Amazon container registry login
Since we use AWS for a number of other projects, when it came time to publish private docker images in a repository, I really wanted to use Amazon Elastic Container Registry.
However, the login process seems overly complicated.
Is it correct that the only way to log into the ECR is to use the aws command line tools to generate a 12hour token, and use that with the Docker login command?
Any advice on scripting this process without AWS tools?
One Solution collect form web for “Amazon container registry login”
You must use AWS tools to generate a temporary authorization token to be used by Docker CLI since it does not support the standard AWS authentication methods. Quoting the explanation from the official AWS ECR authentication documentation:
Because the Docker CLI does not support the standard AWS authentication methods, you must authenticate your Docker client another way so that Amazon ECR knows who is requesting to push or pull an image. If you are using the Docker CLI, then use the docker login command to authenticate to an Amazon ECR registry with an authorization token that is provided by Amazon ECR and is valid for 12 hours. The
GetAuthorizationTokenAPI operation provides a base64-encoded authorization token that contains a user name (AWS) and a password that you can decode and use in a docker login command. However, a much simpler
get-logincommand (which retrieves the token, decodes it, and converts it to a docker login command for you) is available in the AWS CLI.
Pay attention that although you must use AWS tools to generate the authentication token, using the AWS CLI is not the only option. You can call the
GetAuthorizationToken using any form of the AWS tools which is convenient to use from your scripts.
get-login command is available only in the AWS CLI as opposed to other AWS tools. As quoted above, it is claimed to be a simple way to perform the authorization.