID associated with the request.
Type: String
Pattern: `[0-9]{12}`
** [repositoryName](#API_GetRepositoryPolicy_ResponseSyntax) **
The repository name associated with the request.
Type: String
Length Constraints: Minimum length of 2. Maximum length of 256.
Pattern: `[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*(\/[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*)*`
## Errors
For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md).
** InvalidParameterException **
The specified parameter is invalid. Review the available parameters for the API request.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** RepositoryNotFoundException **
The specified repository could not be found. Check the spelling of the specified repository and ensure that you are performing operations on the correct registry.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** RepositoryPolicyNotFoundException **
The specified repository and registry combination does not have an associated repository policy.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** ServerException **
These errors are usually caused by a server-side issue.
** message **
The error message associated with the exception.
HTTP Status Code: 500
## Examples
In the following example or examples, the Authorization header contents (`AUTHPARAMS`) must be replaced with an AWS Signature Version 4 signature. For more information about creating these signatures, see [Signature Version 4 Signing Process](https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html) in the * AWS General Reference*.
You only need to learn how to sign HTTP requests if you intend to manually create them. When you use the [AWS Command Line Interface (AWS CLI)](http://aws.amazon.com/cli/) or one of the [AWS SDKs](http://aws.amazon.com/tools/) to make requests to AWS, these tools automatically sign the requests for you with the access key that you specify when you configure the tools. When you use these tools, you don't need to learn how to sign requests yourself.
### Example
This example gets the repository policy for the `ubuntu` repository.
#### Sample Request
```
POST / HTTP/1.1
Host: ecr.us-east-1.amazonaws.com
Accept-Encoding: identity
Content-Length: 28
X-Amz-Target: AmazonEC2ContainerRegistry_V20150921.GetRepositoryPolicy
X-Amz-Date: 20151215T002404Z
User-Agent: aws-cli/1.9.10 Python/2.7.10 Darwin/14.5.0 botocore/1.3.10
Content-Type: application/x-amz-json-1.1
Authorization: AUTHPARAMS
{
"repositoryName": "ubuntu"
}
```
#### Sample Response
```
HTTP/1.1 200 OK
Server: Server
Date: Tue, 15 Dec 2015 00:24:04 GMT
Content-Type: application/x-amz-json-1.1
Content-Length: 301
Connection: keep-alive
x-amzn-RequestId: 25da0b72-a2c2-11e5-8543-ebda6fb1393b
{
"policyText": "{\n \"Version\" : \"2012-10-17\",\n \"Statement\" : [ {\n \"Sid\" : \"AllowPull\",\n \"Effect\" : \"Allow\",\n \"Principal\" : \"*\",\n \"Action\" : [ \"ecr:BatchGetImage\", \"ecr:GetDownloadUrlForLayer\" ]\n } ]\n}",
"registryId": "012345678910",
"repositoryName": "ubuntu"
}
```
## See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
+ [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/ecr-2015-09-21/GetRepositoryPolicy)
+ [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/ecr-2015-09-21/GetRepositoryPolicy)
+ [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/ecr-2015-09-21/GetRepositoryPolicy)
+ [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/ecr-2015-09-21/GetRepositoryPolicy)
+ [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/ecr-2015-09-21/GetRepositoryPolicy)
+ [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/ecr-2015-09-21/GetRepositoryPolicy)
+ [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/ecr-2015-09-21/GetRepositoryPolicy)
+ [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/ecr-2015-09-21/GetRepositoryPolicy)
+ [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/ecr-2015-09-21/GetRepositoryPolicy)
+ [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/ecr-2015-09-21/GetRepositoryPolicy)
# GetSigningConfiguration
Retrieves the registry's signing configuration, which defines rules for automatically signing images using AWS Signer.
For more information, see [Managed signing](https://docs.aws.amazon.com/AmazonECR/latest/userguide/managed-signing.html) in the *Amazon Elastic Container Registry User Guide*.
## Response Syntax
```
{
"registryId": "string",
"signingConfiguration": {
"rules": [
{
"repositoryFilters": [
{
"filter": "string",
"filterType": "string"
}
],
"signingProfileArn": "string"
}
]
}
}
```
## Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
** [registryId](#API_GetSigningConfiguration_ResponseSyntax) **
The AWS account ID associated with the registry.
Type: String
Pattern: `[0-9]{12}`
** [signingConfiguration](#API_GetSigningConfiguration_ResponseSyntax) **
The registry's signing configuration.
Type: [SigningConfiguration](API_SigningConfiguration.md) object
## Errors
For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md).
** InvalidParameterException **
The specified parameter is invalid. Review the available parameters for the API request.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** ServerException **
These errors are usually caused by a server-side issue.
** message **
The error message associated with the exception.
HTTP Status Code: 500
** SigningConfigurationNotFoundException **
The specified signing configuration was not found. This occurs when attempting to retrieve or delete a signing configuration that does not exist.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** ValidationException **
There was an exception validating this request.
HTTP Status Code: 400
## See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
+ [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/ecr-2015-09-21/GetSigningConfiguration)
+ [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/ecr-2015-09-21/GetSigningConfiguration)
+ [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/ecr-2015-09-21/GetSigningConfiguration)
+ [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/ecr-2015-09-21/GetSigningConfiguration)
+ [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/ecr-2015-09-21/GetSigningConfiguration)
+ [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/ecr-2015-09-21/GetSigningConfiguration)
+ [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/ecr-2015-09-21/GetSigningConfiguration)
+ [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/ecr-2015-09-21/GetSigningConfiguration)
+ [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/ecr-2015-09-21/GetSigningConfiguration)
+ [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/ecr-2015-09-21/GetSigningConfiguration)
# InitiateLayerUpload
Notifies Amazon ECR that you intend to upload an image layer.
When an image is pushed, the InitiateLayerUpload API is called once per image layer that has not already been uploaded. Whether or not an image layer has been uploaded is determined by the BatchCheckLayerAvailability API action.
**Note**
This operation is used by the Amazon ECR proxy and is not generally used by customers for pulling and pushing images. In most cases, you should use the `docker` CLI to pull, tag, and push images.
## Request Syntax
```
{
"registryId": "string",
"repositoryName": "string"
}
```
## Request Parameters
For information about the parameters that are common to all actions, see [Common Parameters](CommonParameters.md).
The request accepts the following data in JSON format.
** [registryId](#API_InitiateLayerUpload_RequestSyntax) **
The AWS account ID associated with the registry to which you intend to upload layers. If you do not specify a registry, the default registry is assumed.
Type: String
Pattern: `[0-9]{12}`
Required: No
** [repositoryName](#API_InitiateLayerUpload_RequestSyntax) **
The name of the repository to which you intend to upload layers.
Type: String
Length Constraints: Minimum length of 2. Maximum length of 256.
Pattern: `[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*(\/[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*)*`
Required: Yes
## Response Syntax
```
{
"partSize": number,
"uploadId": "string"
}
```
## Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
** [partSize](#API_InitiateLayerUpload_ResponseSyntax) **
The size, in bytes, that Amazon ECR expects future layer part uploads to be.
Type: Long
Valid Range: Minimum value of 0.
** [uploadId](#API_InitiateLayerUpload_ResponseSyntax) **
The upload ID for the layer upload. This parameter is passed to further [UploadLayerPart](API_UploadLayerPart.md) and [CompleteLayerUpload](API_CompleteLayerUpload.md) operations.
Type: String
Pattern: `[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}`
## Errors
For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md).
** InvalidParameterException **
The specified parameter is invalid. Review the available parameters for the API request.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** KmsException **
The operation failed due to a KMS exception.
** kmsError **
The error code returned by AWS KMS.
HTTP Status Code: 400
** RepositoryNotFoundException **
The specified repository could not be found. Check the spelling of the specified repository and ensure that you are performing operations on the correct registry.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** ServerException **
These errors are usually caused by a server-side issue.
** message **
The error message associated with the exception.
HTTP Status Code: 500
## See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
+ [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/ecr-2015-09-21/InitiateLayerUpload)
+ [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/ecr-2015-09-21/InitiateLayerUpload)
+ [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/ecr-2015-09-21/InitiateLayerUpload)
+ [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/ecr-2015-09-21/InitiateLayerUpload)
+ [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/ecr-2015-09-21/InitiateLayerUpload)
+ [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/ecr-2015-09-21/InitiateLayerUpload)
+ [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/ecr-2015-09-21/InitiateLayerUpload)
+ [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/ecr-2015-09-21/InitiateLayerUpload)
+ [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/ecr-2015-09-21/InitiateLayerUpload)
+ [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/ecr-2015-09-21/InitiateLayerUpload)
# ListImageReferrers
Lists the artifacts associated with a specified subject image.
**Note**
The IAM principal invoking this operation must have the `ecr:BatchGetImage` permission.
## Request Syntax
```
{
"filter": {
"artifactStatus": "string",
"artifactTypes": [ "string" ]
},
"maxResults": number,
"nextToken": "string",
"registryId": "string",
"repositoryName": "string",
"subjectId": {
"imageDigest": "string"
}
}
```
## Request Parameters
For information about the parameters that are common to all actions, see [Common Parameters](CommonParameters.md).
The request accepts the following data in JSON format.
** [filter](#API_ListImageReferrers_RequestSyntax) **
The filter key and value with which to filter your `ListImageReferrers` results. If no filter is specified, only artifacts with `ACTIVE` status are returned.
Type: [ListImageReferrersFilter](API_ListImageReferrersFilter.md) object
Required: No
** [maxResults](#API_ListImageReferrers_RequestSyntax) **
The maximum number of image referrer results returned by `ListImageReferrers` in paginated output. When this parameter is used, `ListImageReferrers` only returns `maxResults` results in a single page along with a `nextToken` response element. The remaining results of the initial request can be seen by sending another `ListImageReferrers` request with the returned `nextToken` value. This value can be between 1 and 50. If this parameter is not used, then `ListImageReferrers` returns up to 50 results and a `nextToken` value, if applicable.
Type: Integer
Valid Range: Minimum value of 1. Maximum value of 50.
Required: No
** [nextToken](#API_ListImageReferrers_RequestSyntax) **
The `nextToken` value returned from a previous paginated `ListImageReferrers` request where `maxResults` was used and the results exceeded the value of that parameter. Pagination continues from the end of the previous results that returned the `nextToken` value. This value is `null` when there are no more results to return.
This token should be treated as an opaque identifier that is only used to retrieve the next items in a list and not for other programmatic purposes.
Type: String
Required: No
** [registryId](#API_ListImageReferrers_RequestSyntax) **
The AWS account ID associated with the registry that contains the repository in which to list image referrers. If you do not specify a registry, the default registry is assumed.
Type: String
Pattern: `[0-9]{12}`
Required: No
** [repositoryName](#API_ListImageReferrers_RequestSyntax) **
The name of the repository that contains the subject image.
Type: String
Length Constraints: Minimum length of 2. Maximum length of 256.
Pattern: `[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*(\/[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*)*`
Required: Yes
** [subjectId](#API_ListImageReferrers_RequestSyntax) **
An object containing the image digest of the subject image for which to retrieve associated artifacts.
Type: [SubjectIdentifier](API_SubjectIdentifier.md) object
Required: Yes
## Response Syntax
```
{
"nextToken": "string",
"referrers": [
{
"annotations": {
"string" : "string"
},
"artifactStatus": "string",
"artifactType": "string",
"digest": "string",
"mediaType": "string",
"size": number
}
]
}
```
## Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
** [nextToken](#API_ListImageReferrers_ResponseSyntax) **
The `nextToken` value to include in a future `ListImageReferrers` request. When the results of a `ListImageReferrers` request exceed `maxResults`, this value can be used to retrieve the next page of results. This value is `null` when there are no more results to return.
Type: String
** [referrers](#API_ListImageReferrers_ResponseSyntax) **
The list of artifacts associated with the subject image.
Type: Array of [ImageReferrer](API_ImageReferrer.md) objects
## Errors
For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md).
** InvalidParameterException **
The specified parameter is invalid. Review the available parameters for the API request.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** RepositoryNotFoundException **
The specified repository could not be found. Check the spelling of the specified repository and ensure that you are performing operations on the correct registry.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** ServerException **
These errors are usually caused by a server-side issue.
** message **
The error message associated with the exception.
HTTP Status Code: 500
** ValidationException **
There was an exception validating this request.
HTTP Status Code: 400
## Examples
In the following example or examples, the Authorization header contents (`AUTHPARAMS`) must be replaced with an AWS Signature Version 4 signature. For more information about creating these signatures, see [Signature Version 4 Signing Process](https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html) in the * AWS General Reference*.
You only need to learn how to sign HTTP requests if you intend to manually create them. When you use the [AWS Command Line Interface (AWS CLI)](http://aws.amazon.com/cli/) or one of the [AWS SDKs](http://aws.amazon.com/tools/) to make requests to AWS, these tools automatically sign the requests for you with the access key that you specify when you configure the tools. When you use these tools, you don't need to learn how to sign requests yourself.
### To list artifacts associated with a subject image
This example lists all artifacts (such as Sigstore signatures) that reference a specific container image in the `sample-repo` repository.
#### Sample Request
```
POST / HTTP/1.1
Host: api.ecr.us-west-2.amazonaws.com
Accept-Encoding: identity
X-Amz-Target: AmazonEC2ContainerRegistry_V20150921.ListImageReferrers
Content-Type: application/x-amz-json-1.1
User-Agent: aws-cli/2.0 Python/3.8.0 Darwin/20.0.0 botocore/2.0.0
X-Amz-Date: 20251117T220033Z
Authorization: AUTHPARAMS
Content-Length: 150
{
"repositoryName": "sample-repo",
"subjectId": {
"imageDigest": "sha256:943e640159415616581703a53fa4ed87e96740655fd67daf2d2146a35337bce5"
}
}
```
#### Sample Response
```
HTTP/1.1 200 OK
x-amzn-RequestId: 123a4b56-7c89-01d2-3ef4-example5678f
Content-Type: application/x-amz-json-1.1
Content-Length: 470
Connection: keep-alive
{
"referrers": [
{
"digest": "sha256:270c60be5b6ed41e6e7c505ac0c4e2577748affc14147bcba76b533604dc7a07",
"mediaType": "application/vnd.oci.image.manifest.v1+json",
"artifactType": "application/vnd.dev.sigstore.bundle.v0.3+json",
"size": 888,
"annotations": {
"dev.sigstore.bundle.predicateType": "https://sigstore.dev/cosign/sign/v1",
"dev.sigstore.bundle.content": "dsse-envelope",
"org.opencontainers.image.created": "2025-11-17T22:00:33Z"
},
"artifactStatus": "ACTIVE"
}
]
}
```
## See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
+ [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/ecr-2015-09-21/ListImageReferrers)
+ [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/ecr-2015-09-21/ListImageReferrers)
+ [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/ecr-2015-09-21/ListImageReferrers)
+ [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/ecr-2015-09-21/ListImageReferrers)
+ [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/ecr-2015-09-21/ListImageReferrers)
+ [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/ecr-2015-09-21/ListImageReferrers)
+ [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/ecr-2015-09-21/ListImageReferrers)
+ [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/ecr-2015-09-21/ListImageReferrers)
+ [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/ecr-2015-09-21/ListImageReferrers)
+ [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/ecr-2015-09-21/ListImageReferrers)
# ListImages
Lists all the image IDs for the specified repository.
You can filter images based on whether or not they are tagged by using the `tagStatus` filter and specifying either `TAGGED`, `UNTAGGED` or `ANY`. For example, you can filter your results to return only `UNTAGGED` images and then pipe that result to a [BatchDeleteImage](API_BatchDeleteImage.md) operation to delete them. Or, you can filter your results to return only `TAGGED` images to list all of the tags in your repository.
## Request Syntax
```
{
"filter": {
"imageStatus": "string",
"tagStatus": "string"
},
"maxResults": number,
"nextToken": "string",
"registryId": "string",
"repositoryName": "string"
}
```
## Request Parameters
For information about the parameters that are common to all actions, see [Common Parameters](CommonParameters.md).
