how to pull docker image on ECR using cloudformation template

Blake_P · April 29, 2022, 7:12pm

I want to use docker image hosted on ECR and i want to automate the pull operation using cloudformation template.

I attached IAM role with ECR full access to ec2 instance and it doesn't work.

i am doing docker pull 1234567897.dkr.ecr.us-west-2.amazonaws.com/repo:tag and iam getting the error Error response from daemon: Get https://1234567897.dkr.ecr.us-west-2.amazonaws.com/repo:tag/manifests/latest: no basic auth credentials

Logan_B · April 29, 2022, 7:16pm

Using ECR, EC2 and docker, you are still required to do a docker login.

In the user data run

aws ecr get-login --no-include-email > login.sh

bash login.sh

then you should be able to run

docker pull ecr_registry/repo:tag

https://docs.aws.amazon.com/AmazonECR/latest/userguide/ECR_AWSCLI.html

Ali · April 29, 2022, 7:21pm

If you are running a EC2 Instance running Windows then you need to run the powershell equivalent command of aws ecr get-login which is

Invoke-Expression –Command (Get-ECRLoginCommand –Region region).Command

Gene_H · April 29, 2022, 7:25pm

The accepted answer is correct, i will just add a one-liner example:

run:

$(aws ecr get-login --no-include-email)

and then:

docker pull <ecr_host>/<repo>:<tag>