AWS ECR cheat sheet

Reference commands for creating and pushing repositories on Amazon Web Services (AWS) Elastic Container Repository (ECR) service.
  1. Variables
  2. Create repository
  3. Log in to Docker
    1. Using an Authorization Token
    2. CLI v2
    3. CLI v1 (deprecated)
  4. Build and push
  5. References

These steps documented below use the AWS CLI.

Variables

# e.g. 000000000000 (12 digits).
aws_account_id="AWS_ACCOUNT_ID"
# e.g. us-east-1.
aws_region="AWS_REGION"
ecr_url="${aws_account_id}.dkr.ecr.${aws_region}.amazonaws.com"
# e.g. debian.
repo_name="REPO_NAME"
repo_url="${ecr_url}/${repo_name}"

Create repository

aws ecr create-repository \
    --repository-name "$repo_name" \
    --region "$aws_region"

Alternatively, here’s how to delete a test repository from the CLI.

aws ecr delete-repository \
    --repository-name "$repo_name" \
    --region "$aws_region" \
    --force

Log in to Docker

Click “View push commands” in the top right. Retrieve the login command to use to authenticate your Docker client to your registry.

Using an Authorization Token

An authorization token represents your IAM authentication credentials and can be used to access any Amazon ECR registry that your IAM principal has access to. The authorization token is valid for 12 hours.

CLI v2

For more information, see Registry Authentication in the ECR user guide.

aws --region "${aws_region}" \
    ecr get-login-password \
    | docker login \
        --password-stdin \
        --username AWS \
        "$ecr_url"

CLI v1 (deprecated)

eval "$( \
    /usr/bin/aws ecr get-login \
        --no-include-email \
        --region "$aws_region" \
)"

Build and push

Refer to the Docker basics guide for instructions.

Note that I’m currently using Dockerfiles extending my Acid Genomics images available publicly on DockerHub.

docker build -t "$repo_name" .

docker images --filter reference="$repo_name"

docker tag "$repo_name" "$repo_url"

docker push "$repo_url"

References