Usage of Amazon ECR-based container image registry
What is Amazon Elastic Container Registry (ECR)?
AWS ECR is a fully managed container registry service provided by AWS to store, access and manage container images.
Because working with it and integrating it into an environment differs in some points from other offerings, the overall setup is explained in the following.
System Integration
AWS ECR is a fully managed AWS Service an thus fully integrated into your account without the need to have dedicated servers running.
root360 secures that the docker hosts of your projects are able to get access to the registry and obtain images from their.
Identity and Access Management
To interact with the registry you will get 2 different sets of access credentials.
We decided to have actually 2 separate users with separated sets of permission in order to have only necessary permissions applied.
The user for
Management Access is the one most probably becoming a shared user with additional permissions over time
Daily Working Access only will ever have only the limited set of permissions to push/pull/list images and repositories of the registry
Management Access via AWS Console
User has 90 days password rotation. In case you need to reset password please contact our Service Team.
The first access credentials you will get from root360 are
Name of User with access to the AWS Web Console
it's password (which must be changed on first login)
a Link to the AWS Web Console
With these you will have access to (at least) the Repositories Section of the AWS Container Service Web Console. From there you are able to manage your repositories within your registry by e.g.:
browse through your repositories and images
creating new repositories
deleting repositories or images
Daily work and CI/CD access
The second set of credentials are AWS CLI Credentials consisting of
Access Key ID
Secret Key ID
Region Name
With these credentials you will be able to configure the aws cli tool installed e.g. on your development workstation or used within your CI/CD pipeline.
They will allow you to:
authenticate
push/pull images
list images
How to's
How to install and configure aws cli on a workstation or linux server?
See AWS Documentation Installing the AWS Command Line Interface
How to create new repositories within the registry?
repositories are a means of separating images with different puposes/content by mean.
See AWS Documentation Getting Started with Amazon ECR
How to authenticate against the registry?
See AWS Documentation Getting Started with Amazon ECR
Are their any limitations (e.g Max. Number of images)?
See AWS Documentation Service Limits
Related tutorials
Related Components
intermediate
Related questions
root360 Knowledge Base - This portal is hosted by Atlassian (atlassian.com | Privacy Policy)