[AWS] ECR

Amazon ECR (Elastic Container Registry) is a container image registry managed by AWS.


Overview

  • ECR provides private container image repositories.
  • You can integrate ECR with ECS or EKS to pull images.
  • It can be secured with resource-based permissions via IAM.
  • Supported Formats
    • Docker Images
    • OCI (Open Container Initiative) Images
    • OCI artifacts

Components

  • Repository
    • Image storage
  • Authorization Token
    • required to push/pull images to/from the ECR repository
  • Repository Polices
    • access control to repositories and images

Features

  • Image Scanning
    • ECR scans images and identifies security vulnerabilities.
    • You can set the repository setting to scan images on push.
  • Caching
    • You can cache images in the public repository into your private repository.

Pushing a Docker Image to a ECR Repository

  1. Authenticate your Docker client to the ECR registry
  2. Create a repository if it does not exist yet
  3. Identify the local image to push
  4. Tag your image with the ECR registry, repository, and optional image tag name
  5. Push the image using the docker push command
> aws ecr get-login-password --region {region} \
 | docker login --username AWS --password-stdin {aws_account_id}.dkr.ecr.{region}.amazonaws.com

> docker images

> docker tag {image_id} {aws_account_id}.dkr.ecr.{region}.amazonaws.com/{repository_name}:tag

> docker push {aws_account_id}.dkr.ecr.{region}.amazonaws.com/{repository_name}:tag

Leave a Comment

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s