|
| 1 | +--- |
| 2 | +title: "Amazon Elastic Container Registry" |
| 3 | +description: Add a private Amazon ECR to Coder. |
| 4 | +--- |
| 5 | + |
| 6 | +This article will show you how to add your private ECR to Coder. If you're using |
| 7 | +public ECR registry, you do not need to follow the steps below. |
| 8 | + |
| 9 | +Amazon requires users to [request temporary login credentials to access a |
| 10 | +private Elastic Container Registry (ECR) |
| 11 | +registry](https://docs.aws.amazon.com/AmazonECR/latest/userguide/registry_auth.html). |
| 12 | +When interacting with ECR, Coder will request temporary credentials from the |
| 13 | +registry using the AWS credentials linked to the registry. |
| 14 | + |
| 15 | +## Step 1: Setting up your AWS credentials |
| 16 | + |
| 17 | +To access a private ECR registry, Coder needs AWS credentials (specifically your |
| 18 | +**access key ID** and **secret access key**) with authorization to access the |
| 19 | +provided registry. You can either use AWS credentials tied to your own AWS |
| 20 | +account *or* credentials tied to an IAM user specifically for Coder (we |
| 21 | +recommend the latter option). |
| 22 | + |
| 23 | +Note that you are not limited to providing one single set of AWS credentials. |
| 24 | +For example, you can use a set of credentials with access to all of your ECR |
| 25 | +repositories, or you can use individual sets of credentials, each with access to |
| 26 | +a single repository. |
| 27 | + |
| 28 | +To provision AWS credentials for Coder: |
| 29 | + |
| 30 | +1. **Optional:** [Create an IAM user for |
| 31 | + Coder](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_users_create.html) |
| 32 | + to access ECR. You can either attach the AWS-managed policy |
| 33 | + `AmazonEC2ContainerRegistryReadOnly` to the user, or you can [create your |
| 34 | + own](https://docs.aws.amazon.com/AmazonECR/latest/userguide/repository-policy-examples.html). |
| 35 | + |
| 36 | +1. [Create an access |
| 37 | + key](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_access-keys.html) |
| 38 | + for the IAM user to be used with Coder (if one does not already exist). |
| 39 | + |
| 40 | +## Step 2: Add your private ECR registry to Coder |
| 41 | + |
| 42 | +You can add your private ECR registry at the same time that you [add your |
| 43 | +images](../../images/index.md). To import an image: |
| 44 | + |
| 45 | +1. In Coder, go to **Images** and click on **Import Image** in the upper-right. |
| 46 | + |
| 47 | +1. In the dialog that opens, you'll be prompted to pick a registry. However, to |
| 48 | + _add_ a registry, click **Add a new registry** located immediately below the |
| 49 | + registry selector. |
| 50 | + |
| 51 | +1. Provide a **registry name** and the **registry**. |
| 52 | + |
| 53 | +1. Set the **registry kind** to **ECR** and provide your **Access Key ID** and |
| 54 | + **Secret Access Key**. |
| 55 | + |
| 56 | +1. Continue with the process of [adding your image](../../images/index.md). |
| 57 | + |
| 58 | +1. When done, click **Import**. |
0 commit comments