Home / How To / How to set Elastic Container Registry (ECR) for Docker on AWS

How to set Elastic Container Registry (ECR) for Docker on AWS

Amazon Elastic Container Registry (ECR) is a managed container registry service for AWS. This service is located under "Compute" on AWS Console. This is used to store, manage and distribute Docker Container Images. ECR is integrated with Amazon Elastic Container Service (ECS).

For ECR there is no fee in advance. We only pay for the amount of data we store in our repositories and data transmitted to the Internet. To understand more about ECR billing, click here.

Before we continue, let's understand some terms that we will see later in this article.

Registry : It is a place where we can create image repositories in it and store images in them.

Authorization Token : Docker client must authenticate to Amazon ECR register as AWS user before it can print and drag images. Authentication credentials can be downloaded from the AWS CLI command to get a login to send to Docker.

Repository : The repository contains Docker images. Storage Policy

Image : We can operate and drag Docker images to our repositories. We can use these images locally in our system.

In this article we will see how to create an ECR register, an archive and print and drag the Docker image to / from it. I will try to keep this document as simple as possible so that those who are new to it will not need much effort to understand.


  1. AWS Account ( Create if you do not have one)
  2. Ubuntu 1
    8.04 Server or EC2 Ubuntu 18.04 Instance (
    Click here to learn how to create an EC2 instance if you do not have one or if you want to learn)
  3. Docker pre-installed on your system.

What will we do?

  1. Login to AWS.
  2. Create an ECR archive.
  3. Install AWS CLI on Linux Server
  4. Authenticate the Docker client from the terminal and tag and upload the local image to the ECR repository.
  5. Deselect and delete the image from the local system and drag the ECR repo.

Log in to AWS

  1. Click here to go to AWS login page.

When we click on the above link, we will see a web page as follows where we must log in using our login credentials.

 AWS Management Console

Creating an ECR repo

To create an ECR repo, click the arrow near "Services" and you will see a list of AWS services.

Click "ECR" from the list. You can select the desired region. Here I continue with Paris.

 Creating an ECR repo

You will see a screen as follows.

Click "Get Started" to create your first repo ever.

 Create first repo

Now on the next screen, give a name that you want repos that need to be created. [19659002] On the same screen you can see two available options.

  1. Tag Immutability:
    This feature prevents image tags from being overwritten by subsequent image presses with the same tag.
  2. Scan on Push :
    Using this feature, we can enable push scanning for each image to be automatically scanned after being archived.

At this time, we will not enable these features.

Just click " Create Repository "to continue. [19659002]   Create Repository

Now you can see that the repo is ready to use.

 The repository is ready to use

Install AWS CLI on Linux Server [19659030] You must also have "aws" command on your system.

To install "aws" on the Ubuntu system, you can only type the following commands

  apt-get update 
  apt-get install awscli 

  install awscli [19659009] Authenticate the Docker client from the terminal and tag and upload the existing image to ECR Repo.

When we have the command "aws" on our system, we must verify the Docker client to our registry and for that we must have a system with Docker installed on it.

You can refer to Docker's official site for installing Docker on your system.

We can verify version of Docker with the command "docker –version".

 Check the Docker version

Before we verify the Docker client to our registry, we must export our aws_access_key_id and aws_secret_access_key.

See AWS official document transformation to know more about this.

Use the following commands to export the required keys.

  aws configure set aws_access_key_ID YOUR_ACCESS_KEY 
  aws configure set aws_secret_access_key YOUR_SEC90 set default.region YOUR_DEFAULT_REGION 
  aws configure set default.output json 

when we have exported we are exported client to our registry.

First click on repo and then click "View Push Commands":

 View Push Commands

We all see the necessary commands when we click "View Push Commands":

 View Push Commands

Copy the first command and run it from your system to verify Docker client to our registry .

 Get ECR log in

Now let's draw a picture from the Docker Hub that we will drive to the ECR Repo or build yourself from your Dockerfile . Here I will pull the apache / httpd image and then press the

  docker pull httpd 

List the images to see available images on the local system.

  docker images [19659068]   Copy the second command if you want to build your own image or go to the third command and run it     

docker tag : :

Here it is,

docker code httpd: latest 064827688814.dkr.ecr.eu-west-3.amazonaws.com/rahul -ecr-repo: latestebrit19459013]

DO NOT USE this address because I have already removed the scratch.

Now we are ready to shoot the image to ECR.

Copy the fourth command and execute it.

This will successfully shoot the image to ECR Repo.

 print image to ECR Repo

Uncheck and remove image from local system and subtract ECR repo [19659092] We can delete local image if you no longer require it.

docker rmi

Here it is,

  docker rmo httpd 

Similarly, you can remove the tagged image from the local system.

Then you can try to drag the image from the ECR repo.

Go to repo and copy image URI:

  docker pull "IMAGE_URI" 

 pull Image from ECR repo


In this article we learned how to create a ECR archive, login Docker client, tag the local image and print it to ECR Repo and drag the same.

Source link