๐Ÿณ Push Docker Images to Amazon ECR Using AWS CLI

Learn how to configure the AWS CLI, build a Docker image, and push it to Amazon Elastic Container Registry (ECR) in a few simple steps.

๐Ÿ”ง Prerequisites

  • ✅ Docker installed and running
  • ✅ AWS CLI installed (aws --version)
  • ✅ IAM user with programmatic access and ECR permissions
  • ✅ Access Key and Secret Key for the IAM user
  • ✅ An Amazon ECR repository already created (e.g. 731733338449.dkr.ecr.ap-south-1.amazonaws.com/myrepo)

✅ Step 1: Configure AWS CLI

Run the command:

aws configure

Provide:

  • AWS Access Key IDYour IAM access key
  • AWS Secret Access KeyYour IAM secret key
  • Default region nameap-south-1
  • Default output formatjson

This saves config in ~/.aws/credentials and ~/.aws/config

✅ Step 2: Authenticate Docker with Amazon ECR

aws ecr get-login-password --region ap-south-1 \
| docker login --username AWS --password-stdin 731733338449.dkr.ecr.ap-south-1.amazonaws.com

On success:

Login Succeeded

✅ Step 3: Create a Dockerfile (Optional – if no image exists)

Create a file called Dockerfile:

# Use official Python image
FROM python:3.11-slim

# Set working directory
WORKDIR /app

# Add default command
CMD ["python3", "-c", "print('Hello from ECR!')"]

✅ Step 4: Build the Docker Image

docker build -t myimage:latest .

✅ Step 5: Tag the Image for ECR

docker tag myimage:latest 731733338449.dkr.ecr.ap-south-1.amazonaws.com/myrepo:latest

✅ Step 6: Push the Image to ECR

docker push 731733338449.dkr.ecr.ap-south-1.amazonaws.com/myrepo:latest

You’ll see output showing upload progress for each image layer.

✅ Step 7 (Optional): Verify Image in AWS Console

  • Go to Amazon ECR Console 
  • Select your repository (myrepo)
  • Verify the image appears under the Images tab

๐Ÿ” IAM Permissions Required

Attach this policy or use AWS managed policy AmazonEC2ContainerRegistryFullAccess:

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "ecr:GetAuthorizationToken",
        "ecr:BatchCheckLayerAvailability",
        "ecr:GetDownloadUrlForLayer",
        "ecr:BatchGetImage",
        "ecr:PutImage",
        "ecr:InitiateLayerUpload",
        "ecr:UploadLayerPart",
        "ecr:CompleteLayerUpload"
      ],
      "Resource": "*"
    }
  ]
}

๐Ÿ“ Notes

  • Use custom image tags like v1.0staging, or production as needed
  • To pull the image from ECR:
docker pull 731733338449.dkr.ecr.ap-south-1.amazonaws.com/myrepo:latest

๐Ÿงน Delete an Image from Amazon ECR

You can delete an image from ECR by tag or digest using the AWS CLI.

✅ 1. Identify the Image Digest or Tag

List images in your repository:

For CMD, use double quotes only, no single quotes: and For PowerShell, use double quotes outside, single quotes inside:

aws ecr list-images --repository-name myrepo --region ap-south-1 --query "imageIds[*]" --output json

✅ 2. Delete Image by Tag

If you want to delete an image using a tag (e.g., latest):

aws ecr batch-delete-image --repository-name myrepo --image-ids imageTag=latest --region ap-south-1

✅ 3. Delete Image by Digest

If you prefer to delete by digest (more precise):

aws ecr batch-delete-image --repository-name myrepo --image-ids imageDigest=sha256:your_digest_here --region ap-south-1

You can get the digest from the list-images command above.

✅ 4. Verify Deletion (Optional)

List images again to confirm deletion:

aws ecr list-images --repository-name myrepo --region ap-south-1

Comments

Post a Comment

Popular posts from this blog

✅ Best Practices for Azure Container Registry (ACR)

  Azure Container Registry (ACR) is a managed Docker container registry service used to store and manage container images for use in Azure Kubernetes Service (AKS), Azure App Service, and other Azure services. Here are some best practices to follow when using ACR to ensure optimal performance, security, and cost-efficiency. 1. Secure Access to Your Registry Use Managed Identities : Enable Azure Active Directory (AD) integration for secure access to ACR. Managed identities provide a seamless way to access resources securely. Network Security : Use private endpoints to ensure that the registry is accessible only within your virtual network. This limits exposure to the public internet. Role-Based Access Control (RBAC) : Assign Azure RBAC roles to control access to your registry. Use built-in roles like AcrPush , AcrPull , and AcrDelete to grant specific permissions. 2. Optimize Performance Geo-Replication : Enable geo-replication to store copies of your registry in multiple regions. ...
Read more

✅ Best Practices for Implementing CI/CD in Your DevOps Workflow

  Introduction Continuous Integration (CI) and Continuous Deployment (CD) are pivotal in modern software development, enabling teams to deliver high-quality software quickly and efficiently. Implementing CI/CD effectively can streamline your development process, reduce errors, and enhance collaboration. This blog post outlines the best practices for setting up and maintaining a robust CI/CD pipeline. What is CI/CD? Continuous Integration (CI) : The practice of frequently integrating code changes into a shared repository, followed by automated builds and tests. Continuous Deployment (CD) : The practice of automatically deploying every change that passes the CI pipeline to production. Best Practices for CI/CD 1. Automate Everything Automated Builds : Use tools like Jenkins, GitLab CI, or CircleCI to automate the build process. Automated Testing : Implement unit, integration, and functional tests. Tools like JUnit, Selenium, and Cypress can help. 2. Version Control Use Git : Implement...
Read more

✅ Best Practices for Azure Kubernetes Service (AKS)

  Introduction Azure Kubernetes Service (AKS) is a managed Kubernetes service that simplifies the deployment, management, and operations of Kubernetes clusters in Azure. To maximize the benefits of AKS, it’s crucial to follow best practices for security, performance, and scalability. In this blog post, we’ll cover key best practices to help you optimize your AKS deployments. Best Practices for Azure Kubernetes Service (AKS) 1. Cluster Configuration Use Managed Identity for AKS Clusters Use Azure Active Directory (AAD) integration for managing identities and access control. Configure Managed Identities to avoid hardcoding credentials in applications. Node Pools Use multiple node pools to separate different workloads (e.g., production, development, and testing). Leverage Virtual Machine Scale Sets (VMSS) for better scalability and high availability. 2. Security Network Security Use Azure CNI (Container Networking Interface) for advanced networking features. Implement network policies...
Read more