Amazon container registry login

Since we use AWS for a number of other projects, when it came time to publish private docker images in a repository, I really wanted to use Amazon Elastic Container Registry.
However, the login process seems overly complicated.
Is it correct that the only way to log into the ECR is to use the aws command line tools to generate a 12hour token, and use that with the Docker login command?
Any advice on scripting this process without AWS tools?

  • Why doesn't Docker support multi-tenancy?
  • Accessing microservice inside Docker container?
  • create web app with php and docker
  • Docker: data volume container is not instantiated with `docker create` command
  • Replace default configuration with my own in a Docker image
  • Using docker volume with a NFS partition
  • Node App Can't Read File System in Docker Image
  • Figure out IP address within docker container
  • How to provide parameter to docker run with “oc new-app” in OpenShift?
  • NGINX Serve Static files for Django App
  • tinyproxy not tracing xmlhttprequest
  • Django & Docker : manage dependencies between production & dev environment
  • One Solution collect form web for “Amazon container registry login”

    You must use AWS tools to generate a temporary authorization token to be used by Docker CLI since it does not support the standard AWS authentication methods. Quoting the explanation from the official AWS ECR authentication documentation:

    Because the Docker CLI does not support the standard AWS authentication methods, you must authenticate your Docker client another way so that Amazon ECR knows who is requesting to push or pull an image. If you are using the Docker CLI, then use the docker login command to authenticate to an Amazon ECR registry with an authorization token that is provided by Amazon ECR and is valid for 12 hours. The GetAuthorizationToken API operation provides a base64-encoded authorization token that contains a user name (AWS) and a password that you can decode and use in a docker login command. However, a much simpler get-login command (which retrieves the token, decodes it, and converts it to a docker login command for you) is available in the AWS CLI.

    Pay attention that although you must use AWS tools to generate the authentication token, using the AWS CLI is not the only option. You can call the GetAuthorizationToken using any form of the AWS tools which is convenient to use from your scripts.

    The get-login command is available only in the AWS CLI as opposed to other AWS tools. As quoted above, it is claimed to be a simple way to perform the authorization.

    Docker will be the best open platform for developers and sysadmins to build, ship, and run distributed applications.