AWS ECR Login with podman

10.9k views Asked by At

Good morning/afternoon/night! Can you help me, please?

I'm working with RHEL 8.2 and this version doesn't support Docker. I installled Podman and everything was ok until I use the following command:

$(aws ecr get-login --no-include-email --region us-east-1)

But, it doesn't work because it's from Docker (I thought it was from AWS Cli).

The error is:

# $(aws ecr get-login --no-include-email --region us-east-1)
-bash: docker: command not found

I've been searching for an answer and some people used a command like this:

podman login -u AWS -p ....

But I tried some flags and the image, but nothing is working!

What is the equivalent command for podman?

Thanks!

2

There are 2 answers

4
Prashanna On BEST ANSWER

The above command is not associated to docker alone.

It is an AWS cli command to authenticate into the private container image registry(ECR).

Run the below command to get the password for container registry

aws ecr get-login-password --region us-east-1 | podman login --username AWS --password-stdin <aws_account_id>.dkr.ecr.<region>.amazonaws.com
0
Mike Slinn On

This is how the password from aws ecr is piped to podman using AWS CLI. BTW, the username AWS is hardwired and so never needs to be changed:

$ aws ecr get-login-password --region us-east-1 | \
  podman login \
    --username AWS \
    --password-stdin \
    <aws_account_id>.dkr.ecr.<region>.amazonaws.com

Podman will use the IAM credentials for the dev profile in ~/.aws/credentials to log into that AWS account:

[default]
aws_access_key_id = ********************
aws_secret_access_key = ****************************************
region = us-east-1

[dev]
aws_access_key_id = ********************
aws_secret_access_key = ****************************************
region = us-east-1

This is how real values can be looked up for profile dev:

$ export AWS_PROFILE=dev

$ AWS_ACCOUNT="$( aws sts get-caller-identity \
  --query Account \
  --output text
)"

$ AWS_REGION="$( aws configure get region )"

$ aws ecr get-login-password \
    --region $AWS_REGION | \
  podman login \
    --password-stdin \
    --username AWS \
    $AWS_ACCOUNT.dkr.ecr.$AWS_REGION.amazonaws.com

The above is from my blog post on the subject.