How to pull Docker image from a private repository using AWS Batch?

Question

I'm using AWS Batch and my Docker image is hosted on private Nexus repo. I'm trying to create the Job Definition but i can't find anywere how to specify the Repo Credentials like we did with a Task Definition in ECS.

I tried to manually specify it in the Json like that :

{
"command": ["aws", "s3", "ls"],
"image": "nexus-docker-repo.xxxxx.xxx/my-image",
"memory": 1024,
"vcpus": 1,
"repositoryCredentials": {
"credentialsParameter": "ARN_OF_CREDENTIALS"
},
"jobRoleArn" : "ARN_OF_THE_JOB"
}

But when i apply the changes the parameter credentialsParameter was removed . I think that it's not supported.

So how to pull an image from a private repo with AWS Batch ? Is it possible ?

Thank you.

Answer 1

I do not see the option repositoryCredentials either in the batch job definition.

A secure option could be

1. Generate the config.json for docker login
2. Place that file in s3
3. Generate an IAM role that has access to that file.
4. Create a compute environment with a
   Launch Template and user data to download the config.json
5. Run the jobs with that compute environment.