Amazon Elastic Container Registry (ECR) has announced support for version 1.1 of the Open Container Initiative (OCI) Image and Distribution specification. This update includes support for reference types, making it easier for AWS Container Services customers to store, discover, and retrieve artifacts such as image signatures and software bills of materials (SBOMs) related to container images. These artifacts are crucial for supply chain security use cases like image signing and vulnerability auditing. By supporting reference types, ECR provides a more streamlined user experience for managing these artifacts, aligning with how customers currently handle container images.
With ECR’s support for OCI reference types, customers can now distribute artifacts alongside their images in repositories. These artifacts are linked to specific images through their reference relationship and can be pulled just like images. ECR’s replication feature allows artifacts to be referenced and copied to target regions and accounts, ensuring they are readily available alongside replicated images. Additionally, ECR’s lifecycle policies simplify the management of referencing artifacts by removing references when a subject image is deleted due to an expiration action from a lifecycle policy rule.
OCI 1.1 is now supported by ECR in all AWS commercial regions and AWS GovCloud (US) regions, as well as the Amazon ECR public registry. For more information on these updates, customers can refer to the documentation on the ECR website.
Article Source
https://aws.amazon.com/about-aws/whats-new/2024/06/amazon-ecr-oci-image-distribution-version-1-1/
