Revisions to AWS ECR Login with podman

added 527 characters in body

Source Link

edited May 4, 2021 at 11:51

8.3k
7
54
89

This is how the password from aws ecr is piped to podman; using AWS CLI. BTW, the username AWS is hardwired and so never needs to be changed:

$ aws ecr get-login-password --region us-east-1 | \
  podman login \
    --username AWS \
    --password-stdin \
    <aws_account_id>.dkr.ecr.<region>.amazonaws.com

Podman will use the IAM credentials for the dev profile in ~/.aws/credentials to log into that AWS account:

[default]
aws_access_key_id = ********************
aws_secret_access_key = ****************************************
region = us-east-1

[dev]
aws_access_key_id = ********************
aws_secret_access_key = ****************************************
region = us-east-1

This is how real values can be looked up for profile dev:

$ export AWS_PROFILE=dev

$ AWS_ACCOUNT="$( aws sts get-caller-identity \
  --query Account \
  --output text
)"

$ AWS_REGION="$( aws configure get region )"

$ aws ecr get-login-password \
    --region $AWS_REGION | \
  podman login \
    --password-stdin \
    --username AWS \
    $AWS_ACCOUNT.dkr.ecr.$AWS_REGION.amazonaws.com

The above is from my blog post on the subject.

This is how the password from aws ecr is piped to podman; the username AWS is hardwired and so never needs to be changed:

$ aws ecr get-login-password --region us-east-1 | \
  podman login \
    --username AWS \
    --password-stdin \
    <aws_account_id>.dkr.ecr.<region>.amazonaws.com

This is how real values can be looked up for profile dev:

$ export AWS_PROFILE=dev

$ AWS_ACCOUNT="$( aws sts get-caller-identity \
  --query Account \
  --output text
)"

$ AWS_REGION="$( aws configure get region )"

$ aws ecr get-login-password \
    --region $AWS_REGION | \
  podman login \
    --password-stdin \
    --username AWS \
    $AWS_ACCOUNT.dkr.ecr.$AWS_REGION.amazonaws.com

This is how the password from aws ecr is piped to podman using AWS CLI. BTW, the username AWS is hardwired and so never needs to be changed:

$ aws ecr get-login-password --region us-east-1 | \
  podman login \
    --username AWS \
    --password-stdin \
    <aws_account_id>.dkr.ecr.<region>.amazonaws.com

Podman will use the IAM credentials for the dev profile in ~/.aws/credentials to log into that AWS account:

[default]
aws_access_key_id = ********************
aws_secret_access_key = ****************************************
region = us-east-1

[dev]
aws_access_key_id = ********************
aws_secret_access_key = ****************************************
region = us-east-1

This is how real values can be looked up for profile dev:

$ export AWS_PROFILE=dev

$ AWS_ACCOUNT="$( aws sts get-caller-identity \
  --query Account \
  --output text
)"

$ AWS_REGION="$( aws configure get region )"

$ aws ecr get-login-password \
    --region $AWS_REGION | \
  podman login \
    --password-stdin \
    --username AWS \
    $AWS_ACCOUNT.dkr.ecr.$AWS_REGION.amazonaws.com

The above is from my blog post on the subject.

added 489 characters in body

Source Link

edited May 4, 2021 at 5:44

Mike Slinn

8.3k
7
54
89

This is how the password from aws ecr is piped to podman; the username AWS is hardwired and so never needs to be changed:

$ aws ecr get-login-password --region us-east-1 | \
  podman login \
    --username AWS \
    --password-stdin \
    <aws_account_id>.dkr.ecr.<region>.amazonaws.com

This is how real values can be looked up for profile dev:

$ export AWS_PROFILE=dev

$ AWS_ACCOUNT="$( aws sts get-caller-identity \
  --query Account \
  --output text
)"

$ AWS_REGION="$( aws configure get region )"

$ aws ecr get-login-password \
    --region $AWS_REGION | \
  podman login \
    --password-stdin \
    --username AWS \
    $AWS_ACCOUNT.dkr.ecr.$AWS_REGION.amazonaws.com

This is how the password from aws ecr is piped to podman:

$ aws ecr get-login-password --region us-east-1 | \
  podman login \
    --username AWS \
    --password-stdin \
    <aws_account_id>.dkr.ecr.<region>.amazonaws.com

This is how the password from aws ecr is piped to podman; the username AWS is hardwired and so never needs to be changed:

$ aws ecr get-login-password --region us-east-1 | \
  podman login \
    --username AWS \
    --password-stdin \
    <aws_account_id>.dkr.ecr.<region>.amazonaws.com

This is how real values can be looked up for profile dev:

$ export AWS_PROFILE=dev

$ AWS_ACCOUNT="$( aws sts get-caller-identity \
  --query Account \
  --output text
)"

$ AWS_REGION="$( aws configure get region )"

$ aws ecr get-login-password \
    --region $AWS_REGION | \
  podman login \
    --password-stdin \
    --username AWS \
    $AWS_ACCOUNT.dkr.ecr.$AWS_REGION.amazonaws.com

Source Link

created May 4, 2021 at 5:03

Mike Slinn

8.3k
7
54
89

This is how the password from aws ecr is piped to podman:

$ aws ecr get-login-password --region us-east-1 | \
  podman login \
    --username AWS \
    --password-stdin \
    <aws_account_id>.dkr.ecr.<region>.amazonaws.com

Collectives™ on Stack Overflow

Return to Answer