“no basic auth credentials” when trying to pull an image from a private ECR

前端 未结 1 986
情深已故
情深已故 2021-01-15 02:53

I have the following line somewhere in the middle of my Dockerfile to retrieve an image from my private ECR.

FROM **********.dkr.ecr.ap-southeast-1.amazonaws         


        
相关标签:
1条回答
  • 2021-01-15 03:14

    There are multiple ways to do it.

    Using aws access and secret key. In which you set the aws credentials on the ec2 machine and run ecr login command. aws ecr get-login --no-include-email --registry-ids <some-id> --region eu-west-1 and then docker pull should work. But this is not a recommended secure way.

    What I prefer is using aws iam roles.

    Assuming you want to pull this image on your ec2 machine that was brought up using terraform. Make use of iam roles.

    • Create an iam role manually or using terraform iam resource.
    • For contents of iam policy refer this.
    • While bringing ec2 using terraform instance resource make use of iam_instance_profile attribute, the value of this attribute should be the name of iam role you created.

    This should be enough to automatically pull docker images from ECR in a secure way.

    Hope this helps.

    0 讨论(0)
提交回复
热议问题