The request accepts the following data in JSON format.
** [filter](#API_ListImages_RequestSyntax) **
The filter key and value with which to filter your `ListImages` results.
Type: [ListImagesFilter](API_ListImagesFilter.md) object
Required: No
** [maxResults](#API_ListImages_RequestSyntax) **
The maximum number of image results returned by `ListImages` in paginated output. When this parameter is used, `ListImages` only returns `maxResults` results in a single page along with a `nextToken` response element. The remaining results of the initial request can be seen by sending another `ListImages` request with the returned `nextToken` value. This value can be between 1 and 1000. If this parameter is not used, then `ListImages` returns up to 100 results and a `nextToken` value, if applicable.
Type: Integer
Valid Range: Minimum value of 1. Maximum value of 1000.
Required: No
** [nextToken](#API_ListImages_RequestSyntax) **
The `nextToken` value returned from a previous paginated `ListImages` request where `maxResults` was used and the results exceeded the value of that parameter. Pagination continues from the end of the previous results that returned the `nextToken` value. This value is `null` when there are no more results to return.
This token should be treated as an opaque identifier that is only used to retrieve the next items in a list and not for other programmatic purposes.
Type: String
Required: No
** [registryId](#API_ListImages_RequestSyntax) **
The AWS account ID associated with the registry that contains the repository in which to list images. If you do not specify a registry, the default registry is assumed.
Type: String
Pattern: `[0-9]{12}`
Required: No
** [repositoryName](#API_ListImages_RequestSyntax) **
The repository with image IDs to be listed.
Type: String
Length Constraints: Minimum length of 2. Maximum length of 256.
Pattern: `[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*(\/[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*)*`
Required: Yes
## Response Syntax
```
{
"imageIds": [
{
"imageDigest": "string",
"imageTag": "string"
}
],
"nextToken": "string"
}
```
## Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
** [imageIds](#API_ListImages_ResponseSyntax) **
The list of image IDs for the requested repository.
Type: Array of [ImageIdentifier](API_ImageIdentifier.md) objects
Array Members: Minimum number of 1 item. Maximum number of 100 items.
** [nextToken](#API_ListImages_ResponseSyntax) **
The `nextToken` value to include in a future `ListImages` request. When the results of a `ListImages` request exceed `maxResults`, this value can be used to retrieve the next page of results. This value is `null` when there are no more results to return.
Type: String
## Errors
For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md).
** InvalidParameterException **
The specified parameter is invalid. Review the available parameters for the API request.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** RepositoryNotFoundException **
The specified repository could not be found. Check the spelling of the specified repository and ensure that you are performing operations on the correct registry.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** ServerException **
These errors are usually caused by a server-side issue.
** message **
The error message associated with the exception.
HTTP Status Code: 500
## Examples
In the following example or examples, the Authorization header contents (`AUTHPARAMS`) must be replaced with an AWS Signature Version 4 signature. For more information about creating these signatures, see [Signature Version 4 Signing Process](https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html) in the * AWS General Reference*.
You only need to learn how to sign HTTP requests if you intend to manually create them. When you use the [AWS Command Line Interface (AWS CLI)](http://aws.amazon.com/cli/) or one of the [AWS SDKs](http://aws.amazon.com/tools/) to make requests to AWS, these tools automatically sign the requests for you with the access key that you specify when you configure the tools. When you use these tools, you don't need to learn how to sign requests yourself.
### Example
This example lists all of the images in the `amazonlinux` repository.
#### Sample Request
```
POST / HTTP/1.1
Host: ecr.us-west-2.amazonaws.com
Accept-Encoding: identity
Content-Length: 33
X-Amz-Target: AmazonEC2ContainerRegistry_V20150921.ListImages
X-Amz-Date: 20161216T200542Z
User-Agent: aws-cli/1.11.22 Python/2.7.12 Darwin/16.3.0 botocore/1.4.79
Content-Type: application/x-amz-json-1.1
Authorization: AWUTHPARAMS
{
"repositoryName": "amazonlinux"
}
```
#### Sample Response
```
HTTP/1.1 200 OK
Server: Server
Date: Fri, 16 Dec 2016 20:05:42 GMT
Content-Type: application/x-amz-json-1.1
Content-Length: 235
Connection: keep-alive
x-amzn-RequestId: 05bfc4ac-c3cb-11e6-99fb-b1be070cc24b
{
"imageIds": [
{
"imageDigest": "sha256:f1d4ae3f7261a72e98c6ebefe9985cf10a0ea5bd762585a43e0700ed99863807",
"imageTag": "2016.09"
},
{
"imageDigest": "sha256:f1d4ae3f7261a72e98c6ebefe9985cf10a0ea5bd762585a43e0700ed99863807",
"imageTag": "latest"
}
]
}
```
## See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
+ [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/ecr-2015-09-21/ListImages)
+ [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/ecr-2015-09-21/ListImages)
+ [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/ecr-2015-09-21/ListImages)
+ [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/ecr-2015-09-21/ListImages)
+ [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/ecr-2015-09-21/ListImages)
+ [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/ecr-2015-09-21/ListImages)
+ [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/ecr-2015-09-21/ListImages)
+ [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/ecr-2015-09-21/ListImages)
+ [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/ecr-2015-09-21/ListImages)
+ [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/ecr-2015-09-21/ListImages)
# ListPullTimeUpdateExclusions
Lists the IAM principals that are excluded from having their image pull times recorded.
## Request Syntax
```
{
"maxResults": number,
"nextToken": "string"
}
```
## Request Parameters
For information about the parameters that are common to all actions, see [Common Parameters](CommonParameters.md).
The request accepts the following data in JSON format.
** [maxResults](#API_ListPullTimeUpdateExclusions_RequestSyntax) **
The maximum number of pull time update exclusion results returned by `ListPullTimeUpdateExclusions` in paginated output. When this parameter is used, `ListPullTimeUpdateExclusions` only returns `maxResults` results in a single page along with a `nextToken` response element. The remaining results of the initial request can be seen by sending another `ListPullTimeUpdateExclusions` request with the returned `nextToken` value. This value can be between 1 and 1000. If this parameter is not used, then `ListPullTimeUpdateExclusions` returns up to 100 results and a `nextToken` value, if applicable.
Type: Integer
Valid Range: Minimum value of 1. Maximum value of 1000.
Required: No
** [nextToken](#API_ListPullTimeUpdateExclusions_RequestSyntax) **
The `nextToken` value returned from a previous paginated `ListPullTimeUpdateExclusions` request where `maxResults` was used and the results exceeded the value of that parameter. Pagination continues from the end of the previous results that returned the `nextToken` value. This value is `null` when there are no more results to return.
This token should be treated as an opaque identifier that is only used to retrieve the next items in a list and not for other programmatic purposes.
Type: String
Required: No
## Response Syntax
```
{
"nextToken": "string",
"pullTimeUpdateExclusions": [ "string" ]
}
```
## Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
** [nextToken](#API_ListPullTimeUpdateExclusions_ResponseSyntax) **
The `nextToken` value to include in a future `ListPullTimeUpdateExclusions` request. When the results of a `ListPullTimeUpdateExclusions` request exceed `maxResults`, this value can be used to retrieve the next page of results. This value is `null` when there are no more results to return.
Type: String
** [pullTimeUpdateExclusions](#API_ListPullTimeUpdateExclusions_ResponseSyntax) **
The list of IAM principal ARNs that are excluded from having their image pull times recorded.
Type: Array of strings
Array Members: Minimum number of 0 items. Maximum number of 100 items.
Length Constraints: Maximum length of 200.
Pattern: `^arn:aws(-[a-z]+)*:iam::[0-9]{12}:(role|user)/[\w+=,.@-]+(/[\w+=,.@-]+)*$`
## Errors
For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md).
** InvalidParameterException **
The specified parameter is invalid. Review the available parameters for the API request.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** LimitExceededException **
The operation did not succeed because it would have exceeded a service limit for your account. For more information, see [Amazon ECR service quotas](https://docs.aws.amazon.com/AmazonECR/latest/userguide/service-quotas.html) in the Amazon Elastic Container Registry User Guide.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** ServerException **
These errors are usually caused by a server-side issue.
** message **
The error message associated with the exception.
HTTP Status Code: 500
** ValidationException **
There was an exception validating this request.
HTTP Status Code: 400
## Examples
In the following example or examples, the Authorization header contents (`AUTHPARAMS`) must be replaced with an AWS Signature Version 4 signature. For more information about creating these signatures, see [Signature Version 4 Signing Process](https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html) in the * AWS General Reference*.
You only need to learn how to sign HTTP requests if you intend to manually create them. When you use the [AWS Command Line Interface (AWS CLI)](http://aws.amazon.com/cli/) or one of the [AWS SDKs](http://aws.amazon.com/tools/) to make requests to AWS, these tools automatically sign the requests for you with the access key that you specify when you configure the tools. When you use these tools, you don't need to learn how to sign requests yourself.
### To list all pull time update exclusions
This example lists all IAM principals that are excluded from having their image pull timestamps recorded in the registry.
#### Sample Request
```
POST / HTTP/1.1
Host: api.ecr.us-west-2.amazonaws.com
Accept-Encoding: identity
X-Amz-Target: AmazonEC2ContainerRegistry_V20150921.ListPullTimeUpdateExclusions
Content-Type: application/x-amz-json-1.1
User-Agent: aws-cli/2.0 Python/3.8.0 Darwin/20.0.0 botocore/2.0.0
X-Amz-Date: 20251117T220830Z
Authorization: AUTHPARAMS
Content-Length: 2
{}
```
#### Sample Response
```
HTTP/1.1 200 OK
x-amzn-RequestId: 123a4b56-7c89-01d2-3ef4-example5678f
Content-Type: application/x-amz-json-1.1
Content-Length: 95
Connection: keep-alive
{
"pullTimeUpdateExclusions": [
"arn:aws:iam::012345678910:role/ECRAccess"
]
}
```
## See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
+ [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/ecr-2015-09-21/ListPullTimeUpdateExclusions)
+ [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/ecr-2015-09-21/ListPullTimeUpdateExclusions)
+ [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/ecr-2015-09-21/ListPullTimeUpdateExclusions)
+ [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/ecr-2015-09-21/ListPullTimeUpdateExclusions)
+ [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/ecr-2015-09-21/ListPullTimeUpdateExclusions)
+ [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/ecr-2015-09-21/ListPullTimeUpdateExclusions)
+ [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/ecr-2015-09-21/ListPullTimeUpdateExclusions)
+ [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/ecr-2015-09-21/ListPullTimeUpdateExclusions)
+ [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/ecr-2015-09-21/ListPullTimeUpdateExclusions)
+ [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/ecr-2015-09-21/ListPullTimeUpdateExclusions)
# ListTagsForResource
List the tags for an Amazon ECR resource.
## Request Syntax
```
{
"resourceArn": "string"
}
```
## Request Parameters
For information about the parameters that are common to all actions, see [Common Parameters](CommonParameters.md).
The request accepts the following data in JSON format.
** [resourceArn](#API_ListTagsForResource_RequestSyntax) **
The Amazon Resource Name (ARN) that identifies the resource for which to list the tags. Currently, the only supported resource is an Amazon ECR repository.
Type: String
Required: Yes
## Response Syntax
```
{
"tags": [
{
"Key": "string",
"Value": "string"
}
]
}
```
## Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
** [tags](#API_ListTagsForResource_ResponseSyntax) **
The tags for the resource.
Type: Array of [Tag](API_Tag.md) objects
## Errors
For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md).
** InvalidParameterException **
The specified parameter is invalid. Review the available parameters for the API request.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** RepositoryNotFoundException **
The specified repository could not be found. Check the spelling of the specified repository and ensure that you are performing operations on the correct registry.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** ServerException **
These errors are usually caused by a server-side issue.
** message **
The error message associated with the exception.
HTTP Status Code: 500
## Examples
In the following example or examples, the Authorization header contents (`AUTHPARAMS`) must be replaced with an AWS Signature Version 4 signature. For more information about creating these signatures, see [Signature Version 4 Signing Process](https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html) in the * AWS General Reference*.
You only need to learn how to sign HTTP requests if you intend to manually create them. When you use the [AWS Command Line Interface (AWS CLI)](http://aws.amazon.com/cli/) or one of the [AWS SDKs](http://aws.amazon.com/tools/) to make requests to AWS, these tools automatically sign the requests for you with the access key that you specify when you configure the tools. When you use these tools, you don't need to learn how to sign requests yourself.
### Example
This example lists the tags associated with the `sample-repo` repository.
#### Sample Request
```
POST / HTTP/1.1
Host: ecr.us-west-2.amazonaws.com
Accept-Encoding: identity
Content-Length: 81
X-Amz-Target: AmazonEC2ContainerRegistry_V20150921.ListTagsForResource
X-Amz-Date: 20161216T201255Z
User-Agent: aws-cli/1.16.310 Python/3.6.1 Darwin/18.7.0 botocore/1.13.46
Content-Type: application/x-amz-json-1.1
Authorization: AUTHPARAMS
{
"resourceArn": "arn:aws:ecr:us-west-2:012345678910:repository/sample-repo"
}
```
#### Sample Response
```
HTTP/1.1 200 OK
Server: Server
Date: Fri, 24 Jan 2020 03:48:07 GMT
Content-Type: application/x-amz-json-1.1
Content-Length: 11
Connection: keep-alive
x-amzn-RequestId: 3081a92b-2066-41f8-8a47-0580288ada9e
{
"tags": [
{
"Key": "environment",
"Value": "production"
}
]
}
```
## See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
+ [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/ecr-2015-09-21/ListTagsForResource)
+ [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/ecr-2015-09-21/ListTagsForResource)
+ [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/ecr-2015-09-21/ListTagsForResource)
+ [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/ecr-2015-09-21/ListTagsForResource)
+ [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/ecr-2015-09-21/ListTagsForResource)
+ [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/ecr-2015-09-21/ListTagsForResource)
+ [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/ecr-2015-09-21/ListTagsForResource)
+ [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/ecr-2015-09-21/ListTagsForResource)
+ [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/ecr-2015-09-21/ListTagsForResource)
+ [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/ecr-2015-09-21/ListTagsForResource)
# PutAccountSetting
Allows you to change the basic scan type version or registry policy scope.
## Request Syntax
```
{
"name": "string",
"value": "string"
}
```
## Request Parameters
For information about the parameters that are common to all actions, see [Common Parameters](CommonParameters.md).
The request accepts the following data in JSON format.
** [name](#API_PutAccountSetting_RequestSyntax) **
The name of the account setting, such as `BASIC_SCAN_TYPE_VERSION`, `REGISTRY_POLICY_SCOPE`, or `BLOB_MOUNTING`.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 64.
Required: Yes
** [value](#API_PutAccountSetting_RequestSyntax) **
Setting value that is specified. Valid value for basic scan type: `AWS_NATIVE`. Valid values for registry policy scope: `V1` or `V2`. Valid values for blob mounting: `ENABLED` or `DISABLED`.
Type: String
Required: Yes
## Response Syntax
```
{
"name": "string",
"value": "string"
}
```
## Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
** [name](#API_PutAccountSetting_ResponseSyntax) **
Retrieves the name of the account setting.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 64.
** [value](#API_PutAccountSetting_ResponseSyntax) **
Retrieves the value of the specified account setting.
Type: String
## Errors
For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md).
** InvalidParameterException **
The specified parameter is invalid. Review the available parameters for the API request.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** LimitExceededException **
The operation did not succeed because it would have exceeded a service limit for your account. For more information, see [Amazon ECR service quotas](https://docs.aws.amazon.com/AmazonECR/latest/userguide/service-quotas.html) in the Amazon Elastic Container Registry User Guide.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** ServerException **
These errors are usually caused by a server-side issue.
** message **
The error message associated with the exception.
HTTP Status Code: 500
** ValidationException **
There was an exception validating this request.
