--- title: "Creating an AWS ECR Service with Pulumi" meta_desc: "Learn how to use Pulumi to define an AWS ECR resource which can then be deployed to AWS and managed as infrastructure as code." meta_image: "/images/docs/service/aws-ecr.png" service: "ECR" description: "is a fully-managed Docker container registry that makes it easy for developers to store, manage, and deploy Docker container images" aws_here: "https://aws.amazon.com/ecr/" menu: aws: name: ECR parent: aws-guides aliases: - /docs/aws/ecr/ --- ## Create an AWS ECR resource using `@pulumi/aws` The `@pulumi/aws` library enables fine-grained control over the AWS ECR resource meaning it can be coded, deployed, and managed entirely in code. ```javascript const aws = require("@pulumi/aws"); const repository = new aws.ecr.Repository("myrepository"); const repositoryPolicy = new aws.ecr.RepositoryPolicy("myrepositorypolicy", { repository: repository.id, policy: JSON.stringify({ Version: "2012-10-17", Statement: [{ Sid: "new policy", Effect: "Allow", Principal: "*", Action: [ "ecr:GetDownloadUrlForLayer", "ecr:BatchGetImage", "ecr:BatchCheckLayerAvailability", "ecr:PutImage", "ecr:InitiateLayerUpload", "ecr:UploadLayerPart", "ecr:CompleteLayerUpload", "ecr:DescribeRepositories", "ecr:GetRepositoryPolicy", "ecr:ListImages", "ecr:DeleteRepository", "ecr:BatchDeleteImage", "ecr:SetRepositoryPolicy", "ecr:DeleteRepositoryPolicy" ] }] }) }); const lifecyclePolicy = new aws.ecr.LifecyclePolicy("mylifecyclepolicy", { repository: repository.id, policy: JSON.stringify({ rules: [{ rulePriority: 1, description: "Expire images older than 14 days", selection: { tagStatus: "untagged", countType: "sinceImagePushed", countUnit: "days", countNumber: 14 }, action: { type: "expire" } }] }) }); ```