I am trying to set up docker image of amazon ECR on ubuntu18.04
machine of AWS,using commands provided by view push commands
of Amazon Container Services
,please note i have already set up docker
on my ubuntu18.04
and also output of docker -v
is as below
ubuntu@ip-172-31-0-143:~$ docker -v
Docker version 19.03.7, build 7141c199a2
When i execute the command provided by amazon container services on aws cli on ubuntu18.04 i get error as Error: Cannot perform an interactive login from a non TTY device
The command which i am using is
aws ecr get-login-password --region us-west-2 | docker login --username AWS --password-stdin 8233251134332.dkr.ecr.us-east-2.amazonaws.com/gatling-lots
please note i have successfully configured awscli and i can see the
detailed from aws s3 ls
Here is detailed error log
ubuntu@ip-172-31-0-143:~$ aws ecr get-login-password --region us-
east-2 | docker login --username AWS --password-stdin
823443336.dkr.ecr.us-west-2.amazonaws.com/gatling-lots
usage: aws [options] <command> <subcommand> [<subcommand> ...]
[parameters]
To see help text, you can run:
aws help
aws <command> help
aws <command> <subcommand> help
aws: error: argument operation: Invalid choice, valid choices are:
batch-check-layer-availability | batch-delete-image
batch-get-image | complete-layer-upload
create-repository | delete-lifecycle-policy
delete-repository | delete-repository-policy
describe-images | describe-repositories
get-authorization-token | get-download-url-for-layer
get-lifecycle-policy | get-lifecycle-policy-preview
get-repository-policy | initiate-layer-upload
list-images | put-image
put-lifecycle-policy | set-repository-policy
start-lifecycle-policy-preview | upload-layer-part
get-login | help
Error: Cannot perform an interactive login from a non TTY device
output of
ubuntu@ip-172-31-0-143:~$ (aws ecr get-login --no-include-email --region us-east-2)
docker login -u AWS -p
MzQxL2c0Yks4RjVxeDg9IiwidmVyc2lvbiI6IjIiLCJ0eXBlIjoiREFUQV9LRVkiLCJleHBpcmF0aW9uIjoxNTgzNjgzNDY5fQ== https://825251119036.dkr.ecr.us- east-2.amazonaws.com
To log in to an Amazon ECR registry This command retrieves an authentication token using the GetAuthorizationToken API, and then it prints a docker login command with the authorization token and, if you specified a registry ID, the URI for an Amazon ECR registry.
The error can have a few meanings: You are not authorized because you do not have ECR policy attached to your user. You are not authorized because you are using 2FA and using cli is not secure unless you set a temporary session token. You provided invalid credentials.
Amazon Elastic Container Registry (Amazon ECR) is an AWS managed container image registry service that is secure, scalable, and reliable. Amazon ECR supports private repositories with resource-based permissions using AWS IAM.
The problem is not aws but docker. The solution is on docker to use the -p parameter, and wrap the aws login call to the -p parameter as such:
docker login -u AWS -p $(aws ecr get-login-password --region the-region-you-are-in) xxxxxxxxx.dkr.ecr.the-region-you-are-in.amazonaws.com
And this requires AWS CLI version 2.
docker login
prints this error message when you use --password-stdin
, but don't actually send a password to the command's stdin.
For example:
$ echo "" | docker login --password-stdin --username jorendorff
Error: Cannot perform an interactive login from a non TTY device
Therefore, almost any kind of problem with the command before the |
pipe symbol will result in this unhelpful error message.
it took me forever to figure out that the issue was that I forgot to run aws configure
and enter the right details. That solved my issue.
You need to install AWS CLI version 2. Follow the instructions in this link
This command does the trick in bash and linux at 2020/10/06:
linux@host:~$ $(aws ecr get-login --no-include-email)
That's because
$ aws ecr get-login --no-include-email
Gives the following output:
docker login -u AWS -p xxxxxxxxxxxxx== https://xxx.dkr.ecr.eu-west-1.amazonaws.com
Below steps are resolve that issue.
$curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"
unzip awscliv2.zip
sudo ./aws/install
$aws --version
aws-cli/2.0.30 Python/3.7.3 Linux/4.14.181-142.260.amzn2.x86_64 botocore/2.0.0dev34
$aws ecr get-login-password --region your_region | docker login --username AWS --password-stdin Account_ID.dkr.ecr.your_region.amazonaws.com
Replace your Account ID
and Region
.
Devin's answer is correct.
But there is one more way.
The updated version of docker requires this parameter --password-stdin
.
aws ecr get-login-password --region <YOUR_REGION> | docker login --username AWS --password-stdin <ACCOUNT_ID>.dkr.ecr.<REGION>.amazonaws.com
I know this question is answered already, but, this was my experience.
This didn't work for me initially.
aws ecr get-login-password --region <your-region>| docker login --username AWS --password-stdin <your-container>
I had the AWS_ACCESS_KEY_ID
and AWS_SECRET_ACCESS_KEY
saved under variables in GitLab.
But the solution was to uncheck the Protected
flag from the variables saved on GitLab. I don't know how secure this approach is, but, it did work for me.
I hope this would help someone one day.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With