GitHub - bdwyertech/docker-ecr-proxy

Optional Permissions

You may or may not want people to be able to list tags and/or list all available repositories within an account.

List Image Tags - ecr:ListImages - /v2/imageName/tags/list
List Repositories - ecr:DescribeRepositories - /v2/_catalog
- NOTE: List Repositories only works for the account in which the proxy service is running.

Cross-Account Access

You can prefix your image name with an Account ID to achieve cross-account access.

docker pull ecr.proxy.org/123456789876/myimage:latest

You must also grant permissions from the target ECR repository to the IAM role of the ECR Proxy.

{
  "Version": "2008-10-17",
  "Statement": [
    {
      "Sid": "Allow proxy to pull",
      "Effect": "Allow",
      "Principal": {
        "AWS": "arn:aws:iam::123456789876:role/ecr_proxy"
      },
      "Action": [
        "ecr:BatchCheckLayerAvailability",
        "ecr:BatchGetImage",
        "ecr:GetDownloadUrlForLayer",
        "ecr:ListImages"
      ]
    }
  ]
}

Name		Name	Last commit message	Last commit date
Latest commit History 58 Commits
.github		.github
.vscode		.vscode
charts/ecr-proxy		charts/ecr-proxy
docker-manifest		docker-manifest
hooks		hooks
vendor		vendor
Dockerfile		Dockerfile
README.md		README.md
docker-compose.yml		docker-compose.yml
go.mod		go.mod
go.sum		go.sum
main.go		main.go
version.go		version.go

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

Optional Permissions

Cross-Account Access

About

Releases

Packages

Contributors 2

Languages

bdwyertech/docker-ecr-proxy

Folders and files

Latest commit

History

Repository files navigation

Optional Permissions

Cross-Account Access

About

Resources

Stars

Watchers

Forks

Releases

Packages 0

Contributors 2

Languages

Packages