How to tag untagged images in AWS ECR?

What is AWS ECR?

ECR (Elastic Container Registry) is a fully managed container registry, that allows to store, deploy and manage docker container images.

When you push docker images with the same tag like the latest, your previous docker images remain but it stays without a tag. The newly pushed image gets that latest tag. Then If someone wants to tag that untagged image and use it via a tag in AWS ECS, AWS batch, or any other service you can follow below three steps below.

1. List all untagged in a specific ECR.

aws ecr list-images --repository-name <repo_name> --filter tagStatus=UNTAGGED 

Output

{ 
    "imageIds": [ 
        { 
            "imageDigest": "sha256:<hash>" 
        }, 
        { 
            "imageDigest": "sha256:<hash>" 
        } 
    ] 
} 

2. Retrieve the manifest of a specific image in ECR and save it to the manifest.json file

aws ecr batch-get-image --repository-name <repo_name> --image-ids imageDigest=<selected_image_digest_from_above> --query "images[].imageManifest" --output text > manifest.json 

3. Manually pushes an image manifest to ECR

aws ecr put-image --repository-name <repo_name> --image-tag <your_tag> --image-manifest file://manifest.json 

Without a docker push, this method let us to create a new image entry with the given tag. If the layers in the manifest already exist in ECR, it does not reupload them. Now we create a manifest with an already existing untagged docker image then all the layers must be in ECR.