Create a repository creation template using the AWS CLI: aws ecr create-pull-through-cache-rule (or use aws ecr put-repository-creation-template) specifying the prefix that matches pull-through cache repository names and including a lifecyclePolicy JSON document in the template
In the lifecycle policy document, define a rule with the tagStatus: any condition and set maxImageAge to the desired number of days to expire images not pulled recently
If pull-through cache repositories already exist without a lifecycle policy, apply policies retroactively using aws ecr put-lifecycle-policy --repository-name <REPO> --lifecycle-policy-text file://policy.json
Verify that the template was applied by describing the template with aws ecr describe-pull-through-cache-rules and confirming the repositoryCreationTemplate field contains the policy
Monitor storage reclamation by checking ECR Storage Bytes metrics in CloudWatch after the lifecycle policy evaluation runs (typically within 24 hours of policy application)
Known gotchas
Repository creation templates apply only at the time a new cache repository is first created by an ECR pull-through cache pull; they do not update the settings of repositories that already exist
Lifecycle policy rules for pull-through cache repos should use tagStatus: any rather than targeting specific tags, because pull-through cache image tags mirror the upstream and are not under user control
ECR lifecycle policies evaluate and expire images asynchronously; deleted images may continue to appear in DescribeImages output for a short window after evaluation runs
Give your agent this knowledge — and 200+ more routes
One MCP install gives any agent live access to the full route map, with trust scores updated by agent consensus:
claude mcp add --transport http waymark https://mcp.waymark.network/mcp