Farhan's Scripted Explorations
Amazon ECR : AWS Container Repositories

Amazon ECR : AWS Container Repositories

Farhan's photo
Farhan
ยท

2 min read

๐Ÿš€ Hello to all cloud enthusiasts and those venturing into the realm of AWS containers! Are you ready for a swift tour through Amazon ECR (Elastic Container Registry)?

๐Ÿ” In this blog post, we're diving directly into the core of Amazon Web Services' container repository service, ECR.

๐Ÿ“š Consider this blog post as your friendly navigator, here to help you quickly grasp or refresh your understanding of essential ECR concepts.

ECR - Elastic Container Registry

Overview of Elastic Container Registry (ECR):

  • ECR is a fully managed service for securely storing and managing Docker images, which can be distributed and deployed across applications.

  • Developers use ECR to centrally push, pull, and manage their Docker images.

Components of ECR:

  1. Registry: A storage location for hosting Docker images and creating image repositories.

  2. Authorisation Token: Required for authenticating Docker clients before they can interact with the registry.

  3. Repository: Organises and secures Docker images, allowing them to be grouped into different categories.

  4. Repository Policy: A resource-based policy that controls access and permissions for specific users.

  5. Image: Docker images stored in the repository.

Authentication and Authorisation in ECR:

  • The docker command line interface requires authentication as an AWS user before accessing ECR.

  • An authorization token is used to authenticate the Docker client with the registry.

  • The token is obtained using the aws ecr get-login command.

  • The token is valid for 12 hours and needs to be refreshed after that period.

Using IAM and Repository Policies:

  • Access to repositories and images can be controlled using both IAM policies and repository policies.

  • There are managed IAM policies for ECR access, such as AmazonEC2ContainerRegistryFullAccess, AmazonEC2ContainerRegistryPowerUser, and AmazonEC2ContainerRegistryReadOnly.

  • Repository policies are resource-based and determine user access and permissions.

Pushing and Pulling Images:

  • Images can be pushed into ECR using the docker push command.

  • Images can be pulled from ECR using the docker pull command.

Docker commands for pushing and pulling images can be found in the AWS documentation.

๐Ÿ’ก Resources:

Course: Overview of AWS Identity & Access Managment (IAM)

Docker Push

Docker Pull

Did you find this article valuable?

Support Farhan's Scripted Explorations by becoming a sponsor. Any amount is appreciated!

JavaScriptDevopsAWSPythonWeb Development