aws ecr saying "Cannot perform an interactive login from a non TTY device" after copied cmd from "Amazon Container Services"

Question

I am trying to set up docker image of amazon ECR on ubuntu18.04 machine of AWS,using commands provided by view push commands of Amazon Container Services

,please note i have already set up docker on my ubuntu18.04 and also output of docker -v is as below

ubuntu@ip-172-31-0-143:~$ docker -v
Docker version 19.03.7, build 7141c199a2

When i execute the command provided by amazon container services on aws cli on ubuntu18.04 i get error as Error: Cannot perform an interactive login from a non TTY device

The command which i am using is

aws ecr get-login-password --region us-west-2 | docker login --username AWS --password-stdin 8233251134332.dkr.ecr.us-east-2.amazonaws.com/gatling-lots

please note i have successfully configured awscli and i can see the detailed from aws s3 ls

Here is detailed error log

ubuntu@ip-172-31-0-143:~$ aws ecr get-login-password --region us-   
east-2 | docker login --username AWS --password-stdin 
823443336.dkr.ecr.us-west-2.amazonaws.com/gatling-lots
usage: aws [options] <command> <subcommand> [<subcommand> ...]      
[parameters]
 To see help text, you can run:

aws help
aws <command> help
aws <command> <subcommand> help
aws: error: argument operation: Invalid choice, valid choices are:

 batch-check-layer-availability           | batch-delete-image                      
 batch-get-image                          | complete-layer-upload                   
create-repository                        | delete-lifecycle-policy                 
delete-repository                        | delete-repository-policy                
 describe-images                          | describe-repositories                   
 get-authorization-token                  | get-download-url-for-layer              
 get-lifecycle-policy                     | get-lifecycle-policy-preview            
 get-repository-policy                    | initiate-layer-upload                   
 list-images                              | put-image                               
 put-lifecycle-policy                     | set-repository-policy                   
 start-lifecycle-policy-preview           | upload-layer-part                       
 get-login                                | help                                    
 Error: Cannot perform an interactive login from a non TTY device

output of

ubuntu@ip-172-31-0-143:~$ (aws ecr get-login --no-include-email  --region us-east-2)

docker login -u AWS -p 

MzQxL2c0Yks4RjVxeDg9IiwidmVyc2lvbiI6IjIiLCJ0eXBlIjoiREFUQV9LRVkiLCJleHBpcmF0aW9uIjoxNTgzNjgzNDY5fQ== https://825251119036.dkr.ecr.us- east-2.amazonaws.com

Answer 1

The problem is not aws but docker. The solution is on docker to use the -p parameter, and wrap the aws login call to the -p parameter as such:

docker login -u AWS -p $(aws ecr get-login-password --region the-region-you-are-in) xxxxxxxxx.dkr.ecr.the-region-you-are-in.amazonaws.com

And this requires AWS CLI version 2.

Answer 2

docker login prints this error message when you use --password-stdin, but don't actually send a password to the command's stdin.

For example:

$ echo "" | docker login --password-stdin --username jorendorff
Error: Cannot perform an interactive login from a non TTY device

Therefore, almost any kind of problem with the command before the | pipe symbol will result in this unhelpful error message.

Answer 3

it took me forever to figure out that the issue was that I forgot to run aws configure and enter the right details. That solved my issue.

Answer 4

You need to install AWS CLI version 2. Follow the instructions in this link

Answer 5

This command does the trick in bash and linux at 2020/10/06:

linux@host:~$ $(aws ecr get-login --no-include-email)

That's because

$ aws ecr get-login --no-include-email

Gives the following output:

docker login -u AWS -p xxxxxxxxxxxxx== https://xxx.dkr.ecr.eu-west-1.amazonaws.com

Answer 6

Below steps are resolve that issue.

$curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"
unzip awscliv2.zip
sudo ./aws/install

$aws --version

aws-cli/2.0.30 Python/3.7.3 Linux/4.14.181-142.260.amzn2.x86_64 botocore/2.0.0dev34

$aws ecr get-login-password --region your_region | docker login --username AWS --password-stdin Account_ID.dkr.ecr.your_region.amazonaws.com

Replace your Account ID and Region.

Answer 7

Devin's answer is correct.

But there is one more way. The updated version of docker requires this parameter --password-stdin.

aws ecr get-login-password --region <YOUR_REGION> | docker login --username AWS --password-stdin  <ACCOUNT_ID>.dkr.ecr.<REGION>.amazonaws.com

Answer 8

I know this question is answered already, but, this was my experience.

This didn't work for me initially.

aws ecr get-login-password --region <your-region>| docker login --username AWS --password-stdin <your-container>

I had the AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY saved under variables in GitLab.

But the solution was to uncheck the Protected flag from the variables saved on GitLab. I don't know how secure this approach is, but, it did work for me.

I hope this would help someone one day.