Container Registry Pricing: AI-Optimized Technical Reference

Critical Decision Framework

Budget Impact Reality

• Hidden costs add 30-50% to advertised pricing
• Transfer costs often exceed storage costs at scale
• Security compliance forces premium tiers (not optional)
• Multi-region deployments multiply transfer costs by 3-10x

Failure Scenarios by Provider

• AWS ECR: Cheap storage ($0.10/GB), expensive transfers ($0.09/GB egress) - common to see $50 storage/$300 transfer bills
• Azure ACR Basic: $5/month but only 2 webhooks - breaks CI/CD deployments in production
• Docker Hub: Rate limiting breaks CI pipelines on free tier, pricing increased 67% in 2024
• Harbor: Free software but requires dedicated ops engineer (3+ hours/week minimum)

Configuration Requirements

Production-Ready Minimum Specifications

Provider	Minimum Tier	Monthly Cost	Included Features	Critical Limitations
AWS ECR	Standard	Variable ($0.10/GB)	Basic registry	No volume discounts, high transfer costs
Azure ACR	Premium	$50/month	500GB, webhooks, scanning	Basic tier insufficient for production
Google Artifact	Standard	$0.10/GB	Honest pricing	0.5GB free tier is worthless
Docker Hub	Team	$15/user/month	Rate limit relief	User-based pricing doesn't scale
JFrog	Pro	$150/month	25GB, scanning, support	High minimum, good value at scale
Harbor	Self-hosted	$115+/month	Unlimited features	Requires ops expertise

Storage Cost Thresholds

• Under 100GB: Google Artifact Registry (predictable per-GB)
• 100-500GB: Azure ACR Premium (best value, includes security)
• 500GB+: Harbor (if ops expertise exists) or negotiate volume discounts
• Enterprise (1TB+): JFrog Enterprise or cloud provider volume contracts

Critical Warnings

Transfer Cost Multipliers

CI/CD Pipeline Impact: Each image pull across regions costs $0.01-$0.08/GB

• 2.5GB image × 40 daily pulls × cross-region = $270/month for ONE image
• Node.js base image pulls: 200/day easily hits rate limits
• Failed builds still count against transfer quotas

Security Tax Requirements

• Vulnerability scanning: $0.26/image scan (Google) - 45 scans/day = $351/month
• Compliance requirements: SOC2 forces premium tiers (+$45/month minimum)
• Image signing: Adds operational complexity, no cost savings options

Breaking Points

• 1000+ spans: UI becomes unusable for debugging distributed transactions
• Basic tiers: Insufficient webhooks break deployment automation
• Free tiers: Docker Hub rate limiting breaks GitHub Actions immediately
• Multi-region: Transfer costs scale linearly with no volume discounts

Resource Requirements

Time Investment by Approach

• Managed Services: 0.5 hours/week maintenance, predictable costs
• Harbor Self-hosted: 3-4 hours/week minimum, plus 3am outages
• Cost Optimization: 2-3 hours/month monitoring and tuning required

Expertise Requirements

• Cloud Provider Registries: Basic DevOps knowledge sufficient
• Harbor: Kubernetes expertise mandatory, PostgreSQL administration
• Enterprise Negotiations: Need $10K+/month spend for discount leverage

Hidden Operational Costs

• Harbor: Infrastructure ($50-200/month) + engineer time ($900/month at $75/hour)
• Multi-region: Duplicate storage OR transfer costs, no middle ground
• Security patches: Harbor requires manual updates, managed services automatic

Real-World Cost Examples

Small Team (100GB storage, 50GB monthly transfer)

Provider	Base	Transfer	Security	Total	Risk Level
AWS ECR	$10	$4.50	Extra	$15+	Transfer cost growth
Azure ACR Premium	$50	Included	Included	$50	Predictable
Google Artifact	$10	$2	$26/scan	$12+	Scanning costs
Harbor	$40	Included	Included	$40	Ops overhead

Medium Team (500GB storage, 200GB monthly transfer)

Provider	Base	Transfer	Security	Total	Risk Level
AWS ECR	$50	$18	Extra	$70+	High transfer growth
Azure ACR Premium	$50	Included	Included	$50	Best value
Google Artifact	$50	$8	Variable	$60+	Predictable
JFrog Pro	$150	Included	Included	$225	Comprehensive

Enterprise (2TB storage, 1TB monthly transfer)

Provider	Base	Transfer	Security	Total	Risk Level
AWS ECR	$200	$90	Extra	$290+	Unsustainable growth
Azure ACR Premium	$245	Multi-region	Included	$245	Scales well
JFrog Enterprise	$950	Included	Included	$950	Enterprise features
Harbor	$650	Variable	Included	$650	Significant ops burden

Decision Matrix

Choose AWS ECR If:

• Small team with predictable, low transfer volumes
• Single region deployment only
• Budget consciousness over convenience

Avoid If: Multi-region, high CI/CD volume, or transfer cost sensitivity

Choose Azure ACR Premium If:

• Production environment requiring security scanning
• Predictable costs more important than absolute minimum
• Microsoft ecosystem integration

Avoid If: Startup budget constraints or simple single-region needs

Choose Google Artifact Registry If:

• Transparent, predictable pricing preferred
• Moderate scale without enterprise features
• Existing Google Cloud infrastructure

Avoid If: Need comprehensive enterprise features or volume discounts

Choose Harbor If:

• Kubernetes expertise available in-house
• Long-term cost savings priority (500GB+ scale)
• Control over infrastructure and security

Avoid If: Small team, limited ops resources, or need 24/7 reliability

Choose JFrog If:

• Enterprise scale with budget for comprehensive solution
• Integration with existing JFrog ecosystem
• Priority on support and professional services

Avoid If: Startup budget or simple registry needs

Volume Discount Thresholds

• Cloud Providers: 20-50% discounts require $10K+/month committed spend
• JFrog: Volume pricing starts at Pro tier, enterprise discounts available
• Startups: Pay list price until significant scale achieved

Migration Considerations

• Breaking changes: Harbor 2.9.0 memory leaks, 2.8.3 Kubernetes compatibility issues
• Lock-in factors: Image signing, security policies, CI/CD integration depth
• Transfer costs: One-time migration costs plus ongoing cross-region sync