HTTP Status Code: 400
## Examples
In the following example or examples, the Authorization header contents (`AUTHPARAMS`) must be replaced with an AWS Signature Version 4 signature. For more information about creating these signatures, see [Signature Version 4 Signing Process](https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html) in the * AWS General Reference*.
You only need to learn how to sign HTTP requests if you intend to manually create them. When you use the [AWS Command Line Interface (AWS CLI)](http://aws.amazon.com/cli/) or one of the [AWS SDKs](http://aws.amazon.com/tools/) to make requests to AWS, these tools automatically sign the requests for you with the access key that you specify when you configure the tools. When you use these tools, you don't need to learn how to sign requests yourself.
### Example
This example assigns the `BASIC_SCAN_TYPE_VERSION` to be used in the registry. The accepted value is `AWS_NATIVE`.
#### Sample Request
```
POST / HTTP/1.1
Host: ecr.us-west-2.amazonaws.com
Accept-Encoding: identity
X-Amz-Target: AmazonEC2ContainerRegistry_V20150921.PutAccountSetting
Content-Type: application/x-amz-json-1.1
User-Agent: aws-cli/1.11.144 Python/3.6.1 Darwin/16.6.0 botocore/1.7.2
X-Amz-Date: 20170901T223937Z
Authorization: AUTHPARAMS
Content-Length: 48
{
aws ecr put-account-setting --name BASIC_SCAN_TYPE_VERSION --value AWS_NATIVE,
}
```
#### Sample Response
```
HTTP/1.1 200 OK
Server: Server
Date: Fri, 01 Sep 2017 19:42:18 GMT
Content-Type: application/x-amz-json-1.1
Content-Length: 340
Connection: keep-alive
x-amzn-RequestId: 123a4b56-7c89-01d2-3ef4-example5678f
{
"name": "BASIC_SCAN_TYPE_VERSION",
"value": "AWS_NATIVE"
}
```
## See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
+ [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/ecr-2015-09-21/PutAccountSetting)
+ [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/ecr-2015-09-21/PutAccountSetting)
+ [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/ecr-2015-09-21/PutAccountSetting)
+ [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/ecr-2015-09-21/PutAccountSetting)
+ [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/ecr-2015-09-21/PutAccountSetting)
+ [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/ecr-2015-09-21/PutAccountSetting)
+ [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/ecr-2015-09-21/PutAccountSetting)
+ [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/ecr-2015-09-21/PutAccountSetting)
+ [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/ecr-2015-09-21/PutAccountSetting)
+ [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/ecr-2015-09-21/PutAccountSetting)
# PutImage
Creates or updates the image manifest and tags associated with an image.
When an image is pushed and all new image layers have been uploaded, the PutImage API is called once to create or update the image manifest and the tags associated with the image.
**Note**
This operation is used by the Amazon ECR proxy and is not generally used by customers for pulling and pushing images. In most cases, you should use the `docker` CLI to pull, tag, and push images.
## Request Syntax
```
{
"imageDigest": "string",
"imageManifest": "string",
"imageManifestMediaType": "string",
"imageTag": "string",
"registryId": "string",
"repositoryName": "string"
}
```
## Request Parameters
For information about the parameters that are common to all actions, see [Common Parameters](CommonParameters.md).
The request accepts the following data in JSON format.
** [imageDigest](#API_PutImage_RequestSyntax) **
The image digest of the image manifest corresponding to the image.
Type: String
Required: No
** [imageManifest](#API_PutImage_RequestSyntax) **
The image manifest corresponding to the image to be uploaded.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 4194304.
Required: Yes
** [imageManifestMediaType](#API_PutImage_RequestSyntax) **
The media type of the image manifest. If you push an image manifest that does not contain the `mediaType` field, you must specify the `imageManifestMediaType` in the request.
Type: String
Required: No
** [imageTag](#API_PutImage_RequestSyntax) **
The tag to associate with the image. This parameter is optional.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 300.
Required: No
** [registryId](#API_PutImage_RequestSyntax) **
The AWS account ID associated with the registry that contains the repository in which to put the image. If you do not specify a registry, the default registry is assumed.
Type: String
Pattern: `[0-9]{12}`
Required: No
** [repositoryName](#API_PutImage_RequestSyntax) **
The name of the repository in which to put the image.
Type: String
Length Constraints: Minimum length of 2. Maximum length of 256.
Pattern: `[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*(\/[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*)*`
Required: Yes
## Response Syntax
```
{
"image": {
"imageId": {
"imageDigest": "string",
"imageTag": "string"
},
"imageManifest": "string",
"imageManifestMediaType": "string",
"registryId": "string",
"repositoryName": "string"
}
}
```
## Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
** [image](#API_PutImage_ResponseSyntax) **
Details of the image uploaded.
Type: [Image](API_Image.md) object
## Errors
For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md).
** ImageAlreadyExistsException **
The specified image has already been pushed, and there were no changes to the manifest or image tag after the last push.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** ImageDigestDoesNotMatchException **
The specified image digest does not match the digest that Amazon ECR calculated for the image.
HTTP Status Code: 400
** ImageTagAlreadyExistsException **
The specified image is tagged with a tag that already exists. The repository is configured for tag immutability.
HTTP Status Code: 400
** InvalidParameterException **
The specified parameter is invalid. Review the available parameters for the API request.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** KmsException **
The operation failed due to a KMS exception.
** kmsError **
The error code returned by AWS KMS.
HTTP Status Code: 400
** LayersNotFoundException **
The specified layers could not be found, or the specified layer is not valid for this repository.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** LimitExceededException **
The operation did not succeed because it would have exceeded a service limit for your account. For more information, see [Amazon ECR service quotas](https://docs.aws.amazon.com/AmazonECR/latest/userguide/service-quotas.html) in the Amazon Elastic Container Registry User Guide.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** ReferencedImagesNotFoundException **
The manifest list is referencing an image that does not exist.
HTTP Status Code: 400
** RepositoryNotFoundException **
The specified repository could not be found. Check the spelling of the specified repository and ensure that you are performing operations on the correct registry.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** ServerException **
These errors are usually caused by a server-side issue.
** message **
The error message associated with the exception.
HTTP Status Code: 500
## Examples
In the following example or examples, the Authorization header contents (`AUTHPARAMS`) must be replaced with an AWS Signature Version 4 signature. For more information about creating these signatures, see [Signature Version 4 Signing Process](https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html) in the * AWS General Reference*.
You only need to learn how to sign HTTP requests if you intend to manually create them. When you use the [AWS Command Line Interface (AWS CLI)](http://aws.amazon.com/cli/) or one of the [AWS SDKs](http://aws.amazon.com/tools/) to make requests to AWS, these tools automatically sign the requests for you with the access key that you specify when you configure the tools. When you use these tools, you don't need to learn how to sign requests yourself.
### Example
This example puts an image to the `amazonlinux` repository with the tag `2016.09`.
#### Sample Request
```
POST / HTTP/1.1
Host: ecr.us-west-2.amazonaws.com
Accept-Encoding: identity
Content-Length: 653
X-Amz-Target: AmazonEC2ContainerRegistry_V20150921.PutImage
X-Amz-Date: 20161216T201255Z
User-Agent: aws-cli/1.11.22 Python/2.7.12 Darwin/16.3.0 botocore/1.4.79
Content-Type: application/x-amz-json-1.1
Authorization: AUTHPARAMS
{
"imageManifest": "{\n \"schemaVersion\": 2,\n \"mediaType\": \"application/vnd.docker.distribution.manifest.v2+json\",\n \"config\": {\n \"mediaType\": \"application/vnd.docker.container.image.v1+json\",\n \"size\": 1486,\n \"digest\": \"sha256:5b52b314511a611975c2c65e695d920acdf8ae8848fe0ef00b7d018d1f118b64\"\n },\n \"layers\": [\n {\n \"mediaType\": \"application/vnd.docker.image.rootfs.diff.tar.gzip\",\n \"size\": 91768077,\n \"digest\": \"sha256:8e3fa21c4cc40232e835a6761332d225c7af3235c5755f44ada2ed9d0e4ab7e8\"\n }\n ]\n}\n",
"repositoryName": "amazonlinux",
"imageTag": "2016.09"
}
```
#### Sample Response
```
HTTP/1.1 200 OK
Server: Server
Date: Fri, 16 Dec 2016 20:12:56 GMT
Content-Type: application/x-amz-json-1.1
Content-Length: 786
Connection: keep-alive
x-amzn-RequestId: 084038f1-c3cc-11e6-8d10-9da51cf53fd3
{
"image": {
"imageId": {
"imageDigest": "sha256:f1d4ae3f7261a72e98c6ebefe9985cf10a0ea5bd762585a43e0700ed99863807",
"imageTag": "2016.09"
},
"imageManifest": "{\n \"schemaVersion\": 2,\n \"mediaType\": \"application/vnd.docker.distribution.manifest.v2+json\",\n \"config\": {\n \"mediaType\": \"application/vnd.docker.container.image.v1+json\",\n \"size\": 1486,\n \"digest\": \"sha256:5b52b314511a611975c2c65e695d920acdf8ae8848fe0ef00b7d018d1f118b64\"\n },\n \"layers\": [\n {\n \"mediaType\": \"application/vnd.docker.image.rootfs.diff.tar.gzip\",\n \"size\": 91768077,\n \"digest\": \"sha256:8e3fa21c4cc40232e835a6761332d225c7af3235c5755f44ada2ed9d0e4ab7e8\"\n }\n ]\n}\n",
"registryId": "012345678910",
"repositoryName": "amazonlinux"
}
}
```
## See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
+ [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/ecr-2015-09-21/PutImage)
+ [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/ecr-2015-09-21/PutImage)
+ [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/ecr-2015-09-21/PutImage)
+ [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/ecr-2015-09-21/PutImage)
+ [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/ecr-2015-09-21/PutImage)
+ [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/ecr-2015-09-21/PutImage)
+ [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/ecr-2015-09-21/PutImage)
+ [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/ecr-2015-09-21/PutImage)
+ [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/ecr-2015-09-21/PutImage)
+ [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/ecr-2015-09-21/PutImage)
# PutImageScanningConfiguration
**Important**
The `PutImageScanningConfiguration` API is being deprecated, in favor of specifying the image scanning configuration at the registry level. For more information, see [PutRegistryScanningConfiguration](API_PutRegistryScanningConfiguration.md).
Updates the image scanning configuration for the specified repository.
## Request Syntax
```
{
"imageScanningConfiguration": {
"scanOnPush": boolean
},
"registryId": "string",
"repositoryName": "string"
}
```
## Request Parameters
For information about the parameters that are common to all actions, see [Common Parameters](CommonParameters.md).
The request accepts the following data in JSON format.
** [imageScanningConfiguration](#API_PutImageScanningConfiguration_RequestSyntax) **
The image scanning configuration for the repository. This setting determines whether images are scanned for known vulnerabilities after being pushed to the repository.
Type: [ImageScanningConfiguration](API_ImageScanningConfiguration.md) object
Required: Yes
** [registryId](#API_PutImageScanningConfiguration_RequestSyntax) **
The AWS account ID associated with the registry that contains the repository in which to update the image scanning configuration setting. If you do not specify a registry, the default registry is assumed.
Type: String
Pattern: `[0-9]{12}`
Required: No
** [repositoryName](#API_PutImageScanningConfiguration_RequestSyntax) **
The name of the repository in which to update the image scanning configuration setting.
Type: String
Length Constraints: Minimum length of 2. Maximum length of 256.
Pattern: `[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*(\/[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*)*`
Required: Yes
## Response Syntax
```
{
"imageScanningConfiguration": {
"scanOnPush": boolean
},
"registryId": "string",
"repositoryName": "string"
}
```
## Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
** [imageScanningConfiguration](#API_PutImageScanningConfiguration_ResponseSyntax) **
The image scanning configuration setting for the repository.
Type: [ImageScanningConfiguration](API_ImageScanningConfiguration.md) object
** [registryId](#API_PutImageScanningConfiguration_ResponseSyntax) **
The registry ID associated with the request.
Type: String
Pattern: `[0-9]{12}`
** [repositoryName](#API_PutImageScanningConfiguration_ResponseSyntax) **
The repository name associated with the request.
Type: String
Length Constraints: Minimum length of 2. Maximum length of 256.
Pattern: `[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*(\/[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*)*`
## Errors
For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md).
** InvalidParameterException **
The specified parameter is invalid. Review the available parameters for the API request.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** RepositoryNotFoundException **
The specified repository could not be found. Check the spelling of the specified repository and ensure that you are performing operations on the correct registry.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** ServerException **
These errors are usually caused by a server-side issue.
** message **
The error message associated with the exception.
HTTP Status Code: 500
** ValidationException **
There was an exception validating this request.
HTTP Status Code: 400
## See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
+ [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/ecr-2015-09-21/PutImageScanningConfiguration)
+ [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/ecr-2015-09-21/PutImageScanningConfiguration)
+ [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/ecr-2015-09-21/PutImageScanningConfiguration)
+ [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/ecr-2015-09-21/PutImageScanningConfiguration)
+ [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/ecr-2015-09-21/PutImageScanningConfiguration)
+ [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/ecr-2015-09-21/PutImageScanningConfiguration)
+ [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/ecr-2015-09-21/PutImageScanningConfiguration)
+ [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/ecr-2015-09-21/PutImageScanningConfiguration)
+ [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/ecr-2015-09-21/PutImageScanningConfiguration)
+ [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/ecr-2015-09-21/PutImageScanningConfiguration)
# PutImageTagMutability
Updates the image tag mutability settings for the specified repository. For more information, see [Image tag mutability](https://docs.aws.amazon.com/AmazonECR/latest/userguide/image-tag-mutability.html) in the *Amazon Elastic Container Registry User Guide*.
## Request Syntax
```
{
"imageTagMutability": "string",
"imageTagMutabilityExclusionFilters": [
{
"filter": "string",
"filterType": "string"
}
],
"registryId": "string",
"repositoryName": "string"
}
```
## Request Parameters
For information about the parameters that are common to all actions, see [Common Parameters](CommonParameters.md).
The request accepts the following data in JSON format.
** [imageTagMutability](#API_PutImageTagMutability_RequestSyntax) **
The tag mutability setting for the repository. If `MUTABLE` is specified, image tags can be overwritten. If `IMMUTABLE` is specified, all image tags within the repository will be immutable which will prevent them from being overwritten.
Type: String
Valid Values: `MUTABLE | IMMUTABLE | IMMUTABLE_WITH_EXCLUSION | MUTABLE_WITH_EXCLUSION`
Required: Yes
** [imageTagMutabilityExclusionFilters](#API_PutImageTagMutability_RequestSyntax) **
A list of filters that specify which image tags should be excluded from the image tag mutability setting being applied.
Type: Array of [ImageTagMutabilityExclusionFilter](API_ImageTagMutabilityExclusionFilter.md) objects
Array Members: Minimum number of 1 item. Maximum number of 5 items.
Required: No
** [registryId](#API_PutImageTagMutability_RequestSyntax) **
The AWS account ID associated with the registry that contains the repository in which to update the image tag mutability settings. If you do not specify a registry, the default registry is assumed.
Type: String
Pattern: `[0-9]{12}`
Required: No
** [repositoryName](#API_PutImageTagMutability_RequestSyntax) **
The name of the repository in which to update the image tag mutability settings.
Type: String
Length Constraints: Minimum length of 2. Maximum length of 256.
Pattern: `[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*(\/[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*)*`
Required: Yes
## Response Syntax
```
{
"imageTagMutability": "string",
"imageTagMutabilityExclusionFilters": [
{
"filter": "string",
"filterType": "string"
}
],
"registryId": "string",
"repositoryName": "string"
}
```
## Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
** [imageTagMutability](#API_PutImageTagMutability_ResponseSyntax) **
The image tag mutability setting for the repository.
Type: String
Valid Values: `MUTABLE | IMMUTABLE | IMMUTABLE_WITH_EXCLUSION | MUTABLE_WITH_EXCLUSION`
** [imageTagMutabilityExclusionFilters](#API_PutImageTagMutability_ResponseSyntax) **
The list of filters that specify which image tags are excluded from the repository's image tag mutability setting.
