====== EC2: ECR Credential Helper ======

**General Information**

The Elastic Container Registry credential helper allows you to run docker pull/push commands without needing to login to an ECR from an EC2 instance.

Pre-reqs
  * Role: The role attached to your ec2 instance requires appropriate access to the ECR.
  * AMI: Amazon Linux 2

----

====== Credential Helper Setup ======

  * Enable the Amazon Linux Extras Docker Repo<code bash>amazon-linux-extras enable docker</code>
  * Install<code bash>yum install amazon-ecr-credential-helper</code>
  * Create docker dir for ECR credential helper<code bash>mkdir ~/.docker</code>
  * Create the credential helper config file<code bash>vim ~/.docker/config.json

{
        "credsStore": "ecr-login"
}</code>

----

===== Ansible Tasks Version =====

These tasks can be included in an Ansible role/playbook<code yaml>- name: Enable the Amazon Linux Extras Docker Repo
  command: "amazon-linux-extras enable docker"
  
- name: Install Amazon ECR Credential Helper
  yum:
    lock_timeout: 180
    name: "amazon-ecr-credential-helper"
    state: present
	
- name: Create docker dir for ECR credential helper
  file:
    path: "/home/ec2-user/.docker"
    state: directory
    owner: ec2-user
    group: ec2-user
    mode: 0700

- name: Deploy config.json for ECR credential helper
  copy:
    src: "docker-ecr-cred-helper-config.json"
    dest: "/home/ec2-user/.docker/config.json"
    owner: ec2-user
    group: ec2-user
    mode: 0600</code>

\\
Credential Helper File contents(docker-ecr-cred-helper-config.json)
<code json>
{
        "credsStore": "ecr-login"
}
</code>

----