iTranslated by AI

The content below is an AI-generated translation. This is an experimental feature, and may contain errors. View original article
🌵

Amazon ECR Now Supports Blob Mounting

に公開
AWS
ECR
アップデート
tech

As of the update on January 20th, Amazon ECR now supports BLOB mounting.
https://aws.amazon.com/about-aws/whats-new/2026/01/amazon-ecr-cross-repository-layer-sharing/

This allows multiple repositories to share the same layer when it exists across ECR repositories, saving storage usage and leading to cost reductions.
While layer sharing between images within the same repository existed before this feature, this update extends that capability across different repositories!

There are two ways to enable it: via the Management Console or the AWS CLI. It can be configured simply by enabling "BLOB mounting" under Private registry -> Settings and Features. This will enable it for all private repositories within the same AWS account and region. Please note that separate settings are required for ECR in different regions.

Note that there are the following limitations for layer sharing:

  • Blob mounting only works within the same registry (same account and region).
  • Repositories must use identical encryption configurations.

(Translated from Japanese source)

This requirement for "identical encryption configurations" likely refers to the following items when creating an ECR private repository:

Using the AWS Management Console

Access the ECR console (https://us-east-1.console.aws.amazon.com/ecr/private-registry?region=us-east-1) and...

Using the AWS CLI

Run the following command. Specify the region using --region or profile as needed.

aws ecr put-account-setting --name BLOB_MOUNTING --value ENABLED

For Terraform

It's not yet supported in Terraform, but a PR has been created and approved, so it should be implemented soon!
https://github.com/hashicorp/terraform-provider-aws/pull/46092

Quoting from the PR, I think it will look something like this:

resource "aws_ecr_account_setting" "blob_mounting" {
  name  = "BLOB_MOUNTING"
  value = "ENABLED"
}

Summary

With this, clients (such as Docker or Podman) will now automatically detect and use existing layers during a push!

When an OCI client detects that a blob might already exist in a different repository, it automatically adds mounting parameters. Amazon ECR attempts a mount only if these parameters are included in the client's POST request.
https://docs.aws.amazon.com/AmazonECR/latest/userguide/blob-mounting.html

This update is a significant change that is effective for both reducing ECR costs and improving image push speeds.
For environments with large image repositories or multiple microservices using a common base image, the impact will be very substantial.
Since the configuration is just a one-time setting per region, it can be introduced quite easily.
With various updates continuing, such as last year's support for private repositories in pull through cache, I'm very excited about what's coming next.

Discussion