Type: Array of [ImageTagMutabilityExclusionFilter](API_ImageTagMutabilityExclusionFilter.md) objects
Array Members: Minimum number of 1 item. Maximum number of 5 items.
** [registryId](#API_PutImageTagMutability_ResponseSyntax) **
The registry ID associated with the request.
Type: String
Pattern: `[0-9]{12}`
** [repositoryName](#API_PutImageTagMutability_ResponseSyntax) **
The repository name associated with the request.
Type: String
Length Constraints: Minimum length of 2. Maximum length of 256.
Pattern: `[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*(\/[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*)*`
## Errors
For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md).
** InvalidParameterException **
The specified parameter is invalid. Review the available parameters for the API request.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** RepositoryNotFoundException **
The specified repository could not be found. Check the spelling of the specified repository and ensure that you are performing operations on the correct registry.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** ServerException **
These errors are usually caused by a server-side issue.
** message **
The error message associated with the exception.
HTTP Status Code: 500
## Examples
In the following example or examples, the Authorization header contents (`AUTHPARAMS`) must be replaced with an AWS Signature Version 4 signature. For more information about creating these signatures, see [Signature Version 4 Signing Process](https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html) in the * AWS General Reference*.
You only need to learn how to sign HTTP requests if you intend to manually create them. When you use the [AWS Command Line Interface (AWS CLI)](http://aws.amazon.com/cli/) or one of the [AWS SDKs](http://aws.amazon.com/tools/) to make requests to AWS, these tools automatically sign the requests for you with the access key that you specify when you configure the tools. When you use these tools, you don't need to learn how to sign requests yourself.
### Example
This example updates the image tag mutability setting for the `sample-repo` repository.
#### Sample Request
```
POST / HTTP/1.1
Host: ecr.us-west-2.amazonaws.com
Accept-Encoding: identity
Content-Length: 73
X-Amz-Target: AmazonEC2ContainerRegistry_V20150921.PutImageTagMutability
X-Amz-Date: 20161216T201255Z
User-Agent: aws-cli/1.16.310 Python/3.6.1 Darwin/18.7.0 botocore/1.13.46
Content-Type: application/x-amz-json-1.1
Authorization: AUTHPARAMS
{
"repositoryName": "sample-repo",
"imageTagMutability": "IMMUTABLE"
}
```
#### Sample Response
```
HTTP/1.1 200 OK
Server: Server
Date: Fri, 24 Jan 2020 03:48:07 GMT
Content-Type: application/x-amz-json-1.1
Content-Length: 98
Connection: keep-alive
x-amzn-RequestId: 3081a92b-2066-41f8-8a47-0580288ada9e
{
"registryId": "012345678910",
"repositoryName": "sample-repo",
"imageTagMutability": "IMMUTABLE"
}
```
## See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
+ [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/ecr-2015-09-21/PutImageTagMutability)
+ [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/ecr-2015-09-21/PutImageTagMutability)
+ [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/ecr-2015-09-21/PutImageTagMutability)
+ [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/ecr-2015-09-21/PutImageTagMutability)
+ [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/ecr-2015-09-21/PutImageTagMutability)
+ [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/ecr-2015-09-21/PutImageTagMutability)
+ [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/ecr-2015-09-21/PutImageTagMutability)
+ [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/ecr-2015-09-21/PutImageTagMutability)
+ [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/ecr-2015-09-21/PutImageTagMutability)
+ [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/ecr-2015-09-21/PutImageTagMutability)
# PutLifecyclePolicy
Creates or updates the lifecycle policy for the specified repository. For more information, see [Lifecycle policy template](https://docs.aws.amazon.com/AmazonECR/latest/userguide/LifecyclePolicies.html).
## Request Syntax
```
{
"lifecyclePolicyText": "string",
"registryId": "string",
"repositoryName": "string"
}
```
## Request Parameters
For information about the parameters that are common to all actions, see [Common Parameters](CommonParameters.md).
The request accepts the following data in JSON format.
** [lifecyclePolicyText](#API_PutLifecyclePolicy_RequestSyntax) **
The JSON repository policy text to apply to the repository.
Type: String
Length Constraints: Minimum length of 100. Maximum length of 30720.
Required: Yes
** [registryId](#API_PutLifecyclePolicy_RequestSyntax) **
The AWS account ID associated with the registry that contains the repository. If you do
not specify a registry, the default registry is assumed.
Type: String
Pattern: `[0-9]{12}`
Required: No
** [repositoryName](#API_PutLifecyclePolicy_RequestSyntax) **
The name of the repository to receive the policy.
Type: String
Length Constraints: Minimum length of 2. Maximum length of 256.
Pattern: `[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*(\/[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*)*`
Required: Yes
## Response Syntax
```
{
"lifecyclePolicyText": "string",
"registryId": "string",
"repositoryName": "string"
}
```
## Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
** [lifecyclePolicyText](#API_PutLifecyclePolicy_ResponseSyntax) **
The JSON repository policy text.
Type: String
Length Constraints: Minimum length of 100. Maximum length of 30720.
** [registryId](#API_PutLifecyclePolicy_ResponseSyntax) **
The registry ID associated with the request.
Type: String
Pattern: `[0-9]{12}`
** [repositoryName](#API_PutLifecyclePolicy_ResponseSyntax) **
The repository name associated with the request.
Type: String
Length Constraints: Minimum length of 2. Maximum length of 256.
Pattern: `[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*(\/[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*)*`
## Errors
For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md).
** InvalidParameterException **
The specified parameter is invalid. Review the available parameters for the API request.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** RepositoryNotFoundException **
The specified repository could not be found. Check the spelling of the specified repository and ensure that you are performing operations on the correct registry.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** ServerException **
These errors are usually caused by a server-side issue.
** message **
The error message associated with the exception.
HTTP Status Code: 500
** ValidationException **
There was an exception validating this request.
HTTP Status Code: 400
## Examples
In the following example or examples, the Authorization header contents (`AUTHPARAMS`) must be replaced with an AWS Signature Version 4 signature. For more information about creating these signatures, see [Signature Version 4 Signing Process](https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html) in the * AWS General Reference*.
You only need to learn how to sign HTTP requests if you intend to manually create them. When you use the [AWS Command Line Interface (AWS CLI)](http://aws.amazon.com/cli/) or one of the [AWS SDKs](http://aws.amazon.com/tools/) to make requests to AWS, these tools automatically sign the requests for you with the access key that you specify when you configure the tools. When you use these tools, you don't need to learn how to sign requests yourself.
### Example
This example creates a lifecycle policy to expire images older than 14 days for a repository called `project-a/amazon-ecs-sample` in the default registry for an account.
#### Sample Request
```
POST / HTTP/1.1
Host: ecr.us-west-2.amazonaws.com
Accept-Encoding: identity
X-Amz-Target: AmazonEC2ContainerRegistry_V20150921.PutLifecyclePolicy
Content-Type: application/x-amz-json-1.1
User-Agent: aws-cli/1.11.144 Python/3.6.1 Darwin/16.6.0 botocore/1.7.2
X-Amz-Date: 20170901T194217Z
Authorization: AUTHPARAMS
Content-Length: 535
{
"repositoryName": "project-a/amazon-ecs-sample",
"lifecyclePolicyText": "{\n \"rules\": [\n {\n \"rulePriority\": 1,\n \"description\": \"Expire images older than 14 days\",\n \"selection\": {\n \"tagStatus\": \"untagged\",\n \"countType\": \"sinceImagePushed\",\n \"countUnit\": \"days\",\n \"countNumber\": 14\n },\n \"action\": {\n \"type\": \"expire\"\n }\n }\n ]\n}\n"
}
```
#### Sample Response
```
HTTP/1.1 200 OK
Server: Server
Date: Fri, 01 Sep 2017 19:42:18 GMT
Content-Type: application/x-amz-json-1.1
Content-Length: 340
Connection: keep-alive
x-amzn-RequestId: 123a4b56-7c89-01d2-3ef4-example5678f
{
"lifecyclePolicyText":"{\"rules\":[{\"rulePriority\":1,\"description\":\"Expire images older than 14 days\",\"selection\":{\"tagStatus\":\"untagged\",\"countType\":\"sinceImagePushed\",\"countUnit\":\"days\",\"countNumber\":14},\"action\":{\"type\":\"expire\"}}]}",
"registryId":"012345678910",
"repositoryName":"project-a/amazon-ecs-sample"
}
```
## See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
+ [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/ecr-2015-09-21/PutLifecyclePolicy)
+ [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/ecr-2015-09-21/PutLifecyclePolicy)
+ [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/ecr-2015-09-21/PutLifecyclePolicy)
+ [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/ecr-2015-09-21/PutLifecyclePolicy)
+ [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/ecr-2015-09-21/PutLifecyclePolicy)
+ [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/ecr-2015-09-21/PutLifecyclePolicy)
+ [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/ecr-2015-09-21/PutLifecyclePolicy)
+ [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/ecr-2015-09-21/PutLifecyclePolicy)
+ [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/ecr-2015-09-21/PutLifecyclePolicy)
+ [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/ecr-2015-09-21/PutLifecyclePolicy)
# PutRegistryPolicy
Creates or updates the permissions policy for your registry.
A registry policy is used to specify permissions for another AWS account and is used when configuring cross-account replication. For more information, see [Registry permissions](https://docs.aws.amazon.com/AmazonECR/latest/userguide/registry-permissions.html) in the *Amazon Elastic Container Registry User Guide*.
## Request Syntax
```
{
"policyText": "string"
}
```
## Request Parameters
For information about the parameters that are common to all actions, see [Common Parameters](CommonParameters.md).
The request accepts the following data in JSON format.
** [policyText](#API_PutRegistryPolicy_RequestSyntax) **
The JSON policy text to apply to your registry. The policy text follows the same format as IAM policy text. For more information, see [Registry permissions](https://docs.aws.amazon.com/AmazonECR/latest/userguide/registry-permissions.html) in the *Amazon Elastic Container Registry User Guide*.
Type: String
Length Constraints: Minimum length of 0. Maximum length of 10240.
Required: Yes
## Response Syntax
```
{
"policyText": "string",
"registryId": "string"
}
```
## Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
** [policyText](#API_PutRegistryPolicy_ResponseSyntax) **
The JSON policy text for your registry.
Type: String
Length Constraints: Minimum length of 0. Maximum length of 10240.
** [registryId](#API_PutRegistryPolicy_ResponseSyntax) **
The registry ID associated with the request.
Type: String
Pattern: `[0-9]{12}`
## Errors
For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md).
** InvalidParameterException **
The specified parameter is invalid. Review the available parameters for the API request.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** ServerException **
These errors are usually caused by a server-side issue.
** message **
The error message associated with the exception.
HTTP Status Code: 500
** ValidationException **
There was an exception validating this request.
HTTP Status Code: 400
## See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
+ [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/ecr-2015-09-21/PutRegistryPolicy)
+ [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/ecr-2015-09-21/PutRegistryPolicy)
+ [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/ecr-2015-09-21/PutRegistryPolicy)
+ [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/ecr-2015-09-21/PutRegistryPolicy)
+ [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/ecr-2015-09-21/PutRegistryPolicy)
+ [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/ecr-2015-09-21/PutRegistryPolicy)
+ [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/ecr-2015-09-21/PutRegistryPolicy)
+ [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/ecr-2015-09-21/PutRegistryPolicy)
+ [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/ecr-2015-09-21/PutRegistryPolicy)
+ [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/ecr-2015-09-21/PutRegistryPolicy)
# PutRegistryScanningConfiguration
Creates or updates the scanning configuration for your private registry.
## Request Syntax
```
{
"rules": [
{
"repositoryFilters": [
{
"filter": "string",
"filterType": "string"
}
],
"scanFrequency": "string"
}
],
"scanType": "string"
}
```
## Request Parameters
For information about the parameters that are common to all actions, see [Common Parameters](CommonParameters.md).
The request accepts the following data in JSON format.
** [rules](#API_PutRegistryScanningConfiguration_RequestSyntax) **
The scanning rules to use for the registry. A scanning rule is used to determine which repository filters are used and at what frequency scanning will occur.
Type: Array of [RegistryScanningRule](API_RegistryScanningRule.md) objects
Array Members: Minimum number of 0 items. Maximum number of 2 items.
Required: No
** [scanType](#API_PutRegistryScanningConfiguration_RequestSyntax) **
The scanning type to set for the registry.
When a registry scanning configuration is not defined, by default the `BASIC` scan type is used. When basic scanning is used, you may specify filters to determine which individual repositories, or all repositories, are scanned when new images are pushed to those repositories. Alternatively, you can do manual scans of images with basic scanning.
When the `ENHANCED` scan type is set, Amazon Inspector provides automated vulnerability scanning. You may choose between continuous scanning or scan on push and you may specify filters to determine which individual repositories, or all repositories, are scanned.
Type: String
Valid Values: `BASIC | ENHANCED`
Required: No
## Response Syntax
```
{
"registryScanningConfiguration": {
"rules": [
{
"repositoryFilters": [
{
"filter": "string",
"filterType": "string"
}
],
"scanFrequency": "string"
}
],
"scanType": "string"
}
}
```
## Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
** [registryScanningConfiguration](#API_PutRegistryScanningConfiguration_ResponseSyntax) **
The scanning configuration for your registry.
Type: [RegistryScanningConfiguration](API_RegistryScanningConfiguration.md) object
## Errors
For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md).
** BlockedByOrganizationPolicyException **
The operation did not succeed because the account is managed by a organization policy.
HTTP Status Code: 400
** InvalidParameterException **
The specified parameter is invalid. Review the available parameters for the API request.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** ServerException **
These errors are usually caused by a server-side issue.
** message **
The error message associated with the exception.
HTTP Status Code: 500
** ValidationException **
There was an exception validating this request.
HTTP Status Code: 400
## See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
+ [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/ecr-2015-09-21/PutRegistryScanningConfiguration)
+ [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/ecr-2015-09-21/PutRegistryScanningConfiguration)
+ [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/ecr-2015-09-21/PutRegistryScanningConfiguration)
+ [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/ecr-2015-09-21/PutRegistryScanningConfiguration)
+ [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/ecr-2015-09-21/PutRegistryScanningConfiguration)
+ [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/ecr-2015-09-21/PutRegistryScanningConfiguration)
+ [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/ecr-2015-09-21/PutRegistryScanningConfiguration)
+ [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/ecr-2015-09-21/PutRegistryScanningConfiguration)
+ [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/ecr-2015-09-21/PutRegistryScanningConfiguration)
+ [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/ecr-2015-09-21/PutRegistryScanningConfiguration)
# PutReplicationConfiguration
Creates or updates the replication configuration for a registry. The existing replication configuration for a repository can be retrieved with the [DescribeRegistry](API_DescribeRegistry.md) API action. The first time the PutReplicationConfiguration API is called, a service-linked IAM role is created in your account for the replication process. For more information, see [Using service-linked roles for Amazon ECR](https://docs.aws.amazon.com/AmazonECR/latest/userguide/using-service-linked-roles.html) in the *Amazon Elastic Container Registry User Guide*. For more information on the custom role for replication, see [Creating an IAM role for replication](https://docs.aws.amazon.com/AmazonECR/latest/userguide/replication-creation-templates.html#roles-creatingrole-user-console).
**Note**
When configuring cross-account replication, the destination account must grant the source account permission to replicate. This permission is controlled using a registry permissions policy. For more information, see [PutRegistryPolicy](API_PutRegistryPolicy.md).
## Request Syntax
```
{
"replicationConfiguration": {
"rules": [
{
"destinations": [
{
"region": "string",
"registryId": "string"
}
],
"repositoryFilters": [
{
"filter": "string",
"filterType": "string"
}
]
}
]
}
}
```
## Request Parameters
For information about the parameters that are common to all actions, see [Common Parameters](CommonParameters.md).
