0
0
DockerHow-ToBeginner · 4 min read

How to Use AWS ECR with Docker: Simple Steps

To use AWS ECR with Docker, first authenticate Docker to your ECR registry using aws ecr get-login-password. Then tag your Docker image with the ECR repository URI and push or pull images using standard docker push and docker pull commands.
📐

Syntax

Here are the main commands to use AWS ECR with Docker:

  • Authenticate Docker to ECR: Use AWS CLI to get a login token and pass it to Docker.
  • Tag Docker image: Assign your local image a tag that matches your ECR repository URI.
  • Push or pull images: Use Docker commands to upload or download images from ECR.
bash
aws ecr get-login-password --region <region> | docker login --username AWS --password-stdin <aws_account_id>.dkr.ecr.<region>.amazonaws.com

docker tag <local-image>:<tag> <aws_account_id>.dkr.ecr.<region>.amazonaws.com/<repository>:<tag>

docker push <aws_account_id>.dkr.ecr.<region>.amazonaws.com/<repository>:<tag>

docker pull <aws_account_id>.dkr.ecr.<region>.amazonaws.com/<repository>:<tag>
💻

Example

This example shows how to authenticate Docker to AWS ECR, tag a local image, and push it to your ECR repository.

bash
aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin 123456789012.dkr.ecr.us-east-1.amazonaws.com

docker tag my-app:latest 123456789012.dkr.ecr.us-east-1.amazonaws.com/my-app-repo:latest

docker push 123456789012.dkr.ecr.us-east-1.amazonaws.com/my-app-repo:latest
Output
Login Succeeded The push refers to repository [123456789012.dkr.ecr.us-east-1.amazonaws.com/my-app-repo] latest: digest: sha256:abcdef1234567890 size: 1234
⚠️

Common Pitfalls

Common mistakes when using AWS ECR with Docker include:

  • Not authenticating Docker before pushing or pulling images, causing permission errors.
  • Using incorrect AWS region or account ID in the repository URI.
  • Forgetting to tag the local image with the full ECR repository URI before pushing.
  • Expired login tokens if you wait too long after authentication.
bash
## Wrong: Trying to push without login

docker push 123456789012.dkr.ecr.us-east-1.amazonaws.com/my-app-repo:latest

# Error: denied: User is not authorized to perform this action

## Right: Authenticate first

aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin 123456789012.dkr.ecr.us-east-1.amazonaws.com
📊

Quick Reference

Remember these quick tips when using AWS ECR with Docker:

  • Always authenticate Docker with aws ecr get-login-password before pushing or pulling.
  • Tag images with the full ECR URI: <aws_account_id>.dkr.ecr.<region>.amazonaws.com/<repository>:<tag>.
  • Use the correct AWS region and account ID in commands.
  • Login tokens expire after 12 hours; re-authenticate as needed.

Key Takeaways

Authenticate Docker to AWS ECR using AWS CLI before pushing or pulling images.
Tag your Docker images with the full ECR repository URI to push or pull correctly.
Use the correct AWS region and account ID in all commands to avoid errors.
Login tokens expire after 12 hours; re-authenticate to maintain access.
Always verify successful login with 'Login Succeeded' before pushing images.

Related by keyword

How to Start Docker: Simple Steps to Run Docker EngineGetting StartedDocker exec vs docker attach: Key Differences and UsageContainersDocker run vs docker create: Key Differences and UsageContainersHow to Create a Container in Docker: Simple StepsContainersHow to Import a Container in Docker: Simple StepsContainers

Up next

What is None Network in Docker: Explanation and UsageWhat Is Overlay Network in Docker: Simple Explanation and ExampleHow to Build Docker Image in CI: Simple StepsHow to Deploy Using Docker in CI: Simple Steps

More in Registry

Docker Hub vs AWS ECR vs GHCR: Key Differences and Usage GuideHow to Authenticate with Registry in Docker: Simple StepsHow to Create a Private Registry in Docker: Step-by-Step GuideHow to Create a Repository on Docker Hub Quickly