====== EC2: ECR Credential Helper ======
**General Information**
The Elastic Container Registry credential helper allows you to run docker pull/push commands without needing to login to an ECR from an EC2 instance.
Pre-reqs
* Role: The role attached to your ec2 instance requires appropriate access to the ECR.
* AMI: Amazon Linux 2
----
====== Credential Helper Setup ======
* Enable the Amazon Linux Extras Docker Repoamazon-linux-extras enable docker
* Installyum install amazon-ecr-credential-helper
* Create docker dir for ECR credential helpermkdir ~/.docker
* Create the credential helper config filevim ~/.docker/config.json
{
"credsStore": "ecr-login"
}
----
===== Ansible Tasks Version =====
These tasks can be included in an Ansible role/playbook- name: Enable the Amazon Linux Extras Docker Repo
command: "amazon-linux-extras enable docker"
- name: Install Amazon ECR Credential Helper
yum:
lock_timeout: 180
name: "amazon-ecr-credential-helper"
state: present
- name: Create docker dir for ECR credential helper
file:
path: "/home/ec2-user/.docker"
state: directory
owner: ec2-user
group: ec2-user
mode: 0700
- name: Deploy config.json for ECR credential helper
copy:
src: "docker-ecr-cred-helper-config.json"
dest: "/home/ec2-user/.docker/config.json"
owner: ec2-user
group: ec2-user
mode: 0600
\\
Credential Helper File contents(docker-ecr-cred-helper-config.json)
{
"credsStore": "ecr-login"
}
----