The request accepts the following data in JSON format.
** [replicationConfiguration](#API_PutReplicationConfiguration_RequestSyntax) **
An object representing the replication configuration for a registry.
Type: [ReplicationConfiguration](API_ReplicationConfiguration.md) object
Required: Yes
## Response Syntax
```
{
"replicationConfiguration": {
"rules": [
{
"destinations": [
{
"region": "string",
"registryId": "string"
}
],
"repositoryFilters": [
{
"filter": "string",
"filterType": "string"
}
]
}
]
}
}
```
## Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
** [replicationConfiguration](#API_PutReplicationConfiguration_ResponseSyntax) **
The contents of the replication configuration for the registry.
Type: [ReplicationConfiguration](API_ReplicationConfiguration.md) object
## Errors
For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md).
** InvalidParameterException **
The specified parameter is invalid. Review the available parameters for the API request.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** ServerException **
These errors are usually caused by a server-side issue.
** message **
The error message associated with the exception.
HTTP Status Code: 500
** ValidationException **
There was an exception validating this request.
HTTP Status Code: 400
## See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
+ [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/ecr-2015-09-21/PutReplicationConfiguration)
+ [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/ecr-2015-09-21/PutReplicationConfiguration)
+ [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/ecr-2015-09-21/PutReplicationConfiguration)
+ [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/ecr-2015-09-21/PutReplicationConfiguration)
+ [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/ecr-2015-09-21/PutReplicationConfiguration)
+ [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/ecr-2015-09-21/PutReplicationConfiguration)
+ [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/ecr-2015-09-21/PutReplicationConfiguration)
+ [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/ecr-2015-09-21/PutReplicationConfiguration)
+ [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/ecr-2015-09-21/PutReplicationConfiguration)
+ [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/ecr-2015-09-21/PutReplicationConfiguration)
# PutSigningConfiguration
Creates or updates the registry's signing configuration, which defines rules for automatically signing images with AWS Signer.
For more information, see [Managed signing](https://docs.aws.amazon.com/AmazonECR/latest/userguide/managed-signing.html) in the *Amazon Elastic Container Registry User Guide*.
**Note**
To successfully generate a signature, the IAM principal pushing images must have permission to sign payloads with the AWS Signer signing profile referenced in the signing configuration.
## Request Syntax
```
{
"signingConfiguration": {
"rules": [
{
"repositoryFilters": [
{
"filter": "string",
"filterType": "string"
}
],
"signingProfileArn": "string"
}
]
}
}
```
## Request Parameters
For information about the parameters that are common to all actions, see [Common Parameters](CommonParameters.md).
The request accepts the following data in JSON format.
** [signingConfiguration](#API_PutSigningConfiguration_RequestSyntax) **
The signing configuration to assign to the registry.
Type: [SigningConfiguration](API_SigningConfiguration.md) object
Required: Yes
## Response Syntax
```
{
"signingConfiguration": {
"rules": [
{
"repositoryFilters": [
{
"filter": "string",
"filterType": "string"
}
],
"signingProfileArn": "string"
}
]
}
}
```
## Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
** [signingConfiguration](#API_PutSigningConfiguration_ResponseSyntax) **
The registry's updated signing configuration.
Type: [SigningConfiguration](API_SigningConfiguration.md) object
## Errors
For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md).
** InvalidParameterException **
The specified parameter is invalid. Review the available parameters for the API request.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** ServerException **
These errors are usually caused by a server-side issue.
** message **
The error message associated with the exception.
HTTP Status Code: 500
** ValidationException **
There was an exception validating this request.
HTTP Status Code: 400
## See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
+ [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/ecr-2015-09-21/PutSigningConfiguration)
+ [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/ecr-2015-09-21/PutSigningConfiguration)
+ [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/ecr-2015-09-21/PutSigningConfiguration)
+ [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/ecr-2015-09-21/PutSigningConfiguration)
+ [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/ecr-2015-09-21/PutSigningConfiguration)
+ [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/ecr-2015-09-21/PutSigningConfiguration)
+ [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/ecr-2015-09-21/PutSigningConfiguration)
+ [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/ecr-2015-09-21/PutSigningConfiguration)
+ [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/ecr-2015-09-21/PutSigningConfiguration)
+ [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/ecr-2015-09-21/PutSigningConfiguration)
# RegisterPullTimeUpdateExclusion
Adds an IAM principal to the pull time update exclusion list for a registry. Amazon ECR will not record the pull time if an excluded principal pulls an image.
## Request Syntax
```
{
"principalArn": "string"
}
```
## Request Parameters
For information about the parameters that are common to all actions, see [Common Parameters](CommonParameters.md).
The request accepts the following data in JSON format.
** [principalArn](#API_RegisterPullTimeUpdateExclusion_RequestSyntax) **
The ARN of the IAM principal to exclude from having image pull times recorded.
Type: String
Length Constraints: Maximum length of 200.
Pattern: `^arn:aws(-[a-z]+)*:iam::[0-9]{12}:(role|user)/[\w+=,.@-]+(/[\w+=,.@-]+)*$`
Required: Yes
## Response Syntax
```
{
"createdAt": number,
"principalArn": "string"
}
```
## Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
** [createdAt](#API_RegisterPullTimeUpdateExclusion_ResponseSyntax) **
The date and time, expressed in standard JavaScript date format, when the exclusion was created.
Type: Timestamp
** [principalArn](#API_RegisterPullTimeUpdateExclusion_ResponseSyntax) **
The ARN of the IAM principal that was added to the pull time update exclusion list.
Type: String
Length Constraints: Maximum length of 200.
Pattern: `^arn:aws(-[a-z]+)*:iam::[0-9]{12}:(role|user)/[\w+=,.@-]+(/[\w+=,.@-]+)*$`
## Errors
For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md).
** ExclusionAlreadyExistsException **
The specified pull time update exclusion already exists for the registry.
HTTP Status Code: 400
** InvalidParameterException **
The specified parameter is invalid. Review the available parameters for the API request.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** LimitExceededException **
The operation did not succeed because it would have exceeded a service limit for your account. For more information, see [Amazon ECR service quotas](https://docs.aws.amazon.com/AmazonECR/latest/userguide/service-quotas.html) in the Amazon Elastic Container Registry User Guide.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** ServerException **
These errors are usually caused by a server-side issue.
** message **
The error message associated with the exception.
HTTP Status Code: 500
** ValidationException **
There was an exception validating this request.
HTTP Status Code: 400
## Examples
In the following example or examples, the Authorization header contents (`AUTHPARAMS`) must be replaced with an AWS Signature Version 4 signature. For more information about creating these signatures, see [Signature Version 4 Signing Process](https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html) in the * AWS General Reference*.
You only need to learn how to sign HTTP requests if you intend to manually create them. When you use the [AWS Command Line Interface (AWS CLI)](http://aws.amazon.com/cli/) or one of the [AWS SDKs](http://aws.amazon.com/tools/) to make requests to AWS, these tools automatically sign the requests for you with the access key that you specify when you configure the tools. When you use these tools, you don't need to learn how to sign requests yourself.
### To exclude an IAM role from pull time tracking
This example adds an IAM role to the pull time update exclusion list so that Amazon ECR will not record image pull timestamps for this principal.
#### Sample Request
```
POST / HTTP/1.1
Host: api.ecr.us-west-2.amazonaws.com
Accept-Encoding: identity
X-Amz-Target: AmazonEC2ContainerRegistry_V20150921.RegisterPullTimeUpdateExclusion
Content-Type: application/x-amz-json-1.1
User-Agent: aws-cli/2.0 Python/3.8.0 Darwin/20.0.0 botocore/2.0.0
X-Amz-Date: 20251117T220812Z
Authorization: AUTHPARAMS
Content-Length: 73
{
"principalArn": "arn:aws:iam::012345678910:role/ECRAccess"
}
```
#### Sample Response
```
HTTP/1.1 200 OK
x-amzn-RequestId: 123a4b56-7c89-01d2-3ef4-example5678f
Content-Type: application/x-amz-json-1.1
Content-Length: 118
Connection: keep-alive
{
"principalArn": "arn:aws:iam::012345678910:role/ECRAccess",
"createdAt": "2025-11-17T22:08:12.659000+00:00"
}
```
## See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
+ [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/ecr-2015-09-21/RegisterPullTimeUpdateExclusion)
+ [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/ecr-2015-09-21/RegisterPullTimeUpdateExclusion)
+ [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/ecr-2015-09-21/RegisterPullTimeUpdateExclusion)
+ [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/ecr-2015-09-21/RegisterPullTimeUpdateExclusion)
+ [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/ecr-2015-09-21/RegisterPullTimeUpdateExclusion)
+ [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/ecr-2015-09-21/RegisterPullTimeUpdateExclusion)
+ [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/ecr-2015-09-21/RegisterPullTimeUpdateExclusion)
+ [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/ecr-2015-09-21/RegisterPullTimeUpdateExclusion)
+ [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/ecr-2015-09-21/RegisterPullTimeUpdateExclusion)
+ [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/ecr-2015-09-21/RegisterPullTimeUpdateExclusion)
# SetRepositoryPolicy
Applies a repository policy to the specified repository to control access permissions. For more information, see [Amazon ECR Repository policies](https://docs.aws.amazon.com/AmazonECR/latest/userguide/repository-policies.html) in the *Amazon Elastic Container Registry User Guide*.
## Request Syntax
```
{
"force": boolean,
"policyText": "string",
"registryId": "string",
"repositoryName": "string"
}
```
## Request Parameters
For information about the parameters that are common to all actions, see [Common Parameters](CommonParameters.md).
The request accepts the following data in JSON format.
** [force](#API_SetRepositoryPolicy_RequestSyntax) **
If the policy you are attempting to set on a repository policy would prevent you from setting another policy in the future, you must force the [SetRepositoryPolicy](#API_SetRepositoryPolicy) operation. This is intended to prevent accidental repository lock outs.
Type: Boolean
Required: No
** [policyText](#API_SetRepositoryPolicy_RequestSyntax) **
The JSON repository policy text to apply to the repository. For more information, see [Amazon ECR repository policies](https://docs.aws.amazon.com/AmazonECR/latest/userguide/repository-policy-examples.html) in the *Amazon Elastic Container Registry User Guide*.
Type: String
Length Constraints: Minimum length of 0. Maximum length of 10240.
Required: Yes
** [registryId](#API_SetRepositoryPolicy_RequestSyntax) **
The AWS account ID associated with the registry that contains the repository. If you do not specify a registry, the default registry is assumed.
Type: String
Pattern: `[0-9]{12}`
Required: No
** [repositoryName](#API_SetRepositoryPolicy_RequestSyntax) **
The name of the repository to receive the policy.
Type: String
Length Constraints: Minimum length of 2. Maximum length of 256.
Pattern: `[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*(\/[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*)*`
Required: Yes
## Response Syntax
```
{
"policyText": "string",
"registryId": "string",
"repositoryName": "string"
}
```
## Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
** [policyText](#API_SetRepositoryPolicy_ResponseSyntax) **
The JSON repository policy text applied to the repository.
Type: String
Length Constraints: Minimum length of 0. Maximum length of 10240.
** [registryId](#API_SetRepositoryPolicy_ResponseSyntax) **
The registry ID associated with the request.
Type: String
Pattern: `[0-9]{12}`
** [repositoryName](#API_SetRepositoryPolicy_ResponseSyntax) **
The repository name associated with the request.
Type: String
Length Constraints: Minimum length of 2. Maximum length of 256.
Pattern: `[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*(\/[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*)*`
## Errors
For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md).
** InvalidParameterException **
The specified parameter is invalid. Review the available parameters for the API request.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** RepositoryNotFoundException **
The specified repository could not be found. Check the spelling of the specified repository and ensure that you are performing operations on the correct registry.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** ServerException **
These errors are usually caused by a server-side issue.
** message **
The error message associated with the exception.
HTTP Status Code: 500
## Examples
In the following example or examples, the Authorization header contents (`AUTHPARAMS`) must be replaced with an AWS Signature Version 4 signature. For more information about creating these signatures, see [Signature Version 4 Signing Process](https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html) in the * AWS General Reference*.
You only need to learn how to sign HTTP requests if you intend to manually create them. When you use the [AWS Command Line Interface (AWS CLI)](http://aws.amazon.com/cli/) or one of the [AWS SDKs](http://aws.amazon.com/tools/) to make requests to AWS, these tools automatically sign the requests for you with the access key that you specify when you configure the tools. When you use these tools, you don't need to learn how to sign requests yourself.
### Example
The following example sets a repository policy on the `ubuntu` repository that allows all AWS accounts to pull from it.
#### Sample Request
```
POST / HTTP/1.1
Host: ecr.us-east-1.amazonaws.com
Accept-Encoding: identity
Content-Length: 223
X-Amz-Target: AmazonEC2ContainerRegistry_V20150921.SetRepositoryPolicy
X-Amz-Date: 20151214T235302Z
User-Agent: aws-cli/1.9.10 Python/2.7.10 Darwin/14.5.0 botocore/1.3.10
Content-Type: application/x-amz-json-1.1
Authorization: AWUTHPARAMS
{
"policyText": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Sid\":\"AllowPull\",\"Effect\":\"Allow\",\"Action\":[\"ecr:BatchGetImage\",\"ecr:GetDownloadUrlForLayer\"],\"Principal\":\"*\"}]}\n",
"repositoryName": "ubuntu"
}
```
#### Sample Response
```
HTTP/1.1 200 OK
Server: Server
Date: Mon, 14 Dec 2015 23:53:02 GMT
Content-Type: application/x-amz-json-1.1
Content-Length: 301
Connection: keep-alive
x-amzn-RequestId: cfc3ead9-a2bd-11e5-91c7-7126cb670c2b
{
"policyText": "{\n \"Version\" : \"2012-10-17\",\n \"Statement\" : [ {\n \"Sid\" : \"AllowPull\",\n \"Effect\" : \"Allow\",\n \"Principal\" : \"*\",\n \"Action\" : [ \"ecr:BatchGetImage\", \"ecr:GetDownloadUrlForLayer\" ]\n } ]\n}",
"registryId": "012345678910",
"repositoryName": "ubuntu"
}
```
## See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
+ [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/ecr-2015-09-21/SetRepositoryPolicy)
+ [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/ecr-2015-09-21/SetRepositoryPolicy)
+ [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/ecr-2015-09-21/SetRepositoryPolicy)
+ [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/ecr-2015-09-21/SetRepositoryPolicy)
+ [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/ecr-2015-09-21/SetRepositoryPolicy)
+ [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/ecr-2015-09-21/SetRepositoryPolicy)
+ [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/ecr-2015-09-21/SetRepositoryPolicy)
+ [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/ecr-2015-09-21/SetRepositoryPolicy)
+ [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/ecr-2015-09-21/SetRepositoryPolicy)
+ [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/ecr-2015-09-21/SetRepositoryPolicy)
# StartImageScan
Starts a basic image vulnerability scan.
A basic image scan can only be started once per 24 hours on an individual image. This limit includes if an image was scanned on initial push. You can start up to 100,000 basic scans per 24 hours. This limit includes both scans on initial push and scans initiated by the StartImageScan API. For more information, see [Basic scanning](https://docs.aws.amazon.com/AmazonECR/latest/userguide/image-scanning-basic.html) in the *Amazon Elastic Container Registry User Guide*.
## Request Syntax
```
{
"imageId": {
"imageDigest": "string",
"imageTag": "string"
},
"registryId": "string",
"repositoryName": "string"
}
```
## Request Parameters
For information about the parameters that are common to all actions, see [Common Parameters](CommonParameters.md).
The request accepts the following data in JSON format.
** [imageId](#API_StartImageScan_RequestSyntax) **
An object with identifying information for an image in an Amazon ECR repository.
Type: [ImageIdentifier](API_ImageIdentifier.md) object
Required: Yes
** [registryId](#API_StartImageScan_RequestSyntax) **
The AWS account ID associated with the registry that contains the repository in which to start an image scan request. If you do not specify a registry, the default registry is assumed.
