Menu
I'm trying to push a docker image to the AWS ECR repository using the aws-cli.
get-login commandlogin succeeded) denied: Your Authorization Token has expired. Please run 'aws ecr get-login' to fetch a new one. I don't know whats going wrong, I'm pushing to the right repo, the time on my mac is correct. This was working before, but since I reinstalled my mac and upgraded to macOS Sierra it's not working anymore, so probably related to that.
My aws --version output:
aws-cli/1.11.34 Python/2.7.10 Darwin/16.3.0 botocore/1.4.91
The complete output of the commands I run:
$ aws ecr get-login --region eu-west-1 docker login -u AWS -p AQECAHh....b6Wk -e none https://1234567890.dkr.ecr.eu-west-1.amazonaws.com $ docker login -u AWS -p AQECAHh....b6Wk -e none https://1234567890.dkr.ecr.eu-west-1.amazonaws.com Flag --email has been deprecated, will be removed in 1.13. Login Succeeded $ docker push 1234567890.dkr.ecr.eu-west-1.amazonaws.com/service-web:latest The push refers to a repository [1234567890.dkr.ecr.eu-west-1.amazonaws.com/service-web] c1f87971dfa9: Preparing 2eb644aea3de: Preparing 9c8843ffe48e: Preparing 39bb58d049d4: Preparing f053bc969599: Preparing 7169084246b8: Waiting bb134a1936fd: Waiting 184e76848a1c: Waiting 75c8fcf65748: Waiting eb9b9ee1ea58: Waiting f4bf35723edd: Waiting ddffe1a64b3c: Waiting fd1a1154db16: Waiting b542e946067a: Waiting d49ed2a5e1ed: Waiting bb39b980367a: Waiting 25b8358d062f: Waiting 997eee521fc7: Waiting 50b5447183a8: Waiting 4339b5cb0e1d: Waiting 3dbd4a53b21b: Waiting 2bec16216500: Waiting b9fd8e264df6: Waiting b6ca02dfe5e6: Waiting denied: Your Authorization Token has expired. Please run 'aws ecr get-login' to fetch a new one. 
876
If the aws command cannot be found after first installing or updating the AWS CLI, you might need to restart your terminal for it to recognize any PATH updates. If the aws command cannot be found after first installing or updating the AWS CLI, it might not have been fully installed.
An authentication token is used to access any Amazon ECR registry that your IAM principal has access to and is valid for 12 hours. To obtain an authorization token, you must use the GetAuthorizationToken API operation to retrieve a base64-encoded authorization token containing the username AWS and an encoded password.
The error "the Security Token included in the Request in Invalid" can occur for multiple reasons: The user's credentials are inactive. Open the IAM console, click on the user, and in the Security Credentials tab, make sure the security credentials of the user are active.
To validate a user's credentials with the AWS CLI, run the sts get-caller-identity command. The command returns details about the user's credentials if they are valid, otherwise it throws an error. Copied!
Neither of solutions above worked for my but I found that when I set region in ecr login command it worked.
aws ecr get-login --region us-west-2
157
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
