Usecase: Get ECR Authorization token --> Work with ECR (using this token) --> Revoke Token. Continue this cycle on-demand.
Reason To avoid leaving tokens (after use) for the default lifetime of 12 hours.
Have looked up AWS doco here and doco for get-authorization-token and available ecr commands but coudln't find a way to revoke.
For instance, Docker Trusted Registry allows you to revoke access tokens anytime as documented here
As of December 2019, there is no way to do this.
Another feature the ECR team could add is the ability to specify a token lifetime that's shorter than 12 hours. This may be easier for some people to use than remembering to revoke a token after use.
I'd raise a feature request in their roadmap here: https://github.com/aws/containers-roadmap.