Type: String
Pattern: `[0-9]{12}`
Required: No
** [repositoryName](#API_StartImageScan_RequestSyntax) **
The name of the repository that contains the images to scan.
Type: String
Length Constraints: Minimum length of 2. Maximum length of 256.
Pattern: `[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*(\/[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*)*`
Required: Yes
## Response Syntax
```
{
"imageId": {
"imageDigest": "string",
"imageTag": "string"
},
"imageScanStatus": {
"description": "string",
"status": "string"
},
"registryId": "string",
"repositoryName": "string"
}
```
## Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
** [imageId](#API_StartImageScan_ResponseSyntax) **
An object with identifying information for an image in an Amazon ECR repository.
Type: [ImageIdentifier](API_ImageIdentifier.md) object
** [imageScanStatus](#API_StartImageScan_ResponseSyntax) **
The current state of the scan.
Type: [ImageScanStatus](API_ImageScanStatus.md) object
** [registryId](#API_StartImageScan_ResponseSyntax) **
The registry ID associated with the request.
Type: String
Pattern: `[0-9]{12}`
** [repositoryName](#API_StartImageScan_ResponseSyntax) **
The repository name associated with the request.
Type: String
Length Constraints: Minimum length of 2. Maximum length of 256.
Pattern: `[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*(\/[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*)*`
## Errors
For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md).
** ImageArchivedException **
The specified image is archived and cannot be scanned.
HTTP Status Code: 400
** ImageNotFoundException **
The image requested does not exist in the specified repository.
HTTP Status Code: 400
** InvalidParameterException **
The specified parameter is invalid. Review the available parameters for the API request.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** LimitExceededException **
The operation did not succeed because it would have exceeded a service limit for your account. For more information, see [Amazon ECR service quotas](https://docs.aws.amazon.com/AmazonECR/latest/userguide/service-quotas.html) in the Amazon Elastic Container Registry User Guide.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** RepositoryNotFoundException **
The specified repository could not be found. Check the spelling of the specified repository and ensure that you are performing operations on the correct registry.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** ServerException **
These errors are usually caused by a server-side issue.
** message **
The error message associated with the exception.
HTTP Status Code: 500
** UnsupportedImageTypeException **
The image is of a type that cannot be scanned.
HTTP Status Code: 400
** ValidationException **
There was an exception validating this request.
HTTP Status Code: 400
## Examples
In the following example or examples, the Authorization header contents (`AUTHPARAMS`) must be replaced with an AWS Signature Version 4 signature. For more information about creating these signatures, see [Signature Version 4 Signing Process](https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html) in the * AWS General Reference*.
You only need to learn how to sign HTTP requests if you intend to manually create them. When you use the [AWS Command Line Interface (AWS CLI)](http://aws.amazon.com/cli/) or one of the [AWS SDKs](http://aws.amazon.com/tools/) to make requests to AWS, these tools automatically sign the requests for you with the access key that you specify when you configure the tools. When you use these tools, you don't need to learn how to sign requests yourself.
### Example
This example starts an image scan for and specified by the image digest in the `sample-repo` repository.
#### Sample Request
```
POST / HTTP/1.1
Host: ecr.us-west-2.amazonaws.com
Accept-Encoding: identity
Content-Length: 141
X-Amz-Target: AmazonEC2ContainerRegistry_V20150921.StartImageScan
X-Amz-Date: 20161216T201255Z
User-Agent: aws-cli/1.16.310 Python/3.6.1 Darwin/18.7.0 botocore/1.13.46
Content-Type: application/x-amz-json-1.1
Authorization: AUTHPARAMS
{
"repositoryName": "sample-repo",
"imageId": {
"imageDigest": "sha256:74b2c688c700ec95a93e478cdb959737c148df3fbf5ea706abe0318726e885e6"
}
}
```
#### Sample Response
```
HTTP/1.1 200 OK
Server: Server
Date: Fri, 24 Jan 2020 03:48:07 GMT
Content-Type: application/x-amz-json-1.1
Content-Length: 208
Connection: keep-alive
x-amzn-RequestId: 3081a92b-2066-41f8-8a47-0580288ada9e
{
"registryId": "012345678910",
"repositoryName": "sample-repo",
"imageId": {
"imageDigest": "sha256:74b2c688c700ec95a93e478cdb959737c148df3fbf5ea706abe0318726e885e6"
},
"imageScanStatus": {
"status": "IN_PROGRESS"
}
}
```
## See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
+ [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/ecr-2015-09-21/StartImageScan)
+ [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/ecr-2015-09-21/StartImageScan)
+ [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/ecr-2015-09-21/StartImageScan)
+ [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/ecr-2015-09-21/StartImageScan)
+ [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/ecr-2015-09-21/StartImageScan)
+ [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/ecr-2015-09-21/StartImageScan)
+ [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/ecr-2015-09-21/StartImageScan)
+ [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/ecr-2015-09-21/StartImageScan)
+ [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/ecr-2015-09-21/StartImageScan)
+ [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/ecr-2015-09-21/StartImageScan)
# StartLifecyclePolicyPreview
Starts a preview of a lifecycle policy for the specified repository. This allows you to see the results before associating the lifecycle policy with the repository.
## Request Syntax
```
{
"lifecyclePolicyText": "string",
"registryId": "string",
"repositoryName": "string"
}
```
## Request Parameters
For information about the parameters that are common to all actions, see [Common Parameters](CommonParameters.md).
The request accepts the following data in JSON format.
** [lifecyclePolicyText](#API_StartLifecyclePolicyPreview_RequestSyntax) **
The policy to be evaluated against. If you do not specify a policy, the current policy for the repository is used.
Type: String
Length Constraints: Minimum length of 100. Maximum length of 30720.
Required: No
** [registryId](#API_StartLifecyclePolicyPreview_RequestSyntax) **
The AWS account ID associated with the registry that contains the repository. If you do not specify a registry, the default registry is assumed.
Type: String
Pattern: `[0-9]{12}`
Required: No
** [repositoryName](#API_StartLifecyclePolicyPreview_RequestSyntax) **
The name of the repository to be evaluated.
Type: String
Length Constraints: Minimum length of 2. Maximum length of 256.
Pattern: `[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*(\/[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*)*`
Required: Yes
## Response Syntax
```
{
"lifecyclePolicyText": "string",
"registryId": "string",
"repositoryName": "string",
"status": "string"
}
```
## Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
** [lifecyclePolicyText](#API_StartLifecyclePolicyPreview_ResponseSyntax) **
The JSON repository policy text.
Type: String
Length Constraints: Minimum length of 100. Maximum length of 30720.
** [registryId](#API_StartLifecyclePolicyPreview_ResponseSyntax) **
The registry ID associated with the request.
Type: String
Pattern: `[0-9]{12}`
** [repositoryName](#API_StartLifecyclePolicyPreview_ResponseSyntax) **
The repository name associated with the request.
Type: String
Length Constraints: Minimum length of 2. Maximum length of 256.
Pattern: `[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*(\/[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*)*`
** [status](#API_StartLifecyclePolicyPreview_ResponseSyntax) **
The status of the lifecycle policy preview request.
Type: String
Valid Values: `IN_PROGRESS | COMPLETE | EXPIRED | FAILED`
## Errors
For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md).
** InvalidParameterException **
The specified parameter is invalid. Review the available parameters for the API request.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** LifecyclePolicyNotFoundException **
The lifecycle policy could not be found, and no policy is set to the repository.
HTTP Status Code: 400
** LifecyclePolicyPreviewInProgressException **
The previous lifecycle policy preview request has not completed. Wait and try again.
HTTP Status Code: 400
** RepositoryNotFoundException **
The specified repository could not be found. Check the spelling of the specified repository and ensure that you are performing operations on the correct registry.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** ServerException **
These errors are usually caused by a server-side issue.
** message **
The error message associated with the exception.
HTTP Status Code: 500
** ValidationException **
There was an exception validating this request.
HTTP Status Code: 400
## Examples
In the following example or examples, the Authorization header contents (`AUTHPARAMS`) must be replaced with an AWS Signature Version 4 signature. For more information about creating these signatures, see [Signature Version 4 Signing Process](https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html) in the * AWS General Reference*.
You only need to learn how to sign HTTP requests if you intend to manually create them. When you use the [AWS Command Line Interface (AWS CLI)](http://aws.amazon.com/cli/) or one of the [AWS SDKs](http://aws.amazon.com/tools/) to make requests to AWS, these tools automatically sign the requests for you with the access key that you specify when you configure the tools. When you use these tools, you don't need to learn how to sign requests yourself.
### Example
This example creates a lifecycle policy preview to expire images older than 14 days for a repository called `project-a/amazon-ecs-sample` in the default registry for an account.
#### Sample Request
```
POST / HTTP/1.1
Host: ecr.us-west-2.amazonaws.com
Accept-Encoding: identity
X-Amz-Target: AmazonEC2ContainerRegistry_V20150921.StartLifecyclePolicyPreview
Content-Type: application/x-amz-json-1.1
User-Agent: aws-cli/1.11.144 Python/3.6.1 Darwin/16.6.0 botocore/1.7.2
X-Amz-Date: 20170901T221604Z
Authorization: AUTHPARAMS
Content-Length: 535
{
"repositoryName": "project-a/amazon-ecs-sample",
"lifecyclePolicyText": "{\n \"rules\": [\n {\n \"rulePriority\": 1,\n \"description\": \"Expire images older than 14 days\",\n \"selection\": {\n \"tagStatus\": \"untagged\",\n \"countType\": \"sinceImagePushed\",\n \"countUnit\": \"days\",\n \"countNumber\": 14\n },\n \"action\": {\n \"type\": \"expire\"\n }\n }\n ]\n}\n"
}
```
#### Sample Response
```
HTTP/1.1 200 OK
Server: Server
Date: Fri, 01 Sep 2017 22:16:05 GMT
Content-Type: application/x-amz-json-1.1
Content-Length: 583
Connection: keep-alive
x-amzn-RequestId: 123a4b56-7c89-01d2-3ef4-example5678f
{
"lifecyclePolicyText":"{\n \"rules\": [\n {\n \"rulePriority\": 1,\n \"description\": \"Expire images older than 14 days\",\n \"selection\": {\n \"tagStatus\": \"untagged\",\n \"countType\": \"sinceImagePushed\",\n \"countUnit\": \"days\",\n \"countNumber\": 14\n },\n \"action\": {\n \"type\": \"expire\"\n }\n }\n ]\n}\n",
"registryId":"012345678910",
"repositoryName":"project-a/amazon-ecs-sample",
"status":"IN_PROGRESS"
}
```
## See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
+ [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/ecr-2015-09-21/StartLifecyclePolicyPreview)
+ [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/ecr-2015-09-21/StartLifecyclePolicyPreview)
+ [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/ecr-2015-09-21/StartLifecyclePolicyPreview)
+ [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/ecr-2015-09-21/StartLifecyclePolicyPreview)
+ [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/ecr-2015-09-21/StartLifecyclePolicyPreview)
+ [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/ecr-2015-09-21/StartLifecyclePolicyPreview)
+ [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/ecr-2015-09-21/StartLifecyclePolicyPreview)
+ [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/ecr-2015-09-21/StartLifecyclePolicyPreview)
+ [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/ecr-2015-09-21/StartLifecyclePolicyPreview)
+ [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/ecr-2015-09-21/StartLifecyclePolicyPreview)
# TagResource
Adds specified tags to a resource with the specified ARN. Existing tags on a resource are not changed if they are not specified in the request parameters.
## Request Syntax
```
{
"resourceArn": "string",
"tags": [
{
"Key": "string",
"Value": "string"
}
]
}
```
## Request Parameters
For information about the parameters that are common to all actions, see [Common Parameters](CommonParameters.md).
The request accepts the following data in JSON format.
** [resourceArn](#API_TagResource_RequestSyntax) **
The Amazon Resource Name (ARN) of the the resource to which to add tags. Currently, the only supported resource is an Amazon ECR repository.
Type: String
Required: Yes
** [tags](#API_TagResource_RequestSyntax) **
The tags to add to the resource. A tag is an array of key-value pairs. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.
Type: Array of [Tag](API_Tag.md) objects
Required: Yes
## Response Elements
If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.
## Errors
For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md).
** InvalidParameterException **
The specified parameter is invalid. Review the available parameters for the API request.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** InvalidTagParameterException **
An invalid parameter has been specified. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.
HTTP Status Code: 400
** RepositoryNotFoundException **
The specified repository could not be found. Check the spelling of the specified repository and ensure that you are performing operations on the correct registry.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** ServerException **
These errors are usually caused by a server-side issue.
** message **
The error message associated with the exception.
HTTP Status Code: 500
** TooManyTagsException **
The list of tags on the repository is over the limit. The maximum number of tags that can be applied to a repository is 50.
HTTP Status Code: 400
## See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
+ [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/ecr-2015-09-21/TagResource)
+ [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/ecr-2015-09-21/TagResource)
+ [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/ecr-2015-09-21/TagResource)
+ [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/ecr-2015-09-21/TagResource)
+ [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/ecr-2015-09-21/TagResource)
+ [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/ecr-2015-09-21/TagResource)
+ [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/ecr-2015-09-21/TagResource)
+ [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/ecr-2015-09-21/TagResource)
+ [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/ecr-2015-09-21/TagResource)
+ [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/ecr-2015-09-21/TagResource)
# UntagResource
Deletes specified tags from a resource.
## Request Syntax
```
{
"resourceArn": "string",
"tagKeys": [ "string" ]
}
```
## Request Parameters
For information about the parameters that are common to all actions, see [Common Parameters](CommonParameters.md).
The request accepts the following data in JSON format.
** [resourceArn](#API_UntagResource_RequestSyntax) **
The Amazon Resource Name (ARN) of the resource from which to remove tags. Currently, the only supported resource is an Amazon ECR repository.
Type: String
Required: Yes
** [tagKeys](#API_UntagResource_RequestSyntax) **
The keys of the tags to be removed.
Type: Array of strings
Required: Yes
## Response Elements
If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.
## Errors
For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md).
** InvalidParameterException **
The specified parameter is invalid. Review the available parameters for the API request.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** InvalidTagParameterException **
An invalid parameter has been specified. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.
HTTP Status Code: 400
** RepositoryNotFoundException **
The specified repository could not be found. Check the spelling of the specified repository and ensure that you are performing operations on the correct registry.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** ServerException **
These errors are usually caused by a server-side issue.
** message **
The error message associated with the exception.
HTTP Status Code: 500
** TooManyTagsException **
The list of tags on the repository is over the limit. The maximum number of tags that can be applied to a repository is 50.
HTTP Status Code: 400
## See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
+ [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/ecr-2015-09-21/UntagResource)
+ [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/ecr-2015-09-21/UntagResource)
+ [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/ecr-2015-09-21/UntagResource)
+ [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/ecr-2015-09-21/UntagResource)
+ [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/ecr-2015-09-21/UntagResource)
+ [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/ecr-2015-09-21/UntagResource)
+ [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/ecr-2015-09-21/UntagResource)
+ [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/ecr-2015-09-21/UntagResource)
+ [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/ecr-2015-09-21/UntagResource)
+ [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/ecr-2015-09-21/UntagResource)
# UpdateImageStorageClass
Transitions an image between storage classes. You can transition images from Amazon ECR standard storage class to Amazon ECR archival storage class for long-term storage, or restore archived images back to Amazon ECR standard.
## Request Syntax
```
{
"imageId": {
"imageDigest": "string",
"imageTag": "string"
},
"registryId": "string",
"repositoryName": "string",
"targetStorageClass": "string"
}
```
## Request Parameters
For information about the parameters that are common to all actions, see [Common Parameters](CommonParameters.md).
The request accepts the following data in JSON format.
** [imageId](#API_UpdateImageStorageClass_RequestSyntax) **
An object with identifying information for an image in an Amazon ECR repository.
