Skip to main content

AWS CLI ECR & Containers Cheat Sheet 2026

2 min read

AWS CLI — ECR & Containers Cheat Sheet 2026

AWS CLI ECR & Containers Cheat Sheet is the complete quick-reference of AWS CLI ECR & Containers commands grouped by function. Copy any command with one click and find what you need with Ctrl+F in under 3 seconds.

ECR & Containers

Action Command Useful flags
Authenticate Docker with the default registry (username is AWS) 
aws ecr get-login-password --region <region> | <docker login> --username AWS --password-stdin <aws_account_id>.dkr.ecr.<region>.amazonaws.com
 --region --username --password-stdin
Create a repository 
aws ecr create-repository --repository-name <repository> --image-scanning-configuration scanOnPush=<true|false> --region <region>
 --repository-name --image-scanning-configuration --region
Tag a local image for ECR 
docker tag <container_name>:<tag> <aws_account_id>.dkr.ecr.<region>.amazonaws.com/<container_name>:<tag>
Push an image to a repository 
docker push <aws_account_id>.dkr.ecr.<region>.amazonaws.com/<container_name>:<tag>
Pull an image from a repository 
docker pull <aws_account_id>.dkr.ecr.<region>.amazonaws.com/<container_name>:<tag>
Delete an image from a repository 
aws ecr batch-delete-image --repository-name <repository> --image-ids imageTag=<latest>
 --repository-name --image-ids
Delete a repository 
aws ecr delete-repository --repository-name <repository> --force
 --repository-name --force
List images within a repository 
aws ecr list-images --repository-name <repository>
 --repository-name

⚠️ Dangerous / Destructive Commands

These commands are irreversible. Verify your environment (dev/staging vs prod) before running them.

Action Command Warning
⚠️ Ecr batch-delete-image 
aws ecr batch-delete-image --repository-name <repository> --image-ids imageTag=<latest>
 Irreversible — verify the target before running
⚠️ Ecr delete-repository 
aws ecr delete-repository --repository-name <repository> --force
 Irreversible — verify the target before running

FAQ — Frequently Asked Questions

What is the difference between ECR & Containers and the other groups?

Each group in this AWS CLI cheat sheet covers a distinct area. ECR & Containers focuses on its specific scope, while the other groups and the remaining groups cover networking, storage, security and diagnostics respectively.

How do I check the installed AWS CLI version?

Run the version command (usually aws version or aws --version). The output shows the client and, when applicable, the server version.

Why does AWS CLI return ‘permission denied’?

A ‘permission denied’ error in AWS CLI usually means the current user lacks sufficient privileges or credentials are not configured. Check: (1) assigned IAM/RBAC roles, (2) an active authentication context via the corresponding login command.

How do I filter AWS CLI output by status or name?

Use flags such as --filter, --selector or --query depending on the tool. You can also pipe into grep or jq to process JSON: 

aws list | grep RUNNING

What is the fastest way to debug a AWS CLI error?

Add the verbose flag (--verbose, -v or --debug) to the failing command. This reveals the underlying HTTP/API calls and the full error response body.

Official sources & references

Commands cross-checked against vendor documentation and high-authority repositories: