This example demonstrates two approaches for creating ECR repositories across multiple AWS regions for disaster recovery and global distribution use cases:
- Built-in Replication (Recommended) - Uses the module's new replication features for automatic cross-region replication
- Manual Setup (Alternative) - Manually creates repositories in each region with custom replication configuration
┌─────────────────┐ ┌──────────────────────┐
│ │ │ Primary Region │
│ CI/CD System │────▶│ ┌───────────────┐ │
│ (Image Builds) │ │ │ ECR Repository│ │
│ │ │ │ + Replication│ │
│ │ │ └───────────────┘ │
└─────────────────┘ └──────────┬───────────┘
│
│ Automatic Replication
│ (Managed by AWS)
▼
┌─────────────────────┐
│ Secondary Region │
│ ┌───────────────┐ │
│ │ ECR Repository│ │
│ │ (Replica) │ │
│ └───────────────┘ │
└─────────────────────┘
┌─────────────────┐ ┌──────────────────────┐
│ │ │ Primary Region │
│ CI/CD System │────▶│ ┌───────────────┐ │
│ (Image Builds) │ │ │ ECR Repository│ │
│ │ │ └───────────────┘ │
└─────────────────┘ └──────────┬───────────┘
│
│ Manual Replication Config
▼
┌─────────────────────┐
│ Secondary Region │
│ ┌───────────────┐ │
│ │ ECR Repository│ │
│ │ (Manual) │ │
│ └───────────────┘ │
└─────────────────────┘
- Disaster Recovery - Ensure container images are available even if a region becomes unavailable
- Global Deployments - Deploy containers from region-local repositories to reduce latency
- Cross-Region Redundancy - Support multi-region application architectures
- Edge Deployments - Support edge computing scenarios with region-specific image repositories
- An ECR repository in the primary region
- An ECR repository in the secondary region
- ECR replication configuration to copy images automatically
- AWS account with permissions to create ECR resources in multiple regions
- Terraform 1.3.0+
- AWS provider 5.0.0+
terraform init
terraform applyAfter applying this Terraform code:
- Push images to the primary region's repository
- Images will automatically replicate to the secondary region
- Your applications can pull from the geographically closest repository
# Login to ECR in primary region
aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin <account-id>.dkr.ecr.us-east-1.amazonaws.com
# Build and tag your image
docker build -t multi-region-app:v1.0.0 .
docker tag multi-region-app:v1.0.0 <account-id>.dkr.ecr.us-east-1.amazonaws.com/multi-region-app:v1.0.0
# Push to primary region
docker push <account-id>.dkr.ecr.us-east-1.amazonaws.com/multi-region-app:v1.0.0
# The image will automatically replicate to the secondary region
# You can pull from the secondary region after replication completes:
aws ecr get-login-password --region us-west-2 | docker login --username AWS --password-stdin <account-id>.dkr.ecr.us-west-2.amazonaws.com
docker pull <account-id>.dkr.ecr.us-west-2.amazonaws.com/multi-region-app:v1.0.0You can monitor the replication status using AWS CLI:
aws ecr describe-images --repository-name multi-region-app --region us-east-1
aws ecr describe-images --repository-name multi-region-app --region us-west-2- Push to Primary Only - Always push images to the primary region and let AWS handle replication
- Immutable Tags - Use immutable tags to ensure consistency across regions
- Version Images - Use semantic versioning in image tags (v1.0.0) rather than mutable tags like 'latest'
- Regional Endpoints - Configure applications to pull from their regional ECR endpoint
To destroy all resources created by this example:
terraform destroyNote: You must delete all images from the repositories before they can be deleted, or set force_delete = true in the module configuration.