Type: [ImageIdentifier](API_ImageIdentifier.md) object
Required: Yes
** [registryId](#API_UpdateImageStorageClass_RequestSyntax) **
The AWS account ID associated with the registry that contains the image to transition. If you do not specify a registry, the default registry is assumed.
Type: String
Pattern: `[0-9]{12}`
Required: No
** [repositoryName](#API_UpdateImageStorageClass_RequestSyntax) **
The name of the repository that contains the image to transition.
Type: String
Length Constraints: Minimum length of 2. Maximum length of 256.
Pattern: `[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*(\/[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*)*`
Required: Yes
** [targetStorageClass](#API_UpdateImageStorageClass_RequestSyntax) **
The target storage class for the image.
Type: String
Valid Values: `STANDARD | ARCHIVE`
Required: Yes
## Response Syntax
```
{
"imageId": {
"imageDigest": "string",
"imageTag": "string"
},
"imageStatus": "string",
"registryId": "string",
"repositoryName": "string"
}
```
## Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
** [imageId](#API_UpdateImageStorageClass_ResponseSyntax) **
An object with identifying information for an image in an Amazon ECR repository.
Type: [ImageIdentifier](API_ImageIdentifier.md) object
** [imageStatus](#API_UpdateImageStorageClass_ResponseSyntax) **
The current status of the image after the call to UpdateImageStorageClass is complete. Valid values are `ACTIVE`, `ARCHIVED`, and `ACTIVATING`.
Type: String
Valid Values: `ACTIVE | ARCHIVED | ACTIVATING`
** [registryId](#API_UpdateImageStorageClass_ResponseSyntax) **
The registry ID associated with the request.
Type: String
Pattern: `[0-9]{12}`
** [repositoryName](#API_UpdateImageStorageClass_ResponseSyntax) **
The repository name associated with the request.
Type: String
Length Constraints: Minimum length of 2. Maximum length of 256.
Pattern: `[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*(\/[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*)*`
## Errors
For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md).
** ImageNotFoundException **
The image requested does not exist in the specified repository.
HTTP Status Code: 400
** ImageStorageClassUpdateNotSupportedException **
The requested image storage class update is not supported.
HTTP Status Code: 400
** InvalidParameterException **
The specified parameter is invalid. Review the available parameters for the API request.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** RepositoryNotFoundException **
The specified repository could not be found. Check the spelling of the specified repository and ensure that you are performing operations on the correct registry.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** ServerException **
These errors are usually caused by a server-side issue.
** message **
The error message associated with the exception.
HTTP Status Code: 500
** ValidationException **
There was an exception validating this request.
HTTP Status Code: 400
## Examples
In the following example or examples, the Authorization header contents (`AUTHPARAMS`) must be replaced with an AWS Signature Version 4 signature. For more information about creating these signatures, see [Signature Version 4 Signing Process](https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html) in the * AWS General Reference*.
You only need to learn how to sign HTTP requests if you intend to manually create them. When you use the [AWS Command Line Interface (AWS CLI)](http://aws.amazon.com/cli/) or one of the [AWS SDKs](http://aws.amazon.com/tools/) to make requests to AWS, these tools automatically sign the requests for you with the access key that you specify when you configure the tools. When you use these tools, you don't need to learn how to sign requests yourself.
### To transition an image to Amazon ECR archive
This example transitions an image with a specific digest in the `hello-repository` repository to Amazon ECR archive storage for long-term archival.
#### Sample Request
```
POST / HTTP/1.1
Host: api.ecr.us-east-1.amazonaws.com
Accept-Encoding: identity
X-Amz-Target: AmazonEC2ContainerRegistry_V20150921.UpdateImageStorageClass
Content-Type: application/x-amz-json-1.1
User-Agent: aws-cli/2.0 Python/3.8.0 Darwin/20.0.0 botocore/2.0.0
X-Amz-Date: 20251117T220800Z
Authorization: AUTHPARAMS
Content-Length: 225
{
"registryId": "724772093679",
"repositoryName": "hello-repository",
"imageId": {
"imageDigest": "sha256:0b1a4e0c81c434fa7928e5c4a2651a521ebabc4ff200c65f7e25b99373efca3b"
},
"targetStorageClass": "ARCHIVE"
}
```
#### Sample Response
```
HTTP/1.1 200 OK
x-amzn-RequestId: 123a4b56-7c89-01d2-3ef4-example5678f
Content-Type: application/x-amz-json-1.1
Content-Length: 215
Connection: keep-alive
{
"registryId": "724772093679",
"repositoryName": "hello-repository",
"imageId": {
"imageDigest": "sha256:0b1a4e0c81c434fa7928e5c4a2651a521ebabc4ff200c65f7e25b99373efca3b"
},
"imageStatus": "ARCHIVED"
}
```
### To restore an archived image to Amazon ECR standard
This example restores an archived image with a specific digest back to Amazon ECR standard storage.
#### Sample Request
```
POST / HTTP/1.1
Host: api.ecr.us-east-1.amazonaws.com
Accept-Encoding: identity
X-Amz-Target: AmazonEC2ContainerRegistry_V20150921.UpdateImageStorageClass
Content-Type: application/x-amz-json-1.1
User-Agent: aws-cli/2.0 Python/3.8.0 Darwin/20.0.0 botocore/2.0.0
X-Amz-Date: 20251117T220900Z
Authorization: AUTHPARAMS
Content-Length: 226
{
"registryId": "724772093679",
"repositoryName": "hello-repository",
"imageId": {
"imageDigest": "sha256:0b1a4e0c81c434fa7928e5c4a2651a521ebabc4ff200c65f7e25b99373efca3b"
},
"targetStorageClass": "STANDARD"
}
```
#### Sample Response
```
HTTP/1.1 200 OK
x-amzn-RequestId: 123a4b56-7c89-01d2-3ef4-example5678f
Content-Type: application/x-amz-json-1.1
Content-Length: 217
Connection: keep-alive
{
"registryId": "724772093679",
"repositoryName": "hello-repository",
"imageId": {
"imageDigest": "sha256:0b1a4e0c81c434fa7928e5c4a2651a521ebabc4ff200c65f7e25b99373efca3b"
},
"imageStatus": "ACTIVATING"
}
```
## See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
+ [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/ecr-2015-09-21/UpdateImageStorageClass)
+ [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/ecr-2015-09-21/UpdateImageStorageClass)
+ [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/ecr-2015-09-21/UpdateImageStorageClass)
+ [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/ecr-2015-09-21/UpdateImageStorageClass)
+ [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/ecr-2015-09-21/UpdateImageStorageClass)
+ [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/ecr-2015-09-21/UpdateImageStorageClass)
+ [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/ecr-2015-09-21/UpdateImageStorageClass)
+ [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/ecr-2015-09-21/UpdateImageStorageClass)
+ [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/ecr-2015-09-21/UpdateImageStorageClass)
+ [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/ecr-2015-09-21/UpdateImageStorageClass)
# UpdatePullThroughCacheRule
Updates an existing pull through cache rule.
## Request Syntax
```
{
"credentialArn": "string",
"customRoleArn": "string",
"ecrRepositoryPrefix": "string",
"registryId": "string"
}
```
## Request Parameters
For information about the parameters that are common to all actions, see [Common Parameters](CommonParameters.md).
The request accepts the following data in JSON format.
** [credentialArn](#API_UpdatePullThroughCacheRule_RequestSyntax) **
The Amazon Resource Name (ARN) of the AWS Secrets Manager secret that identifies the credentials to authenticate to the upstream registry.
Type: String
Length Constraints: Minimum length of 50. Maximum length of 612.
Pattern: `^arn:aws(-\w+)*:secretsmanager:[a-zA-Z0-9-:]+:secret:ecr\-pullthroughcache\/[a-zA-Z0-9\/_+=.@-]+$`
Required: No
** [customRoleArn](#API_UpdatePullThroughCacheRule_RequestSyntax) **
Amazon Resource Name (ARN) of the IAM role to be assumed by Amazon ECR to authenticate to the ECR upstream registry. This role must be in the same account as the registry that you are configuring.
Type: String
Length Constraints: Maximum length of 2048.
Required: No
** [ecrRepositoryPrefix](#API_UpdatePullThroughCacheRule_RequestSyntax) **
The repository name prefix to use when caching images from the source registry.
Type: String
Length Constraints: Minimum length of 2. Maximum length of 30.
Pattern: `^([a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*(\/[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*)*\/?|ROOT)$`
Required: Yes
** [registryId](#API_UpdatePullThroughCacheRule_RequestSyntax) **
The AWS account ID associated with the registry associated with the pull through cache rule. If you do not specify a registry, the default registry is assumed.
Type: String
Pattern: `[0-9]{12}`
Required: No
## Response Syntax
```
{
"credentialArn": "string",
"customRoleArn": "string",
"ecrRepositoryPrefix": "string",
"registryId": "string",
"updatedAt": number,
"upstreamRepositoryPrefix": "string"
}
```
## Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
** [credentialArn](#API_UpdatePullThroughCacheRule_ResponseSyntax) **
The Amazon Resource Name (ARN) of the AWS Secrets Manager secret associated with the pull through cache rule.
Type: String
Length Constraints: Minimum length of 50. Maximum length of 612.
Pattern: `^arn:aws(-\w+)*:secretsmanager:[a-zA-Z0-9-:]+:secret:ecr\-pullthroughcache\/[a-zA-Z0-9\/_+=.@-]+$`
** [customRoleArn](#API_UpdatePullThroughCacheRule_ResponseSyntax) **
The ARN of the IAM role associated with the pull through cache rule.
Type: String
Length Constraints: Maximum length of 2048.
** [ecrRepositoryPrefix](#API_UpdatePullThroughCacheRule_ResponseSyntax) **
The Amazon ECR repository prefix associated with the pull through cache rule.
Type: String
Length Constraints: Minimum length of 2. Maximum length of 30.
Pattern: `^([a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*(\/[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*)*\/?|ROOT)$`
** [registryId](#API_UpdatePullThroughCacheRule_ResponseSyntax) **
The registry ID associated with the request.
Type: String
Pattern: `[0-9]{12}`
** [updatedAt](#API_UpdatePullThroughCacheRule_ResponseSyntax) **
The date and time, in JavaScript date format, when the pull through cache rule was updated.
Type: Timestamp
** [upstreamRepositoryPrefix](#API_UpdatePullThroughCacheRule_ResponseSyntax) **
The upstream repository prefix associated with the pull through cache rule.
Type: String
Length Constraints: Minimum length of 2. Maximum length of 30.
Pattern: `^([a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*(\/[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*)*\/?|ROOT)$`
## Errors
For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md).
** InvalidParameterException **
The specified parameter is invalid. Review the available parameters for the API request.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** PullThroughCacheRuleNotFoundException **
The pull through cache rule was not found. Specify a valid pull through cache rule and try again.
HTTP Status Code: 400
** SecretNotFoundException **
The ARN of the secret specified in the pull through cache rule was not found. Update the pull through cache rule with a valid secret ARN and try again.
HTTP Status Code: 400
** ServerException **
These errors are usually caused by a server-side issue.
** message **
The error message associated with the exception.
HTTP Status Code: 500
** UnableToAccessSecretException **
The secret is unable to be accessed. Verify the resource permissions for the secret and try again.
HTTP Status Code: 400
** UnableToDecryptSecretValueException **
The secret is accessible but is unable to be decrypted. Verify the resource permisisons and try again.
HTTP Status Code: 400
** ValidationException **
There was an exception validating this request.
HTTP Status Code: 400
## See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
+ [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/ecr-2015-09-21/UpdatePullThroughCacheRule)
+ [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/ecr-2015-09-21/UpdatePullThroughCacheRule)
+ [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/ecr-2015-09-21/UpdatePullThroughCacheRule)
+ [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/ecr-2015-09-21/UpdatePullThroughCacheRule)
+ [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/ecr-2015-09-21/UpdatePullThroughCacheRule)
+ [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/ecr-2015-09-21/UpdatePullThroughCacheRule)
+ [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/ecr-2015-09-21/UpdatePullThroughCacheRule)
+ [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/ecr-2015-09-21/UpdatePullThroughCacheRule)
+ [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/ecr-2015-09-21/UpdatePullThroughCacheRule)
+ [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/ecr-2015-09-21/UpdatePullThroughCacheRule)
# UpdateRepositoryCreationTemplate
Updates an existing repository creation template.
## Request Syntax
```
{
"appliedFor": [ "string" ],
"customRoleArn": "string",
"description": "string",
"encryptionConfiguration": {
"encryptionType": "string",
"kmsKey": "string"
},
"imageTagMutability": "string",
"imageTagMutabilityExclusionFilters": [
{
"filter": "string",
"filterType": "string"
}
],
"lifecyclePolicy": "string",
"prefix": "string",
"repositoryPolicy": "string",
"resourceTags": [
{
"Key": "string",
"Value": "string"
}
]
}
```
## Request Parameters
For information about the parameters that are common to all actions, see [Common Parameters](CommonParameters.md).
The request accepts the following data in JSON format.
** [appliedFor](#API_UpdateRepositoryCreationTemplate_RequestSyntax) **
Updates the list of enumerable strings representing the Amazon ECR repository creation scenarios that this template will apply towards. The supported scenarios are `PULL_THROUGH_CACHE`, `REPLICATION`, and `CREATE_ON_PUSH`
Type: Array of strings
Valid Values: `REPLICATION | PULL_THROUGH_CACHE | CREATE_ON_PUSH`
Required: No
** [customRoleArn](#API_UpdateRepositoryCreationTemplate_RequestSyntax) **
The ARN of the role to be assumed by Amazon ECR. This role must be in the same account as the registry that you are configuring. Amazon ECR will assume your supplied role when the customRoleArn is specified. When this field isn't specified, Amazon ECR will use the service-linked role for the repository creation template.
Type: String
Length Constraints: Maximum length of 2048.
Required: No
** [description](#API_UpdateRepositoryCreationTemplate_RequestSyntax) **
A description for the repository creation template.
Type: String
Length Constraints: Maximum length of 256.
Required: No
** [encryptionConfiguration](#API_UpdateRepositoryCreationTemplate_RequestSyntax) **
The encryption configuration to associate with the repository creation template.
Type: [EncryptionConfigurationForRepositoryCreationTemplate](API_EncryptionConfigurationForRepositoryCreationTemplate.md) object
Required: No
** [imageTagMutability](#API_UpdateRepositoryCreationTemplate_RequestSyntax) **
Updates the tag mutability setting for the repository. If this parameter is omitted, the default setting of `MUTABLE` will be used which will allow image tags to be overwritten. If `IMMUTABLE` is specified, all image tags within the repository will be immutable which will prevent them from being overwritten.
Type: String
Valid Values: `MUTABLE | IMMUTABLE | IMMUTABLE_WITH_EXCLUSION | MUTABLE_WITH_EXCLUSION`
Required: No
** [imageTagMutabilityExclusionFilters](#API_UpdateRepositoryCreationTemplate_RequestSyntax) **
A list of filters that specify which image tags should be excluded from the repository creation template's image tag mutability setting.
Type: Array of [ImageTagMutabilityExclusionFilter](API_ImageTagMutabilityExclusionFilter.md) objects
Array Members: Minimum number of 1 item. Maximum number of 5 items.
Required: No
** [lifecyclePolicy](#API_UpdateRepositoryCreationTemplate_RequestSyntax) **
Updates the lifecycle policy associated with the specified repository creation template.
Type: String
Length Constraints: Minimum length of 0. Maximum length of 30720.
Required: No
** [prefix](#API_UpdateRepositoryCreationTemplate_RequestSyntax) **
The repository namespace prefix that matches an existing repository creation template in the registry. All repositories created using this namespace prefix will have the settings defined in this template applied. For example, a prefix of `prod` would apply to all repositories beginning with `prod/`. This includes a repository named `prod/team1` as well as a repository named `prod/repository1`.
To apply a template to all repositories in your registry that don't have an associated creation template, you can use `ROOT` as the prefix.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 256.
