ECR cost optimization: retention, smaller images, fewer pulls

ECR cost reduction is mostly about two drivers: stored GB-month and transfer. The highest impact changes are operational: retention, image size, and avoiding redundant pulls.

Step 0: identify your dominant driver

• Storage dominates: lots of tags, long retention, large images, multi-arch duplication.
• Transfer dominates: frequent pulls from CI and autoscaling clusters, especially across boundaries.

1) Enforce retention policies (highest leverage)

• Keep only last N tags per repo (or last D days) for CI images.
• Delete untagged images and old build artifacts.
• Keep long retention only for pinned releases and rollback candidates.
• Separate prod vs non-prod repos/tags so non-prod can have aggressive retention safely.

If you are unsure, start with a conservative retention window and expand only for repos that need rollback depth.

2) Shrink images (reduces both storage and transfer)

• Use multi-stage builds and slim base images.
• Remove build tools and caches from runtime images.
• Keep layers stable (small diffs) so rebuilds do not rewrite huge layers each time.
• Audit large artifacts (node_modules, debug symbols, logs) that accidentally end up in images.

3) Reduce redundant pulls (CI and autoscaling are the usual source)

• Use node-level caching and avoid re-pulling identical tags unnecessarily.
• Prefer immutable tags/digests so caching is reliable.
• Keep CI runners and clusters in the same region when possible (avoid cross-region pulls).
• During cluster scale-out, confirm new nodes are not pulling multiple times per deployment.

4) Avoid duplication (multi-arch and multi-region)

• Multi-arch builds can store multiple variants; validate whether you need all architectures.
• Multi-region replication can reduce transfer but increases storage (multiple copies of the same images).
• Keep replication only for workloads that truly run cross-region.

Operational guardrails (prevent future cost creep)

• Set default retention rules for new repos (teams rarely come back later).
• Standardize tagging: release tags are limited; CI tags are short-lived.
• Track top repos by stored GB-month and review quarterly.
• During incidents and big deploys, watch for pull storms from fresh nodes.

Validation checklist

• Measure stored GB-month by repo class and confirm retention is actually deleting.
• Measure pull traffic during autoscaling days and CI bursts (not just steady state).
• Confirm rollback behavior still works after reducing retention.
• After changes, compare a real month of storage and transfer to your estimate.

Sources

• ECR pricing: aws.amazon.com/ecr/pricing
• ECR lifecycle policies: docs.aws.amazon.com

Related guides

FAQ