Amazon ECR is a fully managed container registry service provided by AWS to store, access and manage container images. Because working with it and integrating it into an environment differs in some points from other offerings, the overall setup is explained in the following. |
AWS ECR is a fully managed container registry service provided by AWS to store, access and manage container images.
Because working with it and integrating it into an environment differs in some points from other offerings, the overall setup is explained in the following.
AWS ECR is a fully managed AWS Service an thus fully integrated into your account without the need to have dedicated servers running.
root360 secures that the docker hosts of your projects are able to get access to the registry and obtain images from their.
To interact with the registry you will get 2 different sets of access credentials.
We decided to have actually 2 separate users with separated sets of permission in order to have only necessary permissions applied.
The user for
Management Access is the one most probably becoming a shared user with additional permissions over time
Daily Working Access only will ever have only the limited set of permissions to push/pull/list images and repositories of the registry
User has 90 days password rotation. In case you need to reset password please contact our Service Team. |
The first access credentials you will get from root360 are
Name of User with access to the AWS Web Console
it's password (which must be changed on first login)
a Link to the AWS Web Console
With these you will have access to (at least) the Repositories Section of the AWS Container Service Web Console. From there you are able to manage your repositories within your registry by e.g.:
browse through your repositories and images
creating new repositories
deleting repositories or images
The second set of credentials are AWS CLI Credentials consisting of
Access Key ID
Secret Key ID
Region Name
With these credentials you will be able to configure the aws cli tool installed e.g. on your development workstation or used within your CI/CD pipeline.
They will allow you to:
authenticate
push/pull images
list images
See AWS Documentation Installing the AWS Command Line Interface
repositories are a means of separating images with different puposes/content by mean.
See AWS Documentation Getting Started with Amazon ECR
See AWS Documentation Getting Started with Amazon ECR
See AWS Documentation Service Limits
Pick one level and also add as tag to page
INTERMEDIATE