Pattern: `^([a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*(\/[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*)*\/?|ROOT)$`
Required: Yes
** [repositoryPolicy](#API_UpdateRepositoryCreationTemplate_RequestSyntax) **
Updates the repository policy created using the template. A repository policy is a permissions policy associated with a repository to control access permissions.
Type: String
Length Constraints: Minimum length of 0. Maximum length of 10240.
Required: No
** [resourceTags](#API_UpdateRepositoryCreationTemplate_RequestSyntax) **
The metadata to apply to the repository to help you categorize and organize. Each tag consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.
Type: Array of [Tag](API_Tag.md) objects
Required: No
## Response Syntax
```
{
"registryId": "string",
"repositoryCreationTemplate": {
"appliedFor": [ "string" ],
"createdAt": number,
"customRoleArn": "string",
"description": "string",
"encryptionConfiguration": {
"encryptionType": "string",
"kmsKey": "string"
},
"imageTagMutability": "string",
"imageTagMutabilityExclusionFilters": [
{
"filter": "string",
"filterType": "string"
}
],
"lifecyclePolicy": "string",
"prefix": "string",
"repositoryPolicy": "string",
"resourceTags": [
{
"Key": "string",
"Value": "string"
}
],
"updatedAt": number
}
}
```
## Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
** [registryId](#API_UpdateRepositoryCreationTemplate_ResponseSyntax) **
The registry ID associated with the request.
Type: String
Pattern: `[0-9]{12}`
** [repositoryCreationTemplate](#API_UpdateRepositoryCreationTemplate_ResponseSyntax) **
The details of the repository creation template associated with the request.
Type: [RepositoryCreationTemplate](API_RepositoryCreationTemplate.md) object
## Errors
For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md).
** InvalidParameterException **
The specified parameter is invalid. Review the available parameters for the API request.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** ServerException **
These errors are usually caused by a server-side issue.
** message **
The error message associated with the exception.
HTTP Status Code: 500
** TemplateNotFoundException **
The specified repository creation template can't be found. Verify the registry ID and prefix and try again.
HTTP Status Code: 400
** ValidationException **
There was an exception validating this request.
HTTP Status Code: 400
## Examples
In the following example or examples, the Authorization header contents (`AUTHPARAMS`) must be replaced with an AWS Signature Version 4 signature. For more information about creating these signatures, see [Signature Version 4 Signing Process](https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html) in the * AWS General Reference*.
You only need to learn how to sign HTTP requests if you intend to manually create them. When you use the [AWS Command Line Interface (AWS CLI)](http://aws.amazon.com/cli/) or one of the [AWS SDKs](http://aws.amazon.com/tools/) to make requests to AWS, these tools automatically sign the requests for you with the access key that you specify when you configure the tools. When you use these tools, you don't need to learn how to sign requests yourself.
### Example
This example updates a repository creation template in the default registry for an account.
#### Sample Request
```
POST / HTTP/1.1
Host: ecr.us-west-2.amazonaws.com
Accept-Encoding: identity
Content-Length:240
X-Amz-Target: AmazonEC2ContainerRegistry_V20150921.UpdateRepositoryCreationTemplate
X-Amz-Date: 20231216T195356Z
User-Agent: aws-cli/1.11.22 Python/2.7.12 Darwin/16.3.0 botocore/1.4.79
Content-Type: application/x-amz-json-1.1
Authorization: AUTHPARAMS
{
"prefix": "eng/test",
"resourceTags":
[
{"Key": "environment",
"Value": "test"}
],
"appliedFor":
["REPLICATION"]
}
```
#### Sample Response
```
HTTP/1.1 200 OK
Server: Server
Date: Sat, 16 Dec 2023 19:54:56 GMT
Content-Type: application/x-amz-json-1.1
Content-Length: 950
Connection: keep-alive
x-amzn-RequestId: 60dc1ea1-c3c9-11e6-aa04-25c3a5fb1b54
{
"registryId": "012345678901",
"repositoryCreationTemplate":
{
"appliedFor":
["REPLICATION"],
"description": "Repos for testing images",
"encryptionConfiguration":
{
"encryptionType": "AES256"
},
"imageTagMutability": "MUTABLE",
"lifecyclePolicy": "{\r\n \"rules\": [\r\n {\r\n \"rulePriority\": 1,\r\n \"description\": \"Expire images older than 14 days\",\r\n \"selection\": {\r\n \"tagStatus\": \"untagged\",\r\n \"countType\": \"sinceImagePushed\",\r\n \"countUnit\": \"days\",\r\n \"countNumber\": 14\r\n },\r\n \"action\": {\r\n \"type\": \"expire\"\r\n }\r\n }\r\n ]\r\n}",
"prefix": "eng/test",
"repositoryPolicy": "{\n \"Version\" : \"2012-10-17\",\n \"Statement\" : [ {\n \"Sid\" : \"LambdaECRPullPolicy\",\n \"Effect\" : \"Allow\",\n \"Principal\" : {\n \"Service\" : \"lambda.amazonaws.com\"\n },\n \"Action\" : \"ecr:BatchGetImage\"\n } ]\n}",
"resourceTags":
[
{"Key": "environment",
"Value": "test"}
],
"createdAt": "2023-12-16T17:29:02-07:00",
"updatedAt": "2023-12-16T19:55:02-07:00"
}
}
```
## See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
+ [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/ecr-2015-09-21/UpdateRepositoryCreationTemplate)
+ [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/ecr-2015-09-21/UpdateRepositoryCreationTemplate)
+ [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/ecr-2015-09-21/UpdateRepositoryCreationTemplate)
+ [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/ecr-2015-09-21/UpdateRepositoryCreationTemplate)
+ [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/ecr-2015-09-21/UpdateRepositoryCreationTemplate)
+ [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/ecr-2015-09-21/UpdateRepositoryCreationTemplate)
+ [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/ecr-2015-09-21/UpdateRepositoryCreationTemplate)
+ [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/ecr-2015-09-21/UpdateRepositoryCreationTemplate)
+ [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/ecr-2015-09-21/UpdateRepositoryCreationTemplate)
+ [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/ecr-2015-09-21/UpdateRepositoryCreationTemplate)
# UploadLayerPart
Uploads an image layer part to Amazon ECR.
When an image is pushed, each new image layer is uploaded in parts. The maximum size of each image layer part can be 20971520 bytes (or about 20MB). The UploadLayerPart API is called once per each new image layer part.
**Note**
This operation is used by the Amazon ECR proxy and is not generally used by customers for pulling and pushing images. In most cases, you should use the `docker` CLI to pull, tag, and push images.
## Request Syntax
```
{
"layerPartBlob": blob,
"partFirstByte": number,
"partLastByte": number,
"registryId": "string",
"repositoryName": "string",
"uploadId": "string"
}
```
## Request Parameters
For information about the parameters that are common to all actions, see [Common Parameters](CommonParameters.md).
The request accepts the following data in JSON format.
** [layerPartBlob](#API_UploadLayerPart_RequestSyntax) **
The base64-encoded layer part payload.
Type: Base64-encoded binary data object
Length Constraints: Minimum length of 0. Maximum length of 20971520.
Required: Yes
** [partFirstByte](#API_UploadLayerPart_RequestSyntax) **
The position of the first byte of the layer part witin the overall image layer.
Type: Long
Valid Range: Minimum value of 0.
Required: Yes
** [partLastByte](#API_UploadLayerPart_RequestSyntax) **
The position of the last byte of the layer part within the overall image layer.
Type: Long
Valid Range: Minimum value of 0.
Required: Yes
** [registryId](#API_UploadLayerPart_RequestSyntax) **
The AWS account ID associated with the registry to which you are uploading layer parts. If you do not specify a registry, the default registry is assumed.
Type: String
Pattern: `[0-9]{12}`
Required: No
** [repositoryName](#API_UploadLayerPart_RequestSyntax) **
The name of the repository to which you are uploading layer parts.
Type: String
Length Constraints: Minimum length of 2. Maximum length of 256.
Pattern: `[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*(\/[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*)*`
Required: Yes
** [uploadId](#API_UploadLayerPart_RequestSyntax) **
The upload ID from a previous [InitiateLayerUpload](API_InitiateLayerUpload.md) operation to associate with the layer part upload.
Type: String
Pattern: `[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}`
Required: Yes
## Response Syntax
```
{
"lastByteReceived": number,
"registryId": "string",
"repositoryName": "string",
"uploadId": "string"
}
```
## Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
** [lastByteReceived](#API_UploadLayerPart_ResponseSyntax) **
The integer value of the last byte received in the request.
Type: Long
Valid Range: Minimum value of 0.
** [registryId](#API_UploadLayerPart_ResponseSyntax) **
The registry ID associated with the request.
Type: String
Pattern: `[0-9]{12}`
** [repositoryName](#API_UploadLayerPart_ResponseSyntax) **
The repository name associated with the request.
Type: String
Length Constraints: Minimum length of 2. Maximum length of 256.
Pattern: `[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*(\/[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*)*`
** [uploadId](#API_UploadLayerPart_ResponseSyntax) **
The upload ID associated with the request.
Type: String
Pattern: `[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}`
## Errors
For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md).
** InvalidLayerPartException **
The layer part size is not valid, or the first byte specified is not consecutive to the last byte of a previous layer part upload.
** lastValidByteReceived **
The last valid byte received from the layer part upload that is associated with the exception.
** message **
The error message associated with the exception.
** registryId **
The registry ID associated with the exception.
** repositoryName **
The repository name associated with the exception.
** uploadId **
The upload ID associated with the exception.
HTTP Status Code: 400
** InvalidParameterException **
The specified parameter is invalid. Review the available parameters for the API request.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** KmsException **
The operation failed due to a KMS exception.
** kmsError **
The error code returned by AWS KMS.
HTTP Status Code: 400
** LimitExceededException **
The operation did not succeed because it would have exceeded a service limit for your account. For more information, see [Amazon ECR service quotas](https://docs.aws.amazon.com/AmazonECR/latest/userguide/service-quotas.html) in the Amazon Elastic Container Registry User Guide.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** RepositoryNotFoundException **
The specified repository could not be found. Check the spelling of the specified repository and ensure that you are performing operations on the correct registry.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** ServerException **
These errors are usually caused by a server-side issue.
** message **
The error message associated with the exception.
HTTP Status Code: 500
** UploadNotFoundException **
The upload could not be found, or the specified upload ID is not valid for this repository.
** message **
The error message associated with the exception.
HTTP Status Code: 400
## See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
+ [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/ecr-2015-09-21/UploadLayerPart)
+ [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/ecr-2015-09-21/UploadLayerPart)
+ [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/ecr-2015-09-21/UploadLayerPart)
+ [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/ecr-2015-09-21/UploadLayerPart)
+ [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/ecr-2015-09-21/UploadLayerPart)
+ [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/ecr-2015-09-21/UploadLayerPart)
+ [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/ecr-2015-09-21/UploadLayerPart)
+ [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/ecr-2015-09-21/UploadLayerPart)
+ [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/ecr-2015-09-21/UploadLayerPart)
+ [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/ecr-2015-09-21/UploadLayerPart)
# ValidatePullThroughCacheRule
Validates an existing pull through cache rule for an upstream registry that requires authentication. This will retrieve the contents of the AWS Secrets Manager secret, verify the syntax, and then validate that authentication to the upstream registry is successful.
## Request Syntax
```
{
"ecrRepositoryPrefix": "string",
"registryId": "string"
}
```
## Request Parameters
For information about the parameters that are common to all actions, see [Common Parameters](CommonParameters.md).
The request accepts the following data in JSON format.
** [ecrRepositoryPrefix](#API_ValidatePullThroughCacheRule_RequestSyntax) **
The repository name prefix associated with the pull through cache rule.
Type: String
Length Constraints: Minimum length of 2. Maximum length of 30.
Pattern: `^([a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*(\/[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*)*\/?|ROOT)$`
Required: Yes
** [registryId](#API_ValidatePullThroughCacheRule_RequestSyntax) **
The registry ID associated with the pull through cache rule. If you do not specify a registry, the default registry is assumed.
Type: String
Pattern: `[0-9]{12}`
Required: No
## Response Syntax
```
{
"credentialArn": "string",
"customRoleArn": "string",
"ecrRepositoryPrefix": "string",
"failure": "string",
"isValid": boolean,
"registryId": "string",
"upstreamRegistryUrl": "string",
"upstreamRepositoryPrefix": "string"
}
```
## Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
** [credentialArn](#API_ValidatePullThroughCacheRule_ResponseSyntax) **
The Amazon Resource Name (ARN) of the AWS Secrets Manager secret associated with the pull through cache rule.
Type: String
Length Constraints: Minimum length of 50. Maximum length of 612.
Pattern: `^arn:aws(-\w+)*:secretsmanager:[a-zA-Z0-9-:]+:secret:ecr\-pullthroughcache\/[a-zA-Z0-9\/_+=.@-]+$`
** [customRoleArn](#API_ValidatePullThroughCacheRule_ResponseSyntax) **
The ARN of the IAM role associated with the pull through cache rule.
Type: String
Length Constraints: Maximum length of 2048.
** [ecrRepositoryPrefix](#API_ValidatePullThroughCacheRule_ResponseSyntax) **
The Amazon ECR repository prefix associated with the pull through cache rule.
Type: String
Length Constraints: Minimum length of 2. Maximum length of 30.
Pattern: `^([a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*(\/[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*)*\/?|ROOT)$`
** [failure](#API_ValidatePullThroughCacheRule_ResponseSyntax) **
The reason the validation failed. For more details about possible causes and how to address them, see [Using pull through cache rules](https://docs.aws.amazon.com/AmazonECR/latest/userguide/pull-through-cache.html) in the *Amazon Elastic Container Registry User Guide*.
Type: String
** [isValid](#API_ValidatePullThroughCacheRule_ResponseSyntax) **
Whether or not the pull through cache rule was validated. If `true`, Amazon ECR was able to reach the upstream registry and authentication was successful. If `false`, there was an issue and validation failed. The `failure` reason indicates the cause.
Type: Boolean
** [registryId](#API_ValidatePullThroughCacheRule_ResponseSyntax) **
The registry ID associated with the request.
Type: String
Pattern: `[0-9]{12}`
** [upstreamRegistryUrl](#API_ValidatePullThroughCacheRule_ResponseSyntax) **
The upstream registry URL associated with the pull through cache rule.
Type: String
** [upstreamRepositoryPrefix](#API_ValidatePullThroughCacheRule_ResponseSyntax) **
The upstream repository prefix associated with the pull through cache rule.
Type: String
Length Constraints: Minimum length of 2. Maximum length of 30.
Pattern: `^([a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*(\/[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*)*\/?|ROOT)$`
## Errors
For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md).
** InvalidParameterException **
The specified parameter is invalid. Review the available parameters for the API request.
** message **
The error message associated with the exception.
HTTP Status Code: 400
** PullThroughCacheRuleNotFoundException **
The pull through cache rule was not found. Specify a valid pull through cache rule and try again.
HTTP Status Code: 400
** ServerException **
These errors are usually caused by a server-side issue.
** message **
The error message associated with the exception.
HTTP Status Code: 500
** ValidationException **
There was an exception validating this request.
HTTP Status Code: 400
## See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
+ [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/ecr-2015-09-21/ValidatePullThroughCacheRule)
+ [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/ecr-2015-09-21/ValidatePullThroughCacheRule)
+ [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/ecr-2015-09-21/ValidatePullThroughCacheRule)
+ [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/ecr-2015-09-21/ValidatePullThroughCacheRule)
+ [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/ecr-2015-09-21/ValidatePullThroughCacheRule)
+ [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/ecr-2015-09-21/ValidatePullThroughCacheRule)
+ [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/ecr-2015-09-21/ValidatePullThroughCacheRule)
+ [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/ecr-2015-09-21/ValidatePullThroughCacheRule)
+ [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/ecr-2015-09-21/ValidatePullThroughCacheRule)
+ [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/ecr-2015-09-21/ValidatePullThroughCacheRule)