Sunday, December 11, 2022

AWS Pushing Docker Image to Elastic Container Registry (ECR)

I tried to create my first Repository using the IAM user I created, java-demo. 

However, I ended up getting an error:

I fixed this by updating the ECR-PushImages Policy to include an additional action: ecr:CreateRepository.
    "Version": "2012-10-17",
    "Statement": [
            "Effect": "Allow",
            "Action": [
            "Resource": "*"
Note: one thing I found to be super-confusing was the Version block. I looked at it, saw a date from 2012, and figured "hmm, I should update this to the current date in 2022." 

However, that causes errors.

The Version is actually the Version of Policy language, and there are only 2 valid values:

<version_block> = "Version" : ("2008-10-17" | "2012-10-17")


That allowed me to create the ECR Repository.  However, after logging back on as my IAM user, I still couldn't list the newly-created Repository. :-/  

Rather than fumble through and one-by-one try and figure out what was needed, I ended up logging back in as Root User, using the Visual Editor, looking up Service: Elastic Container Registry and manually giving the IAM user actions by Access Level ...

Once completing setting up the available ecr:actions with the Policy, I was able to tag and push my Docker Image to ECR. 

C:\>aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ************
Login Succeeded

C:\>docker tag f94c25ad91cd1dabbb0dae012a0da3f50c23e050fdd1916d7bd81d5c9dbec2b9 ************

C:\>docker push ************
The push refers to repository [************]
e971bfdd6e68: Pushed
cb90fdeb280a: Pushed
15b10c92f3b2: Pushed
e5e13b0c77cb: Pushed
v0.0.1: digest: sha256:6bee10abc02d77bced7593744f31b4d373069042cb45ae4cf4a2648992b5265a size: 1161

No comments:

Post a Comment